secustor
commented
5 months ago https://github.com/secustor/renovate-test/pull/2 and issue identified:
The problem is that the Oktas release artifact not only contains files but also a folder with the name readme-assets, tough not sure how Terraforms h1 algorithm handles the hash generation in that cases. This needs some investigation.
Renovates relevant code: https://github.com/renovatebot/renovate/blob/main/lib/modules/manager/terraform/lockfile/hash.ts#L34
CamaroKyiv
viceice
Discussed in https://github.com/renovatebot/renovate/discussions/25973
Logs
``` DEBUG: File config { "config": {} } DEBUG: CLI config { "config": {} } DEBUG: Env config { "config": { "allowPostUpgradeCommandTemplating": true, "allowedPostUpgradeCommands": [ "^git add --all$", "^git reset$", "^npx beachball change( --no-fetch)? --no-commit --type (patch|none) --message '{{{commitMessage}}}'$", "^pwd$" ], "baseDir": "/tmp/worker/615dc2/44ec84", "binarySource": "docker", "cacheTtlOverride": { "datasource-docker-digest": 180, "datasource-docker-labels": 180, "datasource-docker-releases": 180, "datasource-docker-tags": 180 }, "customizeDashboard": { "repoProblemsHeader": "These problems occurred while renovating this repository. [View logs](https://developer.mend.io/{{platform}}/{{repository}})." }, "dependencyDashboardFooter": "\n- [ ] Check this box to trigger a request for Renovate to run again on this repository\n", "dockerImagePrefix": "ghcr.io/containerbase", "enabled": true, "extends": [ "mergeConfidence:all-badges" ], "forkProcessing": "enabled", "gitAuthor": "renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", "gitIgnoredAuthors": [ "29139614+renovate[bot]@users.noreply.github.com" ], "hostRules": [ { "hostType": "docker", "matchHost": "docker.io", "password": "***********", "username": "mdpprodrenovate" } ], "logContext": "1eb0fe62721c4063904146e36d5a3520", "logFile": "/tmp/worker/615dc2/44ec84/github/mrtc0-sandbox/renovate-test/1eb0fe62721c4063904146e36d5a3520.log", "logFileLevel": "debug", "onboarding": true, "onboardingConfig": { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ "config:recommended" ] }, "onboardingNoDeps": true, "platform": "github", "platformCommit": true, "prFooter": "This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/{{platform}}/{{repository}}).", "prHeader": "[](https://renovatebot.com)", "redisUrl": "redis://mend-developer-platform-renovate-prod.aqffol.ng.0001.use1.cache.amazonaws.com:6379", "repositories": [ "mrtc0-sandbox/renovate-test" ], "repositoryCache": "enabled", "repositoryCacheType": "s3://mend-developer-platform-prod/renovate/", "requireConfig": "required", "token": "***********", "username": "renovate[bot]", "dockerChildPrefix": "renovate_a_", "dockerCliOptions": "--memory=3584m", "privateKey": "***********", "privateKeyOld": "***********" } } DEBUG: Combined config { "config": { "allowPostUpgradeCommandTemplating": true, "allowedPostUpgradeCommands": [ "^git add --all$", "^git reset$", "^npx beachball change( --no-fetch)? --no-commit --type (patch|none) --message '{{{commitMessage}}}'$", "^pwd$" ], "baseDir": "/tmp/worker/615dc2/44ec84", "binarySource": "docker", "cacheTtlOverride": { "datasource-docker-digest": 180, "datasource-docker-labels": 180, "datasource-docker-releases": 180, "datasource-docker-tags": 180 }, "customizeDashboard": { "repoProblemsHeader": "These problems occurred while renovating this repository. [View logs](https://developer.mend.io/{{platform}}/{{repository}})." }, "dependencyDashboardFooter": "\n- [ ] Check this box to trigger a request for Renovate to run again on this repository\n", "dockerImagePrefix": "ghcr.io/containerbase", "enabled": true, "extends": [ "mergeConfidence:all-badges" ], "forkProcessing": "enabled", "gitAuthor": "renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>", "gitIgnoredAuthors": [ "29139614+renovate[bot]@users.noreply.github.com" ], "hostRules": [ { "hostType": "docker", "matchHost": "docker.io", "password": "***********", "username": "mdpprodrenovate" } ], "logContext": "1eb0fe62721c4063904146e36d5a3520", "logFile": "/tmp/worker/615dc2/44ec84/github/mrtc0-sandbox/renovate-test/1eb0fe62721c4063904146e36d5a3520.log", "logFileLevel": "debug", "onboarding": true, "onboardingConfig": { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ "config:recommended" ] }, "onboardingNoDeps": true, "platform": "github", "platformCommit": true, "prFooter": "This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/{{platform}}/{{repository}}).", "prHeader": "[](https://renovatebot.com)", "redisUrl": "redis://mend-developer-platform-renovate-prod.aqffol.ng.0001.use1.cache.amazonaws.com:6379", "repositories": [ "mrtc0-sandbox/renovate-test" ], "repositoryCache": "enabled", "repositoryCacheType": "s3://mend-developer-platform-prod/renovate/", "requireConfig": "required", "token": "***********", "username": "renovate[bot]", "dockerChildPrefix": "renovate_a_", "dockerCliOptions": "--memory=3584m", "privateKey": "***********", "privateKeyOld": "***********" } } DEBUG: Enabling forkProcessing while in non-autodiscover mode DEBUG: Found valid git version: 2.42.0 DEBUG: Setting global hostRules DEBUG: Adding password authentication for docker.io (hostType=docker) to hostRules DEBUG: Using default github endpoint: https://api.github.com/ DEBUG: Platform config { "platformConfig": { "hostType": "github", "endpoint": "https://api.github.com/", "isGHApp": true, "isGhe": false } "renovateUsername": "renovate[bot]" } DEBUG: Using configured gitAuthor (renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>) DEBUG: Adding token authentication for api.github.com (hostType=github) to hostRules DEBUG: Using configured baseDir: /tmp/worker/615dc2/44ec84 DEBUG: Using cacheDir: /tmp/worker/615dc2/44ec84/cache DEBUG: Using containerbaseDir: /tmp/worker/615dc2/44ec84/cache/containerbase DEBUG: Redis cache init DEBUG: Commits limit = null DEBUG: Setting global hostRules DEBUG: Adding password authentication for docker.io (hostType=docker) to hostRules DEBUG: Adding token authentication for api.github.com (hostType=github) to hostRules DEBUG: validatePresets() DEBUG: Reinitializing hostRules for repo DEBUG: Clearing hostRules DEBUG: Adding password authentication for docker.io (hostType=docker) to hostRules DEBUG: Adding token authentication for api.github.com (hostType=github) to hostRules DEBUG: No dangling containers to remove INFO: Repository started { "renovateVersion": "37.59.8" } DEBUG: Using localDir: /tmp/worker/615dc2/44ec84/repos/github/mrtc0-sandbox/renovate-test DEBUG: PackageFiles.clear() - Package files deleted DEBUG: initRepo("mrtc0-sandbox/renovate-test") DEBUG: mrtc0-sandbox/renovate-test default branch = master DEBUG: Using app token for git init DEBUG: RepoCacheS3.read() - success DEBUG: Repository cache is restored from revision 13 DEBUG: Resetting npmrc DEBUG: Resetting npmrc DEBUG: checkOnboarding() DEBUG: isOnboarded() DEBUG: findPr(renovate/configure, Configure Renovate, !open) DEBUG: getPrList success { "pullsTotal": 2 "requestsTotal": 1 "apiQuotaAffected": true } DEBUG: Checking cached config file name DEBUG: Existing config file confirmed DEBUG: Repository config { "fileName": "renovate.json" "config": { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ "config:recommended" ] } } DEBUG: Repo is onboarded DEBUG: migrateAndValidate() DEBUG: No config migration necessary DEBUG: Setting hostRules from config DEBUG: Found repo ignorePaths { "ignorePaths": [ "**/node_modules/**", "**/bower_components/**", "**/vendor/**", "**/examples/**", "**/__tests__/**", "**/test/**", "**/tests/**", "**/__fixtures__/**" ] } DEBUG: No vulnerability alerts found DEBUG: No vulnerability alerts found DEBUG: findIssue(Dependency Dashboard) DEBUG: Retrieving issueList DEBUG: Retrieved 1 issues DEBUG: Found issue 3 DEBUG: No baseBranches DEBUG: extract() DEBUG: Cached extract result cannot be used due to base branch SHA change (old=aa824c44feeb8113314ed4ea6b1e4ee0bf8b43a0, new=fae6eef857ff96ddb0e36bc6a324d7b9bf7e1cbb) DEBUG: Setting current branch to master DEBUG: Initializing git repository into /tmp/worker/615dc2/44ec84/repos/github/mrtc0-sandbox/renovate-test DEBUG: Performing blobless clone DEBUG: git clone completed { "durationMs": 321 } DEBUG: latest repository commit { "latestCommit": { "hash": "fae6eef857ff96ddb0e36bc6a324d7b9bf7e1cbb", "date": "2023-11-27T11:48:34+09:00", "message": "chore: remove", "refs": "HEAD -> master, origin/master, origin/HEAD", "body": "", "author_name": "Kohei Morita", "author_email": "moritakouhei@graffer.jp" } } DEBUG: latest commit { "branchName": "master" "latestCommitDate": "2023-11-27T11:48:34+09:00" } DEBUG: Using file match: (^|/)tasks/[^/]+\.ya?ml$ for manager ansible DEBUG: Using file match: (^|/)requirements\.ya?ml$ for manager ansible-galaxy DEBUG: Using file match: (^|/)galaxy\.ya?ml$ for manager ansible-galaxy DEBUG: Using file match: (^|/)\.tool-versions$ for manager asdf DEBUG: Using file match: azure.*pipelines?.*\.ya?ml$ for manager azure-pipelines DEBUG: Using file match: (^|/)batect(-bundle)?\.ya?ml$ for manager batect DEBUG: Using file match: (^|/)batect$ for manager batect-wrapper DEBUG: Using file match: (^|/)WORKSPACE(|\.bazel)$ for manager bazel DEBUG: Using file match: \.bzl$ for manager bazel DEBUG: Using file match: (^|/)MODULE\.bazel$ for manager bazel-module DEBUG: Using file match: (^|/)\.bazelversion$ for manager bazelisk DEBUG: Using file match: \.bicep$ for manager bicep DEBUG: Using file match: (^|/)\.?bitbucket-pipelines\.ya?ml$ for manager bitbucket-pipelines DEBUG: Using file match: buildkite\.ya?ml for manager buildkite DEBUG: Using file match: \.buildkite/.+\.ya?ml$ for manager buildkite DEBUG: Using file match: (^|/)bun\.lockb$ for manager bun DEBUG: Using file match: (^|/)Gemfile$ for manager bundler DEBUG: Using file match: \.cake$ for manager cake DEBUG: Using file match: (^|/)Cargo\.toml$ for manager cargo DEBUG: Using file match: (^|/)\.circleci/config\.ya?ml$ for manager circleci DEBUG: Using file match: (^|/)cloudbuild\.ya?ml for manager cloudbuild DEBUG: Using file match: (^|/)Podfile$ for manager cocoapods DEBUG: Using file match: (^|/)([\w-]*)composer\.json$ for manager composer DEBUG: Using file match: (^|/)conanfile\.(txt|py)$ for manager conan DEBUG: Using file match: (^|/)cpanfile$ for manager cpanfile DEBUG: Using file match: (^|/)(?:deps|bb)\.edn$ for manager deps-edn DEBUG: Using file match: (^|/)(?:docker-)?compose[^/]*\.ya?ml$ for manager docker-compose DEBUG: Using file match: (^|/|\.)([Dd]ocker|[Cc]ontainer)file$ for manager dockerfile DEBUG: Using file match: (^|/)([Dd]ocker|[Cc]ontainer)file[^/]*$ for manager dockerfile DEBUG: Using file match: (^|/)\.drone\.yml$ for manager droneci DEBUG: Using file match: (^|/)fleet\.ya?ml for manager fleet DEBUG: Using file match: (?:^|/)gotk-components\.ya?ml$ for manager flux DEBUG: Using file match: (^|/)\.fvm/fvm_config\.json$ for manager fvm DEBUG: Using file match: (^|/)\.gitmodules$ for manager git-submodules DEBUG: Using file match: (^|/)(workflow-templates|\.(?:github|gitea|forgejo)/workflows)/[^/]+\.ya?ml$ for manager github-actions DEBUG: Using file match: (^|/)action\.ya?ml$ for manager github-actions DEBUG: Using file match: \.gitlab-ci\.ya?ml$ for manager gitlabci DEBUG: Using file match: \.gitlab-ci\.ya?ml$ for manager gitlabci-include DEBUG: Using file match: (^|/)go\.mod$ for manager gomod DEBUG: Using file match: \.gradle(\.kts)?$ for manager gradle DEBUG: Using file match: (^|/)gradle\.properties$ for manager gradle DEBUG: Using file match: (^|/)gradle/.+\.toml$ for manager gradle DEBUG: Using file match: (^|/)buildSrc/.+\.kt$ for manager gradle DEBUG: Using file match: \.versions\.toml$ for manager gradle DEBUG: Using file match: (^|/)versions.props$ for manager gradle DEBUG: Using file match: (^|/)versions.lock$ for manager gradle DEBUG: Using file match: (^|/)gradle/wrapper/gradle-wrapper\.properties$ for manager gradle-wrapper DEBUG: Using file match: (^|/)requirements\.ya?ml$ for manager helm-requirements DEBUG: Using file match: (^|/)values\.ya?ml$ for manager helm-values DEBUG: Using file match: (^|/)helmfile\.ya?ml$ for manager helmfile DEBUG: Using file match: (^|/)Chart\.ya?ml$ for manager helmv3 DEBUG: Using file match: (^|/)bin/hermit$ for manager hermit DEBUG: Using file match: ^Formula/[^/]+[.]rb$ for manager homebrew DEBUG: Using file match: \.html?$ for manager html DEBUG: Using file match: (^|/)plugins\.(txt|ya?ml)$ for manager jenkins DEBUG: Using file match: (^|/)jsonnetfile\.json$ for manager jsonnet-bundler DEBUG: Using file match: ^.+\.main\.kts$ for manager kotlin-script DEBUG: Using file match: (^|/)kustomization\.ya?ml$ for manager kustomize DEBUG: Using file match: (^|/)project\.clj$ for manager leiningen DEBUG: Using file match: (^|/|\.)pom\.xml$ for manager maven DEBUG: Using file match: ^(((\.mvn)|(\.m2))/)?settings\.xml$ for manager maven DEBUG: Using file match: (^|\/).mvn/wrapper/maven-wrapper.properties$ for manager maven-wrapper DEBUG: Using file match: (^|/)package\.js$ for manager meteor DEBUG: Using file match: (^|/)Mintfile$ for manager mint DEBUG: Using file match: (^|/)mix\.exs$ for manager mix DEBUG: Using file match: (^|/)flake\.nix$ for manager nix DEBUG: Using file match: (^|/)\.node-version$ for manager nodenv DEBUG: Using file match: (^|/)package\.json$ for manager npm DEBUG: Using file match: \.(?:cs|fs|vb)proj$ for manager nuget DEBUG: Using file match: \.(?:props|targets)$ for manager nuget DEBUG: Using file match: (^|/)dotnet-tools\.json$ for manager nuget DEBUG: Using file match: (^|/)global\.json$ for manager nuget DEBUG: Using file match: (^|/)\.nvmrc$ for manager nvm DEBUG: Using file match: (^|/)src/main/features/.+\.json$ for manager osgi DEBUG: Using file match: (^|/)pyproject\.toml$ for manager pep621 DEBUG: Using file match: (^|/)[\w-]*requirements(-\w+)?\.(txt|pip)$ for manager pip_requirements DEBUG: Using file match: (^|/)setup\.py$ for manager pip_setup DEBUG: Using file match: (^|/)Pipfile$ for manager pipenv DEBUG: Using file match: (^|/)pyproject\.toml$ for manager poetry DEBUG: Using file match: (^|/)\.pre-commit-config\.ya?ml$ for manager pre-commit DEBUG: Using file match: (^|/)pubspec\.ya?ml$ for manager pub DEBUG: Using file match: (^|/)Puppetfile$ for manager puppet DEBUG: Using file match: (^|/)\.python-version$ for manager pyenv DEBUG: Using file match: (^|/)\.ruby-version$ for manager ruby-version DEBUG: Using file match: \.sbt$ for manager sbt DEBUG: Using file match: project/[^/]*\.scala$ for manager sbt DEBUG: Using file match: project/build\.properties$ for manager sbt DEBUG: Using file match: (^|/)setup\.cfg$ for manager setup-cfg DEBUG: Using file match: (^|/)Package\.swift for manager swift DEBUG: Using file match: \.tf$ for manager terraform DEBUG: Using file match: (^|/)\.terraform-version$ for manager terraform-version DEBUG: Using file match: (^|/)terragrunt\.hcl$ for manager terragrunt DEBUG: Using file match: (^|/)\.terragrunt-version$ for manager terragrunt-version DEBUG: Using file match: \.tflint\.hcl$ for manager tflint-plugin DEBUG: Using file match: ^\.travis\.ya?ml$ for manager travis DEBUG: Using file match: (^|/)\.vela\.ya?ml$ for manager velaci DEBUG: Using file match: ^\.woodpecker(?:/[^/]+)?\.ya?ml$ for manager woodpecker DEBUG: Matched 1 file(s) for manager terraform: terraform/versions.tf DEBUG: manager extract durations (ms) { "managers": { "terraform": 30 } } DEBUG: Found terraform package files DEBUG: Found 1 package file(s) INFO: Dependency extraction complete { "baseBranch": "master" "stats": { "managers": { "terraform": { "fileCount": 1, "depCount": 2 } }, "total": { "fileCount": 1, "depCount": 2 } } } DEBUG: PackageFiles.add() - Package file saved for base branch { "baseBranch": "master" } DEBUG: Package releases lookups complete { "baseBranch": "master" } DEBUG: branchifyUpgrades DEBUG: detectSemanticCommits() DEBUG: getCommitMessages DEBUG: semanticCommits: detected "angular" DEBUG: semanticCommits: enabled DEBUG: 1 flattened updates found: okta DEBUG: Returning 1 branch(es) DEBUG: config.repoIsOnboarded=true DEBUG: packageFiles with updates { "baseBranch": "master" "config": { "terraform": [ { "deps": [ { "currentValue": "~> 4.4.2", "depType": "required_provider", "depName": "okta", "datasource": "terraform-provider", "packageName": "okta/okta", "lockedVersion": "4.4.3", "updates": [ { "bucket": "non-major", "newVersion": "4.6.1", "newValue": "~> 4.6.0", "releaseTimestamp": "2023-11-02T21:34:20.000Z", "newMajor": 4, "newMinor": 6, "updateType": "minor", "isRange": true, "branchName": "renovate/okta-4.x" } ], "versioning": "hashicorp", "warnings": [], "sourceUrl": "https://github.com/okta/terraform-provider-okta", "registryUrl": "https://registry.terraform.io", "homepage": "https://registry.terraform.io/providers/okta/okta", "currentVersion": "4.4.3", "isSingleVersion": false, "fixedVersion": "4.4.3" }, { "currentValue": "1.6.4", "depType": "required_version", "datasource": "github-releases", "depName": "hashicorp/terraform", "extractVersion": "v(?