dependabot-terraform 0.147.0 → 0.147.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/helpers/build +0 -7
  3. data/lib/dependabot/terraform/file_fetcher.rb +1 -1
  4. data/lib/dependabot/terraform/file_parser.rb +21 -59
  5. data/lib/dependabot/terraform/file_selector.rb +1 -2
  6. data/lib/dependabot/terraform/file_updater.rb +1 -1
  7. metadata +6 -6
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 21f0249523d3bd37b7c26bfcc7e76b0246cb83ef62c8e7aabd76d3cf207476c9
4
- data.tar.gz: 791a20bc9878a4f7e5e1806824551bee1102dc9c9eb8b2dd58a0fbe1e880fd05
3
+ metadata.gz: 1513bb43b2a242c080012555ab17869d6c062e941912c36dcc5ea76476be03b9
4
+ data.tar.gz: 731c9a7cd5658b622f7a24e87ea9a48909094af9cba08deb9850cb55a7f19bd9
5
5
  SHA512:
6
- metadata.gz: b464c8b17eebf7f615824a79b85d660446e13e38741bfe60d195bf78643c0a983536c267719f3f775e78be1308d93b8cf1ba0c58ee7bddefa49404b2f1652fe9
7
- data.tar.gz: 40b1ca7f782c0ed4d5309f293a72572d5f34be8963bbb4f7097d891a3545c7362d2331b029992776a4446ee5933bec22211d0848d9aff9df40d2b29839a50bf0
6
+ metadata.gz: 3ea9a436607ccb4b54b21743d6952d41b4a86bd344724372facdb6368b1fd6b1d24b7327ae569738280b8bd4187ae78f9fad0b458ac8832665a0741ca380eb33
7
+ data.tar.gz: b438039b06970eaf03a187567432a785e4f7eb2e9f61b18dffbdec99aa39080e2c322467d40b830af9b83356355a1d4702f61bbe84c9bdac50187309e7709a4d
data/helpers/build CHANGED
@@ -14,13 +14,6 @@ fi
14
14
 
15
15
  os="$(uname -s | tr '[:upper:]' '[:lower:]')"
16
16
 
17
- json2hcl_checksum="d124ed13f3538c465fcab19e6015d311d3cd56f7dc2db7609b6e72fec666482d"
18
- json2hcl_url="https://github.com/kvz/json2hcl/releases/download/v0.0.6/json2hcl_v0.0.6_${os}_amd64"
19
- json2hcl_path="$install_dir/bin/json2hcl"
20
- wget -O "$json2hcl_path" "$json2hcl_url"
21
- echo "$json2hcl_checksum $json2hcl_path" | sha256sum -c
22
- chmod +x "$install_dir/bin/json2hcl"
23
-
24
17
  hcl2json_checksum="24068f1e25a34d8f8ca763f34fce11527472891bfa834d1504f665855021d5d4"
25
18
  hcl2json_url="https://github.com/tmccombs/hcl2json/releases/download/v0.3.3/hcl2json_${os}_amd64"
26
19
  hcl2json_path="$install_dir/bin/hcl2json"
data/lib/dependabot/terraform/file_fetcher.rb CHANGED
@@ -10,7 +10,7 @@ module Dependabot
10
10
  include FileSelector
11
11
 
12
12
  def self.required_files_in?(filenames)
13
- filenames.any? { |f| f.end_with?(".tf", ".tfvars") }
13
+ filenames.any? { |f| f.end_with?(".tf", ".hcl") }
14
14
  end
15
15
 
16
16
  def self.required_files_message
data/lib/dependabot/terraform/file_parser.rb CHANGED
@@ -32,10 +32,7 @@ module Dependabot
32
32
  end
33
33
 
34
34
  terragrunt_files.each do |file|
35
- # legacy terragrunt (.tfvars) files have a top-level "terragrunt" key
36
- # that has since been removed.
37
- legacy_modules = (parsed_file(file).fetch("terragrunt", []).first || {}).fetch("terraform", [])
38
- modules = parsed_file(file).fetch("terraform", []) + legacy_modules
35
+ modules = parsed_file(file).fetch("terraform", [])
39
36
  modules.each do |details|
40
37
  next unless details["source"]
41
38
 
@@ -215,56 +212,6 @@ module Dependabot
215
212
  end
216
213
  # rubocop:enable Metrics/PerceivedComplexity
217
214
 
218
- def parsed_file_hcl2(file)
219
- SharedHelpers.in_a_temporary_directory do
220
- File.write("tmp.tf", file.content)
221
-
222
- command = "#{terraform_hcl2_parser_path} < tmp.tf"
223
- start = Time.now
224
- stdout, stderr, process = Open3.capture3(command)
225
- time_taken = Time.now - start
226
-
227
- unless process.success?
228
- raise SharedHelpers::HelperSubprocessFailed.new(
229
- message: stderr,
230
- error_context: {
231
- command: command,
232
- time_taken: time_taken,
233
- process_exit_value: process.to_s
234
- }
235
- )
236
- end
237
-
238
- JSON.parse(stdout)
239
- end
240
- end
241
-
242
- def parsed_file_hcl1(file)
243
- SharedHelpers.in_a_temporary_directory do
244
- File.write("tmp.tf", file.content)
245
-
246
- command = "#{terraform_parser_path} -reverse < tmp.tf"
247
- start = Time.now
248
- stdout, stderr, process = Open3.capture3(command)
249
- time_taken = Time.now - start
250
-
251
- unless process.success?
252
- raise SharedHelpers::HelperSubprocessFailed.new(
253
- message: stderr,
254
- error_context: {
255
- command: command,
256
- time_taken: time_taken,
257
- process_exit_value: process.to_s
258
- }
259
- )
260
- end
261
-
262
- json = JSON.parse(stdout)
263
- json["module"] = json.fetch("module", []).inject({}) { |memo, item| memo.merge(item) }
264
- json
265
- end
266
- end
267
-
268
215
  # == Returns:
269
216
  # A Hash representing each module found in the specified file
270
217
  #
@@ -289,12 +236,27 @@ module Dependabot
289
236
  # }
290
237
  def parsed_file(file)
291
238
  @parsed_buildfile ||= {}
292
- @parsed_buildfile[file.name] ||=
293
- if options[:legacy_terraform]
294
- parsed_file_hcl1(file)
295
- else
296
- parsed_file_hcl2(file)
239
+ @parsed_buildfile[file.name] ||= SharedHelpers.in_a_temporary_directory do
240
+ File.write("tmp.tf", file.content)
241
+
242
+ command = "#{terraform_hcl2_parser_path} < tmp.tf"
243
+ start = Time.now
244
+ stdout, stderr, process = Open3.capture3(command)
245
+ time_taken = Time.now - start
246
+
247
+ unless process.success?
248
+ raise SharedHelpers::HelperSubprocessFailed.new(
249
+ message: stderr,
250
+ error_context: {
251
+ command: command,
252
+ time_taken: time_taken,
253
+ process_exit_value: process.to_s
254
+ }
255
+ )
297
256
  end
257
+
258
+ JSON.parse(stdout)
259
+ end
298
260
  rescue SharedHelpers::HelperSubprocessFailed => e
299
261
  msg = e.message.strip
300
262
  raise Dependabot::DependencyFileNotParseable.new(file.path, msg)
data/lib/dependabot/terraform/file_selector.rb CHANGED
@@ -12,7 +12,6 @@ module FileSelector
12
12
  end
13
13
 
14
14
  def terragrunt_file?(file_name)
15
- file_name != ".terraform.lock.hcl" &&
16
- (file_name.end_with?(".tfvars") || file_name.end_with?(".hcl"))
15
+ file_name != ".terraform.lock.hcl" && file_name.end_with?(".hcl")
17
16
  end
18
17
  end
data/lib/dependabot/terraform/file_updater.rb CHANGED
@@ -11,7 +11,7 @@ module Dependabot
11
11
  include FileSelector
12
12
 
13
13
  def self.updated_files_regex
14
- [/\.tf$/, /\.tfvars$/, /\.hcl$/]
14
+ [/\.tf$/, /\.hcl$/]
15
15
  end
16
16
 
17
17
  def updated_dependency_files
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: dependabot-terraform
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.147.0
4
+ version: 0.147.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Dependabot
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-05-13 00:00:00.000000000 Z
11
+ date: 2021-05-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: dependabot-common
@@ -16,14 +16,14 @@ dependencies:
16
16
  requirements:
17
17
  - - '='
18
18
  - !ruby/object:Gem::Version
19
- version: 0.147.0
19
+ version: 0.147.1
20
20
  type: :runtime
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
24
  - - '='
25
25
  - !ruby/object:Gem::Version
26
- version: 0.147.0
26
+ version: 0.147.1
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: byebug
29
29
  requirement: !ruby/object:Gem::Requirement
@@ -100,14 +100,14 @@ dependencies:
100
100
  requirements:
101
101
  - - "~>"
102
102
  - !ruby/object:Gem::Version
103
- version: 1.14.0
103
+ version: 1.15.0
104
104
  type: :development
105
105
  prerelease: false
106
106
  version_requirements: !ruby/object:Gem::Requirement
107
107
  requirements:
108
108
  - - "~>"
109
109
  - !ruby/object:Gem::Version
110
- version: 1.14.0
110
+ version: 1.15.0
111
111
  - !ruby/object:Gem::Dependency
112
112
  name: simplecov
113
113
  requirement: !ruby/object:Gem::Requirement