terraform-providers: update providers via terraform registry

author: Timothy Stott <stott.timothy@gmail.com> 2020-09-30 21:21:16 +0100
committer: Timothy Stott <stott.timothy@gmail.com> 2020-10-08 19:00:07 +0100
commit: 107707ad82ac513eb49c9c0a5dbf46013b72fefb (patch)
tree: 7151fc10aa07a08dc284c6d8d9768c6d23bef22e /pkgs/applications/networking/cluster/terraform-providers
parent: 063f1d73019885c39156df56c4ab46fcf1095a86 (diff)
2 files changed, 77 insertions, 177 deletions
diff --git a/pkgs/applications/networking/cluster/terraform-providers/update-all b/pkgs/applications/networking/cluster/terraform-providers/update-all
deleted file mode 100755
index e6e93b454034..000000000000
--- a/pkgs/applications/networking/cluster/terraform-providers/update-all
+++ /dev/null
@@ -1,177 +0,0 @@
-#!/usr/bin/env nix-shell
-#! nix-shell -i bash -p bash coreutils jq nix gitAndTools.hub
-# vim: ft=sh sw=2 et
-# shellcheck shell=bash
-#
-# This scripts scans the github terraform-providers repo for new releases,
-# generates the corresponding nix code and finally generates an index of
-# all the providers given in ./providers.txt.
-set -euo pipefail
-
-# the maximum number of attempts before giving up inside of GET and prefetch_github
-readonly maxAttempts=30
-
-get_tf_providers_org() {
-  # returns all terraform providers in a given organization, and their the
-  # latest tags, in the format
-  # $org/$repo $rev
-  local org=$1
-  hub api --paginate graphql -f query="
-    query(\$endCursor: String) {
-      repositoryOwner(login: \"${org}\") {
-        repositories(first: 100, after: \$endCursor) {
-          nodes {
-            nameWithOwner
-            name
-            refs(first: 1, refPrefix: \"refs/tags/\", orderBy: {field: TAG_COMMIT_DATE, direction: DESC}) {
-              nodes {
-                name
-              }
-            }
-          }
-          pageInfo {
-            hasNextPage
-            endCursor
-          }
-        }
-      }
-  }" | \
-  jq -r '.data.repositoryOwner.repositories.nodes[] | select(.name | startswith("terraform-provider-")) | select((.refs.nodes | length) > 0) | .nameWithOwner + " " + .refs.nodes[0].name'
-  # filter the result with jq:
-  # - repos need to start with `teraform-provider-`
-  # - they need to have at least one tag
-  # for each of the remaining repos, assemble a string $org/$repo $rev
-}
-
-get_latest_repo_tag() {
-  # of a given repo and owner, retrieve the latest tag
-  local owner=$1
-  local repo=$2
-  hub api --paginate "https://api.github.com/repos/$owner/$repo/git/refs/tags" | \
-    jq -r '.[].ref' | \
-    grep -v 'v\.' | \
-    cut -d '/' -f 3- | \
-    sort --version-sort | \
-    tail -1
-}
-
-prefetch_github() {
-  # of a given owner, repo and rev, fetch the tarball and return the output of
-  # `nix-prefetch-url`
-  local owner=$1
-  local repo=$2
-  local rev=$3
-  local retry=1
-  while ! nix-prefetch-url --unpack "https://github.com/$owner/$repo/archive/$rev.tar.gz"; do
-    echo "The nix-prefetch-url command has failed. Attempt $retry/${maxAttempts}" >&2
-    if [[ "${retry}" -eq "${maxAttempts}" ]]; then
-      exit 1
-    fi
-    retry=$(( retry + 1 ))
-    sleep 5
-  done
-}
-
-echo_entry() {
-  local owner=$1
-  local repo=$2
-  local rev=$3
-  local version=${rev#v}
-  local sha256=$4
-  cat <<EOF
-{
-  owner   = "$owner";
-  repo    = "$repo";
-  rev     = "$rev";
-  version = "$version";
-  sha256  = "$sha256";
-};
-EOF
-}
-
-indent() { sed 's/^/    /'; }
-
-add_provider() {
-  org="${1}"
-  repo="${2}"
-  rev="${3}"
-
-  echo "*** $org/$repo $rev ***"
-  name=$(echo "$repo" | cut -d - -f 3-)
-  sha256=$(prefetch_github "$org" "$repo" "$rev")
-
-  {
-    echo "  $name ="
-    echo_entry "$org" "$repo" "$rev" "$sha256" | indent
-  } >> data.nix
-}
-
-## Main ##
-
-cd "$(dirname "$0")"
-
-# individual repos to fetch
-slugs=(
-  IBM-Cloud/terraform-provider-ibm
-  ajbosco/terraform-provider-segment
-  camptocamp/terraform-provider-pass
-  carlpett/terraform-provider-sops
-  poseidon/terraform-provider-matchbox
-  poseidon/terraform-provider-ct
-  tweag/terraform-provider-nixos
-  tweag/terraform-provider-secret
-)
-
-# a list of providers to ignore
-blacklist=(
-  terraform-providers/terraform-provider-azure-classic
-  terraform-providers/terraform-provider-cidr
-  terraform-providers/terraform-provider-circonus
-  terraform-providers/terraform-provider-cloudinit
-  terraform-providers/terraform-provider-quorum
-  hashicorp/terraform-provider-time
-  terraform-providers/terraform-provider-vmc
-)
-
-cat <<HEADER > data.nix
-# Generated with ./update-all
-{
-HEADER
-
-# assemble list of terraform providers
-providers=$(get_tf_providers_org "terraform-providers")
-providers=$(echo "$providers";get_tf_providers_org "hashicorp")
-
-# add terraform-providers from slugs
-for slug in "${slugs[@]}"; do
-  # retrieve latest tag
-  org=${slug%/*}
-  repo=${slug#*/}
-  rev=$(get_latest_repo_tag "$org" "$repo")
-
-  # add to list
-  providers=$(echo "$providers";echo "$org/$repo $rev")
-done
-
-# filter out all providers on the blacklist
-for repo in "${blacklist[@]}"; do
-  providers=$(echo "$providers" | grep -v "^${repo} ")
-done
-
-# sort results alphabetically by repo name
-providers=$(echo "$providers" | sort -t "/" --key=2)
-
-# render list
-IFS=$'\n'
-for provider in $providers; do
-  org=$(echo "$provider" | cut -d " " -f 1 | cut -d "/" -f1)
-  repo=$(echo "$provider" | cut -d " " -f 1 | cut -d "/" -f2)
-  rev=$(echo "$provider" | cut -d " " -f 2)
-  add_provider "${org}" "${repo}" "${rev}"
-done
-
-cat <<FOOTER >> data.nix
-}
-FOOTER
-
-echo Done.
diff --git a/pkgs/applications/networking/cluster/terraform-providers/update-provider b/pkgs/applications/networking/cluster/terraform-providers/update-provider
new file mode 100755
index 000000000000..c7094e1c77e4
--- /dev/null
+++ b/pkgs/applications/networking/cluster/terraform-providers/update-provider
@@ -0,0 +1,77 @@
+#!/usr/bin/env nix-shell
+#! nix-shell -i bash -p coreutils curl jq
+# shellcheck shell=bash
+#
+# Update a terraform provider to the latest version advertised at
+# the provider source address.
+set -euo pipefail
+
+USAGE=$(cat<<DOC
+Specify the terraform provider name to update.
+
+Example:
+To update nixpkgs.terraform-providers.aws run:
+./update-provider aws
+DOC
+)
+
+provider_name="${1:-}"
+if [ -z "$provider_name" ]; then
+  echo "No providers specified!"
+  echo
+  echo "$USAGE"
+  exit 1
+fi
+
+provider_source_address="$(jq -r ".$provider_name.\"provider-source-address\"" providers.json)"
+
+if [ "$provider_source_address" == "null" ]; then
+  echo "No provider source address specified with provider: $provider_name"
+  exit 1
+fi
+
+# The provider source address (used inside Terraform `required_providers` block) is
+# used to compute the registry API endpoint
+#
+# registry.terraform.io/hashicorp/aws (provider source address)
+# registry.terraform.io/providers/hashicorp/aws (provider URL for the website)
+# registry.terraform.io/v1/providers/hashicorp/aws (provider URL for the JSON API)
+registry_response=$(curl -s https://"${provider_source_address/\///v1/providers/}")
+
+prefetch_github() {
+  # of a given owner, repo and rev, fetch the tarball and return the output of
+  # `nix-prefetch-url`
+  local owner=$1
+  local repo=$2
+  local rev=$3
+  nix-prefetch-url --unpack "https://github.com/$owner/$repo/archive/$rev.tar.gz"
+}
+
+provider_source_url="$(jq -r '.source' <<< "$registry_response")"
+
+org="$(echo "$provider_source_url" | cut -d '/' -f 4)"
+repo="$(echo "$provider_source_url" | cut -d '/' -f 5)"
+rev="$(jq -r '.tag' <<< "$registry_response")"
+
+sha256=$(prefetch_github "$org" "$repo" "$rev")
+
+version="$(jq -r '.version' <<< "$registry_response")"
+
+updated_provider="$(mktemp)"
+cat <<EOF >> "$updated_provider"
+{
+  "$provider_name": {
+    "owner": "$org",
+    "repo": "$repo",
+    "rev": "$rev",
+    "sha256": "$sha256",
+    "version": "$version",
+    "provider-source-address": "$provider_source_address"
+  }
+}
+EOF
+
+original_provider_list="$(mktemp)"
+cat providers.json > "$original_provider_list"
+
+jq --sort-keys --slurp '.[0] * .[1]' "$original_provider_list" "$updated_provider" > providers.json
author	Timothy Stott <stott.timothy@gmail.com>	2020-09-30 21:21:16 +0100
committer	Timothy Stott <stott.timothy@gmail.com>	2020-10-08 19:00:07 +0100
commit	107707ad82ac513eb49c9c0a5dbf46013b72fefb (patch)
tree	7151fc10aa07a08dc284c6d8d9768c6d23bef22e /pkgs/applications/networking/cluster/terraform-providers
parent	063f1d73019885c39156df56c4ab46fcf1095a86 (diff)