terraform/terraform/eval_validate.go

package terraform

import (
	"fmt"

	"github.com/hashicorp/terraform/config"
)

// EvalValidateError is the error structure returned if there were
// validation errors.
type EvalValidateError struct {
	Warnings []string
	Errors   []error
}

func (e *EvalValidateError) Error() string {
	return fmt.Sprintf("Warnings: %s. Errors: %s", e.Warnings, e.Errors)
}

// EvalValidateCount is an EvalNode implementation that validates
// the count of a resource.
type EvalValidateCount struct {
	Resource *config.Resource
}

// TODO: test
func (n *EvalValidateCount) Eval(ctx EvalContext) (interface{}, error) {
	var count int
	var errs []error
	var err error
	if _, err := ctx.Interpolate(n.Resource.RawCount, nil); err != nil {
		errs = append(errs, fmt.Errorf(
			"Failed to interpolate count: %s", err))
		goto RETURN
	}

	count, err = n.Resource.Count()
	if err != nil {
		// If we can't get the count during validation, then
		// just replace it with the number 1.
		c := n.Resource.RawCount.Config()
		c[n.Resource.RawCount.Key] = "1"
		count = 1
	}

	if count < 0 {
		errs = append(errs, fmt.Errorf(
			"Count is less than zero: %d", count))
	}

RETURN:
	if len(errs) != 0 {
		err = &EvalValidateError{
			Errors: errs,
		}
	}
	return nil, err
}

// EvalValidateProvider is an EvalNode implementation that validates
// the configuration of a resource.
type EvalValidateProvider struct {
	Provider *ResourceProvider
	Config   **ResourceConfig
}

func (n *EvalValidateProvider) Eval(ctx EvalContext) (interface{}, error) {
	provider := *n.Provider
	config := *n.Config

	warns, errs := provider.Validate(config)
	if len(warns) == 0 && len(errs) == 0 {
		return nil, nil
	}

	return nil, &EvalValidateError{
		Warnings: warns,
		Errors:   errs,
	}
}

// EvalValidateProvisioner is an EvalNode implementation that validates
// the configuration of a resource.
type EvalValidateProvisioner struct {
	Provisioner *ResourceProvisioner
	Config      **ResourceConfig
}

func (n *EvalValidateProvisioner) Eval(ctx EvalContext) (interface{}, error) {
	provisioner := *n.Provisioner
	config := *n.Config
	warns, errs := provisioner.Validate(config)
	if len(warns) == 0 && len(errs) == 0 {
		return nil, nil
	}

	return nil, &EvalValidateError{
		Warnings: warns,
		Errors:   errs,
	}
}

// EvalValidateResource is an EvalNode implementation that validates
// the configuration of a resource.
type EvalValidateResource struct {
	Provider     *ResourceProvider
	Config       **ResourceConfig
	ResourceName string
	ResourceType string
	ResourceMode config.ResourceMode

	// IgnoreWarnings means that warnings will not be passed through. This allows
	// "just-in-time" passes of validation to continue execution through warnings.
	IgnoreWarnings bool
}

func (n *EvalValidateResource) Eval(ctx EvalContext) (interface{}, error) {
	provider := *n.Provider
	cfg := *n.Config
	var warns []string
	var errs []error
	// Provider entry point varies depending on resource mode, because
	// managed resources and data resources are two distinct concepts
	// in the provider abstraction.
	switch n.ResourceMode {
	case config.ManagedResourceMode:
		warns, errs = provider.ValidateResource(n.ResourceType, cfg)
	case config.DataResourceMode:
		warns, errs = provider.ValidateDataSource(n.ResourceType, cfg)
	}

	// If the resource name doesn't match the name regular
	// expression, show an error.
	if !config.NameRegexp.Match([]byte(n.ResourceName)) {
		errs = append(errs, fmt.Errorf(
			"%s: resource name can only contain letters, numbers, "+
				"dashes, and underscores.", n.ResourceName))
	}

	if (len(warns) == 0 || n.IgnoreWarnings) && len(errs) == 0 {
		return nil, nil
	}

	return nil, &EvalValidateError{
		Warnings: warns,
		Errors:   errs,
	}
}
terraform: validate almost done 2015-02-05 00:44:23 +01:00			`package terraform`

terraform: EvalValidateCount 2015-02-09 02:20:46 +01:00			`import (`
			`"fmt"`

			`"github.com/hashicorp/terraform/config"`
			`)`

terraform: validate almost done 2015-02-05 00:44:23 +01:00			`// EvalValidateError is the error structure returned if there were`
			`// validation errors.`
			`type EvalValidateError struct {`
			`Warnings []string`
			`Errors []error`
			`}`

			`func (e *EvalValidateError) Error() string {`
terraform: provider config inheritance in modules 2015-02-10 08:32:28 +01:00			`return fmt.Sprintf("Warnings: %s. Errors: %s", e.Warnings, e.Errors)`
terraform: validate almost done 2015-02-05 00:44:23 +01:00			`}`

terraform: EvalValidateCount 2015-02-09 02:20:46 +01:00			`// EvalValidateCount is an EvalNode implementation that validates`
			`// the count of a resource.`
			`type EvalValidateCount struct {`
			`Resource *config.Resource`
			`}`

			`// TODO: test`
terraform: clean up EvalNodes 2015-02-14 07:58:41 +01:00			`func (n *EvalValidateCount) Eval(ctx EvalContext) (interface{}, error) {`
terraform: EvalValidateCount 2015-02-09 02:20:46 +01:00			`var count int`
			`var errs []error`
			`var err error`
			`if _, err := ctx.Interpolate(n.Resource.RawCount, nil); err != nil {`
			`errs = append(errs, fmt.Errorf(`
			`"Failed to interpolate count: %s", err))`
			`goto RETURN`
			`}`

			`count, err = n.Resource.Count()`
			`if err != nil {`
terraform: fix some count validation 2015-02-10 21:16:55 +01:00			`// If we can't get the count during validation, then`
			`// just replace it with the number 1.`
			`c := n.Resource.RawCount.Config()`
			`c[n.Resource.RawCount.Key] = "1"`
			`count = 1`
terraform: EvalValidateCount 2015-02-09 02:20:46 +01:00			`}`

			`if count < 0 {`
			`errs = append(errs, fmt.Errorf(`
			`"Count is less than zero: %d", count))`
			`}`

			`RETURN:`
Demote some log lines to DEBUG. Now that we support log line filtering (as of 0090c063) it's good to be a bit more fussy about what log levels are assigned to different things. Here we make a few things that are implementation details log as DEBUG, and prevent spurious errors from EvalValidateCount where it was returning an empty EvalValidateError rather than nil when everything was okay. 2015-10-11 19:45:33 +02:00			`if len(errs) != 0 {`
			`err = &EvalValidateError{`
			`Errors: errs,`
			`}`
terraform: EvalValidateCount 2015-02-09 02:20:46 +01:00			`}`
Demote some log lines to DEBUG. Now that we support log line filtering (as of 0090c063) it's good to be a bit more fussy about what log levels are assigned to different things. Here we make a few things that are implementation details log as DEBUG, and prevent spurious errors from EvalValidateCount where it was returning an empty EvalValidateError rather than nil when everything was okay. 2015-10-11 19:45:33 +02:00			`return nil, err`
terraform: EvalValidateCount 2015-02-09 02:20:46 +01:00			`}`

terraform: basic provider validation! 2015-02-05 02:23:26 +01:00			`// EvalValidateProvider is an EvalNode implementation that validates`
			`// the configuration of a resource.`
			`type EvalValidateProvider struct {`
terraform: merge provider configs before validate [GH-1282] 2015-03-26 00:28:52 +01:00			`Provider *ResourceProvider`
			`Config **ResourceConfig`
terraform: basic provider validation! 2015-02-05 02:23:26 +01:00			`}`

terraform: clean up EvalNodes 2015-02-14 07:58:41 +01:00			`func (n *EvalValidateProvider) Eval(ctx EvalContext) (interface{}, error) {`
			`provider := *n.Provider`
			`config := *n.Config`
terraform: provider config inheritance in modules 2015-02-10 08:32:28 +01:00
terraform: basic provider validation! 2015-02-05 02:23:26 +01:00			`warns, errs := provider.Validate(config)`
			`if len(warns) == 0 && len(errs) == 0 {`
			`return nil, nil`
			`}`

			`return nil, &EvalValidateError{`
			`Warnings: warns,`
			`Errors: errs,`
			`}`
			`}`

terraform: validate provisioners 2015-02-09 20:15:54 +01:00			`// EvalValidateProvisioner is an EvalNode implementation that validates`
			`// the configuration of a resource.`
			`type EvalValidateProvisioner struct {`
terraform: clean up EvalNodes 2015-02-14 07:58:41 +01:00			`Provisioner *ResourceProvisioner`
			`Config **ResourceConfig`
terraform: validate provisioners 2015-02-09 20:15:54 +01:00			`}`

terraform: clean up EvalNodes 2015-02-14 07:58:41 +01:00			`func (n *EvalValidateProvisioner) Eval(ctx EvalContext) (interface{}, error) {`
			`provisioner := *n.Provisioner`
			`config := *n.Config`
			`warns, errs := provisioner.Validate(config)`
terraform: validate provisioners 2015-02-09 20:15:54 +01:00			`if len(warns) == 0 && len(errs) == 0 {`
			`return nil, nil`
			`}`

			`return nil, &EvalValidateError{`
			`Warnings: warns,`
			`Errors: errs,`
			`}`
			`}`

terraform: validate almost done 2015-02-05 00:44:23 +01:00			`// EvalValidateResource is an EvalNode implementation that validates`
			`// the configuration of a resource.`
			`type EvalValidateResource struct {`
terraform: clean up EvalNodes 2015-02-14 07:58:41 +01:00			`Provider *ResourceProvider`
			`Config **ResourceConfig`
terraform: validate resource names 2015-02-09 18:50:20 +01:00			`ResourceName string`
terraform: provider should be cached by path 2015-02-09 02:58:02 +01:00			`ResourceType string`
core: EvalValidate calls appropriate validator for resource mode data resources are a separate namespace of resources than managed resources, so we need to call a different provider method depending on what mode of resource we're visiting. Managed resources use ValidateResource, while data resources use ValidateDataSource, since at the provider level of abstraction each provider has separate sets of resources and data sources respectively. 2016-05-02 04:01:48 +02:00			`ResourceMode config.ResourceMode`
core: rerun resource validation before plan and apply In #7170 we found two scenarios where the type checking done during the `context.Validate()` graph walk was circumvented, and the subsequent assumption of type safety in the provider's `Diff()` implementation caused panics. Both scenarios have to do with interpolations that reference Computed values. The sentinel we use to indicate that a value is Computed does not carry any type information with it yet. That means that an incorrect reference to a list or a map in a string attribute can "sneak through" validation only to crop up... 1. ...during Plan for Data Source References 2. ...during Apply for Resource references In order to address this, we: * add high-level tests for each of these two scenarios in `provider/test` * add context-level tests for the same two scenarios in `terraform` (these tests proved _really_ tricky to write!) * place an `EvalValidateResource` just before `EvalDiff` and `EvalApply` to catch these errors * add some plumbing to `Plan()` and `Apply()` to return validation errors, which were previously only generated during `Validate()` * wrap unit-tests around `EvalValidateResource` * add an `IgnoreWarnings` option to `EvalValidateResource` to prevent active warnings from halting execution on the second-pass validation Eventually, we might be able to attach type information to Computed values, which would allow for these errors to be caught earlier. For now, this solution keeps us safe from panics and raises the proper errors to the user. Fixes #7170 2016-07-01 01:22:20 +02:00
			`// IgnoreWarnings means that warnings will not be passed through. This allows`
			`// "just-in-time" passes of validation to continue execution through warnings.`
			`IgnoreWarnings bool`
terraform: validate almost done 2015-02-05 00:44:23 +01:00			`}`

terraform: clean up EvalNodes 2015-02-14 07:58:41 +01:00			`func (n *EvalValidateResource) Eval(ctx EvalContext) (interface{}, error) {`
			`provider := *n.Provider`
			`cfg := *n.Config`
core: EvalValidate calls appropriate validator for resource mode data resources are a separate namespace of resources than managed resources, so we need to call a different provider method depending on what mode of resource we're visiting. Managed resources use ValidateResource, while data resources use ValidateDataSource, since at the provider level of abstraction each provider has separate sets of resources and data sources respectively. 2016-05-02 04:01:48 +02:00			`var warns []string`
			`var errs []error`
			`// Provider entry point varies depending on resource mode, because`
			`// managed resources and data resources are two distinct concepts`
			`// in the provider abstraction.`
			`switch n.ResourceMode {`
			`case config.ManagedResourceMode:`
			`warns, errs = provider.ValidateResource(n.ResourceType, cfg)`
			`case config.DataResourceMode:`
			`warns, errs = provider.ValidateDataSource(n.ResourceType, cfg)`
			`}`
terraform: validate resource names 2015-02-09 18:50:20 +01:00
core: rerun resource validation before plan and apply In #7170 we found two scenarios where the type checking done during the `context.Validate()` graph walk was circumvented, and the subsequent assumption of type safety in the provider's `Diff()` implementation caused panics. Both scenarios have to do with interpolations that reference Computed values. The sentinel we use to indicate that a value is Computed does not carry any type information with it yet. That means that an incorrect reference to a list or a map in a string attribute can "sneak through" validation only to crop up... 1. ...during Plan for Data Source References 2. ...during Apply for Resource references In order to address this, we: * add high-level tests for each of these two scenarios in `provider/test` * add context-level tests for the same two scenarios in `terraform` (these tests proved _really_ tricky to write!) * place an `EvalValidateResource` just before `EvalDiff` and `EvalApply` to catch these errors * add some plumbing to `Plan()` and `Apply()` to return validation errors, which were previously only generated during `Validate()` * wrap unit-tests around `EvalValidateResource` * add an `IgnoreWarnings` option to `EvalValidateResource` to prevent active warnings from halting execution on the second-pass validation Eventually, we might be able to attach type information to Computed values, which would allow for these errors to be caught earlier. For now, this solution keeps us safe from panics and raises the proper errors to the user. Fixes #7170 2016-07-01 01:22:20 +02:00			`// If the resource name doesn't match the name regular`
			`// expression, show an error.`
terraform: validate resource names 2015-02-09 18:50:20 +01:00			`if !config.NameRegexp.Match([]byte(n.ResourceName)) {`
terraform: upgrade resource name regexp failure to error We're well past Terraform 0.4, so it's time to finally make good on the original promise. :) Fixes #5243 2016-02-23 17:32:02 +01:00			`errs = append(errs, fmt.Errorf(`
terraform: validate resource names 2015-02-09 18:50:20 +01:00			`"%s: resource name can only contain letters, numbers, "+`
core: rerun resource validation before plan and apply In #7170 we found two scenarios where the type checking done during the `context.Validate()` graph walk was circumvented, and the subsequent assumption of type safety in the provider's `Diff()` implementation caused panics. Both scenarios have to do with interpolations that reference Computed values. The sentinel we use to indicate that a value is Computed does not carry any type information with it yet. That means that an incorrect reference to a list or a map in a string attribute can "sneak through" validation only to crop up... 1. ...during Plan for Data Source References 2. ...during Apply for Resource references In order to address this, we: * add high-level tests for each of these two scenarios in `provider/test` * add context-level tests for the same two scenarios in `terraform` (these tests proved _really_ tricky to write!) * place an `EvalValidateResource` just before `EvalDiff` and `EvalApply` to catch these errors * add some plumbing to `Plan()` and `Apply()` to return validation errors, which were previously only generated during `Validate()` * wrap unit-tests around `EvalValidateResource` * add an `IgnoreWarnings` option to `EvalValidateResource` to prevent active warnings from halting execution on the second-pass validation Eventually, we might be able to attach type information to Computed values, which would allow for these errors to be caught earlier. For now, this solution keeps us safe from panics and raises the proper errors to the user. Fixes #7170 2016-07-01 01:22:20 +02:00			`"dashes, and underscores.", n.ResourceName))`
terraform: validate resource names 2015-02-09 18:50:20 +01:00			`}`
terraform: provider should be cached by path 2015-02-09 02:58:02 +01:00
core: rerun resource validation before plan and apply In #7170 we found two scenarios where the type checking done during the `context.Validate()` graph walk was circumvented, and the subsequent assumption of type safety in the provider's `Diff()` implementation caused panics. Both scenarios have to do with interpolations that reference Computed values. The sentinel we use to indicate that a value is Computed does not carry any type information with it yet. That means that an incorrect reference to a list or a map in a string attribute can "sneak through" validation only to crop up... 1. ...during Plan for Data Source References 2. ...during Apply for Resource references In order to address this, we: * add high-level tests for each of these two scenarios in `provider/test` * add context-level tests for the same two scenarios in `terraform` (these tests proved _really_ tricky to write!) * place an `EvalValidateResource` just before `EvalDiff` and `EvalApply` to catch these errors * add some plumbing to `Plan()` and `Apply()` to return validation errors, which were previously only generated during `Validate()` * wrap unit-tests around `EvalValidateResource` * add an `IgnoreWarnings` option to `EvalValidateResource` to prevent active warnings from halting execution on the second-pass validation Eventually, we might be able to attach type information to Computed values, which would allow for these errors to be caught earlier. For now, this solution keeps us safe from panics and raises the proper errors to the user. Fixes #7170 2016-07-01 01:22:20 +02:00			`if (len(warns) == 0 \|\| n.IgnoreWarnings) && len(errs) == 0 {`
terraform: provider should be cached by path 2015-02-09 02:58:02 +01:00			`return nil, nil`
			`}`

			`return nil, &EvalValidateError{`
			`Warnings: warns,`
			`Errors: errs,`
			`}`
terraform: validate almost done 2015-02-05 00:44:23 +01:00			`}`