dependabot-terraform 0.148.10 → 0.149.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 36c78f6a28ee4ff879140720e2ab9fa49a11fcec5d7c5312c18147051264e826
|
|
4
|
+
data.tar.gz: f7a0be0a203afd35b77a5e51b10bea90df77457caf15757640bc4e80d8bf108b
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dad9fdb36c1eb15daf45f6a972c005a918f90e146c9349c191051ed83a469b7b92cf8e93b7418e93b4ed74aa19f6a2844bbdbc99cdd8f28bdc406902e3fb1ffc
|
|
7
|
+
data.tar.gz: 19601275314f1221d25009a6b732ec3a1b61f24c24579d1ad95fc5d83a5e8f2a3b54d6990c7b310e439364a9a68a45a3503329e9217eb5b0fa732d73c36dac1e
|
|
@@ -4,6 +4,7 @@ require "excon"
|
|
|
4
4
|
require "json"
|
|
5
5
|
require "dependabot/metadata_finders"
|
|
6
6
|
require "dependabot/metadata_finders/base"
|
|
7
|
+
require "dependabot/terraform/registry_client"
|
|
7
8
|
require "dependabot/shared_helpers"
|
|
8
9
|
|
|
9
10
|
module Dependabot
|
|
@@ -40,7 +41,9 @@ module Dependabot
|
|
|
40
41
|
info = dependency.requirements.map { |r| r[:source] }.compact.first
|
|
41
42
|
hostname = info[:registry_hostname] || info["registry_hostname"]
|
|
42
43
|
|
|
43
|
-
RegistryClient.
|
|
44
|
+
RegistryClient.
|
|
45
|
+
new(hostname: hostname, credentials: credentials).
|
|
46
|
+
source(dependency: dependency)
|
|
44
47
|
end
|
|
45
48
|
end
|
|
46
49
|
end
|
|
@@ -11,8 +11,11 @@ module Dependabot
|
|
|
11
11
|
class RegistryClient
|
|
12
12
|
PUBLIC_HOSTNAME = "registry.terraform.io"
|
|
13
13
|
|
|
14
|
-
def initialize(hostname:)
|
|
14
|
+
def initialize(hostname: PUBLIC_HOSTNAME, credentials: [])
|
|
15
15
|
@hostname = hostname
|
|
16
|
+
@tokens = credentials.each_with_object({}) do |item, memo|
|
|
17
|
+
memo[item["host"]] = item["token"] if item["type"] == "terraform_registry"
|
|
18
|
+
end
|
|
16
19
|
end
|
|
17
20
|
|
|
18
21
|
# Fetch all the versions of a provider, and return a Version
|
|
@@ -23,9 +26,6 @@ module Dependabot
|
|
|
23
26
|
# @return [Array<Dependabot::Terraform::Version>]
|
|
24
27
|
# @raise [RuntimeError] when the versions cannot be retrieved
|
|
25
28
|
def all_provider_versions(identifier:)
|
|
26
|
-
# TODO: Implement service discovery for custom registries
|
|
27
|
-
return [] unless hostname == PUBLIC_HOSTNAME
|
|
28
|
-
|
|
29
29
|
response = get(endpoint: "providers/#{identifier}/versions")
|
|
30
30
|
|
|
31
31
|
JSON.parse(response).
|
|
@@ -41,9 +41,6 @@ module Dependabot
|
|
|
41
41
|
# @return [Array<Dependabot::Terraform::Version>]
|
|
42
42
|
# @raise [RuntimeError] when the versions cannot be retrieved
|
|
43
43
|
def all_module_versions(identifier:)
|
|
44
|
-
# TODO: Implement service discovery for custom registries
|
|
45
|
-
return [] unless hostname == PUBLIC_HOSTNAME
|
|
46
|
-
|
|
47
44
|
response = get(endpoint: "modules/#{identifier}/versions")
|
|
48
45
|
|
|
49
46
|
JSON.parse(response).
|
|
@@ -61,9 +58,6 @@ module Dependabot
|
|
|
61
58
|
# @return Dependabot::Source
|
|
62
59
|
# @raise [RuntimeError] when the source cannot be retrieved
|
|
63
60
|
def source(dependency:)
|
|
64
|
-
# TODO: Implement service discovery for custom registries
|
|
65
|
-
return unless hostname == PUBLIC_HOSTNAME
|
|
66
|
-
|
|
67
61
|
type = dependency.requirements.first[:source][:type]
|
|
68
62
|
endpoint = if type == "registry"
|
|
69
63
|
"modules/#{dependency.name}/#{dependency.version}"
|
|
@@ -80,7 +74,7 @@ module Dependabot
|
|
|
80
74
|
|
|
81
75
|
private
|
|
82
76
|
|
|
83
|
-
attr_reader :hostname
|
|
77
|
+
attr_reader :hostname, :tokens
|
|
84
78
|
|
|
85
79
|
def get(endpoint:)
|
|
86
80
|
url = "https://#{hostname}/v1/#{endpoint}"
|
|
@@ -88,7 +82,7 @@ module Dependabot
|
|
|
88
82
|
response = Excon.get(
|
|
89
83
|
url,
|
|
90
84
|
idempotent: true,
|
|
91
|
-
**SharedHelpers.excon_defaults
|
|
85
|
+
**SharedHelpers.excon_defaults(headers: headers_for(hostname))
|
|
92
86
|
)
|
|
93
87
|
|
|
94
88
|
raise "Response from registry was #{response.status}" unless response.status == 200
|
|
@@ -99,6 +93,11 @@ module Dependabot
|
|
|
99
93
|
def version_class
|
|
100
94
|
Version
|
|
101
95
|
end
|
|
96
|
+
|
|
97
|
+
def headers_for(hostname)
|
|
98
|
+
token = tokens[hostname]
|
|
99
|
+
token ? { "Authorization" => "Bearer #{token}" } : {}
|
|
100
|
+
end
|
|
102
101
|
end
|
|
103
102
|
end
|
|
104
103
|
end
|
|
@@ -87,7 +87,7 @@ module Dependabot
|
|
|
87
87
|
def registry_client
|
|
88
88
|
@registry_client ||= begin
|
|
89
89
|
hostname = dependency_source_details.fetch(:registry_hostname)
|
|
90
|
-
RegistryClient.new(hostname: hostname)
|
|
90
|
+
RegistryClient.new(hostname: hostname, credentials: credentials)
|
|
91
91
|
end
|
|
92
92
|
end
|
|
93
93
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.149.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.
|
|
19
|
+
version: 0.149.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.
|
|
26
|
+
version: 0.149.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|