dependabot-terraform 0.169.2 → 0.169.6
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 19312fc4f1fa16e8878ca9341dc9220aea89631a8e2bc3e333c5d60552f8169f
|
4
|
+
data.tar.gz: 1ca7744b561dc23dcb18a21b84fd4af2066d5ad81a5a9b00063a36f0d7dd8678
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e091cc8432b35b2a1df07e203a2b500466ff667b4902551a683eff652e6f8dfaad1e077d8737fd9454a7f203ef3590dd0824d5632880df5399bf37afd04076d9
|
7
|
+
data.tar.gz: f2be046391dea598cb3eaac590957fab48a2cb63887642321ac4ddf183ab89f99f50e124211fda6b81431f48aa249fed3b8ee436b5a63d17a0f3a58fe7b74c60
|
@@ -28,10 +28,26 @@ module Dependabot
|
|
28
28
|
def parse
|
29
29
|
dependency_set = DependencySet.new
|
30
30
|
|
31
|
+
parse_terraform_files(dependency_set)
|
32
|
+
|
33
|
+
parse_terragrunt_files(dependency_set)
|
34
|
+
|
35
|
+
dependency_set.dependencies.sort_by(&:name)
|
36
|
+
end
|
37
|
+
|
38
|
+
private
|
39
|
+
|
40
|
+
def parse_terraform_files(dependency_set)
|
31
41
|
terraform_files.each do |file|
|
32
42
|
modules = parsed_file(file).fetch("module", {})
|
33
43
|
modules.each do |name, details|
|
34
|
-
|
44
|
+
details = details.first
|
45
|
+
|
46
|
+
source = source_from(details)
|
47
|
+
# Cannot update local path modules, skip
|
48
|
+
next if source[:type] == "path"
|
49
|
+
|
50
|
+
dependency_set << build_terraform_dependency(file, name, source, details)
|
35
51
|
end
|
36
52
|
|
37
53
|
parsed_file(file).fetch("terraform", []).each do |terraform|
|
@@ -43,7 +59,9 @@ module Dependabot
|
|
43
59
|
end
|
44
60
|
end
|
45
61
|
end
|
62
|
+
end
|
46
63
|
|
64
|
+
def parse_terragrunt_files(dependency_set)
|
47
65
|
terragrunt_files.each do |file|
|
48
66
|
modules = parsed_file(file).fetch("terraform", [])
|
49
67
|
modules.each do |details|
|
@@ -52,19 +70,15 @@ module Dependabot
|
|
52
70
|
dependency_set << build_terragrunt_dependency(file, details)
|
53
71
|
end
|
54
72
|
end
|
55
|
-
|
56
|
-
dependency_set.dependencies.sort_by(&:name)
|
57
73
|
end
|
58
74
|
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
details = details.first
|
63
|
-
|
64
|
-
source = source_from(details)
|
75
|
+
def build_terraform_dependency(file, name, source, details)
|
76
|
+
# dep_name should be unique for a source, using the info derived from
|
77
|
+
# the source or the source name provides this uniqueness
|
65
78
|
dep_name = case source[:type]
|
66
79
|
when "registry" then source[:module_identifier]
|
67
80
|
when "provider" then details["source"]
|
81
|
+
when "git" then git_dependency_name(name, source)
|
68
82
|
else name
|
69
83
|
end
|
70
84
|
version_req = details["version"]&.strip
|
@@ -199,6 +213,15 @@ module Dependabot
|
|
199
213
|
end
|
200
214
|
end
|
201
215
|
|
216
|
+
def git_dependency_name(name, source)
|
217
|
+
git_source = Source.from_url(source[:url])
|
218
|
+
if source[:ref]
|
219
|
+
name + "::" + git_source.provider + "::" + git_source.repo + "::" + source[:ref]
|
220
|
+
else
|
221
|
+
name + "::" + git_source.provider + "::" + git_source.repo
|
222
|
+
end
|
223
|
+
end
|
224
|
+
|
202
225
|
def git_source_details_from(source_string)
|
203
226
|
git_url = source_string.strip.gsub(/^git::/, "")
|
204
227
|
git_url = "https://" + git_url unless git_url.start_with?("git@") || git_url.include?("://")
|
@@ -266,7 +289,7 @@ module Dependabot
|
|
266
289
|
return :path if source_string.start_with?(".")
|
267
290
|
return :github if source_string.include?("github.com")
|
268
291
|
return :bitbucket if source_string.start_with?("bitbucket.org/")
|
269
|
-
return :git if source_string.start_with?("git::")
|
292
|
+
return :git if source_string.start_with?("git::") || source_string.start_with?("git@")
|
270
293
|
return :mercurial if source_string.start_with?("hg::")
|
271
294
|
return :s3 if source_string.start_with?("s3::")
|
272
295
|
|
@@ -199,10 +199,11 @@ module Dependabot
|
|
199
199
|
return /terraform\s*\{(?:(?!^\}).)*/m if terragrunt_file?(filename)
|
200
200
|
|
201
201
|
# For modules we can do better - filter for module blocks that use the
|
202
|
-
# name of the
|
202
|
+
# name of the module
|
203
|
+
module_name = dependency.name.split("::").first
|
203
204
|
/
|
204
|
-
|
205
|
-
|
205
|
+
module\s+["']#{Regexp.escape(module_name)}["']\s*\{
|
206
|
+
(?:(?!^\}).)*
|
206
207
|
/mx
|
207
208
|
end
|
208
209
|
|
data/lib/dependabot/terraform.rb
CHANGED
@@ -20,3 +20,14 @@ Dependabot::Dependency.
|
|
20
20
|
|
21
21
|
require "dependabot/utils"
|
22
22
|
Dependabot::Utils.register_always_clone("terraform")
|
23
|
+
|
24
|
+
Dependabot::Dependency.
|
25
|
+
register_display_name_builder(
|
26
|
+
"terraform",
|
27
|
+
lambda { |name|
|
28
|
+
# Only modify the name if it a git source dependency
|
29
|
+
next unless name.include? "::"
|
30
|
+
|
31
|
+
name.split("::").first + "::" + name.split("::")[2].split("/").last
|
32
|
+
}
|
33
|
+
)
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: dependabot-terraform
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.169.
|
4
|
+
version: 0.169.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Dependabot
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-12-13 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: dependabot-common
|
@@ -16,14 +16,14 @@ dependencies:
|
|
16
16
|
requirements:
|
17
17
|
- - '='
|
18
18
|
- !ruby/object:Gem::Version
|
19
|
-
version: 0.169.
|
19
|
+
version: 0.169.6
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
24
|
- - '='
|
25
25
|
- !ruby/object:Gem::Version
|
26
|
-
version: 0.169.
|
26
|
+
version: 0.169.6
|
27
27
|
- !ruby/object:Gem::Dependency
|
28
28
|
name: byebug
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
@@ -100,14 +100,14 @@ dependencies:
|
|
100
100
|
requirements:
|
101
101
|
- - "~>"
|
102
102
|
- !ruby/object:Gem::Version
|
103
|
-
version: 1.
|
103
|
+
version: 1.23.0
|
104
104
|
type: :development
|
105
105
|
prerelease: false
|
106
106
|
version_requirements: !ruby/object:Gem::Requirement
|
107
107
|
requirements:
|
108
108
|
- - "~>"
|
109
109
|
- !ruby/object:Gem::Version
|
110
|
-
version: 1.
|
110
|
+
version: 1.23.0
|
111
111
|
- !ruby/object:Gem::Dependency
|
112
112
|
name: simplecov
|
113
113
|
requirement: !ruby/object:Gem::Requirement
|
@@ -216,7 +216,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
216
216
|
- !ruby/object:Gem::Version
|
217
217
|
version: 2.5.0
|
218
218
|
requirements: []
|
219
|
-
rubygems_version: 3.2.
|
219
|
+
rubygems_version: 3.2.32
|
220
220
|
signing_key:
|
221
221
|
specification_version: 4
|
222
222
|
summary: Terraform support for dependabot
|