Class: Dependabot::Terraform::RegistryClient

Inherits:
Object
  • Object
show all
Defined in:
lib/dependabot/terraform/registry_client.rb

Overview

Terraform::RegistryClient is a basic API client to interact with a terraform registry: www.terraform.io/docs/registry/api.html

Constant Summary collapse

PUBLIC_HOSTNAME =
"registry.terraform.io"

Instance Method Summary collapse

Constructor Details

#initialize(hostname: PUBLIC_HOSTNAME, credentials: []) ⇒ RegistryClient

Returns a new instance of RegistryClient.



15
16
17
18
19
20
# File 'lib/dependabot/terraform/registry_client.rb', line 15

def initialize(hostname: PUBLIC_HOSTNAME, credentials: [])
  @hostname = hostname
  @tokens = credentials.each_with_object({}) do |item, memo|
    memo[item["host"]] = item["token"] if item["type"] == "terraform_registry"
  end
end

Instance Method Details

#all_module_versions(identifier:) ⇒ Array<Dependabot::Terraform::Version>

Fetch all the versions of a module, and return a Version representation of them.

“hashicorp/consul/aws”

Parameters:

  • identifier (String)

    the identifier for the dependency, i.e:

Returns:

Raises:

  • (Dependabot::DependabotError)

    when the versions cannot be retrieved



47
48
49
50
51
52
53
54
# File 'lib/dependabot/terraform/registry_client.rb', line 47

def all_module_versions(identifier:)
  base_url = service_url_for("modules.v1")
  response = http_get!(URI.join(base_url, "#{identifier}/versions"))

  JSON.parse(response.body).
    fetch("modules").first.fetch("versions").
    map { |release| version_class.new(release.fetch("version")) }
end

#all_provider_versions(identifier:) ⇒ Array<Dependabot::Terraform::Version>

Fetch all the versions of a provider, and return a Version representation of them.

“hashicorp/aws”

Parameters:

  • identifier (String)

    the identifier for the dependency, i.e:

Returns:

Raises:

  • (Dependabot::DependabotError)

    when the versions cannot be retrieved



29
30
31
32
33
34
35
36
37
38
# File 'lib/dependabot/terraform/registry_client.rb', line 29

def all_provider_versions(identifier:)
  base_url = service_url_for("providers.v1")
  response = http_get!(URI.join(base_url, "#{identifier}/versions"))

  JSON.parse(response.body).
    fetch("versions").
    map { |release| version_class.new(release.fetch("version")) }
rescue Excon::Error
  raise error("Could not fetch provider versions")
end

#service_url_for(service_key) ⇒ Object

Perform service discovery and return the absolute URL for the requested service. www.terraform.io/docs/internals/remote-service-discovery.html

Parameters:

Raises:

  • (Dependabot::PrivateSourceAuthenticationFailure)

    when the service is not available



83
84
85
86
87
# File 'lib/dependabot/terraform/registry_client.rb', line 83

def service_url_for(service_key)
  url_for(services.fetch(service_key))
rescue KeyError
  raise Dependabot::PrivateSourceAuthenticationFailure, "Host does not support required Terraform-native service"
end

#source(dependency:) ⇒ nil, Dependabot::Source

Fetch the “source” for a module or provider. We use the API to fetch the source for a dependency, this typically points to a source code repository, and then instantiate a Dependabot::Source object that we can use to fetch Metadata about a specific version of the dependency.

we’re attempting to find

Parameters:

  • dependency (Dependabot::Dependency)

    the dependency who’s source

Returns:

  • (nil, Dependabot::Source)


64
65
66
67
68
69
70
71
72
73
74
# File 'lib/dependabot/terraform/registry_client.rb', line 64

def source(dependency:)
  type = dependency.requirements.first[:source][:type]
  base_url = service_url_for(service_key_for(type))
  response = http_get(URI.join(base_url, "#{dependency.name}/#{dependency.version}"))
  return nil unless response.status == 200

  source_url = JSON.parse(response.body).fetch("source")
  Source.from_url(source_url) if source_url
rescue JSON::ParserError, Excon::Error::Timeout
  nil
end