Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(terragrunt): wrong packageName resolution for GitLab, Bitbucket and Gitea datasources #28075

Merged
merged 4 commits into from Apr 25, 2024
Merged

fix(terragrunt): wrong packageName resolution for GitLab, Bitbucket and Gitea datasources #28075

merged 4 commits into from Apr 25, 2024

Conversation

lstoeferle
Copy link
Contributor

Changes

Unfortunately I introduced a bug with my last PR for the terragrunt manager, which was released in v37.253.0.

I had a look into the issue and found the problem. It seems the GitLab, Bitbucket and Gitea datasources require only the path to the repository as a value for the packageName field (see here), where the GitTag datasource requires the whole URL to the repository as value for the packageName field.

Unfortunately I'm not able to test this on a real integration, but at least the unit-tests should cover the changes.

Additionally it seems these changes also fixed a wrongly configured unit-test for terragrunt sources with fixed IP address.

Context

#27903 (comment)

Documentation (please check one with an [x])

  • I have updated the documentation, or
  • No documentation update is required

How I've tested my work (please select one)

I have verified these changes via:

  • Code inspection only, or
  • Newly added/modified unit tests, or
  • No unit tests but ran on a real repository, or
  • Both unit tests + ran on a real repository

viceice
viceice requested changes Mar 21, 2024
View reviewed changes
lib/modules/manager/terragrunt/modules.ts Outdated Show resolved Hide resolved
lib/modules/manager/terragrunt/modules.ts Outdated Show resolved Hide resolved
@lstoeferle lstoeferle requested a review from viceice March 21, 2024 16:01
@lstoeferle lstoeferle requested a review from viceice March 21, 2024 18:33
viceice
viceice reviewed Mar 23, 2024
View reviewed changes
Copy link
Member

@viceice viceice left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

otherwise LGTM

lib/modules/manager/terragrunt/modules.ts Show resolved Hide resolved
@lstoeferle lstoeferle requested a review from secustor April 5, 2024 08:21
secustor
secustor previously approved these changes Apr 13, 2024
View reviewed changes
@simon-wessel
Copy link

simon-wessel commented Apr 15, 2024
edited

Looking forward to this fix. Terragrunt dependencies from local VCS have been broken for the last four weeks. Existing PRs have been closed as well.

@secustor secustor requested a review from viceice April 15, 2024 18:38
viceice
viceice reviewed Apr 21, 2024
View reviewed changes
lib/modules/manager/terragrunt/modules.ts Outdated Show resolved Hide resolved
lib/modules/manager/terragrunt/modules.ts Outdated Show resolved Hide resolved
@lstoeferle lstoeferle requested a review from viceice April 22, 2024 05:31
@lstoeferle
Copy link
Contributor Author

@viceice @secustor thanks for the feedback! Is there anything left blocking this PR?

@secustor secustor added this pull request to the merge queue Apr 25, 2024
Merged via the queue into renovatebot:main with commit 8b3fb49 Apr 25, 2024
37 checks passed
@lstoeferle lstoeferle deleted the fix/terragrunt-manager-gittags-datasources branch April 25, 2024 10:03
@renovate-release
Copy link
Collaborator

🎉 This PR is included in version 37.322.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

@lstoeferle lstoeferle mentioned this pull request Apr 25, 2024
Merged
6 tasks
@mstoetzer-jambit
Copy link

@lstoeferle I'm not sure, but is this handling self-issued tls certificates correctly? Can you confirm, this is working?

@lstoeferle
Copy link
Contributor Author

@lstoeferle I'm not sure, but is this handling self-issued tls certificates correctly? Can you confirm, this is working?

Hi @mstoetzer-jambit,
sorry, but I can't give an answer on your question, since we don't use self-issued tls certificates.

@mstoetzer-jambit
Copy link

@lstoeferle

Unfortunately we had some errors:

DEBUG: Failed to look up gitlab-tags package some-namespace/terraform-modules/aws-rds.git (repository=username/wip, packageFile=dev/eu-west-1/dev/common/rds1/terragrunt.hcl, dependency=some-namespace/terraform-modules/aws-rds.git)
DEBUG: GET https://gitlab.tld:2222/api/v4/projects/some-namespace%2Fterraform-modules%2Faws-lb.git/repository/tags?per_page=100 = (code=EPROTO, statusCode=-1 retryCount=0, duration=72) (repository=username/wip)
DEBUG: Gitlab API error (repository=username/wip)
       "err": {
         "name": "RequestError",
         "code": "EPROTO",
         "timings": {
           "start": 1714143933785,
           "socket": 1714143933785,
           "lookup": 1714143933799,
           "connect": 1714143933800,
           "upload": 1714143933857,
           "error": 1714143933857,
           "phases": {"wait": 0, "dns": 14, "tcp": 1, "request": 57, "total": 72}
         },
         "message": "write EPROTO 00D89BE60C7F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:\n",
         "stack": "RequestError: write EPROTO 00D89BE60C7F0000:error:0A00010B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:355:\n\n    at ClientRequest.<anonymous> (/usr/local/renovate/node_modules/.pnpm/got@11.8.6/node_modules/got/dist/source/core/index.js:970:111)\n    at Object.onceWrapper (node:events:632:26)\n    at ClientRequest.emit (node:events:529:35)\n    at ClientRequest.emit (node:domain:489:12)\n    at ClientRequest.origin.emit (/usr/local/renovate/node_modules/.pnpm/@szmarczak+http-timer@4.0.6/node_modules/@szmarczak/http-timer/dist/source/index.js:43:20)\n    at TLSSocket.socketErrorListener (node:_http_client:501:9)\n    at TLSSocket.emit (node:events:517:28)\n    at TLSSocket.emit (node:domain:489:12)\n    at emitErrorNT (node:internal/streams/destroy:151:8)\n    at emitErrorCloseNT (node:internal/streams/destroy:116:3)\n    at processTicksAndRejections (node:internal/process/task_queues:82:21)\n    at WriteWrap.onWriteComplete [as oncomplete] (node:internal/stream_base_commons:94:16)",
         "options": {
           "headers": {
             "user-agent": "RenovateBot/37.325.0 (https://github.com/renovatebot/renovate)",
             "accept": "application/json",
             "authorization": "***********",
             "accept-encoding": "gzip, deflate, br"
           },
           "url": "https://gitlab.tld:2222/api/v4/projects/some-namespace%2Fterraform-modules%2Faws-lb.git/repository/tags?per_page=100",
           "hostType": "gitlab-tags",
           "username": "",
           "password": "",
           "method": "GET",
           "http2": false
         }
       }

@lstoeferle
Copy link
Contributor Author

Hi @mstoetzer-jambit,
seems like .git in the URL leads to the error. Can you remove the .git and open the URL in your browser to double check?

@viceice may I open another PR to remove the .git ending?

@viceice
Copy link
Member

viceice commented Apr 29, 2024

Hi @mstoetzer-jambit,
seems like .git in the URL leads to the error. Can you remove the .git and open the URL in your browser to double check?

@viceice may I open another PR to remove the .git ending?

sure

@mstoetzer-jambit
Copy link

We are using SSH URI in terragrunt.hcl:

terraform {
  source = "git::ssh://git@gitlab.tld:2222/some-namespace/terraform-modules/aws-lb.git//alb?ref=1.1.0"
}

@lstoeferle
Copy link
Contributor Author

As a workaround you could try without .git. Is your GitLab API served over https via the default port 443?

terraform {
-   source = "git::ssh://git@gitlab.tld:2222/some-namespace/terraform-modules/aws-lb.git//alb?ref=1.1.0"
+   source = "git::ssh://git@gitlab.tld:2222/some-namespace/terraform-modules/aws-lb//alb?ref=1.1.0"
}

@lstoeferle lstoeferle mentioned this pull request Apr 29, 2024
Merged
6 tasks
@mstoetzer-jambit
Copy link

removed .git from the URL as you suggested:

Renovate failed to look up the following dependencies: Failed to look up gitlab-tags package some-namespace/terraform-modules/k8s

With Renovate Version docker.io/renovate/renovate:37.240.1, we used a configuration preset with extends in the renovate.json:

{
   "packageRules": [
      {
        "matchPackagePatterns": ["terraform-modules/k8s"],
        "matchDatasources": ["git-tags"],
        "sourceUrl": "https://gitlab.tld/some-namespace/terraform-modules/k8s"
      }
   ]
}

With that, we were able to fetch release notes correctly and dependency lookup was working

@lstoeferle
Copy link
Contributor Author

Yes, the fix is provided here #28726. The .git part should never occur in the packageName, since it's used to resolve the GitLab API URLs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@viceice viceice viceice approved these changes

@secustor secustor secustor approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@lstoeferle @simon-wessel @renovate-release @mstoetzer-jambit @viceice @secustor