Docker fails with request contains invalid or unauthorized changes error

[sebastien-comeau]

Is there an existing issue for this?

• I have searched the existing issues

Package ecosystem

Docker

Package manager version

No response

Language version

No response

Manifest location and content before the Dependabot update

No response

dependabot.yml content

https://github.com/DTS-STN/future-sir/blob/main/.github/dependabot.yaml

Updated dependency

It should update to the latest LTS node bookworm-slim (atm: docker.io/library/node:22.13.0-bookworm-slim) version from docker.io/library/node:22.11.0-bookworm-slim.

What you expected to see, versus what you actually saw

I expect a PR to be created for containerfile with docker.io/library/node:22.13.0-bookworm-slim version update but the job is failing with the following error:

2025/01/16 14:04:35 ERROR <job_949001684> {"errors":[{"status":400,"title":"Bad Request","detail":"The request contains invalid or unauthorized changes"}]}
2025/01/16 14:04:35 ERROR <job_949001684> /home/dependabot/dependabot-updater/lib/dependabot/api_client.rb:44:in `block in create_pull_request'

Native package manager behavior

No response

Images of the diff or a link to the PR, issue, or logs

https://github.com/DTS-STN/future-sir/actions/runs/12810528684/job/35717793507#step:3:151

Smallest manifest that reproduces the issue

No response

[kncesarini]

I'm having this same issue and it seem like the cause is the name of the file being "Containerfile" rather than "Dockerfile"

As a test in the same repo I created two folders with identical content, test2 and test3, with the exception that test2 contains "Containerfile" and test3 contains "Dockerfile". The dependabot action fails on test2 (with the above error) and succeeds on test3.

My dependabot file is this:

version: 2
registries:
  ecr-docker:
    type: docker-registry
    url: <prviate ecr repo>
    username: ${{secrets.ECR_AWS_ACCESS_KEY_ID}}
    password: ${{secrets.ECR_AWS_SECRET_ACCESS_KEY}}
updates:
  - package-ecosystem: "docker"
    directory: "/test2" # Location of Containerfile
    registries:
      - ecr-docker
    schedule:
      interval: "weekly"
  - package-ecosystem: "docker"
    directory: "/test3" # Location of Dockerfile
    registries:
      - ecr-docker
    schedule:
      interval: "weekly"

[sebastien-comeau]

Docker FileFetcher regex is case-insensitive and will match dockerfile or containerfile. The file is found in my case but the action is blocked in create_pull_request.

dependabot-core/docker/lib/dependabot/docker/file_fetcher.rb

Line 16 in 6369958

DOCKER_REGEXP = /dockerfile|containerfile/i

[kncesarini]

And still, if you rename your file to Dockerfile I think you'll see the action be successful instead.

[sebastien-comeau]

And still, if you rename your file to Dockerfile I think you'll see the action be successful instead.

We tried and got the same error.