Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Dependabot::RepoNotFound error

See original GitHub issue

when running this task on a microsoft hosted agent i get this failure (vmImage: ubuntu-latest). On our self hosted agent it works. any idea what could be the issue?

Status: Downloaded newer image for tingle/dependabot-azure-devops:0.1
/vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:444:in `rescue in default_branch_for_repo': Dependabot::RepoNotFound (Dependabot::RepoNotFound)
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:440:in `default_branch_for_repo'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:70:in `commit'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:359:in `_full_specification_for'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:174:in `_fetch_repo_contents'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:159:in `repo_contents'
	from /vendor/ruby/2.6.0/gems/dependabot-nuget-0.126.1/lib/dependabot/nuget/file_fetcher.rb:184:in `csproj_file'
	from /vendor/ruby/2.6.0/gems/dependabot-nuget-0.126.1/lib/dependabot/nuget/file_fetcher.rb:55:in `project_files'
	from /vendor/ruby/2.6.0/gems/dependabot-nuget-0.126.1/lib/dependabot/nuget/file_fetcher.rb:28:in `fetch_files'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:64:in `files'
	from ./update-script.rb:151:in `<main>'
/vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/clients/azure.rb:187:in `get': Dependabot::Clients::Azure::NotFound (Dependabot::Clients::Azure::NotFound)
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/clients/azure.rb:46:in `fetch_default_branch'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:442:in `default_branch_for_repo'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:70:in `commit'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:359:in `_full_specification_for'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:174:in `_fetch_repo_contents'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:159:in `repo_contents'
	from /vendor/ruby/2.6.0/gems/dependabot-nuget-0.126.1/lib/dependabot/nuget/file_fetcher.rb:184:in `csproj_file'
	from /vendor/ruby/2.6.0/gems/dependabot-nuget-0.126.1/lib/dependabot/nuget/file_fetcher.rb:55:in `project_files'
	from /vendor/ruby/2.6.0/gems/dependabot-nuget-0.126.1/lib/dependabot/nuget/file_fetcher.rb:28:in `fetch_files'
	from /vendor/ruby/2.6.0/gems/dependabot-common-0.126.1/lib/dependabot/file_fetchers/base.rb:64:in `files'
	from ./update-script.rb:151:in `<main>'

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:6 (2 by maintainers)

github_iconTop GitHub Comments

2reactions
mburumaxwellcommented, Jan 27, 2021

Hello,

It has taken a while to di through the code for dependabot to find out what the issue is. Unfortunately, dependabot-core does not support getting code from the {organization}.visualstudio.com based URLs. I had to do repeated tests with our old URL (xxx.visualstudio.com) and with EXCON debug enabled to understand the issue more. I’ll attempt to explain it to you, I am no ruby expert but I’ll do my best.

The error occurs on the first HTTP call done here. This is a call to get the default branch for the repository (the same error happens in the first comment in this issue. In particular, the exception is thrown from line 59 because the response gotten from Azure DevOps is a 401 (Unauthorized). Dependabot makes a request to https://xxx.visualstudio.com/{organization}/{project}/_apis/git/repositories/{repository-name} which is a wrong URL. Instead, this should have been https://xxx.visualstudio.com/{project}/_apis/git/repositories/{repository-name} (the {organization}/ segment should not be there). See line 56 fixes the organization and a forward slash always. Setting the organization to null will still not work.

Further, digging into the implementation for the creating the source here and here, there is no way to create the Dependabot::Source without specifying the organization as done in the script. Various attempts did not work either.

This leaves you with two options:

  1. Change your organization to the new hostname/domain. Enabling the new hostname should not affect the older one. We still have access to the old hostname, years later. easiest option
  2. Create an issue/PR for the functionality in the dependabot-core repository. Once the support is available in the upstream repository, they will appear here too.

Hope this explanation helps

0reactions
mogryocommented, Jan 26, 2021

Short update, checked some more source code and logs, and can definitely say docker runner is executed with all correct variables. My bad for making wrong assumption.

Although very strange that change of organisation hostname somehow helps, but unfortunately as I said, that solution is impossible for me.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Dependabot::RepoNotFound · Issue #362
Hi All, We are attempting to run dependabot against an Azure DevOps GIT repository to no avail. Any assistance would be greatly appreciated....
Read more >
Dependabot error with Bitbucket server Clients
I have tried dependabot-script with Azure devops and had no big hurdles (I noticed Dependabot throws error repo not found when the I...
Read more >
Issues · dependabot-gitlab / dependabot · GitLab
Issue Dependabot::RepoNotFound error on dependabot standalone 0.32.0. #295 · created 6 months ago by Dominik Chmielarz · bug dependabot-core.
Read more >
Enable Dependabot version updates from the repository ...
Dependabot version updates help you keep your dependencies up-to-date by opening pull requests automatically when new versions are available.
Read more >
Codecov-action failing to properly upload with Dependabot
I have verified that my repository is using the Codecov GitHub app, ... Error: There was an error fetching the storage URL during...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Keep getting "Dependabot::RepoNotFound" and "Dependabot::Clients::Azure::NotFound"

Next page

setProgressMax() and setMessage() not applied dynamically?