dependabot-terraform 0.211.0 → 0.213.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_fetcher.rb +1 -1
- data/lib/dependabot/terraform/file_parser.rb +4 -4
- data/lib/dependabot/terraform/file_updater.rb +30 -6
- data/lib/dependabot/terraform/metadata_finder.rb +2 -2
- data/lib/dependabot/terraform/registry_client.rb +1 -3
- data/lib/dependabot/terraform/requirement.rb +2 -2
- data/lib/dependabot/terraform/requirements_updater.rb +1 -1
- metadata +14 -42
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ea09f7b5541cb5d4312fc3a71c476238017f1a581fa310e81101e34cf394ad35
|
|
4
|
+
data.tar.gz: c8ba129b49830caf26533b356c5753ff96822d5a7ca25427de53885fc0fd908d
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 6078a25195ced921328ca94c4e26a6d7dcdb6e9e9b6435fdf4f5ffa4513376fbd9c0dc41accfc945a8f242db4a63dd2f8413f32fb61913eff8d0308ff9728542
|
|
7
|
+
data.tar.gz: b073da62d0f06cedaef1867b2f589d434bb265dd6a22507c654d7638182010c98b00dd788bd5d0d1dc1dae0dd6bb38806c115b1648174194af74dd851ddafabf
|
|
@@ -10,7 +10,7 @@ module Dependabot
|
|
|
10
10
|
include FileSelector
|
|
11
11
|
|
|
12
12
|
# https://www.terraform.io/docs/language/modules/sources.html#local-paths
|
|
13
|
-
LOCAL_PATH_SOURCE = %r{source\s*=\s*['"](?<path>..?\/[^'"]+)}
|
|
13
|
+
LOCAL_PATH_SOURCE = %r{source\s*=\s*['"](?<path>..?\/[^'"]+)}
|
|
14
14
|
|
|
15
15
|
def self.required_files_in?(filenames)
|
|
16
16
|
filenames.any? { |f| f.end_with?(".tf", ".hcl") }
|
|
@@ -24,7 +24,7 @@ module Dependabot
|
|
|
24
24
|
DEFAULT_REGISTRY = "registry.terraform.io"
|
|
25
25
|
DEFAULT_NAMESPACE = "hashicorp"
|
|
26
26
|
# https://www.terraform.io/docs/language/providers/requirements.html#source-addresses
|
|
27
|
-
PROVIDER_SOURCE_ADDRESS = %r{\A((?<hostname>.+)/)?(?<namespace>.+)/(?<name>.+)\z}
|
|
27
|
+
PROVIDER_SOURCE_ADDRESS = %r{\A((?<hostname>.+)/)?(?<namespace>.+)/(?<name>.+)\z}
|
|
28
28
|
|
|
29
29
|
def parse
|
|
30
30
|
dependency_set = DependencySet.new
|
|
@@ -129,8 +129,8 @@ module Dependabot
|
|
|
129
129
|
def deprecated_provider_error(file)
|
|
130
130
|
raise Dependabot::DependencyFileNotParseable.new(
|
|
131
131
|
file.path,
|
|
132
|
-
"This terraform provider syntax is now deprecated.\n"\
|
|
133
|
-
"See https://www.terraform.io/docs/language/providers/requirements.html "\
|
|
132
|
+
"This terraform provider syntax is now deprecated.\n" \
|
|
133
|
+
"See https://www.terraform.io/docs/language/providers/requirements.html " \
|
|
134
134
|
"for the new Terraform v0.13+ provider syntax."
|
|
135
135
|
)
|
|
136
136
|
end
|
|
@@ -262,7 +262,7 @@ module Dependabot
|
|
|
262
262
|
return :path if source_string.start_with?(".")
|
|
263
263
|
return :github if source_string.start_with?("github.com/")
|
|
264
264
|
return :bitbucket if source_string.start_with?("bitbucket.org/")
|
|
265
|
-
return :git if source_string.start_with?("git::"
|
|
265
|
+
return :git if source_string.start_with?("git::", "git@")
|
|
266
266
|
return :mercurial if source_string.start_with?("hg::")
|
|
267
267
|
return :s3 if source_string.start_with?("s3::")
|
|
268
268
|
|
|
@@ -11,9 +11,9 @@ module Dependabot
|
|
|
11
11
|
class FileUpdater < Dependabot::FileUpdaters::Base
|
|
12
12
|
include FileSelector
|
|
13
13
|
|
|
14
|
-
PRIVATE_MODULE_ERROR = /Could not download module.*code from\n.*\"(?<repo>\S+)\"
|
|
15
|
-
MODULE_NOT_INSTALLED_ERROR = /Module not installed.*module\s*\"(?<mod>\S+)\"/m
|
|
16
|
-
GIT_HTTPS_PREFIX = %r{^git::https://}
|
|
14
|
+
PRIVATE_MODULE_ERROR = /Could not download module.*code from\n.*\"(?<repo>\S+)\":/
|
|
15
|
+
MODULE_NOT_INSTALLED_ERROR = /Module not installed.*module\s*\"(?<mod>\S+)\"/m
|
|
16
|
+
GIT_HTTPS_PREFIX = %r{^git::https://}
|
|
17
17
|
|
|
18
18
|
def self.updated_files_regex
|
|
19
19
|
[/\.tf$/, /\.hcl$/]
|
|
@@ -48,6 +48,30 @@ module Dependabot
|
|
|
48
48
|
|
|
49
49
|
private
|
|
50
50
|
|
|
51
|
+
# Terraform allows to use a module from the same source multiple times
|
|
52
|
+
# To detect any changes in dependencies we need to overwrite an implementation from the base class
|
|
53
|
+
#
|
|
54
|
+
# Example (for simplicity other parameters are skipped):
|
|
55
|
+
# previous_requirements = [{requirement: "0.9.1"}, {requirement: "0.11.0"}]
|
|
56
|
+
# requirements = [{requirement: "0.11.0"}, {requirement: "0.11.0"}]
|
|
57
|
+
#
|
|
58
|
+
# Simple difference between arrays gives:
|
|
59
|
+
# requirements - previous_requirements
|
|
60
|
+
# => []
|
|
61
|
+
# which loses an information that one of our requirements has changed.
|
|
62
|
+
#
|
|
63
|
+
# By using symmetric difference:
|
|
64
|
+
# (requirements - previous_requirements) | (previous_requirements - requirements)
|
|
65
|
+
# => [{requirement: "0.9.1"}]
|
|
66
|
+
# we can detect that change.
|
|
67
|
+
def requirement_changed?(file, dependency)
|
|
68
|
+
changed_requirements =
|
|
69
|
+
(dependency.requirements - dependency.previous_requirements) |
|
|
70
|
+
(dependency.previous_requirements - dependency.requirements)
|
|
71
|
+
|
|
72
|
+
changed_requirements.any? { |f| f[:file] == file.name }
|
|
73
|
+
end
|
|
74
|
+
|
|
51
75
|
def updated_terraform_file_content(file)
|
|
52
76
|
content = file.content.dup
|
|
53
77
|
|
|
@@ -65,7 +89,7 @@ module Dependabot
|
|
|
65
89
|
when "registry", "provider"
|
|
66
90
|
update_registry_declaration(new_req, old_req, content)
|
|
67
91
|
else
|
|
68
|
-
raise "Don't know how to update a #{new_req[:source][:type]} "\
|
|
92
|
+
raise "Don't know how to update a #{new_req[:source][:type]} " \
|
|
69
93
|
"declaration!"
|
|
70
94
|
end
|
|
71
95
|
end
|
|
@@ -89,7 +113,7 @@ module Dependabot
|
|
|
89
113
|
|
|
90
114
|
def update_registry_declaration(new_req, old_req, updated_content)
|
|
91
115
|
regex = new_req[:source][:type] == "provider" ? provider_declaration_regex : registry_declaration_regex
|
|
92
|
-
updated_content.
|
|
116
|
+
updated_content.gsub!(regex) do |regex_match|
|
|
93
117
|
regex_match.sub(/^\s*version\s*=.*/) do |req_line_match|
|
|
94
118
|
req_line_match.sub(old_req[:requirement], new_req[:requirement])
|
|
95
119
|
end
|
|
@@ -313,7 +337,7 @@ module Dependabot
|
|
|
313
337
|
end
|
|
314
338
|
|
|
315
339
|
def registry_host_for(dependency)
|
|
316
|
-
source = dependency.requirements.
|
|
340
|
+
source = dependency.requirements.filter_map { |r| r[:source] }.first
|
|
317
341
|
source[:registry_hostname] || source["registry_hostname"] || "registry.terraform.io"
|
|
318
342
|
end
|
|
319
343
|
|
|
@@ -31,14 +31,14 @@ module Dependabot
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
def find_source_from_git_url
|
|
34
|
-
info = dependency.requirements.
|
|
34
|
+
info = dependency.requirements.filter_map { |r| r[:source] }.first
|
|
35
35
|
|
|
36
36
|
url = info[:url] || info.fetch("url")
|
|
37
37
|
Source.from_url(url)
|
|
38
38
|
end
|
|
39
39
|
|
|
40
40
|
def find_source_from_registry_details
|
|
41
|
-
info = dependency.requirements.
|
|
41
|
+
info = dependency.requirements.filter_map { |r| r[:source] }.first
|
|
42
42
|
hostname = info[:registry_hostname] || info["registry_hostname"]
|
|
43
43
|
|
|
44
44
|
RegistryClient.
|
|
@@ -104,9 +104,7 @@ module Dependabot
|
|
|
104
104
|
|
|
105
105
|
source_url = response.headers.fetch("X-Terraform-Get")
|
|
106
106
|
source_url = URI.join(download_url, source_url) if
|
|
107
|
-
source_url.start_with?("/")
|
|
108
|
-
source_url.start_with?("./") ||
|
|
109
|
-
source_url.start_with?("../")
|
|
107
|
+
source_url.start_with?("/", "./", "../")
|
|
110
108
|
source_url = RegistryClient.get_proxied_source(source_url) if source_url
|
|
111
109
|
when "provider", "providers"
|
|
112
110
|
response = http_get(URI.join(base_url, "#{dependency.name}/#{dependency.version}"))
|
|
@@ -12,7 +12,7 @@ module Dependabot
|
|
|
12
12
|
# https://www.terraform.io/docs/registry/modules/publish.html#requirements
|
|
13
13
|
OPERATORS = OPS.keys.map { |key| Regexp.quote(key) }.join("|").freeze
|
|
14
14
|
PATTERN_RAW = "\\s*(#{OPERATORS})?\\s*v?(#{Gem::Version::VERSION_PATTERN})\\s*"
|
|
15
|
-
PATTERN = /\A#{PATTERN_RAW}\z
|
|
15
|
+
PATTERN = /\A#{PATTERN_RAW}\z/
|
|
16
16
|
|
|
17
17
|
def self.parse(obj)
|
|
18
18
|
return ["=", Version.new(obj.to_s)] if obj.is_a?(Gem::Version)
|
|
@@ -27,7 +27,7 @@ module Dependabot
|
|
|
27
27
|
[matches[1] || "=", Terraform::Version.new(matches[2])]
|
|
28
28
|
end
|
|
29
29
|
|
|
30
|
-
# For consistency with other
|
|
30
|
+
# For consistency with other languages, we define a requirements array.
|
|
31
31
|
# Terraform doesn't have an `OR` separator for requirements, so it
|
|
32
32
|
# always contains a single element.
|
|
33
33
|
def self.requirements_array(requirement_string)
|
|
@@ -130,7 +130,7 @@ module Dependabot
|
|
|
130
130
|
|
|
131
131
|
def at_same_precision(new_version, old_version)
|
|
132
132
|
release_precision =
|
|
133
|
-
old_version.to_s.split(".").
|
|
133
|
+
old_version.to_s.split(".").count { |i| i.match?(/^\d+$/) }
|
|
134
134
|
prerelease_precision =
|
|
135
135
|
old_version.to_s.split(".").count - release_precision
|
|
136
136
|
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.213.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-10-31 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,42 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.213.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
27
|
-
- !ruby/object:Gem::Dependency
|
|
28
|
-
name: debase
|
|
29
|
-
requirement: !ruby/object:Gem::Requirement
|
|
30
|
-
requirements:
|
|
31
|
-
- - '='
|
|
32
|
-
- !ruby/object:Gem::Version
|
|
33
|
-
version: 0.2.3
|
|
34
|
-
type: :development
|
|
35
|
-
prerelease: false
|
|
36
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
37
|
-
requirements:
|
|
38
|
-
- - '='
|
|
39
|
-
- !ruby/object:Gem::Version
|
|
40
|
-
version: 0.2.3
|
|
41
|
-
- !ruby/object:Gem::Dependency
|
|
42
|
-
name: debase-ruby_core_source
|
|
43
|
-
requirement: !ruby/object:Gem::Requirement
|
|
44
|
-
requirements:
|
|
45
|
-
- - '='
|
|
46
|
-
- !ruby/object:Gem::Version
|
|
47
|
-
version: 0.10.16
|
|
48
|
-
type: :development
|
|
49
|
-
prerelease: false
|
|
50
|
-
version_requirements: !ruby/object:Gem::Requirement
|
|
51
|
-
requirements:
|
|
52
|
-
- - '='
|
|
53
|
-
- !ruby/object:Gem::Version
|
|
54
|
-
version: 0.10.16
|
|
26
|
+
version: 0.213.0
|
|
55
27
|
- !ruby/object:Gem::Dependency
|
|
56
28
|
name: debug
|
|
57
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -86,14 +58,14 @@ dependencies:
|
|
|
86
58
|
requirements:
|
|
87
59
|
- - "~>"
|
|
88
60
|
- !ruby/object:Gem::Version
|
|
89
|
-
version: 3.
|
|
61
|
+
version: 3.13.0
|
|
90
62
|
type: :development
|
|
91
63
|
prerelease: false
|
|
92
64
|
version_requirements: !ruby/object:Gem::Requirement
|
|
93
65
|
requirements:
|
|
94
66
|
- - "~>"
|
|
95
67
|
- !ruby/object:Gem::Version
|
|
96
|
-
version: 3.
|
|
68
|
+
version: 3.13.0
|
|
97
69
|
- !ruby/object:Gem::Dependency
|
|
98
70
|
name: rake
|
|
99
71
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -142,28 +114,28 @@ dependencies:
|
|
|
142
114
|
requirements:
|
|
143
115
|
- - "~>"
|
|
144
116
|
- !ruby/object:Gem::Version
|
|
145
|
-
version: 1.
|
|
117
|
+
version: 1.37.1
|
|
146
118
|
type: :development
|
|
147
119
|
prerelease: false
|
|
148
120
|
version_requirements: !ruby/object:Gem::Requirement
|
|
149
121
|
requirements:
|
|
150
122
|
- - "~>"
|
|
151
123
|
- !ruby/object:Gem::Version
|
|
152
|
-
version: 1.
|
|
124
|
+
version: 1.37.1
|
|
153
125
|
- !ruby/object:Gem::Dependency
|
|
154
|
-
name:
|
|
126
|
+
name: rubocop-performance
|
|
155
127
|
requirement: !ruby/object:Gem::Requirement
|
|
156
128
|
requirements:
|
|
157
129
|
- - "~>"
|
|
158
130
|
- !ruby/object:Gem::Version
|
|
159
|
-
version:
|
|
131
|
+
version: 1.15.0
|
|
160
132
|
type: :development
|
|
161
133
|
prerelease: false
|
|
162
134
|
version_requirements: !ruby/object:Gem::Requirement
|
|
163
135
|
requirements:
|
|
164
136
|
- - "~>"
|
|
165
137
|
- !ruby/object:Gem::Version
|
|
166
|
-
version:
|
|
138
|
+
version: 1.15.0
|
|
167
139
|
- !ruby/object:Gem::Dependency
|
|
168
140
|
name: simplecov
|
|
169
141
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -265,14 +237,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
265
237
|
requirements:
|
|
266
238
|
- - ">="
|
|
267
239
|
- !ruby/object:Gem::Version
|
|
268
|
-
version:
|
|
240
|
+
version: 3.1.0
|
|
269
241
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
270
242
|
requirements:
|
|
271
243
|
- - ">="
|
|
272
244
|
- !ruby/object:Gem::Version
|
|
273
|
-
version:
|
|
245
|
+
version: 3.1.0
|
|
274
246
|
requirements: []
|
|
275
|
-
rubygems_version: 3.
|
|
247
|
+
rubygems_version: 3.3.7
|
|
276
248
|
signing_key:
|
|
277
249
|
specification_version: 4
|
|
278
250
|
summary: Terraform support for dependabot
|