dependabot-opentofu 0.376.0 → 0.377.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/opentofu/file_parser.rb +44 -1
- data/lib/dependabot/opentofu/file_updater.rb +30 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 05e9a7f8a38fbe253d0b9003fd4edadefe1c63bce2c31aa2fcd0ff957f2b6383
|
|
4
|
+
data.tar.gz: eecdc5f549182a9c03df69d33e1adfd184397bcf5d0298955a4d9ef9b52edff3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f5ba6edfb5b5655cb6b824e4000a9e296f9b88d38526149d74e89c9a8c52bc82455f515bb64b34d046d27a891274ae71f79d30ce29e89b07e50cd950cca223b4
|
|
7
|
+
data.tar.gz: c525464962777c2ab084a64abdd27d031f1a79e5868dcddb1e0d4aa99226db073d29aacdc76fd94935c00b0beaa00e4c2e058a1955791d3e0351d9a331d10747
|
|
@@ -29,6 +29,7 @@ module Dependabot
|
|
|
29
29
|
DEFAULT_NAMESPACE = "hashicorp"
|
|
30
30
|
# https://opentofu.org/docs/language/providers/requirements/#source-addresses
|
|
31
31
|
PROVIDER_SOURCE_ADDRESS = %r{\A((?<hostname>.+)/)?(?<namespace>.+)/(?<name>.+)\z}
|
|
32
|
+
LOCAL_REFERENCE_REGEX = /\A\$\{local\.(?<var_name>[^}]+)\}\z/
|
|
32
33
|
|
|
33
34
|
# Namespaces reserved for providers bundled with the OpenTofu/Terraform
|
|
34
35
|
# binary. Providers in these namespaces cannot be updated independently
|
|
@@ -68,6 +69,39 @@ module Dependabot
|
|
|
68
69
|
|
|
69
70
|
private
|
|
70
71
|
|
|
72
|
+
sig { returns(T::Hash[String, T::Hash[Symbol, String]]) }
|
|
73
|
+
def locals_lookup
|
|
74
|
+
@locals_lookup ||= T.let(
|
|
75
|
+
begin
|
|
76
|
+
lookup = T.let({}, T::Hash[String, T::Hash[Symbol, String]])
|
|
77
|
+
opentofu_files.each do |file|
|
|
78
|
+
parsed_file(file).fetch("locals", []).each do |locals_block|
|
|
79
|
+
locals_block.each do |var_name, value|
|
|
80
|
+
next unless value.is_a?(String)
|
|
81
|
+
next if value.include?("${")
|
|
82
|
+
|
|
83
|
+
lookup[var_name] = { value: value, file: file.name }
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
end
|
|
87
|
+
lookup
|
|
88
|
+
end,
|
|
89
|
+
T.nilable(T::Hash[String, T::Hash[Symbol, String]])
|
|
90
|
+
)
|
|
91
|
+
end
|
|
92
|
+
|
|
93
|
+
sig { params(version_string: String).returns(T.nilable(T::Hash[Symbol, String])) }
|
|
94
|
+
def resolve_local_reference(version_string)
|
|
95
|
+
match = version_string.match(LOCAL_REFERENCE_REGEX)
|
|
96
|
+
return nil unless match
|
|
97
|
+
|
|
98
|
+
var_name = T.must(match[:var_name])
|
|
99
|
+
local_entry = locals_lookup[var_name]
|
|
100
|
+
return nil unless local_entry
|
|
101
|
+
|
|
102
|
+
{ value: T.must(local_entry[:value]), variable: var_name, file: T.must(local_entry[:file]) }
|
|
103
|
+
end
|
|
104
|
+
|
|
71
105
|
sig { params(details: T.any(String, T::Hash[String, T.untyped])).returns(T::Boolean) }
|
|
72
106
|
def builtin_provider?(details)
|
|
73
107
|
return false unless details.is_a?(Hash)
|
|
@@ -163,6 +197,15 @@ module Dependabot
|
|
|
163
197
|
else name
|
|
164
198
|
end
|
|
165
199
|
version_req = details["version"]&.strip
|
|
200
|
+
|
|
201
|
+
req_file = file.name
|
|
202
|
+
resolved = version_req ? resolve_local_reference(version_req) : nil
|
|
203
|
+
if resolved
|
|
204
|
+
version_req = resolved[:value]
|
|
205
|
+
req_file = T.must(resolved[:file])
|
|
206
|
+
source[:local_variable] = resolved[:variable]
|
|
207
|
+
end
|
|
208
|
+
|
|
166
209
|
version =
|
|
167
210
|
if source[:type] == "git" then version_from_ref(source[:ref])
|
|
168
211
|
elsif source[:type] == "oci" then source[:version]
|
|
@@ -176,7 +219,7 @@ module Dependabot
|
|
|
176
219
|
requirements: [
|
|
177
220
|
{ requirement: version_req,
|
|
178
221
|
groups: [],
|
|
179
|
-
file:
|
|
222
|
+
file: req_file,
|
|
180
223
|
source: source }
|
|
181
224
|
]
|
|
182
225
|
)
|
|
@@ -91,7 +91,11 @@ module Dependabot
|
|
|
91
91
|
when "git"
|
|
92
92
|
update_git_declaration(new_req, old_req, content, file.name)
|
|
93
93
|
when "registry", "provider"
|
|
94
|
-
|
|
94
|
+
if new_req[:source][:local_variable]
|
|
95
|
+
update_local_variable_declaration(new_req, old_req, content)
|
|
96
|
+
else
|
|
97
|
+
update_registry_declaration(new_req, old_req, content)
|
|
98
|
+
end
|
|
95
99
|
when "oci"
|
|
96
100
|
update_oci_declaration(new_req, old_req, content)
|
|
97
101
|
else
|
|
@@ -176,6 +180,31 @@ module Dependabot
|
|
|
176
180
|
end
|
|
177
181
|
end
|
|
178
182
|
|
|
183
|
+
sig do
|
|
184
|
+
params(
|
|
185
|
+
new_req: T::Hash[Symbol, T.untyped],
|
|
186
|
+
old_req: T.nilable(T::Hash[Symbol, T.untyped]),
|
|
187
|
+
updated_content: String
|
|
188
|
+
)
|
|
189
|
+
.void
|
|
190
|
+
end
|
|
191
|
+
def update_local_variable_declaration(new_req, old_req, updated_content)
|
|
192
|
+
var_name = new_req[:source][:local_variable]
|
|
193
|
+
old_version = old_req&.fetch(:requirement)
|
|
194
|
+
new_version = new_req[:requirement]
|
|
195
|
+
return if old_version.nil? || new_version.nil? || old_version == new_version
|
|
196
|
+
|
|
197
|
+
local_var_regex = /
|
|
198
|
+
(?<prefix>\b#{Regexp.escape(var_name)}\s*=\s*["'])
|
|
199
|
+
#{Regexp.escape(old_version)}
|
|
200
|
+
(?<suffix>["'])
|
|
201
|
+
/x
|
|
202
|
+
|
|
203
|
+
updated_content.sub!(local_var_regex) do
|
|
204
|
+
"#{Regexp.last_match(:prefix)}#{new_version}#{Regexp.last_match(:suffix)}"
|
|
205
|
+
end
|
|
206
|
+
end
|
|
207
|
+
|
|
179
208
|
sig { params(content: String, declaration_regex: Regexp).returns(T::Array[String]) }
|
|
180
209
|
def extract_provider_h1_hashes(content, declaration_regex)
|
|
181
210
|
content.match(declaration_regex).to_s
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-opentofu
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.377.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -15,14 +15,14 @@ dependencies:
|
|
|
15
15
|
requirements:
|
|
16
16
|
- - '='
|
|
17
17
|
- !ruby/object:Gem::Version
|
|
18
|
-
version: 0.
|
|
18
|
+
version: 0.377.0
|
|
19
19
|
type: :runtime
|
|
20
20
|
prerelease: false
|
|
21
21
|
version_requirements: !ruby/object:Gem::Requirement
|
|
22
22
|
requirements:
|
|
23
23
|
- - '='
|
|
24
24
|
- !ruby/object:Gem::Version
|
|
25
|
-
version: 0.
|
|
25
|
+
version: 0.377.0
|
|
26
26
|
- !ruby/object:Gem::Dependency
|
|
27
27
|
name: debug
|
|
28
28
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -262,7 +262,7 @@ licenses:
|
|
|
262
262
|
- MIT
|
|
263
263
|
metadata:
|
|
264
264
|
bug_tracker_uri: https://github.com/dependabot/dependabot-core/issues
|
|
265
|
-
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.
|
|
265
|
+
changelog_uri: https://github.com/dependabot/dependabot-core/releases/tag/v0.377.0
|
|
266
266
|
rdoc_options: []
|
|
267
267
|
require_paths:
|
|
268
268
|
- lib
|