dependabot-terraform 0.169.0 → 0.169.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_parser.rb +32 -9
- data/lib/dependabot/terraform/file_updater.rb +4 -3
- data/lib/dependabot/terraform.rb +11 -0
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 47eced386a99b0230813e6c4417311d540ccb7e758eeff31a73c9716ac11b464
|
|
4
|
+
data.tar.gz: 60b40ae0b8fa70c86bbce95ffa6ba3d9eba433b1865e7e788f902179ca96eeb4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 920dc0b2f3e954fd2bb96f5451e706fdf90675b355d941613c403eb0f2601eb31875ec44492b8b8634bce4c0acbd8fb06210bed50d9902f2199ba9b3d888212b
|
|
7
|
+
data.tar.gz: 61879a3fdc8c61d06f19ac0d511ae1155ac552da009d897d6e2a399682227175fc0967bbb2f19b5e3d80d7cc58cfb17882652328b76b522da1f815dfb13fcb3d
|
|
@@ -28,10 +28,26 @@ module Dependabot
|
|
|
28
28
|
def parse
|
|
29
29
|
dependency_set = DependencySet.new
|
|
30
30
|
|
|
31
|
+
parse_terraform_files(dependency_set)
|
|
32
|
+
|
|
33
|
+
parse_terragrunt_files(dependency_set)
|
|
34
|
+
|
|
35
|
+
dependency_set.dependencies.sort_by(&:name)
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
private
|
|
39
|
+
|
|
40
|
+
def parse_terraform_files(dependency_set)
|
|
31
41
|
terraform_files.each do |file|
|
|
32
42
|
modules = parsed_file(file).fetch("module", {})
|
|
33
43
|
modules.each do |name, details|
|
|
34
|
-
|
|
44
|
+
details = details.first
|
|
45
|
+
|
|
46
|
+
source = source_from(details)
|
|
47
|
+
# Cannot update local path modules, skip
|
|
48
|
+
next if source[:type] == "path"
|
|
49
|
+
|
|
50
|
+
dependency_set << build_terraform_dependency(file, name, source, details)
|
|
35
51
|
end
|
|
36
52
|
|
|
37
53
|
parsed_file(file).fetch("terraform", []).each do |terraform|
|
|
@@ -43,7 +59,9 @@ module Dependabot
|
|
|
43
59
|
end
|
|
44
60
|
end
|
|
45
61
|
end
|
|
62
|
+
end
|
|
46
63
|
|
|
64
|
+
def parse_terragrunt_files(dependency_set)
|
|
47
65
|
terragrunt_files.each do |file|
|
|
48
66
|
modules = parsed_file(file).fetch("terraform", [])
|
|
49
67
|
modules.each do |details|
|
|
@@ -52,19 +70,15 @@ module Dependabot
|
|
|
52
70
|
dependency_set << build_terragrunt_dependency(file, details)
|
|
53
71
|
end
|
|
54
72
|
end
|
|
55
|
-
|
|
56
|
-
dependency_set.dependencies.sort_by(&:name)
|
|
57
73
|
end
|
|
58
74
|
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
details = details.first
|
|
63
|
-
|
|
64
|
-
source = source_from(details)
|
|
75
|
+
def build_terraform_dependency(file, name, source, details)
|
|
76
|
+
# dep_name should be unique for a source, using the info derived from
|
|
77
|
+
# the source or the source name provides this uniqueness
|
|
65
78
|
dep_name = case source[:type]
|
|
66
79
|
when "registry" then source[:module_identifier]
|
|
67
80
|
when "provider" then details["source"]
|
|
81
|
+
when "git" then git_dependency_name(name, source)
|
|
68
82
|
else name
|
|
69
83
|
end
|
|
70
84
|
version_req = details["version"]&.strip
|
|
@@ -199,6 +213,15 @@ module Dependabot
|
|
|
199
213
|
end
|
|
200
214
|
end
|
|
201
215
|
|
|
216
|
+
def git_dependency_name(name, source)
|
|
217
|
+
git_source = Source.from_url(source[:url])
|
|
218
|
+
if source[:ref]
|
|
219
|
+
name + "::" + git_source.provider + "::" + git_source.repo + "::" + source[:ref]
|
|
220
|
+
else
|
|
221
|
+
name + "::" + git_source.provider + "::" + git_source.repo
|
|
222
|
+
end
|
|
223
|
+
end
|
|
224
|
+
|
|
202
225
|
def git_source_details_from(source_string)
|
|
203
226
|
git_url = source_string.strip.gsub(/^git::/, "")
|
|
204
227
|
git_url = "https://" + git_url unless git_url.start_with?("git@") || git_url.include?("://")
|
|
@@ -199,10 +199,11 @@ module Dependabot
|
|
|
199
199
|
return /terraform\s*\{(?:(?!^\}).)*/m if terragrunt_file?(filename)
|
|
200
200
|
|
|
201
201
|
# For modules we can do better - filter for module blocks that use the
|
|
202
|
-
# name of the
|
|
202
|
+
# name of the module
|
|
203
|
+
module_name = dependency.name.split("::").first
|
|
203
204
|
/
|
|
204
|
-
|
|
205
|
-
|
|
205
|
+
module\s+["']#{Regexp.escape(module_name)}["']\s*\{
|
|
206
|
+
(?:(?!^\}).)*
|
|
206
207
|
/mx
|
|
207
208
|
end
|
|
208
209
|
|
data/lib/dependabot/terraform.rb
CHANGED
|
@@ -20,3 +20,14 @@ Dependabot::Dependency.
|
|
|
20
20
|
|
|
21
21
|
require "dependabot/utils"
|
|
22
22
|
Dependabot::Utils.register_always_clone("terraform")
|
|
23
|
+
|
|
24
|
+
Dependabot::Dependency.
|
|
25
|
+
register_display_name_builder(
|
|
26
|
+
"terraform",
|
|
27
|
+
lambda { |name|
|
|
28
|
+
# Only modify the name if it a git source dependency
|
|
29
|
+
next unless name.include? "::"
|
|
30
|
+
|
|
31
|
+
name.split("::").first + "::" + name.split("::")[2].split("/").last
|
|
32
|
+
}
|
|
33
|
+
)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.169.
|
|
4
|
+
version: 0.169.4
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-12-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.169.
|
|
19
|
+
version: 0.169.4
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.169.
|
|
26
|
+
version: 0.169.4
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -216,7 +216,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
216
216
|
- !ruby/object:Gem::Version
|
|
217
217
|
version: 2.5.0
|
|
218
218
|
requirements: []
|
|
219
|
-
rubygems_version: 3.2.
|
|
219
|
+
rubygems_version: 3.2.32
|
|
220
220
|
signing_key:
|
|
221
221
|
specification_version: 4
|
|
222
222
|
summary: Terraform support for dependabot
|