fix(update): Check versions when updating dependencies to avoid downg…

…rades
bancolombia · Jan 22, 2025 · a006a6f · a006a6f
1 parent 16571d5
commit a006a6f
Show file tree

Hide file tree

Showing 6 changed files with 122 additions and 36 deletions.
diff --git a/src/main/java/co/com/bancolombia/Constants.java b/src/main/java/co/com/bancolombia/Constants.java
@@ -1,5 +1,7 @@
 package co.com.bancolombia;
 
+import java.lang.reflect.Field;
+import java.util.Arrays;
 import lombok.AccessLevel;
 import lombok.NoArgsConstructor;
 
@@ -10,27 +12,27 @@ public final class Constants {
   public static final String APP_SERVICE = "app-service";
   public static final String PATH_GRAPHQL = "/graphql";
   // dependencies
-  public static final String SECRETS_VERSION = "4.4.27";
+  public static final String SECRETS_VERSION = "4.4.28";
   public static final String SPRING_BOOT_VERSION = "3.4.1";
   public static final String LOMBOK_VERSION = "1.18.36";
-  public static final String REACTIVE_COMMONS_VERSION = "5.2.0";
+  public static final String REACTIVE_COMMONS_VERSION = "5.2.2";
   public static final String REACTIVE_COMMONS_MAPPER_VERSION = "0.1.0";
   public static final String BLOCK_HOUND_VERSION = "1.0.10.RELEASE";
-  public static final String AWS_BOM_VERSION = "2.29.45";
-  public static final String COMMONS_JMS_VERSION = "2.3.7";
+  public static final String AWS_BOM_VERSION = "2.30.3";
+  public static final String COMMONS_JMS_VERSION = "2.3.8";
   public static final String GRAPHQL_KICKSTART_VERSION = "15.1.0";
   public static final String ARCH_UNIT_VERSION = "1.3.0";
   public static final String OKHTTP_VERSION = "4.12.0";
   public static final String RESILIENCE_4J_VERSION = "2.3.0";
   public static final String BIN_STASH_VERSION = "1.2.6";
-  public static final String SPRING_DOC_OPENAPI_VERSION = "2.8.0";
+  public static final String SPRING_DOC_OPENAPI_VERSION = "2.8.3";
   public static final String CLOUD_EVENTS_VERSION = "4.0.1";
   // gradle plugins
   public static final String JACOCO_VERSION = "0.8.12";
   public static final String SONAR_VERSION = "6.0.1.5171";
   public static final String COBERTURA_VERSION = "4.0.0";
   public static final String PLUGIN_VERSION = "3.20.11";
-  public static final String DEPENDENCY_CHECK_VERSION = "11.1.1";
+  public static final String DEPENDENCY_CHECK_VERSION = "12.0.1";
   public static final String PITEST_VERSION = "1.15.0";
   // custom
   public static final String GRADLE_WRAPPER_VERSION = "8.11.1";
@@ -46,4 +48,20 @@ public static class MainFiles {
         "applications/app-service/src/main/resources/application.yaml";
     public static final String GRADLE_PROPERTIES = "./gradle.properties";
   }
+
+  public static String getVersion(String name) {
+    return Arrays.stream(Constants.class.getDeclaredFields())
+        .filter(field -> field.getName().equalsIgnoreCase(name))
+        .findFirst()
+        .map(Constants::getValue)
+        .orElse(null);
+  }
+
+  private static String getValue(Field field) {
+    try {
+      return field.get(null).toString();
+    } catch (IllegalAccessException e) {
+      return null;
+    }
+  }
 }
diff --git a/src/main/java/co/com/bancolombia/factory/upgrades/UpdateUtils.java b/src/main/java/co/com/bancolombia/factory/upgrades/UpdateUtils.java
@@ -85,4 +85,43 @@ public static String addToStartIfNotContains(
   public static String replace(String content, String previous, String next) {
     return content.replace(previous, next);
   }
+
+  public static boolean isNewerVersion(String current, String newer) {
+    if (newer == null) {
+      return false;
+    }
+    if (current == null) {
+      return true;
+    }
+    if (current.equals(newer)) {
+      return false;
+    }
+    String[] v1Parts = current.split("\\.");
+    String[] v2Parts = newer.split("\\.");
+
+    int length = Math.max(v1Parts.length, v2Parts.length);
+
+    for (int i = 0; i < length; i++) {
+      // Get the current part of each version, default to "0" if shorter
+      int part1 = i < v1Parts.length ? asInteger(v1Parts[i]) : 0;
+      int part2 = i < v2Parts.length ? asInteger(v2Parts[i]) : 0;
+
+      if (part1 < part2) {
+        return true;
+      }
+      if (part1 > part2) {
+        return false;
+      }
+    }
+
+    return false;
+  }
+
+  private static int asInteger(String part) {
+    try {
+      return Integer.parseInt(part);
+    } catch (NumberFormatException e) {
+      return 0;
+    }
+  }
 }
diff --git a/src/main/java/co/com/bancolombia/models/DependencyRelease.java b/src/main/java/co/com/bancolombia/models/DependencyRelease.java
@@ -1,5 +1,6 @@
 package co.com.bancolombia.models;
 
+import co.com.bancolombia.factory.upgrades.UpdateUtils;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import lombok.Getter;
@@ -51,6 +52,10 @@ && valid()
     return super.equals(obj);
   }
 
+  public boolean isNewest(DependencyRelease current) {
+    return UpdateUtils.isNewerVersion(current.getVersion(), this.getVersion());
+  }
+
   public static DependencyRelease from(String dependency) {
     DependencyRelease release = new DependencyRelease();
     if (dependency.startsWith("id") && dependency.contains("version")) {

diff --git a/src/main/java/co/com/bancolombia/utils/offline/UpdateDependencies.java b/src/main/java/co/com/bancolombia/utils/offline/UpdateDependencies.java
@@ -1,5 +1,6 @@
 package co.com.bancolombia.utils.offline;
 
+import co.com.bancolombia.Constants;
 import co.com.bancolombia.models.DependencyRelease;
 import co.com.bancolombia.models.UpdateSettings;
 import co.com.bancolombia.utils.FileUtils;
@@ -33,19 +34,19 @@ public void run() throws IOException {
     File constantsFile = Paths.get(constantsPath).toFile();
     String content = FileUtils.readFileAsString(constantsFile, null);
     for (UpdateSettings.Dependency dependency : settings.getMaven()) {
-      Optional<DependencyRelease> dep =
-          operations.getTheLastDependencyRelease(
-              DependencyRelease.from(dependency.getPackageName()));
-      if (dep.isPresent()) {
-        content = updateVersion(content, dependency, dep.get().getVersion());
+      DependencyRelease current = DependencyRelease.from(dependency.getPackageName());
+      current.setVersion(Constants.getVersion(dependency.getName()));
+      DependencyRelease newest = operations.getTheLastDependencyRelease(current).orElse(current);
+      if (newest.isNewest(current)) {
+        content = updateVersion(content, dependency, newest.getVersion());
       }
     }
     for (UpdateSettings.Dependency dependency : settings.getGradle()) {
-      Optional<DependencyRelease> dep =
-          operations.getLatestGradlePluginVersion(
-              DependencyRelease.from(dependency.getPackageName()));
-      if (dep.isPresent()) {
-        content = updateVersion(content, dependency, dep.get().getVersion());
+      DependencyRelease current = DependencyRelease.from(dependency.getPackageName());
+      current.setVersion(Constants.getVersion(dependency.getName()));
+      DependencyRelease newest = operations.getLatestGradlePluginVersion(current).orElse(current);
+      if (newest.isNewest(current)) {
+        content = updateVersion(content, dependency, newest.getVersion());
       }
     }
     for (UpdateSettings.Dependency dependency : settings.getCustom()) {

diff --git a/src/main/java/co/com/bancolombia/utils/operations/HttpOperations.java b/src/main/java/co/com/bancolombia/utils/operations/HttpOperations.java
@@ -64,25 +64,45 @@ private static boolean filterValidVersions(Release release) {
 
   @Override
   public Optional<DependencyRelease> getTheLastDependencyRelease(DependencyRelease dependency) {
+    String endpoint = "";
     try {
-      DependencyRelease release =
-          RestConsumer.getRequest(getDependencyEndpoint(dependency), DependencyRelease.class);
-      return release.getVersion() != null ? Optional.of(release) : Optional.empty();
+      endpoint = getDependencyEndpoint(dependency);
+      DependencyRelease release = RestConsumer.getRequest(endpoint, DependencyRelease.class);
+      if (release.isNewest(dependency)) {
+        logger.lifecycle("Updating {} to {}", dependency.toString(), release.toString());
+        return Optional.of(release);
+      }
+      return Optional.empty();
     } catch (Exception e) {
-      logger.lifecycle("Can't update this dependency {}, reason: {}", dependency, e.getMessage());
+      logger.lifecycle(
+          "Can't update this dependency {} from {}, reason: {}",
+          dependency,
+          endpoint,
+          e.getMessage());
       return Optional.empty();
     }
   }
 
   @Override
   public Optional<DependencyRelease> getLatestGradlePluginVersion(DependencyRelease dependency) {
+    String endpoint = "";
     try {
-      return RestConsumer.getRequest(
-              getGradlePluginEndpoint(dependency), DependencyReleaseXml.class, true)
-          .toDependencyRelease();
+      endpoint = getGradlePluginEndpoint(dependency);
+      DependencyRelease release =
+          RestConsumer.getRequest(endpoint, DependencyReleaseXml.class, true)
+              .toDependencyRelease()
+              .orElse(dependency);
+      if (release.isNewest(dependency)) {
+        logger.lifecycle("Updating {} to {}", dependency.toString(), release.toString());
+        return Optional.of(release);
+      }
+      return Optional.empty();
     } catch (Exception e) {
       logger.lifecycle(
-          "\tx Can't update this dependency {}, reason: {}", dependency, e.getMessage());
+          "\tx Can't update this dependency {} from {}, reason: {}",
+          dependency,
+          endpoint,
+          e.getMessage());
       return Optional.empty();
     }
   }
@@ -105,12 +125,9 @@ public Optional<String> getGradleWrapperFromFile() {
 
   private String getDependencyEndpoint(DependencyRelease dependency) {
     if (dependency.valid()) {
-      String endpoint =
-          resolve(DEPENDENCY_RELEASES)
-              .replaceFirst("%group", dependency.getGroup())
-              .replaceFirst("%artifact", dependency.getArtifact());
-      logger.lifecycle(endpoint);
-      return endpoint;
+      return resolve(DEPENDENCY_RELEASES)
+          .replaceFirst("%group", dependency.getGroup())
+          .replaceFirst("%artifact", dependency.getArtifact());
     }
     throw new IllegalArgumentException(
         dependency
@@ -121,12 +138,9 @@ private String getDependencyEndpoint(DependencyRelease dependency) {
 
   private String getGradlePluginEndpoint(DependencyRelease dependency) {
     if (dependency.valid()) {
-      String endpoint =
-          resolve(GRADLE_PLUGINS)
-              .replaceFirst("%group", dependency.getGroup().replace('.', '/'))
-              .replaceFirst("%artifact", dependency.getArtifact());
-      logger.lifecycle(endpoint);
-      return endpoint;
+      return resolve(GRADLE_PLUGINS)
+          .replaceFirst("%group", dependency.getGroup().replace('.', '/'))
+          .replaceFirst("%artifact", dependency.getArtifact());
     }
     logger.warn("invalid dependency {}", dependency);
     return null;

diff --git a/src/test/java/co/com/bancolombia/factory/upgrades/UpdateUtilsTest.java b/src/test/java/co/com/bancolombia/factory/upgrades/UpdateUtilsTest.java
@@ -137,4 +137,13 @@ void shouldThrowWhenNoMatchBefore() {
         InvalidStateException.class,
         () -> UpdateUtils.insertBeforeMatch(currentContent, match, check, file));
   }
+
+  @Test
+  void shouldCompareVersions() {
+    assertTrue(UpdateUtils.isNewerVersion("1.2.3", "1.2.4"));
+    assertTrue(UpdateUtils.isNewerVersion("1.2.3", "1.2.3.1"));
+    assertFalse(UpdateUtils.isNewerVersion("1.2.3.4", "1.2.3.4"));
+    assertFalse(UpdateUtils.isNewerVersion("1.3.0", "1.1.1"));
+    assertFalse(UpdateUtils.isNewerVersion("1.1.1.Alpha", "1.1.1.Beta"));
+  }
 }