dependabot-terraform 0.169.2 → 0.169.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/dependabot/terraform/file_parser.rb +32 -9
- data/lib/dependabot/terraform/file_updater.rb +4 -3
- data/lib/dependabot/terraform.rb +11 -0
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: fcc67725e2cc3dc15b30f3acd5d9fe0e68f21d7dcb6eb1a000eb5e2242776b38
|
|
4
|
+
data.tar.gz: 4859258d5ddf3b435e26d8b428f137231ab6ef361273d624b3cd7f654d9e7ded
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 40c9a176b1d369b9843592157520f82bcebd68b72ebbd55442cac32cfe60234ecca80cbeddc7e091ef19b420caacd75870c29cd88cd8f0e917ff79456dcc39af
|
|
7
|
+
data.tar.gz: 3cdf36681f8ef0fadc5e12c4ebda3fa938bc1cdc63d0872b05366218160d50895d81970127fc23e5c01c956d85bd5bcea861b86d577ddcb35614f83a3e1f868c
|
|
@@ -28,10 +28,26 @@ module Dependabot
|
|
|
28
28
|
def parse
|
|
29
29
|
dependency_set = DependencySet.new
|
|
30
30
|
|
|
31
|
+
parse_terraform_files(dependency_set)
|
|
32
|
+
|
|
33
|
+
parse_terragrunt_files(dependency_set)
|
|
34
|
+
|
|
35
|
+
dependency_set.dependencies.sort_by(&:name)
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
private
|
|
39
|
+
|
|
40
|
+
def parse_terraform_files(dependency_set)
|
|
31
41
|
terraform_files.each do |file|
|
|
32
42
|
modules = parsed_file(file).fetch("module", {})
|
|
33
43
|
modules.each do |name, details|
|
|
34
|
-
|
|
44
|
+
details = details.first
|
|
45
|
+
|
|
46
|
+
source = source_from(details)
|
|
47
|
+
# Cannot update local path modules, skip
|
|
48
|
+
next if source[:type] == "path"
|
|
49
|
+
|
|
50
|
+
dependency_set << build_terraform_dependency(file, name, source, details)
|
|
35
51
|
end
|
|
36
52
|
|
|
37
53
|
parsed_file(file).fetch("terraform", []).each do |terraform|
|
|
@@ -43,7 +59,9 @@ module Dependabot
|
|
|
43
59
|
end
|
|
44
60
|
end
|
|
45
61
|
end
|
|
62
|
+
end
|
|
46
63
|
|
|
64
|
+
def parse_terragrunt_files(dependency_set)
|
|
47
65
|
terragrunt_files.each do |file|
|
|
48
66
|
modules = parsed_file(file).fetch("terraform", [])
|
|
49
67
|
modules.each do |details|
|
|
@@ -52,19 +70,15 @@ module Dependabot
|
|
|
52
70
|
dependency_set << build_terragrunt_dependency(file, details)
|
|
53
71
|
end
|
|
54
72
|
end
|
|
55
|
-
|
|
56
|
-
dependency_set.dependencies.sort_by(&:name)
|
|
57
73
|
end
|
|
58
74
|
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
details = details.first
|
|
63
|
-
|
|
64
|
-
source = source_from(details)
|
|
75
|
+
def build_terraform_dependency(file, name, source, details)
|
|
76
|
+
# dep_name should be unique for a source, using the info derived from
|
|
77
|
+
# the source or the source name provides this uniqueness
|
|
65
78
|
dep_name = case source[:type]
|
|
66
79
|
when "registry" then source[:module_identifier]
|
|
67
80
|
when "provider" then details["source"]
|
|
81
|
+
when "git" then git_dependency_name(name, source)
|
|
68
82
|
else name
|
|
69
83
|
end
|
|
70
84
|
version_req = details["version"]&.strip
|
|
@@ -199,6 +213,15 @@ module Dependabot
|
|
|
199
213
|
end
|
|
200
214
|
end
|
|
201
215
|
|
|
216
|
+
def git_dependency_name(name, source)
|
|
217
|
+
git_source = Source.from_url(source[:url])
|
|
218
|
+
if source[:ref]
|
|
219
|
+
name + "::" + git_source.provider + "::" + git_source.repo + "::" + source[:ref]
|
|
220
|
+
else
|
|
221
|
+
name + "::" + git_source.provider + "::" + git_source.repo
|
|
222
|
+
end
|
|
223
|
+
end
|
|
224
|
+
|
|
202
225
|
def git_source_details_from(source_string)
|
|
203
226
|
git_url = source_string.strip.gsub(/^git::/, "")
|
|
204
227
|
git_url = "https://" + git_url unless git_url.start_with?("git@") || git_url.include?("://")
|
|
@@ -199,10 +199,11 @@ module Dependabot
|
|
|
199
199
|
return /terraform\s*\{(?:(?!^\}).)*/m if terragrunt_file?(filename)
|
|
200
200
|
|
|
201
201
|
# For modules we can do better - filter for module blocks that use the
|
|
202
|
-
# name of the
|
|
202
|
+
# name of the module
|
|
203
|
+
module_name = dependency.name.split("::").first
|
|
203
204
|
/
|
|
204
|
-
|
|
205
|
-
|
|
205
|
+
module\s+["']#{Regexp.escape(module_name)}["']\s*\{
|
|
206
|
+
(?:(?!^\}).)*
|
|
206
207
|
/mx
|
|
207
208
|
end
|
|
208
209
|
|
data/lib/dependabot/terraform.rb
CHANGED
|
@@ -20,3 +20,14 @@ Dependabot::Dependency.
|
|
|
20
20
|
|
|
21
21
|
require "dependabot/utils"
|
|
22
22
|
Dependabot::Utils.register_always_clone("terraform")
|
|
23
|
+
|
|
24
|
+
Dependabot::Dependency.
|
|
25
|
+
register_display_name_builder(
|
|
26
|
+
"terraform",
|
|
27
|
+
lambda { |name|
|
|
28
|
+
# Only modify the name if it a git source dependency
|
|
29
|
+
next unless name.include? "::"
|
|
30
|
+
|
|
31
|
+
name.split("::").first + "::" + name.split("::")[2].split("/").last
|
|
32
|
+
}
|
|
33
|
+
)
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: dependabot-terraform
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.169.
|
|
4
|
+
version: 0.169.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Dependabot
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-12-02 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: dependabot-common
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - '='
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 0.169.
|
|
19
|
+
version: 0.169.3
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - '='
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 0.169.
|
|
26
|
+
version: 0.169.3
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: byebug
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -216,7 +216,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
216
216
|
- !ruby/object:Gem::Version
|
|
217
217
|
version: 2.5.0
|
|
218
218
|
requirements: []
|
|
219
|
-
rubygems_version: 3.2.
|
|
219
|
+
rubygems_version: 3.2.32
|
|
220
220
|
signing_key:
|
|
221
221
|
specification_version: 4
|
|
222
222
|
summary: Terraform support for dependabot
|