dependabot-terraform 0.169.1 → 0.169.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/dependabot/terraform/file_parser.rb +33 -10
  3. data/lib/dependabot/terraform/file_updater.rb +4 -3
  4. data/lib/dependabot/terraform/requirements_updater.rb +2 -1
  5. data/lib/dependabot/terraform.rb +11 -0
  6. metadata +7 -7
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 46dc9c246c2c7eb8c18c28344ddd886b0c08e54302895e1313ef2d36de74cd66
4
- data.tar.gz: adc3ae5bea0a2337cb2fc23e2e74774a2a757baf29e472b30b66758e3f04db95
3
+ metadata.gz: 1f69a35014f8e88015a1a81f48124ebc71c24cef0e85e6a651cb6b59a84ad407
4
+ data.tar.gz: ea436520a5b0583ec6faee7d81f0c4bc026b2ef162626a43818d7a08058236a5
5
5
  SHA512:
6
- metadata.gz: f72d1d1fcd12b716b84d81c09be625edd7bb4732fcef18c9589007c3b8502e1e5d0b638a61944e7d6270af784e29b38f6a81f360ec987c454cf3c619268ba3c0
7
- data.tar.gz: a740bf24ecf22855aab413aaafed1c91eafe6e165365d3e6cdca12ffcced8ae4d7bddf56163a28a2d4f8c93fc2050f1dd5d88698331a764a9a06c26c025fa365
6
+ metadata.gz: e09be43757ce085c880f89be18b1386f1f6a9db53cc56e2a9b5975558cf922c6224ebea8b4eab6f5f73e6bbe1969509bb8eb4f229a3f60263a3ef30ff567c1f1
7
+ data.tar.gz: aa4a059bae15c3a0ead1f80ea4d726003f49f1ec38c0eaaf42a604cc1d673cf4b36854dded6eda2217fed52035e0625ad72b353395ebe06a3bb21b2417e34c36
data/lib/dependabot/terraform/file_parser.rb CHANGED
@@ -28,10 +28,26 @@ module Dependabot
28
28
  def parse
29
29
  dependency_set = DependencySet.new
30
30
 
31
+ parse_terraform_files(dependency_set)
32
+
33
+ parse_terragrunt_files(dependency_set)
34
+
35
+ dependency_set.dependencies.sort_by(&:name)
36
+ end
37
+
38
+ private
39
+
40
+ def parse_terraform_files(dependency_set)
31
41
  terraform_files.each do |file|
32
42
  modules = parsed_file(file).fetch("module", {})
33
43
  modules.each do |name, details|
34
- dependency_set << build_terraform_dependency(file, name, details)
44
+ details = details.first
45
+
46
+ source = source_from(details)
47
+ # Cannot update local path modules, skip
48
+ next if source[:type] == "path"
49
+
50
+ dependency_set << build_terraform_dependency(file, name, source, details)
35
51
  end
36
52
 
37
53
  parsed_file(file).fetch("terraform", []).each do |terraform|
@@ -43,7 +59,9 @@ module Dependabot
43
59
  end
44
60
  end
45
61
  end
62
+ end
46
63
 
64
+ def parse_terragrunt_files(dependency_set)
47
65
  terragrunt_files.each do |file|
48
66
  modules = parsed_file(file).fetch("terraform", [])
49
67
  modules.each do |details|
@@ -52,19 +70,15 @@ module Dependabot
52
70
  dependency_set << build_terragrunt_dependency(file, details)
53
71
  end
54
72
  end
55
-
56
- dependency_set.dependencies.sort_by(&:name)
57
73
  end
58
74
 
59
- private
60
-
61
- def build_terraform_dependency(file, name, details)
62
- details = details.first
63
-
64
- source = source_from(details)
75
+ def build_terraform_dependency(file, name, source, details)
76
+ # dep_name should be unique for a source, using the info derived from
77
+ # the source or the source name provides this uniqueness
65
78
  dep_name = case source[:type]
66
79
  when "registry" then source[:module_identifier]
67
80
  when "provider" then details["source"]
81
+ when "git" then git_dependency_name(name, source)
68
82
  else name
69
83
  end
70
84
  version_req = details["version"]&.strip
@@ -199,6 +213,15 @@ module Dependabot
199
213
  end
200
214
  end
201
215
 
216
+ def git_dependency_name(name, source)
217
+ git_source = Source.from_url(source[:url])
218
+ if source[:ref]
219
+ name + "::" + git_source.provider + "::" + git_source.repo + "::" + source[:ref]
220
+ else
221
+ name + "::" + git_source.provider + "::" + git_source.repo
222
+ end
223
+ end
224
+
202
225
  def git_source_details_from(source_string)
203
226
  git_url = source_string.strip.gsub(/^git::/, "")
204
227
  git_url = "https://" + git_url unless git_url.start_with?("git@") || git_url.include?("://")
@@ -266,7 +289,7 @@ module Dependabot
266
289
  return :path if source_string.start_with?(".")
267
290
  return :github if source_string.include?("github.com")
268
291
  return :bitbucket if source_string.start_with?("bitbucket.org/")
269
- return :git if source_string.start_with?("git::")
292
+ return :git if source_string.start_with?("git::") || source_string.start_with?("git@")
270
293
  return :mercurial if source_string.start_with?("hg::")
271
294
  return :s3 if source_string.start_with?("s3::")
272
295
 
data/lib/dependabot/terraform/file_updater.rb CHANGED
@@ -199,10 +199,11 @@ module Dependabot
199
199
  return /terraform\s*\{(?:(?!^\}).)*/m if terragrunt_file?(filename)
200
200
 
201
201
  # For modules we can do better - filter for module blocks that use the
202
- # name of the dependency
202
+ # name of the module
203
+ module_name = dependency.name.split("::").first
203
204
  /
204
- module\s+["']#{Regexp.escape(dependency.name)}["']\s*\{
205
- (?:(?!^\}).)*
205
+ module\s+["']#{Regexp.escape(module_name)}["']\s*\{
206
+ (?:(?!^\}).)*
206
207
  /mx
207
208
  end
208
209
 
data/lib/dependabot/terraform/requirements_updater.rb CHANGED
@@ -161,7 +161,8 @@ module Dependabot
161
161
  version_to_be_permitted.segments[index]
162
162
  elsif index == index_to_update
163
163
  version_to_be_permitted.segments[index] + 1
164
- else 0
164
+ else
165
+ 0
165
166
  end
166
167
  end
167
168
 
data/lib/dependabot/terraform.rb CHANGED
@@ -20,3 +20,14 @@ Dependabot::Dependency.
20
20
 
21
21
  require "dependabot/utils"
22
22
  Dependabot::Utils.register_always_clone("terraform")
23
+
24
+ Dependabot::Dependency.
25
+ register_display_name_builder(
26
+ "terraform",
27
+ lambda { |name|
28
+ # Only modify the name if it a git source dependency
29
+ next unless name.include? "::"
30
+
31
+ name.split("::").first + "::" + name.split("::")[2].split("/").last
32
+ }
33
+ )
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-terraform
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.169.1
4
+ version: 0.169.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-11-29 00:00:00.000000000 Z
11
+ date: 2021-12-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.169.1
19
+ version: 0.169.5
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.169.1
26
+ version: 0.169.5
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.18.0
103
+ version: 1.23.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.18.0
110
+ version: 1.23.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: simplecov
113
113
  requirement: !ruby/object:Gem::Requirement
@@ -216,7 +216,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
216
216
  - !ruby/object:Gem::Version
217
217
  version: 2.5.0
218
218
  requirements: []
219
- rubygems_version: 3.2.22
219
+ rubygems_version: 3.2.32
220
220
  signing_key:
221
221
  specification_version: 4
222
222
  summary: Terraform support for dependabot