Commit Graph

1558 Commits

Author SHA1 Message Date
Clint Shryock fed42fe1b3 update tests so go vet is happy 2015-05-07 10:03:28 -05:00
Paul Hinze 44e448b8c9 provider/docker: update image sha
Should eventually see if there's a way to rework this so it's less
brittle. But for now, we band-aid!
2015-05-07 09:50:16 -05:00
Paul Hinze 28875f49cd provider/heroku: fix config_vars in addons
These were never read properly - on Addons they show up as just a list
of var names, not a Map.

Fixes one issue in Addon acceptance tests.
2015-05-07 09:11:31 -05:00
Paul Hinze e7b101dba4 provider/aws: elasticache_cluster engine_version is computed
fixes the TestAccAWSElasticacheCluster test
2015-05-07 08:47:52 -05:00
Christopher Tiwald 9e8aefcd40 aws: Fix network ACL acceptance tests and add -1 protocol rule. 2015-05-06 23:54:14 -04:00
Christopher Tiwald 5b0d61727e aws: Only store protocol numbers for ingress/egress rules on ACLs.
Users can input a limited number of protocol names (e.g. "tcp") as
inputs to network ACL rules, but the API only supports valid protocol
number:

http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml

Preserve the convenience of protocol names and simultaneously support
numbers by only writing numbers to the state file. Also use numbers
when hashing the rules, to keep everything consistent.
2015-05-06 23:54:12 -04:00
Christopher Tiwald 8056b5f8f7 aws: Force users to use valid network masks on ACL ingress/egress
AWS will accept any overly-specific IP/mask combination, such as
10.1.2.2/24, but will store it by its implied network: 10.1.2.0/24.
This results in hashing errors, because the remote API will return
hashing results out of sync with the local configuration file.

Enforce a stricter API rule than AWS. Force users to use valid masks,
and run a quick calculation on their input to discover their intent.
2015-05-06 23:53:34 -04:00
Christopher Tiwald b888b31e08 aws: Force users to use from_port, to_port = 0 on network ACLs with -1 protocol
AWS doesn't store ports for -1 protocol rules, thus the read from the
API will always come up with a different hash. Force the user to make a
deliberate port choice when enabling -1 protocol rules. All from_port
and to_port's on these rules must be 0.
2015-05-06 23:51:23 -04:00
Christopher Tiwald d14049c8ad aws: Don't try to modify or delete the untouchable network_acl rules.
AWS includes default rules with all network ACL resources which cannot
be modified by the user. Don't attempt to store them locally or change
them remotely if they are already stored -- it'll consistently result
in hashing problems.
2015-05-06 23:03:25 -04:00
Christopher Tiwald 03ee059da3 aws: Write ingress/egress rules into a map so they can be set.
resourceAwsNetworkAclRead swallowed these errors resulting in rules
that never properly updated. Implement an entry-to-maplist function
that'll allow us to write something that Set knows how to read.
2015-05-06 23:03:24 -04:00
Paul Hinze a9678bd252 Merge pull request #1840 from hashicorp/f-aws-asg-handle-scaling-activity-in-progress-errors
provider/aws: handle in progress errs from ASG deletes
2015-05-06 19:39:23 -05:00
Paul Hinze 90907c8be5 Merge pull request #1738 from justincampbell/s3-website
providers/aws: S3 bucket website support
2015-05-06 19:37:29 -05:00
Paul Hinze 9a286402c3 Merge pull request #1838 from josharian/consul-scheme
providers/consul: add scheme argument
2015-05-06 19:09:11 -05:00
Paul Hinze 03530d1285 provider/aws: handle in progress errs from ASG deletes
If an AutoScalingGroup is in the middle of performing a Scaling
Activity, it cannot be deleted, and yields a ScalingActivityInProgress
error.

Retry the delete for up to 5m so we don't choke on this error. It's
telling us something's in progress, so we'll keep trying until the
scaling activity completed.
2015-05-06 18:54:59 -05:00
Paul Hinze 761523e8f9 Merge pull request #1839 from hashicorp/f-aws-asg-wait-for-capacity
provider/aws: wait for ASG capacity on creation
2015-05-06 18:40:13 -05:00
Paul Hinze 063454e9b8 provider/aws: wait for ASG capacity on creation
On ASG creation, waits for up to 10m for desired_capacity or min_size
healthy nodes to show up in the group before continuing.

With CBD and proper HealthCheck tuning, this allows us guarantee safe
ASG replacement.
2015-05-06 18:34:20 -05:00
Josh Bleecher Snyder 30d34908b7 providers/consul: add scheme argument
This enables connecting to consul over https
without having to set the envvar CONSUL_HTTP_SSL.
2015-05-06 16:12:32 -07:00
Clint c44ba73a2a Merge pull request #1837 from hashicorp/b-fix-aws-sg-vpcid
provider/aws: fix issue with reading VPC id in AWS Security Group
2015-05-06 17:01:20 -05:00
Clint Shryock 8705f0f78f provider/aws: fix issue with reading VPC id in AWS Security Group 2015-05-06 16:54:43 -05:00
Mitchell Hashimoto 4a61d0abc9 provider/aws: do connection draining stuff totally separate 2015-05-06 11:47:06 -07:00
Clint Shryock acbca8101c provider/aws: Update Elasticache Subnet test 2015-05-06 13:44:24 -05:00
Mitchell Hashimoto 5378d904a2 provider/aws: remove debug 2015-05-06 11:43:36 -07:00
Mitchell Hashimoto 74665f27c8 provider/aws: must set connection draining timeout separate frrom
enabled
2015-05-06 11:43:18 -07:00
Paul Hinze 300bc129a1 Merge pull request #1832 from hashicorp/b-google-instance-template-metadata
provider/google: compute template metadata to map
2015-05-06 13:18:38 -05:00
Mitchell Hashimoto 5d12c79d90 provider/aws: retry VGW connection a bit due to eventual consistency 2015-05-06 11:09:51 -07:00
Paul Hinze 75c8396f7a provider/google: compute template metadata to map
Needs to match instance, since shared processing helper functions are
used.

Closes #1665
2015-05-06 12:33:35 -05:00
Mitchell Hashimoto f2ddb53c8f provider/aws: only include network in hash if instance is not set 2015-05-06 10:32:17 -07:00
Mitchell Hashimoto 7311019efe provider/aws: fix incorrect test 2015-05-06 10:20:19 -07:00
Mitchell Hashimoto 4db68cee89 providers/aws: eip network interface is computed 2015-05-06 10:04:38 -07:00
Mitchell Hashimoto 37c56d0084 provider/aws: fix alias test 2015-05-06 09:55:14 -07:00
Clint Shryock 4e717829f8 Merge branch 'master' of github.com:hashicorp/terraform
* 'master' of github.com:hashicorp/terraform:
  provider/aws: detach VPN gateway with proper ID
  update CHANGELOG
  provider/aws: Update ARN in instanceProfileReadResult
  provider/aws: remove placement_group from acctest
  core: module targeting
  Added support for more complexly images repos such as images on a private registry that are stored as namespace/name
2015-05-06 11:45:35 -05:00
Mitchell Hashimoto b184e283b9 provider/aws: detach VPN gateway with proper ID 2015-05-06 09:45:08 -07:00
Clint Shryock cd90648d4e provider/aws: Fix acceptance issue with Network Acls 2015-05-06 11:44:09 -05:00
Mitchell Hashimoto d8485ef506 Merge pull request #1818 from jwthomp/feature/image_name_parse
providers/docker: Support for more complexly named image repos
2015-05-06 09:02:41 -07:00
TANABE Ken-ichi 5be4ecdcdb provider/aws: Update ARN in instanceProfileReadResult 2015-05-07 00:26:57 +09:00
Paul Hinze 010a39a58e provider/aws: remove placement_group from acctest
Depends on there being an existing placement group in the account called
"terraform-placement-group" - we'll need to circle back around to cover
this with AccTests after TF gets an `aws_placement_group` resource.
2015-05-06 10:13:24 -05:00
Clint Shryock 34609c6c22 provider/aws: Change Route 53 record test name, so it can be ran individually 2015-05-06 09:48:15 -05:00
Paul Hinze 66fa633b80 provider/aws: move EBS test into us-west-2 2015-05-06 09:22:34 -05:00
Paul Hinze bcb4067cb3 provider/aws: update test name 2015-05-06 09:20:40 -05:00
Paul Hinze 7303568469 providers/aws: update test name 2015-05-06 09:18:41 -05:00
Paul Hinze b91796368f provider/aws: update test name 2015-05-06 09:18:00 -05:00
Justin Campbell 2745adba56 providers/aws: Test S3 website endpoint attr 2015-05-06 09:41:02 -04:00
Justin Campbell 87e6d3d17f providers/aws: Fix S3 website error doc 2015-05-06 09:41:02 -04:00
Justin Campbell 0b78a71ed5 providers/aws: Test S3 website removal 2015-05-06 09:41:02 -04:00
Justin Campbell eeb65b8d4c providers/aws: Read S3 website config 2015-05-06 09:41:02 -04:00
Paul Hinze 6c6eafa232 provider/aws: removing stray "Ecache" in tests 2015-05-06 08:33:05 -05:00
Justin Campbell 20e531ae0d providers/aws: Check that S3 website sets docs 2015-05-06 08:15:56 -04:00
Justin Campbell be84cf8a8c providers/aws: Add note for us-east-1 empty location 2015-05-06 08:15:56 -04:00
Justin Campbell 348942d3fb providers/aws: Use GetOk instead of Get + cast 2015-05-06 08:15:56 -04:00
Justin Campbell 562bd6541b providers/aws: Use explicit returns in websiteEndpoint 2015-05-06 08:15:56 -04:00
Justin Campbell 30f737c781 providers/aws: Change S3 website to block 2015-05-06 08:15:56 -04:00
Justin Campbell 38e04b3765 providers/aws: Add website_endpoint to S3 output 2015-05-06 08:15:55 -04:00
Justin Campbell b7a9ef5ef6 providers/aws: Add S3 error_document
Also fix when index/error document is empty
2015-05-06 08:15:55 -04:00
Justin Campbell e6d9dcfb1a providers/aws: Initial S3 bucket website support 2015-05-06 08:15:55 -04:00
Joe Topjian b54df9bc0b Fixing TestAccComputeV2FloatingIP_attach 2015-05-06 05:58:58 +00:00
Joe Topjian 219c86ef93 Fixing TestAccComputeV2Instance_floatingIPAttach 2015-05-06 05:53:17 +00:00
Joe Topjian e76dca9756 Fixing TestAccComputeV2Instance_basic 2015-05-06 05:50:21 +00:00
Paul Hinze cebcee5c63 Merge pull request #1778 from josharian/template-provider
providers: add template provider
2015-05-05 20:09:27 -05:00
Mitchell Hashimoto 1a2bac7645 provider/aws: main route table refresh handles VPC being gone [GH-1806] 2015-05-05 18:07:22 -07:00
Jeff Thompson 8e53355ff3 Added support for more complexly images repos such as images on a private registry that are stored as namespace/name 2015-05-05 23:22:09 +00:00
Clint Shryock 885efa0837 provider/aws: Add Security Group Rule as a top level resource
- document conflict with sg rules and sg in-line rules
- for this to work, ingress rules need to be computed
2015-05-05 16:56:39 -05:00
Clint a4000941c2 Merge pull request #1765 from hashicorp/f-aws-security-group-remove-default-egress
provider/aws: Remove default egress rule from Security Group on creation
2015-05-05 16:47:23 -05:00
Mitchell Hashimoto fb4ac42c65 Merge pull request #1516 from henrikhodne/aws-propagating-vgws
provider/aws: add propagating_vgws to route tables
2015-05-05 14:42:45 -07:00
Clint Shryock eb7c1bb218 fix go formatting 2015-05-05 16:42:08 -05:00
Clint Shryock e9b08cf31f revert the required part 2015-05-05 16:23:26 -05:00
Clint Shryock 1ed81da9a9 update ENI test for SG egress constraint 2015-05-05 16:23:26 -05:00
Clint Shryock 85b1756c27 revise tests and check for vpc_id 2015-05-05 16:23:26 -05:00
Clint Shryock 8ded3c2d1b Move block for deleing default rule into the create method; only invoke once 2015-05-05 16:23:26 -05:00
Clint Shryock ee65684abe Add spec for removing default egress rule 2015-05-05 16:23:26 -05:00
Clint Shryock b145ce88b7 Document Egress+VPC change, update link 2015-05-05 16:23:26 -05:00
Clint Shryock 1558fd1c3e provider/aws: Remove default egress rule from Security Group on creation 2015-05-05 16:23:25 -05:00
Mitchell Hashimoto 412a2dca0b Merge pull request #1575 from freshbooks/aws-eni-route
provider/aws: Add Elastic Network Interfaces as route destination
2015-05-05 13:28:48 -07:00
Mitchell Hashimoto 1c2d5fbd0a Merge branch 'f-aws-associate-eip-to-eni' of https://github.com/jstremick/terraform into jstremick-f-aws-associate-eip-to-eni 2015-05-05 13:24:50 -07:00
Clint 18b43b78cb Merge pull request #939 from bitglue/iam
Implement a subset of IAM resources
2015-05-05 15:05:05 -05:00
Clint Shryock 7b082d007e Merge commit '33183c0'
* commit '33183c0':
  Implement a hash function for string sets
2015-05-05 15:01:02 -05:00
Mitchell Hashimoto 7a5499d4f7 providers/aws: chain credentials 2015-05-05 10:44:19 -07:00
Mitchell Hashimoto 639f310ae6 Merge pull request #1805 from dupuy/openstack-resource-docs
Openstack resource docs
2015-05-05 10:25:30 -07:00
John Engelman 6ee17a8e9e Add acceptance tests 2015-05-05 12:47:20 -04:00
Phil Frost b082117e92 Implement AWS IAM resources
- Users
- Groups
- Roles
- Inline policies for the above three
- Instance profiles
- Managed policies
- Access keys

This is most of the data types provided by IAM. There are a few things
missing, but the functionality here is probably sufficient for 95% of
the cases. Makes a dent in #28.
2015-05-05 12:47:20 -04:00
Phil Frost 33183c078b Implement a hash function for string sets
Sets of strings are pretty common. Let's not duplicate the function
necessary to create a set of strings in so many places.
2015-05-05 12:47:18 -04:00
Clint Shryock 272415303d provider/aws: Shorting retry timeout for Subnets to 2 minutes, from 5 2015-05-05 11:20:29 -05:00
Clint Shryock 3ce3b7c516 provider/aws: Shorting retry timeout for Security Groups to 2 minutes, from 5 2015-05-05 11:07:16 -05:00
Clint Shryock 4b160dd28e minor cleanups 2015-05-05 10:45:30 -05:00
jba c50bcf2930 renaming function according to the aws struct 2015-05-05 10:39:25 -05:00
jba e9215c0676 move accept block to the update func 2015-05-05 10:38:20 -05:00
jba 5658fd6122 clean code 2015-05-05 10:37:13 -05:00
jba 11ba9b1042 add the auto_accecpt option 2015-05-05 10:37:13 -05:00
Alexander Dupuy 2ccaaf204d fix copy/paste typo in OpenStack FW error messages 2015-05-05 14:01:49 +02:00
Sander van Harmelen 44541c5465 Fixing up some tests after a couple of thorough test rounds 2015-05-05 12:31:21 +02:00
Avi Nanhkoesingh 1411d4010f Fixes #1: sets the rights values based on isUUID 2015-05-05 12:31:21 +02:00
Sander van Harmelen 7274de3c1d Small fix needed to be inline with the updated AWS SDK again...
Executed a couple of AWS ACC test as well to make sure everything works
properly again after this fix…
2015-05-05 12:26:26 +02:00
Christopher Tiwald 69e981c0b0 aws: Fixup structure_test to handle new expandIPPerms behavior. 2015-05-04 23:56:54 -04:00
Christopher Tiwald 362a6124e3 aws: Add security group acceptance tests for protocol -1 fixes.
These only test ingress rules as egress rules are broken by the
default "0.0.0.0/0" rule Amazon includes with every egressed security
group.
2015-05-04 23:55:32 -04:00
Christopher Tiwald 89bacc0b15 aws: error on expndIPPerms(...) if our ports and protocol conflict.
Ingress and egress rules given a "-1" protocol don't have ports when
Read out of AWS. This results in hashing problems, as a local
config file might contain port declarations AWS can't ever return.

Rather than making ports optional fields, which carries with it a huge
headache trying to distinguish between zero-value attributes (e.g.
'to_port = 0') and attributes that are simply omitted, simply force the
user to opt-in when using the "-1" protocol. If they choose to use it,
they must now specify "0" for both to_port and from_port. Any other
configuration will error.
2015-05-04 23:43:31 -04:00
Clint Shryock 81422123e8 provider/aws: Add a regression check for Route 53 records 2015-05-04 17:05:49 -05:00
Mitchell Hashimoto 9ed909c8fe Merge pull request #1749 from nabeken/aws-proxy-protocol-policy
provider/aws: Add proxy protocol support in ELB
2015-05-04 14:04:53 -07:00
Mitchell Hashimoto 8633c88723 Merge pull request #1775 from TimeIncOSS/r53-alias-record
aws: Add support for Alias records into AWS Route 53
2015-05-04 14:03:29 -07:00
Mitchell Hashimoto c8c0b02790 Merge pull request #1787 from koendc/f-aws-max-retries
aws: make MaxRetries for API calls configurable
2015-05-04 14:00:37 -07:00
Mitchell Hashimoto 2c90d3a637 Merge pull request #1793 from ctiwald/ct/add-vpn-connection-route
provider/aws: add support for VPN connection routes
2015-05-04 13:58:17 -07:00
Mitchell Hashimoto 9617761eb4 Merge pull request #1776 from TimeIncOSS/eip-without-igw
[bugfix] aws/eip: Don't save instance ID if association fails
2015-05-04 11:19:32 -07:00