From 514324f9a9a2a7dbf8fb4155bf443e7ee8301629 Mon Sep 17 00:00:00 2001
From: Bart Schuurmans <bart.schuurmans@dep.nl>
Date: Wed, 14 Aug 2024 21:12:00 +0200
Subject: [PATCH] Replace poetry update with poetry lock --no-update

`poetry update` is a command that upgrades all dependecies to their
latest compatible version. Instead, `poetry lock --no-update` should be
run after configuring the repository to update the lock file.

This fixes the behavior of Frogbot upgrading all dependencies when
called in CI.
---
 utils/python/utils.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/utils/python/utils.go b/utils/python/utils.go
index 7a599b28a..78e00baa7 100644
--- a/utils/python/utils.go
+++ b/utils/python/utils.go
@@ -2,12 +2,13 @@ package utils
 
 import (
 	"fmt"
-	"github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
 	"net/url"
 	"os"
 	"path/filepath"
 	"strings"
 
+	"github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
+
 	"github.com/jfrog/build-info-go/utils/pythonutils"
 	"github.com/jfrog/gofrog/io"
 	gofrogcmd "github.com/jfrog/gofrog/io"
@@ -89,15 +90,15 @@ func ConfigPoetryRepo(url, username, password, configRepoName string) error {
 	if err = addRepoToPyprojectFile(filepath.Join(currentDir, pyproject), configRepoName, url); err != nil {
 		return err
 	}
-	return poetryUpdate()
+	return regeneratePoetryLock()
 }
 
-func poetryUpdate() (err error) {
-	log.Info("Running Poetry update")
-	cmd := io.NewCommand("poetry", "update", []string{})
+func regeneratePoetryLock() (err error) {
+	log.Info("Syncing Poetry lock file")
+	cmd := io.NewCommand("poetry", "lock", []string{"--no-update"})
 	err = gofrogcmd.RunCmd(cmd)
 	if err != nil {
-		return errorutils.CheckErrorf("Poetry config command failed with: %s", err.Error())
+		return errorutils.CheckErrorf("Poetry lock command failed with: %s", err.Error())
 	}
 	return
 }