Merge pull request #23304 from hashicorp/jbardin/tainted-fail-destroy

Make sure a failed destroy is marked as tainted
This commit is contained in:
James Bardin 2019-11-08 10:51:18 -05:00 committed by GitHub
commit d0fc3d6919
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 191 additions and 33 deletions

View File

@ -10963,3 +10963,139 @@ func TestContext2Apply_destroyDataCycle(t *testing.T) {
t.Fatalf("diags: %s", diags.Err())
}
}
func TestContext2Apply_taintedDestroyFailure(t *testing.T) {
m := testModule(t, "apply-destroy-tainted")
p := testProvider("test")
p.DiffFn = testDiffFn
p.ApplyFn = func(info *InstanceInfo, s *InstanceState, d *InstanceDiff) (*InstanceState, error) {
// All destroys fail.
// c will also fail to create, meaning the existing tainted instance
// becomes deposed, ans is then promoted back to current.
// only C has a foo attribute
attr := d.Attributes["foo"]
if d.Destroy || (attr != nil && attr.New == "c") {
return nil, errors.New("failure")
}
return testApplyFn(info, s, d)
}
state := states.NewState()
root := state.EnsureModule(addrs.RootModuleInstance)
root.SetResourceInstanceCurrent(
addrs.Resource{
Mode: addrs.ManagedResourceMode,
Type: "test_instance",
Name: "a",
}.Instance(addrs.NoKey),
&states.ResourceInstanceObjectSrc{
Status: states.ObjectTainted,
AttrsJSON: []byte(`{"id":"a","foo":"a"}`),
},
addrs.ProviderConfig{
Type: "test",
}.Absolute(addrs.RootModuleInstance),
)
root.SetResourceInstanceCurrent(
addrs.Resource{
Mode: addrs.ManagedResourceMode,
Type: "test_instance",
Name: "b",
}.Instance(addrs.NoKey),
&states.ResourceInstanceObjectSrc{
Status: states.ObjectTainted,
AttrsJSON: []byte(`{"id":"b","foo":"b"}`),
},
addrs.ProviderConfig{
Type: "test",
}.Absolute(addrs.RootModuleInstance),
)
root.SetResourceInstanceCurrent(
addrs.Resource{
Mode: addrs.ManagedResourceMode,
Type: "test_instance",
Name: "c",
}.Instance(addrs.NoKey),
&states.ResourceInstanceObjectSrc{
Status: states.ObjectTainted,
AttrsJSON: []byte(`{"id":"c","foo":"old"}`),
},
addrs.ProviderConfig{
Type: "test",
}.Absolute(addrs.RootModuleInstance),
)
providerResolver := providers.ResolverFixed(
map[string]providers.Factory{
"test": testProviderFuncFixed(p),
},
)
ctx := testContext2(t, &ContextOpts{
Config: m,
ProviderResolver: providerResolver,
State: state,
Hooks: []Hook{&testHook{}},
})
_, diags := ctx.Plan()
diags.HasErrors()
if diags.HasErrors() {
t.Fatalf("diags: %s", diags.Err())
}
state, diags = ctx.Apply()
if !diags.HasErrors() {
t.Fatal("expected error")
}
root = state.Module(addrs.RootModuleInstance)
// the instance that failed to destroy should remain tainted
a := root.ResourceInstance(addrs.Resource{
Mode: addrs.ManagedResourceMode,
Type: "test_instance",
Name: "a",
}.Instance(addrs.NoKey))
if a.Current.Status != states.ObjectTainted {
t.Fatal("test_instance.a should be tainted")
}
// b is create_before_destroy, and the destroy failed, so there should be 1
// deposed instance.
b := root.ResourceInstance(addrs.Resource{
Mode: addrs.ManagedResourceMode,
Type: "test_instance",
Name: "b",
}.Instance(addrs.NoKey))
if b.Current.Status != states.ObjectReady {
t.Fatal("test_instance.b should be Ready")
}
if len(b.Deposed) != 1 {
t.Fatal("test_instance.b failed to keep deposed instance")
}
// the desposed c instance should be promoted back to Current, and remain
// tainted
c := root.ResourceInstance(addrs.Resource{
Mode: addrs.ManagedResourceMode,
Type: "test_instance",
Name: "c",
}.Instance(addrs.NoKey))
if c.Current.Status != states.ObjectTainted {
t.Fatal("test_instance.c should be tainted")
}
if len(c.Deposed) != 0 {
t.Fatal("test_instance.c should have no deposed instances")
}
if string(c.Current.AttrsJSON) != `{"id":"c","foo":"old"}` {
t.Fatalf("unexpected attrs for c: %q\n", c.Current.AttrsJSON)
}
}

View File

@ -253,6 +253,8 @@ func (n *EvalApply) Eval(ctx EvalContext) (interface{}, error) {
}
}
newStatus := states.ObjectReady
// Sometimes providers return a null value when an operation fails for some
// reason, but we'd rather keep the prior state so that the error can be
// corrected on a subsequent run. We must only do this for null new value
@ -265,12 +267,18 @@ func (n *EvalApply) Eval(ctx EvalContext) (interface{}, error) {
// If change.Action is Create then change.Before will also be null,
// which is fine.
newVal = change.Before
// If we're recovering the previous state, we also want to restore the
// the tainted status of the object.
if state.Status == states.ObjectTainted {
newStatus = states.ObjectTainted
}
}
var newState *states.ResourceInstanceObject
if !newVal.IsNull() { // null value indicates that the object is deleted, so we won't set a new state in that case
newState = &states.ResourceInstanceObject{
Status: states.ObjectReady,
Status: newStatus,
Value: newVal,
Private: resp.Private,
}
@ -376,40 +384,39 @@ type EvalMaybeTainted struct {
Change **plans.ResourceInstanceChange
State **states.ResourceInstanceObject
Error *error
// If StateOutput is not nil, its referent will be assigned either the same
// pointer as State or a new object with its status set as Tainted,
// depending on whether an error is given and if this was a create action.
StateOutput **states.ResourceInstanceObject
}
// TODO: test
func (n *EvalMaybeTainted) Eval(ctx EvalContext) (interface{}, error) {
if n.State == nil || n.Change == nil || n.Error == nil {
return nil, nil
}
state := *n.State
change := *n.Change
err := *n.Error
// nothing to do if everything went as planned
if err == nil {
return nil, nil
}
if state != nil && state.Status == states.ObjectTainted {
log.Printf("[TRACE] EvalMaybeTainted: %s was already tainted, so nothing to do", n.Addr.Absolute(ctx.Path()))
return nil, nil
}
if n.StateOutput != nil {
if err != nil && change.Action == plans.Create {
// If there are errors during a _create_ then the object is
// in an undefined state, and so we'll mark it as tainted so
// we can try again on the next run.
//
// We don't do this for other change actions because errors
// during updates will often not change the remote object at all.
// If there _were_ changes prior to the error, it's the provider's
// responsibility to record the effect of those changes in the
// object value it returned.
log.Printf("[TRACE] EvalMaybeTainted: %s encountered an error during creation, so it is now marked as tainted", n.Addr.Absolute(ctx.Path()))
*n.StateOutput = state.AsTainted()
} else {
*n.StateOutput = state
}
if change.Action == plans.Create {
// If there are errors during a _create_ then the object is
// in an undefined state, and so we'll mark it as tainted so
// we can try again on the next run.
//
// We don't do this for other change actions because errors
// during updates will often not change the remote object at all.
// If there _were_ changes prior to the error, it's the provider's
// responsibility to record the effect of those changes in the
// object value it returned.
log.Printf("[TRACE] EvalMaybeTainted: %s encountered an error during creation, so it is now marked as tainted", n.Addr.Absolute(ctx.Path()))
*n.State = state.AsTainted()
}
return nil, nil

View File

@ -356,11 +356,10 @@ func (n *NodeApplyableResourceInstance) evalTreeManagedResource(addr addrs.AbsRe
CreateNew: &createNew,
},
&EvalMaybeTainted{
Addr: addr.Resource,
State: &state,
Change: &diffApply,
Error: &err,
StateOutput: &state,
Addr: addr.Resource,
State: &state,
Change: &diffApply,
Error: &err,
},
&EvalWriteState{
Addr: addr.Resource,
@ -378,11 +377,10 @@ func (n *NodeApplyableResourceInstance) evalTreeManagedResource(addr addrs.AbsRe
When: configs.ProvisionerWhenCreate,
},
&EvalMaybeTainted{
Addr: addr.Resource,
State: &state,
Change: &diffApply,
Error: &err,
StateOutput: &state,
Addr: addr.Resource,
State: &state,
Change: &diffApply,
Error: &err,
},
&EvalWriteState{
Addr: addr.Resource,

View File

@ -0,0 +1,17 @@
resource "test_instance" "a" {
foo = "a"
}
resource "test_instance" "b" {
foo = "b"
lifecycle {
create_before_destroy = true
}
}
resource "test_instance" "c" {
foo = "c"
lifecycle {
create_before_destroy = true
}
}