class Dependabot::Terraform::UpdateChecker

Constants

ELIGIBLE_SOURCE_TYPES

Public Instance Methods

latest_resolvable_version() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 23
def latest_resolvable_version
  # No concept of resolvability for terraform modules (that we're aware
  # of - there may be in future).
  latest_version
end
latest_resolvable_version_with_no_unlock() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 29
def latest_resolvable_version_with_no_unlock
  # Irrelevant, since Terraform doesn't have a lockfile
  nil
end
latest_version() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 16
def latest_version
  return latest_version_for_git_dependency if git_dependency?
  return latest_version_for_registry_dependency if registry_dependency?
  return latest_version_for_provider_dependency if provider_dependency?
  # Other sources (mercurial, path dependencies) just return `nil`
end
requirement_class() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 48
def requirement_class
  Requirement
end
requirements_unlocked_or_can_be?() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 42
def requirements_unlocked_or_can_be?
  # If the requirement comes from a proxy URL then there's no way for
  # us to update it
  !proxy_requirement?
end
updated_requirements() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 34
def updated_requirements
  RequirementsUpdater.new(
    requirements: dependency.requirements,
    latest_version: latest_version&.to_s,
    tag_for_latest_version: tag_for_latest_version
  ).updated_requirements
end
version_class() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 52
def version_class
  Version
end

Private Instance Methods

all_module_versions() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 79
def all_module_versions
  identifier = dependency_source_details.fetch(:module_identifier)
  registry_client.all_module_versions(identifier: identifier)
end
all_provider_versions() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 84
def all_provider_versions
  identifier = dependency_source_details.fetch(:module_identifier)
  registry_client.all_provider_versions(identifier: identifier)
end
dependency_source_details() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 179
def dependency_source_details
  sources = eligible_sources_from(dependency.requirements)

  raise "Multiple sources! #{sources.join(', ')}" if sources.count > 1

  sources.first
end
eligible_sources_from(requirements) click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 203
def eligible_sources_from(requirements)
  requirements.
    map { |r| r.fetch(:source) }.
    select { |source| ELIGIBLE_SOURCE_TYPES.include?(source[:type].to_s) }.
    uniq.compact
end
git_commit_checker() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 191
def git_commit_checker
  @git_commit_checker ||=
    GitCommitChecker.new(
      dependency: dependency,
      credentials: credentials,
      ignored_versions: ignored_versions,
      raise_on_ignored: raise_on_ignored,
      requirement_class: Requirement,
      version_class: Version
    )
end
git_dependency?() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 187
def git_dependency?
  git_commit_checker.git_dependency?
end
latest_version_for_git_dependency() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 121
def latest_version_for_git_dependency
  # If the module isn't pinned then there's nothing for us to update
  # (since there's no lockfile to update the version in). We still
  # return the latest commit for the given branch, in order to keep
  # this method consistent
  return git_commit_checker.head_commit_for_current_branch unless git_commit_checker.pinned?

  # If the dependency is pinned to a tag that looks like a version then
  # we want to update that tag. Because we don't have a lockfile, the
  # latest version is the tag itself.
  if git_commit_checker.pinned_ref_looks_like_version?
    latest_tag = git_commit_checker.local_tag_for_latest_version&.
                 fetch(:tag)
    version_rgx = GitCommitChecker::VERSION_REGEX
    return unless latest_tag.match(version_rgx)

    version = latest_tag.match(version_rgx).
              named_captures.fetch("version")
    return version_class.new(version)
  end

  # If the dependency is pinned to a tag that doesn't look like a
  # version then there's nothing we can do.
  nil
end
latest_version_for_provider_dependency() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 96
def latest_version_for_provider_dependency
  return unless provider_dependency?

  return @latest_version_for_provider_dependency if @latest_version_for_provider_dependency

  versions = all_provider_versions
  versions.reject!(&:prerelease?) unless wants_prerelease?
  versions.reject! { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }

  @latest_version_for_provider_dependency = versions.max
end
latest_version_for_registry_dependency() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 67
def latest_version_for_registry_dependency
  return unless registry_dependency?

  return @latest_version_for_registry_dependency if @latest_version_for_registry_dependency

  versions = all_module_versions
  versions.reject!(&:prerelease?) unless wants_prerelease?
  versions.reject! { |v| ignore_requirements.any? { |r| r.satisfied_by?(v) } }

  @latest_version_for_registry_dependency = versions.max
end
latest_version_resolvable_with_full_unlock?() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 58
def latest_version_resolvable_with_full_unlock?
  # Full unlock checks aren't relevant for Terraform files
  false
end
provider_dependency?() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 173
def provider_dependency?
  return false if dependency_source_details.nil?

  dependency_source_details.fetch(:type) == "provider"
end
proxy_requirement?() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 161
def proxy_requirement?
  dependency.requirements.any? do |req|
    req.fetch(:source)&.fetch(:proxy_url, nil)
  end
end
registry_client() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 89
def registry_client
  @registry_client ||= begin
    hostname = dependency_source_details.fetch(:registry_hostname)
    RegistryClient.new(hostname: hostname, credentials: credentials)
  end
end
registry_dependency?() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 167
def registry_dependency?
  return false if dependency_source_details.nil?

  dependency_source_details.fetch(:type) == "registry"
end
tag_for_latest_version() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 147
def tag_for_latest_version
  return unless git_commit_checker.git_dependency?
  return unless git_commit_checker.pinned?
  return unless git_commit_checker.pinned_ref_looks_like_version?

  latest_tag = git_commit_checker.local_tag_for_latest_version&.
               fetch(:tag)

  version_rgx = GitCommitChecker::VERSION_REGEX
  return unless latest_tag.match(version_rgx)

  latest_tag
end
updated_dependencies_after_full_unlock() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 63
def updated_dependencies_after_full_unlock
  raise NotImplementedError
end
wants_prerelease?() click to toggle source
# File lib/dependabot/terraform/update_checker.rb, line 108
def wants_prerelease?
  current_version = dependency.version
  if current_version &&
     version_class.correct?(current_version) &&
     version_class.new(current_version).prerelease?
    return true
  end

  dependency.requirements.any? do |req|
    req[:requirement]&.match?(/\d-[A-Za-z0-9]/)
  end
end