diff --git a/extension/tasks/dependabotV2/index.ts b/extension/tasks/dependabotV2/index.ts index 8fbf89b2..7b3f13e7 100644 --- a/extension/tasks/dependabotV2/index.ts +++ b/extension/tasks/dependabotV2/index.ts @@ -1,5 +1,6 @@ -import { debug, error, setResult, setSecret, TaskResult, warning, which } from 'azure-pipelines-task-lib/task'; +import { debug, error, setResult, TaskResult, warning, which } from 'azure-pipelines-task-lib/task'; import { AzureDevOpsWebApiClient } from './utils/azure-devops/AzureDevOpsWebApiClient'; +import { setSecrets } from './utils/azure-devops/formattingCommands'; import { DependabotCli } from './utils/dependabot-cli/DependabotCli'; import { DependabotJobBuilder } from './utils/dependabot-cli/DependabotJobBuilder'; import { @@ -177,19 +178,6 @@ async function run() { } } -/** - * Masks the supplied values in the task log output. - * @param args - */ -function setSecrets(...args: string[]) { - for (const arg of args.filter((a) => a && a?.toLowerCase() !== 'dependabot')) { - // Mask the value and the uri encoded value. This is required to ensure that API and package feed url don't expose the value. - // e.g. "Contoso Ltd" would appear as "Contoso%20Ltd" unless the uri encoded value was set as a secret. - setSecret(arg); - setSecret(encodeURIComponent(arg)); - } -} - /** * Handles the results of an update operation. * @param outputs The processed outputs of the update operation. diff --git a/extension/tasks/dependabotV2/utils/azure-devops/formattingCommands.ts b/extension/tasks/dependabotV2/utils/azure-devops/formattingCommands.ts index f64643cb..4cd31ae3 100644 --- a/extension/tasks/dependabotV2/utils/azure-devops/formattingCommands.ts +++ b/extension/tasks/dependabotV2/utils/azure-devops/formattingCommands.ts @@ -1,4 +1,5 @@ /** + * Formats the logs into groups and sections to allow for easier navigation and readability. * https://learn.microsoft.com/en-us/azure/devops/pipelines/scripts/logging-commands?view=azure-devops&tabs=bash#formatting-commands */ @@ -13,3 +14,18 @@ export function endgroup() { export function section(name: string) { console.log(`##[section]${name}`); } + +/** + * Masks the supplied values in the task log output. + * https://learn.microsoft.com/en-us/azure/devops/pipelines/scripts/logging-commands?view=azure-devops&tabs=bash#setsecret-register-a-value-as-a-secret + */ + +import { setSecret } from 'azure-pipelines-task-lib'; +export function setSecrets(...args: string[]) { + for (const arg of args.filter((a) => a && a?.toLowerCase() !== 'dependabot')) { + // Mask the value and the uri encoded value. This is required to ensure that API and package feed url don't expose the value. + // e.g. "Contoso Ltd" would appear as "Contoso%20Ltd" unless the uri encoded value was set as a secret. + setSecret(arg); + setSecret(encodeURIComponent(arg)); + } +} diff --git a/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotCli.ts b/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotCli.ts index 381f7281..32a10c65 100644 --- a/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotCli.ts +++ b/extension/tasks/dependabotV2/utils/dependabot-cli/DependabotCli.ts @@ -4,7 +4,7 @@ import * as fs from 'fs'; import * as yaml from 'js-yaml'; import * as os from 'os'; import * as path from 'path'; -import { group, section } from '../azure-devops/formattingCommands'; +import { endgroup, group, section } from '../azure-devops/formattingCommands'; import { IDependabotUpdateJobConfig } from './interfaces/IDependabotUpdateJobConfig'; import { IDependabotUpdateOperation } from './interfaces/IDependabotUpdateOperation'; import { IDependabotUpdateOperationResult } from './interfaces/IDependabotUpdateOperationResult';