I tried using GitHub's dependabot feature to automatically update nuget dependencies for my project but it gives me a dependency_file_not_found.
Dependabot log:
proxy | 2023/08/09 17:40:12 proxy starting, commit: 7a5g8rctt20c9a94f571abb6857bf47b2610375dde12
proxy | 2023/08/09 17:40:12 Listening (:1080)
updater | 2023-08-09T17:40:13.795513357 [707072940:main:WARN:src/devices/src/legacy/serial.rs:222] Detached the serial input due to peer close/error.
updater | time="2023-08-09T17:40:16Z" level=info msg="guest starting" commit=b17e36388dd0b708be7e6a27f7422f1da5fccfd8
updater | time="2023-08-09T17:40:16Z" level=info msg="starting job..." fetcher_timeout=10m0s job_id=707072940 updater_timeout=45m0s updater_version=29f06cf91bcf7931387d734cb80d7417f7dbc711-nuget
updater | 2023/08/09 17:40:18 INFO Raven 3.1.2 ready to catch errors
updater | 2023/08/09 17:40:20 INFO <job_707072940> Starting job processing
proxy | 2023/08/09 17:40:20 [002] GET https://api.github.com:443/repos/user/repo/git/refs/heads/master
proxy | 2023/08/09 17:40:20 [002] * authenticating github api request with token for api.github.com
proxy | 2023/08/09 17:40:20 [002] 200 https://api.github.com:443/repos/user/repo/git/refs/heads/master
proxy | 2023/08/09 17:40:20 [004] GET https://api.github.com:443/repos/user/repo/contents/repo/repo?ref=01e8eb773abf8a2e0303be49acd1100afe1b7065
proxy | 2023/08/09 17:40:20 [004] * authenticating github api request with token for api.github.com
proxy | 2023/08/09 17:40:20 [004] 404 https://api.github.com:443/repos/user/repo/contents/repo/repo?ref=01e8eb773abf8a2e0303be49acd1100afe1b7065
updater | 2023/08/09 17:40:20 ERROR <job_707072940> Error during file fetching; aborting
updater | 2023/08/09 17:40:21 INFO <job_707072940> Finished job processing
updater | 2023/08/09 17:40:21 INFO Results:
updater | Dependabot encountered '1' error(s) during execution, please check the logs for more details.
updater | +---------------------------+
updater | | Errors |
updater | +---------------------------+
updater | | dependency_file_not_found |
updater | +---------------------------+
updater | time="2023-08-09T17:40:21Z" level=info msg="task complete" container_id=job-707072940-file-fetcher exit_code=0 job_id=707072940 step=fetcher
updater | time="2023-08-09T17:40:21Z" level=warning msg="failed during fetch, skipping updater" job_id=707072940
The file structure:
- Api
- Api.Domain
- Api.Infrastructure
- Api.Common
...
The dependabot configuration:
- package-ecosystem: "nuget"
directory: "../FloralPick.Api/FloralPick.Api.csproj" # Location of package manifests
schedule:
interval: "daily"
# Raise pull requests for version updates
# to pip against the `dev` branch
target-branch: "dev"
reviewers:
- "DiracSpace"
- "AlexCR97"
# Labels on pull requests for security and version updates
labels:
- "Nuget dependencies"
directory property to use the default /option.csproj is found.csproj.In your example, I think you need to drop the .. in your path. dependabot will assume it's in the root directory of the repo.
- package-ecosystem: "nuget"
directory: "/FloralPick.Api/
schedule:
interval: "daily"
target-branch: "dev"
reviewers:
- "DiracSpace"
- "AlexCR97"
labels:
- "Nuget dependencies"
I ran into this issue when trying to use the root directory. I could get it to work at the project level (path to the .csproj), but after listing each project individually for one package I would get a PR for each project.
Once I pointed the path to where my .sln file was located (in my case /code) the dependency_file_not_found error went away and dependabot was able to make PRs for a single package across all projects.