Check Gemfile.lock and Gemfile.next.lock match on deps update (!165481) · Merge requests · GitLab.org / GitLab

Igor Drozdov requested to merge id-rails-next-dependency-check into master Sep 09, 2024

What does this MR do and why?

This MR adds a check to verify that Gemfile.next.lock file is up-to-date. When dependencies are updated via renovate, it's ensured by these changes:

But if the dependency is updated some other way, for example, via a direct push, we need to ensure that Gemfile.next.lock and Gemfile.next.checksum are updated as well.

The job:

Runs bundle install for Gemfile.next
- It verifies that Gemfile.next matches Gemfile.next.lock
- It verifies that Gemfile.next.lock matches Gemfile.next.checksum
Copies Gemfile.lock to Gemfile.next.lock and runs bundle lock
- It will ensure that the minor/patch versions of gems that are not related to next-rails-version are also the same: Copy Gemfile.lock to Gemfile.next.lock before l... (gitlab-org/frontend/renovate-gitlab-bot!949 - merged)
Runs bundle install again to ensure that Gemfile.next.lock doesn't contain any new dependencies now

Edited Sep 09, 2024 by Igor Drozdov

Check Gemfile.lock and Gemfile.next.lock match on deps update

What does this MR do and why?

Merge request reports