Class: Dependabot::Terraform::Package::PackageDetailsFetcher

Inherits:

Object

Object
Dependabot::Terraform::Package::PackageDetailsFetcher

show all

Extended by:: T::Sig

Defined in:: lib/dependabot/terraform/package/package_details_fetcher.rb

Constant Summary collapse

RELEASES_URL_GIT =

"https://api.github.com/repos/"

RELEASE_URL_FOR_PROVIDER =

"https://registry.terraform.io/v2/providers/"

RELEASE_URL_FOR_MODULE =

"https://registry.terraform.io/v2/modules/"

APPLICATION_JSON =

"JSON"

INCLUDE_FOR_PROVIDER =

"?include=provider-versions"

INCLUDE_FOR_MODULE =

"?include=module-versions"

ELIGIBLE_SOURCE_TYPES = registry.terraform.io/v2/providers/hashicorp/aws?include=provider-versions registry.terraform.io/v2/modules/terraform-aws-modules/iam/aws?include=module-versions

T.let(
  %w(git provider registry).freeze,
  T::Array[String]
)

Instance Attribute Summary collapse

#credentials ⇒ Object readonly

Returns the value of attribute credentials.
#git_commit_checker ⇒ Object readonly

Returns the value of attribute git_commit_checker.

Instance Method Summary collapse

#dependency_source_details ⇒ Object
#fetch_tag_and_release_date ⇒ Object
#fetch_tag_and_release_date_from_module ⇒ Object
#fetch_tag_and_release_date_from_provider ⇒ Object

rubocop:disable Metrics/AbcSize,Metrics/PerceivedComplexity.
#initialize(dependency:, credentials:, git_commit_checker:) ⇒ PackageDetailsFetcher constructor

A new instance of PackageDetailsFetcher.

Constructor Details

#initialize(dependency:, credentials:, git_commit_checker:) ⇒ `PackageDetailsFetcher`

Returns a new instance of PackageDetailsFetcher.

# File 'lib/dependabot/terraform/package/package_details_fetcher.rb', line 38

def initialize(dependency:, credentials:, git_commit_checker:)
  @dependency = dependency
  @credentials = credentials
  @git_commit_checker = git_commit_checker
end

Instance Attribute Details

#credentials ⇒ `Object` (readonly)

Returns the value of attribute credentials.



48
49
50

# File 'lib/dependabot/terraform/package/package_details_fetcher.rb', line 48

def credentials
  @credentials
end

#git_commit_checker ⇒ `Object` (readonly)

Returns the value of attribute git_commit_checker.



45
46
47

# File 'lib/dependabot/terraform/package/package_details_fetcher.rb', line 45

def git_commit_checker
  @git_commit_checker
end

Instance Method Details

#dependency_source_details ⇒ `Object`

# File 'lib/dependabot/terraform/package/package_details_fetcher.rb', line 140

def dependency_source_details
  return nil unless @dependency.source_details

  @dependency.source_details(allowed_types: ELIGIBLE_SOURCE_TYPES)
end

#fetch_tag_and_release_date ⇒ `Object`

# File 'lib/dependabot/terraform/package/package_details_fetcher.rb', line 51

def fetch_tag_and_release_date
  truncate_github_url = @dependency.name.gsub("github.com/", "")
  url = RELEASES_URL_GIT + "#{truncate_github_url}/releases"
  result_lines = T.let([], T::Array[GitTagWithDetail])
  # Fetch the releases from the GitHub API
  response = Excon.get(url, headers: { "Accept" => "application/vnd.github.v3+json" })
  Dependabot.logger.error("Failed call details: #{response.body}") unless response.status == 200
  return result_lines unless response.status == 200

  # Parse the JSON response
  releases = JSON.parse(response.body)

  # Extract version names and release dates into a hash
  releases.map do |release|
    result_lines << GitTagWithDetail.new(
      tag: release["tag_name"],
      release_date: release["published_at"]
    )
  end

  # sort the result lines by tag in descending order
  result_lines = result_lines.sort_by(&:tag).reverse
  # Log the extracted details for debugging
  Dependabot.logger.info("Extracted release details: #{result_lines}")
  result_lines
end

#fetch_tag_and_release_date_from_module ⇒ `Object`

# File 'lib/dependabot/terraform/package/package_details_fetcher.rb', line 111

def fetch_tag_and_release_date_from_module
  return [] unless dependency_source_details

  url = RELEASE_URL_FOR_MODULE + dependency_source_details&.fetch(:module_identifier) +
        INCLUDE_FOR_MODULE
  Dependabot.logger.info("Fetching provider release details from URL: #{url}")
  result_lines = T.let([], T::Array[GitTagWithDetail])
  # Fetch the releases from the provider API
  response = Excon.get(url, headers: { "Accept" => "application/vnd.github.v3+json" })
  Dependabot.logger.error("Failed call details: #{response.body}") unless response.status == 200
  return result_lines unless response.status == 200

  # Parse the JSON response
  releases = JSON.parse(response.body).fetch("included", [])
                 .select { |item| item["type"] == "module-versions" }
  releases = releases.map { |release| release.fetch("attributes", {}) }

  # Extract version names and release dates into result_lines
  releases.each do |release|
    result_lines << GitTagWithDetail.new(
      tag: release["version"],
      release_date: release["published-at"]
    )
  end
  # Sort the result lines by tag in descending order
  result_lines.sort_by(&:tag).reverse
end

#fetch_tag_and_release_date_from_provider ⇒ `Object`

rubocop:disable Metrics/AbcSize,Metrics/PerceivedComplexity

# File 'lib/dependabot/terraform/package/package_details_fetcher.rb', line 79

def fetch_tag_and_release_date_from_provider # rubocop:disable Metrics/AbcSize,Metrics/PerceivedComplexity
  return [] unless dependency_source_details

  url = RELEASE_URL_FOR_PROVIDER + dependency_source_details&.fetch(:module_identifier) +
        INCLUDE_FOR_PROVIDER
  Dependabot.logger.info("Fetching provider release details from URL: #{url}")
  result_lines = T.let([], T::Array[GitTagWithDetail])
  # Fetch the releases from the provider API
  response = Excon.get(url, headers: { "Accept" => "application/vnd.github.v3+json" })
  Dependabot.logger.error("Failed call details: #{response.body}") unless response.status == 200
  return result_lines unless response.status == 200

  # Parse the JSON response
  releases = JSON.parse(response.body).fetch("included", [])
                 .select { |item| item["type"] == "provider-versions" }
  releases = releases.map { |release| release.fetch("attributes", {}) }
  # Check if releases is an array and not empty
  return result_lines unless releases.is_a?(Array) && !releases.empty?

  # Extract version names and release dates into result_lines
  releases.each do |release|
    result_lines << GitTagWithDetail.new(
      tag: release["version"],
      release_date: release["published-at"]
    )
  end
  # Sort the result lines by tag in descending order
  result_lines.sort_by(&:tag).reverse
end

Class: Dependabot::Terraform::Package::PackageDetailsFetcher

Constant Summary collapse

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(dependency:, credentials:, git_commit_checker:) ⇒ PackageDetailsFetcher

Instance Attribute Details

#credentials ⇒ Object (readonly)

#git_commit_checker ⇒ Object (readonly)

Instance Method Details

#dependency_source_details ⇒ Object

#fetch_tag_and_release_date ⇒ Object

#fetch_tag_and_release_date_from_module ⇒ Object