dependabot-terraform 0.152.1 → 0.154.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/helpers/build +1 -1
- data/lib/dependabot/terraform/file_parser.rb +13 -9
- data/lib/dependabot/terraform/registry_client.rb +6 -3
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 1940c94cf36d511b5f215cde7e6ef9e5d9944253b02425678d3ccba855d211d3
|
4
|
+
data.tar.gz: 8febc5b9b592e91b15ceba2019f517211a8ee09cecd08e53c80af823fe92925c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ae2243b9bbf0c9e61b2bf0cb92849f00a557cd4e45ba137ea4831454faec879d77fd666636aa6a820b27daa505af77d42acea5a9ed57f5e74917ea59ce131203
|
7
|
+
data.tar.gz: dc40d3d659ffe40a08fd7d2912e9a2eeb09ae009f2bd4c8e73c5b2e096e511ec8def4e37f662a1057cf0b9c9a4b357b1d3559be0764ad46713aaf0aaec68e8e7
|
data/helpers/build
CHANGED
@@ -17,6 +17,6 @@ os="$(uname -s | tr '[:upper:]' '[:lower:]')"
|
|
17
17
|
hcl2json_checksum="24068f1e25a34d8f8ca763f34fce11527472891bfa834d1504f665855021d5d4"
|
18
18
|
hcl2json_url="https://github.com/tmccombs/hcl2json/releases/download/v0.3.3/hcl2json_${os}_amd64"
|
19
19
|
hcl2json_path="$install_dir/bin/hcl2json"
|
20
|
-
|
20
|
+
curl -sSLfo "$hcl2json_path" "$hcl2json_url"
|
21
21
|
echo "$hcl2json_checksum $hcl2json_path" | sha256sum -c
|
22
22
|
chmod +x "$install_dir/bin/hcl2json"
|
@@ -170,13 +170,11 @@ module Dependabot
|
|
170
170
|
end
|
171
171
|
|
172
172
|
def provider_source_from(source_address, name)
|
173
|
-
|
174
|
-
|
175
|
-
matches = source_address.match(PROVIDER_SOURCE_ADDRESS)
|
173
|
+
matches = source_address&.match(PROVIDER_SOURCE_ADDRESS)
|
176
174
|
[
|
177
|
-
matches[:hostname
|
178
|
-
matches[:namespace
|
179
|
-
matches[:name
|
175
|
+
matches.try(:[], :hostname) || DEFAULT_REGISTRY,
|
176
|
+
matches.try(:[], :namespace) || DEFAULT_NAMESPACE,
|
177
|
+
matches.try(:[], :name) || name
|
180
178
|
]
|
181
179
|
end
|
182
180
|
|
@@ -233,20 +231,22 @@ module Dependabot
|
|
233
231
|
# rubocop:disable Metrics/PerceivedComplexity
|
234
232
|
# See https://www.terraform.io/docs/modules/sources.html#http-urls for
|
235
233
|
# details of how Terraform handle HTTP(S) sources for modules
|
236
|
-
def get_proxied_source(raw_source)
|
234
|
+
def get_proxied_source(raw_source) # rubocop:disable Metrics/AbcSize
|
237
235
|
return raw_source unless raw_source.start_with?("http")
|
238
236
|
|
239
237
|
uri = URI.parse(raw_source.split(%r{(?<!:)//}).first)
|
240
238
|
return raw_source if uri.path.end_with?(*ARCHIVE_EXTENSIONS)
|
241
|
-
return raw_source if URI.parse(raw_source).query
|
239
|
+
return raw_source if URI.parse(raw_source).query&.include?("archive=")
|
242
240
|
|
243
241
|
url = raw_source.split(%r{(?<!:)//}).first + "?terraform-get=1"
|
242
|
+
host = URI.parse(raw_source).host
|
244
243
|
|
245
244
|
response = Excon.get(
|
246
245
|
url,
|
247
246
|
idempotent: true,
|
248
247
|
**SharedHelpers.excon_defaults
|
249
248
|
)
|
249
|
+
raise PrivateSourceAuthenticationFailure, host if response.status == 401
|
250
250
|
|
251
251
|
return response.headers["X-Terraform-Get"] if response.headers["X-Terraform-Get"]
|
252
252
|
|
@@ -254,6 +254,10 @@ module Dependabot
|
|
254
254
|
doc.css("meta").find do |tag|
|
255
255
|
tag.attributes&.fetch("name", nil)&.value == "terraform-get"
|
256
256
|
end&.attributes&.fetch("content", nil)&.value
|
257
|
+
rescue Excon::Error::Socket, Excon::Error::Timeout => e
|
258
|
+
raise PrivateSourceAuthenticationFailure, host if e.message.include?("no address for")
|
259
|
+
|
260
|
+
raw_source
|
257
261
|
end
|
258
262
|
# rubocop:enable Metrics/PerceivedComplexity
|
259
263
|
|
@@ -273,7 +277,7 @@ module Dependabot
|
|
273
277
|
path_uri = URI.parse(source_string.split(%r{(?<!:)//}).first)
|
274
278
|
query_uri = URI.parse(source_string)
|
275
279
|
return :http_archive if path_uri.path.end_with?(*ARCHIVE_EXTENSIONS)
|
276
|
-
return :http_archive if query_uri.query
|
280
|
+
return :http_archive if query_uri.query&.include?("archive=")
|
277
281
|
|
278
282
|
raise "HTTP source, but not an archive!"
|
279
283
|
end
|
@@ -58,15 +58,17 @@ module Dependabot
|
|
58
58
|
#
|
59
59
|
# @param dependency [Dependabot::Dependency] the dependency who's source
|
60
60
|
# we're attempting to find
|
61
|
-
# @return Dependabot::Source
|
62
|
-
# @raise [Dependabot::DependabotError] when the source cannot be retrieved
|
61
|
+
# @return [nil, Dependabot::Source]
|
63
62
|
def source(dependency:)
|
64
63
|
type = dependency.requirements.first[:source][:type]
|
65
64
|
base_url = service_url_for(service_key_for(type))
|
66
|
-
response = http_get
|
65
|
+
response = http_get(URI.join(base_url, "#{dependency.name}/#{dependency.version}"))
|
66
|
+
return nil unless response.status == 200
|
67
67
|
|
68
68
|
source_url = JSON.parse(response.body).fetch("source")
|
69
69
|
Source.from_url(source_url) if source_url
|
70
|
+
rescue JSON::ParserError, Excon::Error::Timeout
|
71
|
+
nil
|
70
72
|
end
|
71
73
|
|
72
74
|
# Perform service discovery and return the absolute URL for
|
@@ -121,6 +123,7 @@ module Dependabot
|
|
121
123
|
def http_get!(url)
|
122
124
|
response = http_get(url)
|
123
125
|
|
126
|
+
raise Dependabot::PrivateSourceAuthenticationFailure, hostname if response.status == 401
|
124
127
|
raise error("Response from registry was #{response.status}") unless response.status == 200
|
125
128
|
|
126
129
|
response
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-terraform
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.
|
4
|
+
version: 0.154.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-06-
|
11
|
+
date: 2021-06-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.
|
19
|
+
version: 0.154.3
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.
|
26
|
+
version: 0.154.3
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|