Skip to content

Add module version endpoint in Terraform Module registry

René Hernández Remedios requested to merge renehernandez/gitlab:module-version-endpoint into master

What does this MR do and why?

Describe in detail what your merge request does and why.

Relates #344572 (closed)

Implement the endpoint packages/terraform/modules/v1/:module_namespace/:module_name/:module_system/:version.

This achieved by a new get grape endpoint that returns information about a single module version. To support this endpoint, 2 new classes have been created:

  • Terraform::ModuleVersionPresenter: Provides the required information to be returned in the response
  • API::Entities::Terraform::ModuleVersion: Expose the fields to be returned by the API response

When designing the schema of the data to be returned by the endpoint, I've followed the example output in the TF registry API docs. This doesn't match the existing sub-schema for a module, so I added a new single_version.json schema definition

Notes

  • The get endpoint serving the version URL needs to be the last route within the namespace block to avoid taking precedence over other routes (including nested ones)
  • The format: false option fixes the issue discussed on: !90932 (comment 1005916539)

Screenshots or screen recordings

I've manually pushed a terraform module in a new gitlab-org/aws-efs project in the MR-based GitLab instance. Then, I queried the new endpoint with curl

curl -v --header "Authorization: Bearer <private_token>" "https://3000-renehernandez-gitlab-fegj788s6k3.ws-us47.gitpod.io/api/v4/packages/terraform/modules/v1/gitlab-org/aws-efs/gitlab/0.0.1"
*   Trying 34.168.230.177:443...
* Connected to 3000-renehernandez-gitlab-fegj788s6k3.ws-us47.gitpod.io (34.168.230.177) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
*  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* (304) (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=ws-us47.gitpod.io
*  start date: Jun  6 19:13:46 2022 GMT
*  expire date: Sep  4 19:13:45 2022 GMT
*  subjectAltName: host "3000-renehernandez-gitlab-fegj788s6k3.ws-us47.gitpod.io" matched cert's "*.ws-us47.gitpod.io"
*  issuer: C=US; O=Let's Encrypt; CN=R3
*  SSL certificate verify ok.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x7fce13011a00)
> GET /api/v4/packages/terraform/modules/v1/gitlab-org/aws-efs/gitlab/0.0.1 HTTP/2
> Host: 3000-renehernandez-gitlab-fegj788s6k3.ws-us47.gitpod.io
> user-agent: curl/7.79.1
> accept: */*
> authorization: Bearer <private_token>
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 200
< cache-control: max-age=0, private, must-revalidate
< content-type: application/json
< date: Tue, 28 Jun 2022 21:16:45 GMT
< etag: W/"d676eb8ff7edfd75621b30ba36e6d0cc"
< vary: Origin
< x-content-type-options: nosniff
< x-request-id: 01G6P2RZ4PHBWSYZ5NJASG3M63
< x-runtime: 0.138277
< content-length: 244
<
* Connection #0 to host 3000-renehernandez-gitlab-fegj788s6k3.ws-us47.gitpod.io left intact
{"name":"aws-efs/gitlab","provider":"gitlab","providers":["gitlab"],"root":{"dependencies":[]},"source":"https://3000-renehernandez-gitlab-fegj788s6k3.ws-us47.gitpod.io/gitlab-org/aws-efs","submodules":[],"version":"0.0.1","versions":["0.0.1"]}

How to set up and validate locally

  1. Save a TF module in a repository registry
  2. curl the https://<base_url>/api/v4/packages/terraform/modules/v1/<module_namespace>/<module_name>/<module_provider>/<version> endpoint

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Related Links

Edited by René Hernández Remedios

Merge request reports