dependabot-terraform 0.147.0 → 0.147.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/build +0 -7
  3. data/lib/dependabot/terraform/file_fetcher.rb +1 -1
  4. data/lib/dependabot/terraform/file_parser.rb +21 -59
  5. data/lib/dependabot/terraform/file_selector.rb +1 -2
  6. data/lib/dependabot/terraform/file_updater.rb +1 -1
  7. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 21f0249523d3bd37b7c26bfcc7e76b0246cb83ef62c8e7aabd76d3cf207476c9
4
- data.tar.gz: 791a20bc9878a4f7e5e1806824551bee1102dc9c9eb8b2dd58a0fbe1e880fd05
3
+ metadata.gz: 1513bb43b2a242c080012555ab17869d6c062e941912c36dcc5ea76476be03b9
4
+ data.tar.gz: 731c9a7cd5658b622f7a24e87ea9a48909094af9cba08deb9850cb55a7f19bd9
5
5
  SHA512:
6
- metadata.gz: b464c8b17eebf7f615824a79b85d660446e13e38741bfe60d195bf78643c0a983536c267719f3f775e78be1308d93b8cf1ba0c58ee7bddefa49404b2f1652fe9
7
- data.tar.gz: 40b1ca7f782c0ed4d5309f293a72572d5f34be8963bbb4f7097d891a3545c7362d2331b029992776a4446ee5933bec22211d0848d9aff9df40d2b29839a50bf0
6
+ metadata.gz: 3ea9a436607ccb4b54b21743d6952d41b4a86bd344724372facdb6368b1fd6b1d24b7327ae569738280b8bd4187ae78f9fad0b458ac8832665a0741ca380eb33
7
+ data.tar.gz: b438039b06970eaf03a187567432a785e4f7eb2e9f61b18dffbdec99aa39080e2c322467d40b830af9b83356355a1d4702f61bbe84c9bdac50187309e7709a4d
data/helpers/build CHANGED
@@ -14,13 +14,6 @@ fi
14
14
 
15
15
  os="$(uname -s | tr '[:upper:]' '[:lower:]')"
16
16
 
17
- json2hcl_checksum="d124ed13f3538c465fcab19e6015d311d3cd56f7dc2db7609b6e72fec666482d"
18
- json2hcl_url="https://github.com/kvz/json2hcl/releases/download/v0.0.6/json2hcl_v0.0.6_${os}_amd64"
19
- json2hcl_path="$install_dir/bin/json2hcl"
20
- wget -O "$json2hcl_path" "$json2hcl_url"
21
- echo "$json2hcl_checksum $json2hcl_path" | sha256sum -c
22
- chmod +x "$install_dir/bin/json2hcl"
23
-
24
17
  hcl2json_checksum="24068f1e25a34d8f8ca763f34fce11527472891bfa834d1504f665855021d5d4"
25
18
  hcl2json_url="https://github.com/tmccombs/hcl2json/releases/download/v0.3.3/hcl2json_${os}_amd64"
26
19
  hcl2json_path="$install_dir/bin/hcl2json"
data/lib/dependabot/terraform/file_fetcher.rb CHANGED
@@ -10,7 +10,7 @@ module Dependabot
10
10
  include FileSelector
11
11
 
12
12
  def self.required_files_in?(filenames)
13
- filenames.any? { |f| f.end_with?(".tf", ".tfvars") }
13
+ filenames.any? { |f| f.end_with?(".tf", ".hcl") }
14
14
  end
15
15
 
16
16
  def self.required_files_message
data/lib/dependabot/terraform/file_parser.rb CHANGED
@@ -32,10 +32,7 @@ module Dependabot
32
32
  end
33
33
 
34
34
  terragrunt_files.each do |file|
35
- # legacy terragrunt (.tfvars) files have a top-level "terragrunt" key
36
- # that has since been removed.
37
- legacy_modules = (parsed_file(file).fetch("terragrunt", []).first || {}).fetch("terraform", [])
38
- modules = parsed_file(file).fetch("terraform", []) + legacy_modules
35
+ modules = parsed_file(file).fetch("terraform", [])
39
36
  modules.each do |details|
40
37
  next unless details["source"]
41
38
 
@@ -215,56 +212,6 @@ module Dependabot
215
212
  end
216
213
  # rubocop:enable Metrics/PerceivedComplexity
217
214
 
218
- def parsed_file_hcl2(file)
219
- SharedHelpers.in_a_temporary_directory do
220
- File.write("tmp.tf", file.content)
221
-
222
- command = "#{terraform_hcl2_parser_path} < tmp.tf"
223
- start = Time.now
224
- stdout, stderr, process = Open3.capture3(command)
225
- time_taken = Time.now - start
226
-
227
- unless process.success?
228
- raise SharedHelpers::HelperSubprocessFailed.new(
229
- message: stderr,
230
- error_context: {
231
- command: command,
232
- time_taken: time_taken,
233
- process_exit_value: process.to_s
234
- }
235
- )
236
- end
237
-
238
- JSON.parse(stdout)
239
- end
240
- end
241
-
242
- def parsed_file_hcl1(file)
243
- SharedHelpers.in_a_temporary_directory do
244
- File.write("tmp.tf", file.content)
245
-
246
- command = "#{terraform_parser_path} -reverse < tmp.tf"
247
- start = Time.now
248
- stdout, stderr, process = Open3.capture3(command)
249
- time_taken = Time.now - start
250
-
251
- unless process.success?
252
- raise SharedHelpers::HelperSubprocessFailed.new(
253
- message: stderr,
254
- error_context: {
255
- command: command,
256
- time_taken: time_taken,
257
- process_exit_value: process.to_s
258
- }
259
- )
260
- end
261
-
262
- json = JSON.parse(stdout)
263
- json["module"] = json.fetch("module", []).inject({}) { |memo, item| memo.merge(item) }
264
- json
265
- end
266
- end
267
-
268
215
  # == Returns:
269
216
  # A Hash representing each module found in the specified file
270
217
  #
@@ -289,12 +236,27 @@ module Dependabot
289
236
  # }
290
237
  def parsed_file(file)
291
238
  @parsed_buildfile ||= {}
292
- @parsed_buildfile[file.name] ||=
293
- if options[:legacy_terraform]
294
- parsed_file_hcl1(file)
295
- else
296
- parsed_file_hcl2(file)
239
+ @parsed_buildfile[file.name] ||= SharedHelpers.in_a_temporary_directory do
240
+ File.write("tmp.tf", file.content)
241
+
242
+ command = "#{terraform_hcl2_parser_path} < tmp.tf"
243
+ start = Time.now
244
+ stdout, stderr, process = Open3.capture3(command)
245
+ time_taken = Time.now - start
246
+
247
+ unless process.success?
248
+ raise SharedHelpers::HelperSubprocessFailed.new(
249
+ message: stderr,
250
+ error_context: {
251
+ command: command,
252
+ time_taken: time_taken,
253
+ process_exit_value: process.to_s
254
+ }
255
+ )
297
256
  end
257
+
258
+ JSON.parse(stdout)
259
+ end
298
260
  rescue SharedHelpers::HelperSubprocessFailed => e
299
261
  msg = e.message.strip
300
262
  raise Dependabot::DependencyFileNotParseable.new(file.path, msg)
data/lib/dependabot/terraform/file_selector.rb CHANGED
@@ -12,7 +12,6 @@ module FileSelector
12
12
  end
13
13
 
14
14
  def terragrunt_file?(file_name)
15
- file_name != ".terraform.lock.hcl" &&
16
- (file_name.end_with?(".tfvars") || file_name.end_with?(".hcl"))
15
+ file_name != ".terraform.lock.hcl" && file_name.end_with?(".hcl")
17
16
  end
18
17
  end
data/lib/dependabot/terraform/file_updater.rb CHANGED
@@ -11,7 +11,7 @@ module Dependabot
11
11
  include FileSelector
12
12
 
13
13
  def self.updated_files_regex
14
- [/\.tf$/, /\.tfvars$/, /\.hcl$/]
14
+ [/\.tf$/, /\.hcl$/]
15
15
  end
16
16
 
17
17
  def updated_dependency_files
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-terraform
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.147.0
4
+ version: 0.147.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-13 00:00:00.000000000 Z
11
+ date: 2021-05-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.147.0
19
+ version: 0.147.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.147.0
26
+ version: 0.147.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.14.0
103
+ version: 1.15.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.14.0
110
+ version: 1.15.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: simplecov
113
113
  requirement: !ruby/object:Gem::Requirement