[FEATURE] Check if file exists: `.github/dependabot.yml`

[guibranco]

Description:

The projects-monitor service should be enhanced to check for the existence of a dependabot.yml file in the .github directory of each repository being monitored. This will ensure that repositories are being managed by Dependabot, which helps in keeping dependencies updated automatically.

Tasks:

1. Check for dependabot.yml:

   • Use the existing PHP class that interacts with the GitHub API to check if a dependabot.yml file exists at the path .github/dependabot.yml in each repository.

2. Database Integration:

   • Repositories are already listed in a MySQL table. For each repository, retrieve the relevant data and check if the dependabot.yml file is present.
   • Store the results in the database to log whether the file is found or not.

3. Update the Dashboard:

   • Update the dashboard to visually indicate whether a dependabot.yml file is present in each repository.
   • Add an alert or warning for repositories missing the file.

Proposed Database Schema Update:

You might want to update the table storing repository data to include a field for tracking whether the dependabot.yml file is present:

ALTER TABLE repositories ADD COLUMN dependabot_file_exists BOOLEAN DEFAULT NULL;

Example Code (PHP Checking for File via GitHub API):

Here’s an example of how the PHP class can be used to check for the existence of the dependabot.yml file:

class GitHubRepositoryChecker {
    private $apiClient;

    public function __construct($apiClient) {
        $this->apiClient = $apiClient;
    }

    public function checkDependabotFile($repoOwner, $repoName) {
        $filePath = '.github/dependabot.yml';
        $response = $this->apiClient->get("/repos/$repoOwner/$repoName/contents/$filePath");

        if ($response->getStatusCode() === 200) {
            return true;
        } elseif ($response->getStatusCode() === 404) {
            return false;
        }

        throw new Exception('Error checking file: ' . $response->getReasonPhrase());
    }
}

// Usage example
$checker = new GitHubRepositoryChecker($apiClient);
$isDependabotFilePresent = $checker->checkDependabotFile('your-repo-owner', 'your-repo-name');

// Update database with the result
$pdo->prepare("UPDATE repositories SET dependabot_file_exists = ? WHERE repo_name = ?")
    ->execute([$isDependabotFilePresent, $repoName]);

Acceptance Criteria:

• [ ] The system can check for the existence of a dependabot.yml file in the .github directory for each repository.
• [ ] The result of the check is logged in the database for future reference.
• [ ] The dashboard reflects whether the dependabot.yml file is present in each repository.
• [ ] An alert is displayed for repositories that are missing the file.

Additional Context:

This feature will allow for better monitoring of repositories by ensuring that Dependabot configuration files are present, helping to automate dependency updates across all monitored projects.

[gitauto-ai[bot]]

Hey, I'm a bit lost here! Not sure which file I should be fixing. Could you give me a bit more to go on? Maybe add some details to the issue or drop a comment with some extra hints? Thanks!

Have feedback or need help? Feel free to email info@gitauto.ai.