Commit Graph

26536 Commits

Author SHA1 Message Date
Martin Atkins 146e983c36 internal/getproviders: package authenticator for our new-style hashes
Earlier we introduced a new package hashing mechanism that is compatible
with both packed and unpacked packages, because it's a hash of the
contents of the package rather than of the archive it's delivered in.
However, we were using that only for the local selections file and not
for any remote package authentication yet.

The provider network mirrors protocol includes new-style hashes as a step
towards transitioning over to the new hash format in all cases, so this
new authenticator is here in preparation for verifying the checksums of
packages coming from network mirrors, for mirrors that support them.

For now this leaves us in a kinda confusing situation where we have both
NewPackageHashAuthentication for the new style and
NewArchiveChecksumAuthentication for the old style, which for the moment
is represented only by a doc comment on the latter. Hopefully we can
remove NewArchiveChecksumAuthentication in a future commit, if we can
get the registry updated to use the new hashing format.
2020-08-26 13:18:08 -07:00
Kristin Laemmert 23a8bdd522
configs: finish deprecation of the config package by removing the remaining used functions into configs (#25996) 2020-08-26 14:39:18 -04:00
hashicorp-ci 18bdd1a4f0 Cleanup after v0.13.1 release 2020-08-26 18:17:25 +00:00
hashicorp-ci d29b2627b9
Release v0.13.1 2020-08-26 17:59:59 +00:00
Kristin Laemmert 4569a37de4
website/docs: provider source related clarifications 2020-08-26 13:50:07 -04:00
Alisdair McDiarmid c13eba9b9d
Merge pull request #26005 from hashicorp/alisdair/backend-config-schema-fix
command: Fix backend config schema validation
2020-08-26 11:52:04 -04:00
Alisdair McDiarmid 45437721c9 command: Add test for backend config validation 2020-08-26 11:37:11 -04:00
Alisdair McDiarmid f028b0a2bf command: Fix backend config schema validation
When applying a backend config override file, we must not check for the
presence of all required fields, as the override can be a partial
configuration. It is only valid to check for required fields after all
overrides have been merged, which init already does.
2020-08-26 10:50:47 -04:00
Kristin Laemmert 75e676f2f2
website/docs: remove unclear provider version constraint description (#25998) 2020-08-25 17:03:24 -04:00
Jamie Finnigan 08f593deb8
Merge pull request #25982 from hashicorp/gh_sec_pol
remove local SECURITY.md in favor of org-wide policy
2020-08-25 13:20:01 -07:00
Alisdair McDiarmid 93cd6b1b75
Merge pull request #25989 from pdecat/patch-1
Fix link to "v0.12-Compatible Provider Requirements" section
2020-08-25 15:59:25 -04:00
Alisdair McDiarmid d22a2cd3b2
Merge pull request #25992 from hashicorp/alisdair/upgrade-go
build: Use go 1.14.7
2020-08-25 15:11:05 -04:00
Alisdair McDiarmid 1b9b85115b
Merge pull request #25994 from hashicorp/alisdair/provider-requirements-doc-note
website: Provider requirements are not inherited
2020-08-25 14:33:17 -04:00
Alisdair McDiarmid 5f43934d5f website: Provider requirements are not inherited
Add a note to the provider configuration section explaining that only
config can be inherited by child modules, not source or version
requirements.
2020-08-25 13:02:16 -04:00
Alisdair McDiarmid b273ffe4df build: Use go 1.14.7
From the go release notes:

go1.14.3 (released 2020/05/14) includes fixes to cgo, the compiler, the
runtime, and the go/doc and math/big packages.

go1.14.4 (released 2020/06/01) includes fixes to the go doc command, the
runtime, and the encoding/json and os packages.

go1.14.5 (released 2020/07/14) includes security fixes to the
crypto/x509 and net/http packages.

go1.14.6 (released 2020/07/16) includes fixes to the go command, the
compiler, the linker, vet, and the database/sql, encoding/json,
net/http, reflect, and testing packages.

go1.14.7 (released 2020/08/06) includes security fixes to the
encoding/binary package.

https://golang.org/doc/devel/release.html#go1.14.minor
2020-08-25 12:37:08 -04:00
Paul Tyng 7a34d4d709
Add Terraform Cloud provider requirements (#25991) 2020-08-25 10:45:44 -04:00
Alisdair McDiarmid af2fb8f526
Update CHANGELOG.md 2020-08-25 09:05:07 -04:00
Alisdair McDiarmid aca6ce3c4d
Merge pull request #25990 from hashicorp/alisdair/clean-up-provider-tempfile
internal: Clean up package install temp file
2020-08-25 09:03:59 -04:00
Alisdair McDiarmid 915f53af23 internal: Clean up package install temp file
The installFromHTTPURL function downloads a package to a temporary file,
then delegates to installFromLocalArchive to install it. We were
previously not deleting the temporary file afterwards. This commit fixes
that.
2020-08-25 08:35:32 -04:00
Patrick Decat 84c50f9efb Fix link to "v0.12-Compatible Provider Requirements" section
On the https://www.terraform.io/docs/configuration/provider-requirements.html#requiring-providers page, the link to the `v0.12-Compatible Provider Requirements` section is broken:
* current link: https://www.terraform.io/docs/configuration/provider-requirements.html#v012-compatible-provider-requirements
* correct link: https://www.terraform.io/docs/configuration/provider-requirements.html#v0-12-compatible-provider-requirements
2020-08-25 12:35:07 +02:00
Jamie Finnigan 7eda697978 remove local SECURITY.md in favor of org-wide policy 2020-08-24 15:45:32 -07:00
Martin Atkins b1eec0fbcd core: NodeAbstractResourceInstance.Provider correct implied provider
When we need to select a qualified provider address based on an implied
provider name, we have a special case that the name "terraform" maps to
terraform.io/builtin/terraform instead of
registry.terraform.io/hashicorp/terraform as would be the case for other
prefixes.

However, in order for that to work properly we need to use
addrs.ImpliedProviderForUnqualifiedType instead of
addrs.NewDefaultProvider, because the latter just unconditionally always
produces a "default" provider configuration (belonging to the "hashicorp"
namespace on the public registry).
2020-08-24 11:41:28 -07:00
Martin Atkins 9c246e9a01 addrs: Resource.InModule, similar to Resource.Absolute
The Resource.Absolute function is there to conveniently construct an
AbsResource from a Resource by providing a module instance. Likewise, this
new InModule method allows conveniently constructing a ConfigResource from
a Resource by providing a module.
2020-08-24 11:41:28 -07:00
Alisdair McDiarmid d26ee0ea37
Update CHANGELOG.md 2020-08-24 10:17:06 -04:00
Alisdair McDiarmid c5d9935c0e
Merge pull request #25960 from hashicorp/alisdair/backend-config-override-fix
command: Fix backend config override validation
2020-08-24 10:14:16 -04:00
Alisdair McDiarmid 35125717b2
Merge pull request #25847 from zachwhaley/fix-tf-cli-args-no-color
Fix error when multiple -no-color arguments are used
2020-08-24 10:13:59 -04:00
Alisdair McDiarmid 19efd7bc3b
Merge pull request #25262 from hashicorp/alisdair/always-validate-workspace-name
command: Always validate workspace name
2020-08-24 10:11:13 -04:00
James Bardin 058dff44f9
Merge pull request #25922 from hashicorp/jbardin/destroy-pruning
Fix node-pruning during destroy
2020-08-21 16:49:14 -04:00
Alisdair McDiarmid 677aabc767 command: Fix backend config override validation
When loading a backend config override file, init was doing two things
wrong:

- First, if the file failed to parse, we accidentally didn't return,
  which caused a panic due to the parsed body being nil;
- Secondly, we were overzealous with the validation of the file,
  allowing only attributes. While most backend configs are attributes
  only, the enhanced remote backend body also contains a `workspaces`
  block, which we need to support here.

This commit fixes the first bug with an early return and adds test cases
for missing file and intentionally-blank filename (to clear the config).

We also add a schema validation for the backend block, based on the
backend schema itself. This requires constructing an HCL body schema so
that we can call `Content` and check for diagnostic errors.

The result is more useful errors when an invalid backend config override
file is used, while also supporting the enhanced remote backend config
fully.

Does not include tests specific to the remote backend, because the
mocking involved to allow the backend to fully initialize is too
involved to be worth it.
2020-08-21 16:21:13 -04:00
Kristin Laemmert e63093edc8
build: disable github pr annotations (#25942) 2020-08-20 13:06:48 -04:00
Kristin Laemmert 9168abc3e5
website/docs: clarify behavior of -state flag (#25928)
* website: clarify behavior of -state option
2020-08-20 10:23:08 -04:00
Cameron Stitt 2e829a0d54
Merge pull request #25929 from hashicorp/cam-stitt/config-depends-on
Ensure depends_on is in module calls for config
2020-08-20 22:30:49 +10:00
Cameron Stitt 54e32652f7
Ensure depends_on is in module calls for config 2020-08-20 07:49:03 +10:00
James Bardin 0c5430f88d
Merge pull request #25585 from chushenmeshile/master
fix ossbackend only returned 100 workspaces
2020-08-19 16:55:31 -04:00
Kristin Laemmert 8a75a4fc7b
terraform-bundle: initial changelog (#25917) 2020-08-19 15:20:07 -04:00
Rachel Sharp f44d32ab57 update cloud-init casing 2020-08-19 12:07:37 -07:00
Rachel Sharp bb598c27fe Updating links for cloud init guide in docs 2020-08-19 12:07:37 -07:00
James Bardin bd5ff98ca7
Merge pull request #25830 from hashicorp/kt/secret-metadata-host
backend/azurerm: support loading environments from a metadata host
2020-08-19 13:57:10 -04:00
James Bardin 82dcc93a1e
Merge pull request #25769 from hashicorp/f/azure-backend
dependencies: updating Azure/azure-sdk-for-go, Azure/go-autorest, hashicorp/go-azure-helpers, tombuildsstuff/giovanni
2020-08-19 13:56:54 -04:00
James Bardin d46e9a4198
Merge pull request #25770 from hashicorp/f/azure-backend-spcert
backend/azurerm: support for authenticating using a Client Certificate
2020-08-19 13:56:30 -04:00
James Bardin 59b7ae8eb4
Merge pull request #25694 from alrs/alrs/terraform-test-err
terraform: fix dropped test error
2020-08-19 11:37:41 -04:00
Alisdair McDiarmid 9a366b9b62
Update CHANGELOG.md 2020-08-19 11:27:51 -04:00
Alisdair McDiarmid 30c7dfca62
Merge pull request #25898 from hashicorp/alisdair/fix-required-version-diags
terraform: Fix required version constraint diags
2020-08-19 11:26:03 -04:00
Alisdair McDiarmid 3114e2ad7c
Merge pull request #25890 from hashicorp/import-our-nemesis
terraform: Eval module call arguments for import
2020-08-19 11:25:38 -04:00
James Bardin 7ef4e7f6ad
Merge pull request #25857 from hashicorp/jbardin/data-diffs
allow plan data state comparison with legacy SDK
2020-08-19 11:11:40 -04:00
James Bardin b68ab92392 more complicated for_each destroy 2020-08-19 11:10:12 -04:00
James Bardin a6776eaa94 completely prune inter-module dependencies
There was a missing outer loop for catching inverse module dependencies
when pruning nodes for destroy. Since the need to "register" the fully
destroyed modules no longer exists, the extra complication of pruning
the modules as a whole from the leaves inward is no longer required.
While it is technically still a valid optimization to reduce iterations,
the extra comparisons required to backtrack for transitive dependencies
don't amount to much, and having a single nested loop is much easier to
maintain.
2020-08-19 11:10:12 -04:00
kmoe d844d02b87
Update CHANGELOG.md 2020-08-19 14:10:37 +01:00
Daniel Dreier 1e73bed83b
Merge pull request #25916 from remilapeyre/patch-1
Add remilapeyre to CODEOWNERS
2020-08-19 09:09:53 -04:00
kmoe 6486b857d6
Merge pull request #25811 from hashicorp/terraform-version-order
terraform version: fix output order
2020-08-19 13:54:18 +01:00