From 977c410d927e5de86ab654118716aaf6fdcbc746 Mon Sep 17 00:00:00 2001
From: Or Shoval <oshoval@redhat.com>
Date: Tue, 19 Sep 2023 10:42:52 +0300
Subject: [PATCH] modules: Amend hashicorp filtering

According https://github.com/cncf/foundation/issues/617#issuecomment-1681189207
we need to look on go.mod only because we have "go 1.17" in go.mod.
Adapt git actions accordingly.

Signed-off-by: Or Shoval <oshoval@redhat.com>
---
 .../workflows/check_hashicorp_modules.yaml    | 30 ++++---------------
 1 file changed, 5 insertions(+), 25 deletions(-)

diff --git a/.github/workflows/check_hashicorp_modules.yaml b/.github/workflows/check_hashicorp_modules.yaml
index 6bb1c39f1..9faed9051 100644
--- a/.github/workflows/check_hashicorp_modules.yaml
+++ b/.github/workflows/check_hashicorp_modules.yaml
@@ -9,38 +9,18 @@ jobs:
     - name: Run script
       run: |
         allowed_hashicorp_modules=(
-            "github.com/hashicorp/consul/api"
-            "github.com/hashicorp/consul/sdk"
             "github.com/hashicorp/errwrap"
-            "github.com/hashicorp/hcl"
-            "github.com/hashicorp/logutils"
-            "github.com/hashicorp/mdns"
-            "github.com/hashicorp/memberlist"
-            "github.com/hashicorp/serf"
-            "github.com/hashicorp/go-cleanhttp"
-            "github.com/hashicorp/go-immutable-radix"
-            "github.com/hashicorp/golang-lru"
-            "github.com/hashicorp/go-msgpack"
             "github.com/hashicorp/go-multierror"
-            "github.com/hashicorp/go.net"
-            "github.com/hashicorp/go-retryablehttp"
-            "github.com/hashicorp/go-rootcerts"
-            "github.com/hashicorp/go-sockaddr"
-            "github.com/hashicorp/go-syslog"
-            "github.com/hashicorp/go-uuid"
-            "github.com/hashicorp/go-version"
+            "github.com/hashicorp/hcl"
         )
 
         error_found=false
         while read -r line; do
-            module=$(echo "$line" | cut -d ' ' -f 1)
-            if [[ $module == github.com/hashicorp/* ]]; then
-                if ! [[ " ${allowed_hashicorp_modules[*]} " == *" $module "* ]]; then
-                    echo "found non allowlisted hashicorp module: $module"
-                    error_found=true
-                fi
+            if ! [[ " ${allowed_hashicorp_modules[*]} " == *" $line "* ]]; then
+                echo "found non allowlisted hashicorp module: $line"
+                error_found=true
             fi
-        done < go.sum
+        done < <(grep -i hashicorp go.mod | grep -o 'github.com/[^ ]*')
 
         if [[ $error_found == true ]]; then
             echo "Non allowlisted hashicorp modules found, exiting with an error."