2018-06-08 02:27:57 +02:00
|
|
|
package states
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/go-test/deep"
|
|
|
|
"github.com/zclconf/go-cty/cty"
|
|
|
|
|
|
|
|
"github.com/hashicorp/terraform/addrs"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestState(t *testing.T) {
|
|
|
|
// This basic tests exercises the main mutation methods to construct
|
|
|
|
// a state. It is not fully comprehensive, so other tests should visit
|
|
|
|
// more esoteric codepaths.
|
|
|
|
|
|
|
|
state := NewState()
|
|
|
|
|
|
|
|
rootModule := state.RootModule()
|
|
|
|
if rootModule == nil {
|
|
|
|
t.Errorf("root module is nil; want valid object")
|
|
|
|
}
|
|
|
|
|
|
|
|
rootModule.SetLocalValue("foo", cty.StringVal("foo value"))
|
|
|
|
rootModule.SetOutputValue("bar", cty.StringVal("bar value"), false)
|
|
|
|
rootModule.SetOutputValue("secret", cty.StringVal("secret value"), true)
|
|
|
|
rootModule.SetResourceInstanceCurrent(
|
|
|
|
addrs.Resource{
|
|
|
|
Mode: addrs.ManagedResourceMode,
|
|
|
|
Type: "test_thing",
|
|
|
|
Name: "baz",
|
|
|
|
}.Instance(addrs.IntKey(0)),
|
terraform: Ugly huge change to weave in new State and Plan types
Due to how often the state and plan types are referenced throughout
Terraform, there isn't a great way to switch them out gradually. As a
consequence, this huge commit gets us from the old world to a _compilable_
new world, but still has a large number of known test failures due to
key functionality being stubbed out.
The stubs here are for anything that interacts with providers, since we
now need to do the follow-up work to similarly replace the old
terraform.ResourceProvider interface with its replacement in the new
"providers" package. That work, along with work to fix the remaining
failing tests, will follow in subsequent commits.
The aim here was to replace all references to terraform.State and its
downstream types with states.State, terraform.Plan with plans.Plan,
state.State with statemgr.State, and switch to the new implementations of
the state and plan file formats. However, due to the number of times those
types are used, this also ended up affecting numerous other parts of core
such as terraform.Hook, the backend.Backend interface, and most of the CLI
commands.
Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize
in advance to the person who inevitably just found this huge commit while
spelunking through the commit history.
2018-08-14 23:24:45 +02:00
|
|
|
&ResourceInstanceObjectSrc{
|
2018-06-08 02:27:57 +02:00
|
|
|
Status: ObjectReady,
|
|
|
|
SchemaVersion: 1,
|
|
|
|
AttrsJSON: []byte(`{"woozles":"confuzles"}`),
|
|
|
|
},
|
2020-02-13 21:32:58 +01:00
|
|
|
addrs.AbsProviderConfig{
|
|
|
|
Provider: addrs.NewDefaultProvider("test"),
|
2020-03-11 19:19:52 +01:00
|
|
|
Module: addrs.RootModule,
|
2020-02-13 21:32:58 +01:00
|
|
|
},
|
2018-06-08 02:27:57 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
childModule := state.EnsureModule(addrs.RootModuleInstance.Child("child", addrs.NoKey))
|
|
|
|
childModule.SetOutputValue("pizza", cty.StringVal("hawaiian"), false)
|
2020-04-13 23:59:09 +02:00
|
|
|
multiModA := state.EnsureModule(addrs.RootModuleInstance.Child("multi", addrs.StringKey("a")))
|
|
|
|
multiModA.SetOutputValue("pizza", cty.StringVal("cheese"), false)
|
|
|
|
multiModB := state.EnsureModule(addrs.RootModuleInstance.Child("multi", addrs.StringKey("b")))
|
|
|
|
multiModB.SetOutputValue("pizza", cty.StringVal("sausage"), false)
|
2018-06-08 02:27:57 +02:00
|
|
|
|
|
|
|
want := &State{
|
|
|
|
Modules: map[string]*Module{
|
|
|
|
"": {
|
|
|
|
Addr: addrs.RootModuleInstance,
|
|
|
|
LocalValues: map[string]cty.Value{
|
|
|
|
"foo": cty.StringVal("foo value"),
|
|
|
|
},
|
|
|
|
OutputValues: map[string]*OutputValue{
|
|
|
|
"bar": {
|
2020-04-13 22:37:59 +02:00
|
|
|
Addr: addrs.AbsOutputValue{
|
|
|
|
OutputValue: addrs.OutputValue{
|
|
|
|
Name: "bar",
|
|
|
|
},
|
|
|
|
},
|
2018-06-08 02:27:57 +02:00
|
|
|
Value: cty.StringVal("bar value"),
|
|
|
|
Sensitive: false,
|
|
|
|
},
|
|
|
|
"secret": {
|
2020-04-13 22:37:59 +02:00
|
|
|
Addr: addrs.AbsOutputValue{
|
|
|
|
OutputValue: addrs.OutputValue{
|
|
|
|
Name: "secret",
|
|
|
|
},
|
|
|
|
},
|
2018-06-08 02:27:57 +02:00
|
|
|
Value: cty.StringVal("secret value"),
|
|
|
|
Sensitive: true,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Resources: map[string]*Resource{
|
|
|
|
"test_thing.baz": {
|
|
|
|
Addr: addrs.Resource{
|
|
|
|
Mode: addrs.ManagedResourceMode,
|
|
|
|
Type: "test_thing",
|
|
|
|
Name: "baz",
|
2020-03-13 18:51:55 +01:00
|
|
|
}.Absolute(addrs.RootModuleInstance),
|
|
|
|
|
2018-06-08 02:27:57 +02:00
|
|
|
Instances: map[addrs.InstanceKey]*ResourceInstance{
|
|
|
|
addrs.IntKey(0): {
|
terraform: Ugly huge change to weave in new State and Plan types
Due to how often the state and plan types are referenced throughout
Terraform, there isn't a great way to switch them out gradually. As a
consequence, this huge commit gets us from the old world to a _compilable_
new world, but still has a large number of known test failures due to
key functionality being stubbed out.
The stubs here are for anything that interacts with providers, since we
now need to do the follow-up work to similarly replace the old
terraform.ResourceProvider interface with its replacement in the new
"providers" package. That work, along with work to fix the remaining
failing tests, will follow in subsequent commits.
The aim here was to replace all references to terraform.State and its
downstream types with states.State, terraform.Plan with plans.Plan,
state.State with statemgr.State, and switch to the new implementations of
the state and plan file formats. However, due to the number of times those
types are used, this also ended up affecting numerous other parts of core
such as terraform.Hook, the backend.Backend interface, and most of the CLI
commands.
Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize
in advance to the person who inevitably just found this huge commit while
spelunking through the commit history.
2018-08-14 23:24:45 +02:00
|
|
|
Current: &ResourceInstanceObjectSrc{
|
2018-06-08 02:27:57 +02:00
|
|
|
SchemaVersion: 1,
|
|
|
|
Status: ObjectReady,
|
|
|
|
AttrsJSON: []byte(`{"woozles":"confuzles"}`),
|
|
|
|
},
|
terraform: Ugly huge change to weave in new State and Plan types
Due to how often the state and plan types are referenced throughout
Terraform, there isn't a great way to switch them out gradually. As a
consequence, this huge commit gets us from the old world to a _compilable_
new world, but still has a large number of known test failures due to
key functionality being stubbed out.
The stubs here are for anything that interacts with providers, since we
now need to do the follow-up work to similarly replace the old
terraform.ResourceProvider interface with its replacement in the new
"providers" package. That work, along with work to fix the remaining
failing tests, will follow in subsequent commits.
The aim here was to replace all references to terraform.State and its
downstream types with states.State, terraform.Plan with plans.Plan,
state.State with statemgr.State, and switch to the new implementations of
the state and plan file formats. However, due to the number of times those
types are used, this also ended up affecting numerous other parts of core
such as terraform.Hook, the backend.Backend interface, and most of the CLI
commands.
Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize
in advance to the person who inevitably just found this huge commit while
spelunking through the commit history.
2018-08-14 23:24:45 +02:00
|
|
|
Deposed: map[DeposedKey]*ResourceInstanceObjectSrc{},
|
2018-06-08 02:27:57 +02:00
|
|
|
},
|
|
|
|
},
|
2020-02-13 21:32:58 +01:00
|
|
|
ProviderConfig: addrs.AbsProviderConfig{
|
|
|
|
Provider: addrs.NewDefaultProvider("test"),
|
2020-03-11 19:19:52 +01:00
|
|
|
Module: addrs.RootModule,
|
2020-02-13 21:32:58 +01:00
|
|
|
},
|
2018-06-08 02:27:57 +02:00
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
|
|
|
"module.child": {
|
|
|
|
Addr: addrs.RootModuleInstance.Child("child", addrs.NoKey),
|
|
|
|
LocalValues: map[string]cty.Value{},
|
|
|
|
OutputValues: map[string]*OutputValue{
|
|
|
|
"pizza": {
|
2020-04-13 22:37:59 +02:00
|
|
|
Addr: addrs.AbsOutputValue{
|
|
|
|
Module: addrs.RootModuleInstance.Child("child", addrs.NoKey),
|
|
|
|
OutputValue: addrs.OutputValue{
|
|
|
|
Name: "pizza",
|
|
|
|
},
|
|
|
|
},
|
2018-06-08 02:27:57 +02:00
|
|
|
Value: cty.StringVal("hawaiian"),
|
|
|
|
Sensitive: false,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Resources: map[string]*Resource{},
|
|
|
|
},
|
2020-04-13 23:59:09 +02:00
|
|
|
`module.multi["a"]`: {
|
|
|
|
Addr: addrs.RootModuleInstance.Child("multi", addrs.StringKey("a")),
|
|
|
|
LocalValues: map[string]cty.Value{},
|
|
|
|
OutputValues: map[string]*OutputValue{
|
|
|
|
"pizza": {
|
|
|
|
Addr: addrs.AbsOutputValue{
|
|
|
|
Module: addrs.RootModuleInstance.Child("multi", addrs.StringKey("a")),
|
|
|
|
OutputValue: addrs.OutputValue{
|
|
|
|
Name: "pizza",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Value: cty.StringVal("cheese"),
|
|
|
|
Sensitive: false,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Resources: map[string]*Resource{},
|
|
|
|
},
|
|
|
|
`module.multi["b"]`: {
|
|
|
|
Addr: addrs.RootModuleInstance.Child("multi", addrs.StringKey("b")),
|
|
|
|
LocalValues: map[string]cty.Value{},
|
|
|
|
OutputValues: map[string]*OutputValue{
|
|
|
|
"pizza": {
|
|
|
|
Addr: addrs.AbsOutputValue{
|
|
|
|
Module: addrs.RootModuleInstance.Child("multi", addrs.StringKey("b")),
|
|
|
|
OutputValue: addrs.OutputValue{
|
|
|
|
Name: "pizza",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Value: cty.StringVal("sausage"),
|
|
|
|
Sensitive: false,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Resources: map[string]*Resource{},
|
|
|
|
},
|
2018-06-08 02:27:57 +02:00
|
|
|
},
|
|
|
|
}
|
|
|
|
|
|
|
|
{
|
|
|
|
// Our structure goes deep, so we need to temporarily override the
|
|
|
|
// deep package settings to ensure that we visit the full structure.
|
|
|
|
oldDeepDepth := deep.MaxDepth
|
|
|
|
oldDeepCompareUnexp := deep.CompareUnexportedFields
|
|
|
|
deep.MaxDepth = 50
|
|
|
|
deep.CompareUnexportedFields = true
|
|
|
|
defer func() {
|
|
|
|
deep.MaxDepth = oldDeepDepth
|
|
|
|
deep.CompareUnexportedFields = oldDeepCompareUnexp
|
|
|
|
}()
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, problem := range deep.Equal(state, want) {
|
|
|
|
t.Error(problem)
|
|
|
|
}
|
2020-04-13 23:59:09 +02:00
|
|
|
|
|
|
|
expectedOutputs := map[string]string{
|
|
|
|
`module.multi["a"].output.pizza`: "cheese",
|
|
|
|
`module.multi["b"].output.pizza`: "sausage",
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, o := range state.ModuleOutputs(addrs.RootModuleInstance, addrs.ModuleCall{Name: "multi"}) {
|
|
|
|
addr := o.Addr.String()
|
|
|
|
expected := expectedOutputs[addr]
|
|
|
|
delete(expectedOutputs, addr)
|
|
|
|
|
|
|
|
if expected != o.Value.AsString() {
|
|
|
|
t.Fatalf("expected %q:%q, got %q", addr, expected, o.Value.AsString())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for addr, o := range expectedOutputs {
|
|
|
|
t.Fatalf("missing output %q:%q", addr, o)
|
|
|
|
}
|
2018-06-08 02:27:57 +02:00
|
|
|
}
|
2019-06-04 16:32:12 +02:00
|
|
|
|
|
|
|
func TestStateDeepCopy(t *testing.T) {
|
|
|
|
state := NewState()
|
|
|
|
|
|
|
|
rootModule := state.RootModule()
|
|
|
|
if rootModule == nil {
|
|
|
|
t.Errorf("root module is nil; want valid object")
|
|
|
|
}
|
|
|
|
|
|
|
|
rootModule.SetLocalValue("foo", cty.StringVal("foo value"))
|
|
|
|
rootModule.SetOutputValue("bar", cty.StringVal("bar value"), false)
|
|
|
|
rootModule.SetOutputValue("secret", cty.StringVal("secret value"), true)
|
|
|
|
rootModule.SetResourceInstanceCurrent(
|
|
|
|
addrs.Resource{
|
|
|
|
Mode: addrs.ManagedResourceMode,
|
|
|
|
Type: "test_thing",
|
|
|
|
Name: "baz",
|
|
|
|
}.Instance(addrs.IntKey(0)),
|
|
|
|
&ResourceInstanceObjectSrc{
|
|
|
|
Status: ObjectReady,
|
|
|
|
SchemaVersion: 1,
|
|
|
|
AttrsJSON: []byte(`{"woozles":"confuzles"}`),
|
|
|
|
Private: []byte("private data"),
|
2020-03-23 20:26:18 +01:00
|
|
|
Dependencies: []addrs.ConfigResource{},
|
2019-06-04 16:32:12 +02:00
|
|
|
},
|
2020-02-13 21:32:58 +01:00
|
|
|
addrs.AbsProviderConfig{
|
|
|
|
Provider: addrs.NewDefaultProvider("test"),
|
2020-03-11 19:19:52 +01:00
|
|
|
Module: addrs.RootModule,
|
2020-02-13 21:32:58 +01:00
|
|
|
},
|
2019-06-04 16:32:12 +02:00
|
|
|
)
|
|
|
|
rootModule.SetResourceInstanceCurrent(
|
|
|
|
addrs.Resource{
|
|
|
|
Mode: addrs.ManagedResourceMode,
|
|
|
|
Type: "test_thing",
|
|
|
|
Name: "bar",
|
|
|
|
}.Instance(addrs.IntKey(0)),
|
|
|
|
&ResourceInstanceObjectSrc{
|
|
|
|
Status: ObjectReady,
|
|
|
|
SchemaVersion: 1,
|
|
|
|
AttrsJSON: []byte(`{"woozles":"confuzles"}`),
|
Store sensitive attribute paths in state (#26338)
* Add creation test and simplify in-place test
* Add deletion test
* Start adding marking from state
Start storing paths that should be marked
when pulled out of state. Implements deep
copy for attr paths. This commit also includes some
comment noise from investigations, and fixing the diff test
* Fix apply stripping marks
* Expand diff tests
* Basic apply test
* Update comments on equality checks to clarify current understanding
* Add JSON serialization for sensitive paths
We need to serialize a slice of cty.Path values to be used to re-mark
the sensitive values of a resource instance when loading the state file.
Paths consist of a list of steps, each of which may be either getting an
attribute value by name, or indexing into a collection by string or
number.
To serialize these without building a complex parser for a compact
string form, we render a nested array of small objects, like so:
[
[
{ type: "get_attr", value: "foo" },
{ type: "index", value: { "type": "number", "value": 2 } }
]
]
The above example is equivalent to a path `foo[2]`.
* Format diffs with map types
Comparisons need unmarked values to operate on,
so create unmarked values for those operations. Additionally,
change diff to cover map types
* Remove debugging printing
* Fix bug with marking non-sensitive values
When pulling a sensitive value from state,
we were previously using those marks to remark
the planned new value, but that new value
might *not* be sensitive, so let's not do that
* Fix apply test
Apply was not passing the second state
through to the third pass at apply
* Consistency in checking for length of paths vs inspecting into value
* In apply, don't mark with before paths
* AttrPaths test coverage for DeepCopy
* Revert format changes
Reverts format changes in format/diff for this
branch so those changes can be discussed on a separate PR
* Refactor name of AttrPaths to AttrSensitivePaths
* Rename AttributePaths/attributePaths for naming consistency
Co-authored-by: Alisdair McDiarmid <alisdair@users.noreply.github.com>
2020-09-24 18:40:17 +02:00
|
|
|
// Sensitive path at "woozles"
|
|
|
|
AttrSensitivePaths: []cty.PathValueMarks{
|
|
|
|
{
|
|
|
|
Path: cty.Path{cty.GetAttrStep{Name: "woozles"}},
|
|
|
|
Marks: cty.NewValueMarks("sensitive"),
|
|
|
|
},
|
|
|
|
},
|
|
|
|
Private: []byte("private data"),
|
2020-03-23 20:26:18 +01:00
|
|
|
Dependencies: []addrs.ConfigResource{
|
2019-10-08 20:11:02 +02:00
|
|
|
{
|
2020-03-23 20:26:18 +01:00
|
|
|
Module: addrs.RootModule,
|
2019-10-08 20:11:02 +02:00
|
|
|
Resource: addrs.Resource{
|
|
|
|
Mode: addrs.ManagedResourceMode,
|
|
|
|
Type: "test_thing",
|
|
|
|
Name: "baz",
|
|
|
|
},
|
|
|
|
},
|
|
|
|
},
|
2019-06-04 16:32:12 +02:00
|
|
|
},
|
2020-02-13 21:32:58 +01:00
|
|
|
addrs.AbsProviderConfig{
|
|
|
|
Provider: addrs.NewDefaultProvider("test"),
|
2020-03-11 19:19:52 +01:00
|
|
|
Module: addrs.RootModule,
|
2020-02-13 21:32:58 +01:00
|
|
|
},
|
2019-06-04 16:32:12 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
childModule := state.EnsureModule(addrs.RootModuleInstance.Child("child", addrs.NoKey))
|
|
|
|
childModule.SetOutputValue("pizza", cty.StringVal("hawaiian"), false)
|
|
|
|
|
|
|
|
stateCopy := state.DeepCopy()
|
|
|
|
if !state.Equal(stateCopy) {
|
|
|
|
t.Fatalf("\nexpected:\n%q\ngot:\n%q\n", state, stateCopy)
|
|
|
|
}
|
|
|
|
}
|