Cloud SQL Gen 2 instances come with a default 'root'@'%' user on
creation. This change automatically deletes that user after creation. A
Terraform user must use the google_sql_user to create a user with
appropriate host and password.
The `aws_availability_zones` data source test was panicking. This fixes both tests
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAvailabilityZones'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 15:47:39 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAvailabilityZones -timeout 120m
=== RUN TestAccAWSAvailabilityZones_basic
--- PASS: TestAccAWSAvailabilityZones_basic (12.56s)
=== RUN TestAccAWSAvailabilityZones_stateFilter
--- PASS: TestAccAWSAvailabilityZones_stateFilter (13.59s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 26.187s
```
* Added Step Function Activity & Step Function State Machine
* Added SFN State Machine documentation
* Added aws_sfn_activity & documentation
* Allowed import of sfn resources
* Added more checks on tests, fixed documentation
* Handled the update case of a SFN function (might be already deleting)
* Removed the State Machine import test file
* Fixed the eventual consistency of the read after delete for SFN functions
The API asks you to send lower case values, but returns uppercase ones.
Here we lowercase the returned API values.
There is no migration here because the field in question is nested in a
set, so the hash will change regardless. Anyone using this feature now
has it broken anyway.
Fixes 2 acceptance tests for the `aws_instance` data source
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSInstanceDataSource_SecurityGroups'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:12:15 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstanceDataSource_SecurityGroups -timeout 120m
=== RUN TestAccAWSInstanceDataSource_SecurityGroups
--- PASS: TestAccAWSInstanceDataSource_SecurityGroups (119.14s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 119.172s
```
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSInstanceDataSource_tags'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/31 12:15:42 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSInstanceDataSource_tags -timeout 120m
=== RUN TestAccAWSInstanceDataSource_tags
--- PASS: TestAccAWSInstanceDataSource_tags (118.87s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 118.900s
```
The existing hash function for set items cannot generate consistent hashes when using both `Optional` and `Computed` on a schema field.
I tried to add this use case to the existing code base, but came to the conclusion this would be quite an endeavor.
That together with the fact this is the only field in all sets used in all builtin providers/resources that would be using both options at the same time, made me decide to change this single resource instead.
When switching from one Rancher server to another, we want Terraform
to recreate Rancher resources. This currently leads to ugly `EOF` errors.
This patch resets resource Ids when they can't be found in the Rancher API.
* Image and vhdcontainers are mutually exclusive.
* Fix ip configuration handling and update support for load balancer backend pools.
* Fix os disk handling.
* Remove os_type from disk hash.
* Load balancer pools should not be computed.
* Add support for the overprovision property.
* Update documentation.
* Create acceptance test for scale set lb changes.
* Create acceptance test for scale set overprovisioning.
* OS-131 Updated dependencies to use ukcloud/govcloudair instead of hmrc/vmware-govcd
* OS-131 Fixed failing tests by adding package name to imports of ukcloud/govcloudair
* OS-131 Minor change to force Travis to re-build the PR
* added server_side_encryption to s3_bucket_object resource including associated acceptance test and documentation.
* got acceptance tests passing.
* made server_side_encryption a computed attribute and only set kms_key_id attribute if an S3 non-default master key is in use.
* ensured kms api is only interrogated if required.
Fixes `aws_rds_cluster_parameter_group` acceptance tests, which have been broken since aa8c2ac587
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBClusterParameterGroupOnly'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:20:38 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBClusterParameterGroupOnly -timeout 120m
=== RUN TestAccAWSDBClusterParameterGroupOnly
--- PASS: TestAccAWSDBClusterParameterGroupOnly (15.26s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 15.282s
```
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBClusterParameterGroup_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:22:48 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBClusterParameterGroup_basic -timeout 120m
=== RUN TestAccAWSDBClusterParameterGroup_basic
--- PASS: TestAccAWSDBClusterParameterGroup_basic (29.48s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 29.510s
```
Fixes `aws_cloudwatch_log_subscription_filter` acceptance tests that had been failing since mid December
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudwatchLogSubscriptionFilter_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/30 16:00:05 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudwatchLogSubscriptionFilter_basic -timeout 120m
=== RUN TestAccAWSCloudwatchLogSubscriptionFilter_basic
--- PASS: TestAccAWSCloudwatchLogSubscriptionFilter_basic (26.34s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 26.364s
```
* Creates papertrail logging resource for fastly
* Adds modification support for fastly papertrail
* Flattens and lists papertrail resources
* Adds testing for fastly papertrail
* Adds papertrail documentation for fastly to the website
* Fixes schema assignment name mistake
* Changes testing hostnames to pass fastly API validation
Implementing vpc_peering_connection_accept.
Additions from @ewbankkit:
Rename 'aws_vpc_peering_connection_accept' to 'aws_vpc_peering_connection_accepter'.
Get it working reusing functionality from 'aws_vpc_peering_connection' resource.
* Add a new data provider to decrypt AWS KMS secrets
* Address feedback
* Rename aws_kms_secrets to aws_kms_secret
* Add more examples to the documentation
Fixes: #11461
This will allow the user to pass a policy to further restrict the use
of AssumeRole. It is important to note that it will NOT allow an
expansion of access rights
Fixes#10788
This checks `IsComputed` prior to attempting to use the JSON
configurations. Due to a change in 0.8, the prior check for simply map
existence would always succeed even with a computed value (as designed),
but we forgot to update provisioners to not do that.
There are other provisioners that also do this but to no ill effect
currently. I've only changed Chef since we know that is an issue.
This issue doesn't affect 0.9 due to helper/schema doing this
automatically for provisioners.
According to https://github.com/hashicorp/errwrap
'{{err}}' has to be used instead of '%s'
Without this patch, error output from terraform is missing important information:
* aws_cloudwatch_log_group.logs: Error Getting CloudWatch Logs Tag List: %s
With this patch, I get the important information. E.g.:
* aws_cloudwatch_log_group.logs: Error Getting CloudWatch Logs Tag List: AccessDeniedException: User: arn:aws:sts::XYZ:assumed-role/AAA-BBB-CCC/terraform-assuming-role-assume-role-ReadOnly is not authorized to perform: logs:ListTagsLogGroup on resource: arn:aws:logs:us-east-1:XYZ:log-group:logs:log-stream:
The support for "use_client_subnet" was half finished.
- Field was defined in schema.
- ResourceData-to-struct code was present but incorrect.
- struct-to-ResourceData code was missing.
Made the change and verified with manual testing:
1. In NS1 UI, switched "Use Client Subnet" between checked and
unchecked.
2. In Terraform config file, switched "use_client_subnet" field between
"true", "false", and omitted.
3. The output of "terraform plan" was as expected in all six cases.
This commit removes the default security group rules that are automatically
created when a security group is created. These rules are usually
permissive egress rules which makes it difficult to add more strict egress
security group rules.
Allows the user to import a default aws_alb_listener_rule. When creating the resource with TF, the AWS API requires that `priority` be an integer.
However, the `DescribeRules` API call returns a string for `priority`. This would work in every case except for the `default` listener rule, which sets the `priority` value to the string "default".
This fixes the previous error:
```
Error importing: 1 error(s) occurred:
* aws_alb_listener_rule.test: Cannot convert rule priority %q to int: strconv.ParseInt: parsing "default": invalid syntax
```
Fixes: #11464
Previously an attempt to destroy a LB stickiness policy would
result in an error like this:
```
* aws_lb_cookie_stickiness_policy.foo: Error removing LBCookieStickinessPolicy: LoadBalancerNotFound: There is no ACTIVE Load Balancer named 'tf-test-lb-tqatd'
status code: 400, request id: 28af1167-e4a4-11e6-8ddd-57ba410cbbb6
```
This checks for a missing load balancer on the policy read and allows
the destroy.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLBCookieStickinessPolicy_missingLB'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/27 07:21:11 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSLBCookieStickinessPolicy_missingLB -timeout 120m
=== RUN TestAccAWSLBCookieStickinessPolicy_missingLB
--- PASS: TestAccAWSLBCookieStickinessPolicy_missingLB (28.90s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 28.929s
```
Add support for creating, updating, and deleting projects, as well as
their enabled services and their IAM policies.
Various concessions were made for backwards compatibility, and will be
removed in 0.9 or 0.10.
Adds EBS Volume support and tests for EMR Instnace Groups
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEMRInstanceGroup_ebsBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/25 10:14:58 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEMRInstanceGroup_ebsBasic -timeout 120m
=== RUN TestAccAWSEMRInstanceGroup_ebsBasic
--- PASS: TestAccAWSEMRInstanceGroup_ebsBasic (675.14s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 675.171s
```
Type of change:
===============
- Bug fix
What changed? ... and Why:
==========================
The regexp is currently set to:
`pattern := `^[a-zA-Z0-9$_]+$`
The AWS docs state that qualifer names must conform to the following
regexp:
`Pattern: (|[a-zA-Z0-9$_-]+)`
As you can see, the current regexp in Terraform is missing the `-` at
the end.
This addresses that.
How has it been tested?
=======================
Added a few test cases to the existing spec for `AwsLambdaQualifier`
validation.
Adds a diff suppress function for the `engine_version` attribute of the `db_instance` AWS resource.
The function only supresses the state diff, if the attribute key `auto_minor_version_upgrade` is set, and if the returned `engine_version` from the running RDS instance shares the same prefix as the configured `engine_version`.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBInstance_MinorVersion'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/23 17:59:14 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBInstance_MinorVersion -timeout 120m
=== RUN TestAccAWSDBInstance_MinorVersion
--- PASS: TestAccAWSDBInstance_MinorVersion (503.48s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 503.518s
```
This commit adds a StateRefresh func for volume attachments. Mostly
this is to add a buffer of time between the request and the return
of the attachment to give time for the volume to become attached,
however, in some cases the refresh function could work as specified.
Docs have also been updated to reflect that a device could be specified,
but to use with caution.
* vendor: update gopkg.in/ns1/ns1-go.v2
* provider/ns1: Port the ns1 provider to Terraform core
* docs/ns1: Document the ns1 provider
* ns1: rename remaining nsone -> ns1 (#10805)
* Ns1 provider (#11300)
* provider/ns1: Flesh out support for meta structs.
Following the structure outlined by @pashap.
Using reflection to reduce copy/paste.
Putting metas inside single-item lists. This is clunky, but I couldn't
figure out how else to have a nested struct. Maybe the Terraform people
know a better way?
Inside the meta struct, all fields are always written to the state; I
can't figure out how to omit fields that aren't used. This is not just
verbose, it actually causes issues because you can't have both "up" and
"up_feed" set).
Also some minor other changes:
- Add "terraform" import support to records and zones.
- Create helper class StringEnum.
* provider/ns1: Make fmt
* provider/ns1: Remove stubbed out RecordRead (used for testing metadata change).
* provider/ns1: Need to get interface that m contains from Ptr Value with Elem()
* provider/ns1: Use empty string to indicate no feed given.
* provider/ns1: Remove old record.regions fields.
* provider/ns1: Removes redundant testAccCheckRecordState
* provider/ns1: Moves account permissions logic to permissions.go
* provider/ns1: Adds tests for team resource.
* provider/ns1: Move remaining permissions logic to permissions.go
* ns1/provider: Adds datasource.config
* provider/ns1: Small clean up of datafeed resource tests
* provider/ns1: removes testAccCheckZoneState in favor of explicit name check
* provider/ns1: More renaming of nsone -> ns1
* provider/ns1: Comment out metadata for the moment.
* Ns1 provider (#11347)
* Fix the removal of empty containers from a flatmap
Removal of empty nested containers from a flatmap would sometimes fail a
sanity check when removed in the wrong order. This would only fail
sometimes due to map iteration. There was also an off-by-one error in
the prefix check which could match the incorrect keys.
* provider/ns1: Adds ns1 go client through govendor.
* provider/ns1: Removes unused debug line
* docs/ns1: Adds docs around apikey/datasource/datafeed/team/user/record.
* provider/ns1: Gets go vet green
This commit switches out the use of `fmt.Errorf` to `errwrap.Wrapf` in
the `aws_autoscaling_lifecycle_hook` resource, and corrects a typo which
causes the parameter object to be returned to a user rather than the
underlying error.
Allows users from govcloud and other regions (aws-cn) to now use the following resources correctly:
```
- data "aws_billing_service_account"
- data "aws_elb_service_account"
- resource "aws_cloudfront_origin_access_identity"
- resource "aws_ecs_service"
- resource "aws_iam_saml_provider"
- resource "aws_lambda_permission"
- resource "aws_sns_topic_policy"
```
According to the coreos [documentation](https://coreos.com/ignition/docs/latest/configuration.html), systemd units only require the name attribute per each unit. This can also be validated with the CoreOS config validator. This change allows the `ignition_systemd_unit` resource to no longer fail if given an empty `content` and `dropin`.
Also adds a test to cover this use case.
Fixes failing acceptance test:
```
$ make testacc TEST=./builtin/providers/digitalocean TESTARGS='-run=TestAccDigitalOceanVolume_Droplet'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/20 11:38:26 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/digitalocean -v -run=TestAccDigitalOceanVolume_Droplet -timeout 120m
=== RUN TestAccDigitalOceanVolume_Droplet
--- PASS: TestAccDigitalOceanVolume_Droplet (57.38s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/digitalocean 57.411s
```
Also removes all redundant type declarations in the digitalocean package.
* provider/aws: Remove hardcoded https from the ecr repository
When the ECR resource was created, we hardcoded the repository URL to
start with https://
This was a mistake as all interaction with the repository now must
include a replace function for the https:// to "" for this to be usable
We need to note this change in the backward incompatibilities
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEcrRepository_' ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/20 14:37:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEcrRepository_ -timeout 120m
=== RUN TestAccAWSEcrRepository_importBasic
--- PASS: TestAccAWSEcrRepository_importBasic (20.46s)
=== RUN TestAccAWSEcrRepository_basic
--- PASS: TestAccAWSEcrRepository_basic (18.77s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 39.251s
```
* Update ecr_repository.html.markdown
Fixes AwsS3BucketPolicy Acceptance Tests to match policy document changes from upstream.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSS3BucketPolicy'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/20 11:55:23 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSS3BucketPolicy -timeout 120m
=== RUN TestAccAWSS3BucketPolicy_basic
--- PASS: TestAccAWSS3BucketPolicy_basic (33.64s)
=== RUN TestAccAWSS3BucketPolicy_policyUpdate
--- PASS: TestAccAWSS3BucketPolicy_policyUpdate (61.91s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 95.591s
```
The provisioner collected all inline commands into a single script which meant
only the exit code of the last command was actually checked for an error.
Updates ECS task_definition documentation, and schema validation functions to match the AWS API documentation.
Updates ECS service documentation, and schema validation functions match the AWS API documentation.
* provisioner/chef: Support named run-lists for Policyfiles
Add an optional argument for overriding the Chef Client's initial
run with a named run-list specified by the Policyfile. This is useful
for bootstrapping a node with a one-time setup recipe that deviates
from a policy's normal run-list.
* Update chef client cmd building per review feedback.
* removes region param from backend_service
- this param was not being used in this service
- you need a regional_backend_service if you want to pass this
* deprecated region instead of outright removing
* put session affinity formatting back
* providers/google: add support for encrypting a disk
* providers/google: Add docs for encrypting disks
* providers/google: CSEK small fixes: sensitive params and mismatched state files
This fixes storage related operations for all environments outside of the public
Azure cloud, tested by deploying all storage resources in a German subscription.
* provider/scaleway: fix bootscript tests
the bootscript tests where failing because the referenced bootscript is no
longer available.
for now this just makes the tests pass again, next step should be to lookup a
bootscript so we don't have to update the tests all the time
* provider/scaleway: fix bootscript data source filter bug
when providing a name only the architecture was ignoerd, which can lead to
issues since some bootscript names are identical, even though the architecture
is different.
* provider/scaleway: remove data bootscript exact name test
the test fails after some time because scaleway removes older bootscripts.
let's just settle with filtered tests for now, which don't have this problem.
* Remove contradiction with Scaleway documentation
The parameters previously termed by Terraform:
1. Organization
2. Access key
Are referred to, respectively, by Scaleway [0] as:
1. Access key
2. Token
which is a confusing contradiction for a user.
Since Scaleway terms (1) both 'access key' [0] and 'organization ID' [1],
@nicolai86 suggested keeping the latter as already used, but changing (2) for
'token'; removing the contradiction.
This commit thus changes the parameters to:
1. Organization
2. Token
Closes#10815.
[0] - https://cloud.scaleway.com/#/credentials
[1] - https://www.scaleway.com/docs/retrieve-my-organization-id-throught-the-api
* Update docs to reflect Scaleway offering x86
Scaleway now provides x86 servers [0] as well as ARM.
This commit removes 'ARM' from various references suggesting that might be the
only option.
[0] - https://blog.online.net/2016/03/08/c2-insanely-affordable-x64-servers/
Adds a validation function for cloudflare record types. Also adds an apply-time validation for the record's content based on record type. Currently only validating `A` and `AAAA` records, can be expanded to verify record content for every possible record type in the future.
```
$ make test TEST=./builtin/providers/cloudflare
==> Checking that code complies with gofmt requirements...
==> Checking AWS provider for unchecked errors...
==> NOTE: at this time we only look for uncheck errors in the AWS package
==> Installing errcheck...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/13 14:41:37 Generated command/internal_plugin_list.go
TF_ACC= go test ./builtin/providers/cloudflare -timeout=30s -parallel=4
ok github.com/hashicorp/terraform/builtin/providers/cloudflare 0.018s
```
Fixes: #11173
statistic
Fixes: #11189
This introduces a new parameter and makes an existing parameter from
`required` to `optional` as both cannot be specified together
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCloudWatchMetricAlarm_' 2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/13 11:25:24 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCloudWatchMetricAlarm_ -timeout 120m
=== RUN TestAccAWSCloudWatchMetricAlarm_importBasic
--- PASS: TestAccAWSCloudWatchMetricAlarm_importBasic (19.80s)
=== RUN TestAccAWSCloudWatchMetricAlarm_basic
--- PASS: TestAccAWSCloudWatchMetricAlarm_basic (20.42s)
=== RUN TestAccAWSCloudWatchMetricAlarm_extendedStatistic
--- PASS: TestAccAWSCloudWatchMetricAlarm_extendedStatistic (18.92s)
PASS
```
the CI sees many failing Scaleway tests due to request quotas being exceeded.
this PR aims to address this issue by switching from `resource.Retry`, which
waits 100ms between retries, to `resource.StateChangeConf` with a configured
delay of 5s between retries.
this should help us fixing the quota issue…
* provider/aws: New DataSource: aws_elb_hosted_zone_id
This datasource is a list of all of the ELB DualStack Hosted Zone IDs.
This will allow us to reference the correct hosted zone id when creating
route53 alias records
There are many bugs for this - this is just the beginning of fixing them
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSElbHostedZoneId_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/04 13:04:32 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSElbHostedZoneId_basic -timeout 120m
=== RUN TestAccAWSElbHostedZoneId_basic
--- PASS: TestAccAWSElbHostedZoneId_basic (20.46s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 20.484s
```
* Update elb_hosted_zone_id.html.markdown
us-east-1
Fixes#11175
Because of a previous limitation that codecommit only ran in us-east-1,
we hard coded the session under which it should run. This has caused the
repository to be spun up in the wrong region regardless of what region
was passed to the provider
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSCodeCommitRepository_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/12 16:09:52 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSCodeCommitRepository_ -timeout 120m
=== RUN TestAccAWSCodeCommitRepository_basic
--- PASS: TestAccAWSCodeCommitRepository_basic (23.28s)
=== RUN TestAccAWSCodeCommitRepository_withChanges
--- PASS: TestAccAWSCodeCommitRepository_withChanges (33.71s)
=== RUN TestAccAWSCodeCommitRepository_create_default_branch
--- PASS: TestAccAWSCodeCommitRepository_create_default_branch (22.70s)
=== RUN TestAccAWSCodeCommitRepository_create_and_update_default_branch
--- PASS: TestAccAWSCodeCommitRepository_create_and_update_default_branch (32.72s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 112.437s
```
* Add subnetwork_project field to allow for XPN in GCE instance templates
* Missing os import
* Removing unneeded check
* fix formatting
* Add subnetwork_project to read
* provider/openstack: LoadBalancer Security Groups
This commit adds the ability to specify security groups on a loadbalancer
resource.
* provider/openstack: LoadBalancer Security Groups Refactor
Moving common security group code into a dedicated function.
If an error occurred which prevented the lb sub resources being written to state
then the next apply would fail as the resources would already exist in the API.
go test -c ./builtin/providers/azurerm -o ./builtin/providers/azurerm/test-azurerm
TestAccAzureRMLoadBalancerBackEndAddressPool_reapply
TestAccAzureRMLoadBalancerBackEndAddressPool_removal
TestAccAzureRMLoadBalancerNatPool_basic
TestAccAzureRMLoadBalancerBackEndAddressPool_basic
TestAccAzureRMLoadBalancerNatRule_basic
TestAccAzureRMLoadBalancerNatPool_reapply
TestAccAzureRMLoadBalancerNatPool_removal
TestAccAzureRMLoadBalancerNatPool_update
TestAccAzureRMLoadBalancerProbe_basic
TestAccAzureRMLoadBalancerNatRule_removal
TestAccAzureRMLoadBalancerNatRule_update
TestAccAzureRMLoadBalancerNatRule_reapply
TestAccAzureRMLoadBalancerProbe_removal
TestAccAzureRMLoadBalancerProbe_reapply
TestAccAzureRMLoadBalancerProbe_update
TestAccAzureRMLoadBalancerRule_basic
TestAccAzureRMLoadBalancerRule_inconsistentReads
TestAccAzureRMLoadBalancerRule_removal
TestAccAzureRMLoadBalancerProbe_updateProtocol
TestAccAzureRMLoadBalancer_basic
TestAccAzureRMLoadBalancerRule_update
TestAccAzureRMLoadBalancerRule_reapply
TestAccAzureRMLoadBalancer_frontEndConfig
TestAccAzureRMLoadBalancer_tags
Utilize the ChangeResourceRecordSets to change the type of a record by
deleting and recreating with a new type.
As change batches are considered transactional changes, Amazon Route 53
either makes all or none of the changes in the batch request ensuring the
update will never be partially applied.
Documentation for the `aws_route_table` data source mentions that it supports a route table `id` as an argument, however it was missing from the actual provider code.
Adds in the missing provider code, adds a test, and updates the documentation to use `rtb_id` as the argument, instead of the more ambiguous `id`.
A VPC's main route table has an implicit subnet association, not an explicit subnet association. This caused a Terraform panic when using the `data_source_aws_route_table` resource to query the main route table for a VPC.
This fixes the Terraform panic, and allows the data lookup to complete successfully. Also added an acceptance test to verify the bugfix.
Fixes: #11134
The second step of the `TestAccDigitalOceanDroplet_ResizeWithOutDisk` acceptance test was regularly failing. Upon investigation it was found that the second step's Terraform configuration had omitted the `user_data` parameter, thus forcing Terraform to create a new droplet resource instead of updating the current resource.
```
-/+ digitalocean_droplet.foobar
disk: "20" => "<computed>"
image: "centos-7-x64" => "centos-7-x64"
ipv4_address: "138.197.0.55" => "<computed>"
ipv4_address_private: "" => "<computed>"
ipv6_address: "" => "<computed>"
ipv6_address_private: "" => "<computed>"
locked: "false" => "<computed>"
name: "foo" => "foo"
region: "nyc3" => "nyc3"
resize_disk: "true" => "false"
size: "512mb" => "1gb"
ssh_keys.#: "1" => "1"
ssh_keys.0: "5770472" => "5770472"
status: "active" => "<computed>"
user_data: "foobar" => "" (forces new resource)
vcpus: "1" => "<computed>"
```
This fixes the acceptance test by adding the missing `user_data` parameter.
request_path had Computed enabled which prevented updating it to an empty value
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMLoadBalancerProbe -timeout 120m
=== RUN TestAccAzureRMLoadBalancerProbe_basic
--- PASS: TestAccAzureRMLoadBalancerProbe_basic (119.63s)
=== RUN TestAccAzureRMLoadBalancerProbe_removal
--- PASS: TestAccAzureRMLoadBalancerProbe_removal (122.50s)
=== RUN TestAccAzureRMLoadBalancerProbe_update
--- PASS: TestAccAzureRMLoadBalancerProbe_update (129.98s)
=== RUN TestAccAzureRMLoadBalancerProbe_duplicate
--- PASS: TestAccAzureRMLoadBalancerProbe_duplicate (115.22s)
=== RUN TestAccAzureRMLoadBalancerProbe_updateProtocol
--- PASS: TestAccAzureRMLoadBalancerProbe_updateProtocol (127.25s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 614.657s
As brought up in #10174, our update_strategy property for instance group
managers in GCP would always be set to "RESTART" on read, even if the
user asked for them to be "NONE" in the config.
This adds a test to ensure that the user wishes were respected, which
fails until we check for update_strategy in the ResourceData before we
update it within the Read function. Because the update_strategy property
doesn't map to anything in the API, we never need to read it from
anywhere but the config, which means the ResourceData should be
considered authoritative by the time we get to the Read function.
The fix for this was provided by @JDiPierro in #10198 originally, but
was missing tests, so it got squashed into this.
* provider/aws: Save disabled ELB accesslogs to state
Save any explicitly disabled access_log to state. Do not save disabled
access_logs if they are not in the configuration.
* test that fails on master
Adds validation for the `type` parameter of an `aws_route53_record` resource.
This will allow Terraform to catch any user errors of a `type` parameter during a `terraform plan` instead of during a `terraform apply`.
Fixes: #11114
* provider/aws: New Resource - aws_codedeploy_deployment_config
* provider/aws: Adding acceptance tests for new
aws_codedeploy_deployment_config resource
* provider/aws: Documentation for the aws_codedeploy_deployment_config resource
* Update codedeploy_deployment_config.html.markdown
subnet_group
Fixes#11024
A change was introduced in 0.8.2 that allows db_instances to change
their db_subnet_group. Unfortunately, this caused an issue for
db_instances that were being restored from snapshot. The restore from
snapshot part of create calls the Update func whereas a normal create
calls the Read func
When calling the Update func, the db_instance was trying to go through a
db_subnet_group_name change and was failing for the following reason:
```
InvalidVPCNetworkStateFault: You cannot move DB instance _rds_instance_name_ to subnet group _subnet_group_name_. The specified DB subnet group and DB instance are in the same VPC. Choose a DB subnet group in different VPC than the specified DB instance and try again.
```
Adds region specific S3 bucket name validation. Currently all regions except for us-east-1 force a dns-compliant naming convention. Thus we cannot utilize the standard `SchemaValidateFunc` interface to validate an S3 bucket name.
This change creates a helper function outside of the schema validation interface so we can validate S3 bucket names for both naming conventions. At a later date, when the us-east-1 region is updated to conform to a dns-compliant naming scheme, we can refactor the `validateS3BucketName` function to fit the `SchemaValidateFunc` interface.
aws_api_gateway_integration_response
This continues the work carried out in #10696
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAPIGatewayIntegrationResponse_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 14:18:46 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSAPIGatewayIntegrationResponse_ -timeout 120m
=== RUN TestAccAWSAPIGatewayIntegrationResponse_basic
--- PASS: TestAccAWSAPIGatewayIntegrationResponse_basic (57.33s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws57.352s
```
* Importing the OpsGenie SDK
* Adding the goreq dependency
* Initial commit of the OpsGenie / User provider
* Refactoring to return a single client
* Adding an import test / fixing a copy/paste error
* Adding support for OpsGenie docs
* Scaffolding the user documentation for OpsGenie
* Adding a TODO
* Adding the User data source
* Documentation for OpsGenie
* Adding OpsGenie to the internal plugin list
* Adding support for Teams
* Documentation for OpsGenie Team's
* Validation for Teams
* Removing Description for now
* Optional fields for a User: Locale/Timezone
* Removing an implemented TODO
* Running makefmt
* Downloading about half the internet
Someone witty might simply sign this commit with "npm install"
* Adding validation to the user object
* Fixing the docs
* Adding a test creating multple users
* Prompting for the API Key if it's not specified
* Added a test for multiple users / requested changes
* Fixing the linting
Fixes:#10902
AWS introduced a change to the Mount Target DNS Name to remove the
availability_zone from it -
https://aws.amazon.com/about-aws/whats-new/2016/12/simplified-mounting-of-amazon-efs-file-systems/
This was because there used to be a limit of 1 mount target per AZ -
this has been raised.
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEFSMountTarget_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/04 10:45:35 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEFSMountTarget_ -timeout 120m
=== RUN TestAccAWSEFSMountTarget_importBasic
--- PASS: TestAccAWSEFSMountTarget_importBasic (236.19s)
=== RUN TestAccAWSEFSMountTarget_basic
--- PASS: TestAccAWSEFSMountTarget_basic (445.52s)
=== RUN TestAccAWSEFSMountTarget_disappears
--- PASS: TestAccAWSEFSMountTarget_disappears (228.31s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 910.044s
```
* vendor: update jen20/riviera to pull in endpoints change
* provider/auzrerm: support non public clouds
Ran tests below with ARM_ENVIRONMENT=german and changes the location to Germany
Central in the test config. The virtual network tests cover both Riviera (resource
groups) and the official SDK client.
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMVirtualNetwork_ -timeout 120m
=== RUN TestAccAzureRMVirtualNetwork_importBasic
--- PASS: TestAccAzureRMVirtualNetwork_importBasic (81.84s)
=== RUN TestAccAzureRMVirtualNetwork_basic
--- PASS: TestAccAzureRMVirtualNetwork_basic (78.14s)
=== RUN TestAccAzureRMVirtualNetwork_disappears
--- PASS: TestAccAzureRMVirtualNetwork_disappears (78.45s)
=== RUN TestAccAzureRMVirtualNetwork_withTags
--- PASS: TestAccAzureRMVirtualNetwork_withTags (81.78s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 320.310s
bool not string
Fixes: #11010
Adds a test to show cover the use-case that the OP suggested caused the
panic
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDataSourceIAMServerCertificate_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 22:39:21 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDataSourceIAMServerCertificate_ -timeout 120m
=== RUN TestAccAWSDataSourceIAMServerCertificate_basic
--- PASS: TestAccAWSDataSourceIAMServerCertificate_basic (19.48s)
=== RUN TestAccAWSDataSourceIAMServerCertificate_matchNamePrefix
--- PASS: TestAccAWSDataSourceIAMServerCertificate_matchNamePrefix (1.95s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 21.454s
```
* provider:aws: Add support for updating aws_emr_cluster parameters
Fixes#10962
We now support the update of `visibile_to_add_users` and
`termination_protected` parameters
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEMRCluster_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 18:45:20 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEMRCluster_ -timeout 120m
=== RUN TestAccAWSEMRCluster_basic
--- PASS: TestAccAWSEMRCluster_basic (551.98s)
=== RUN TestAccAWSEMRCluster_terminationProtected
--- PASS: TestAccAWSEMRCluster_terminationProtected (545.52s)
=== RUN TestAccAWSEMRCluster_visibleToAllUsers
--- PASS: TestAccAWSEMRCluster_visibleToAllUsers (552.09s)
=== RUN TestAccAWSEMRCluster_tags
--- PASS: TestAccAWSEMRCluster_tags (598.91s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 2248.537s
```
* Update resource_aws_emr_cluster_test.go
Fixes: #10958
This wasn't implemented the first time around for some reason
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEMRCluster_' 2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/03 15:40:09 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEMRCluster_ -timeout 120m
=== RUN TestAccAWSEMRCluster_basic
--- PASS: TestAccAWSEMRCluster_basic (529.36s)
=== RUN TestAccAWSEMRCluster_tags
--- PASS: TestAccAWSEMRCluster_tags (556.81s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 1086.197s
```
There is 1 breaking change. The OpsWorks Update API no longer supports
`tenancy` as an update. So that has to be marked as ForceNew: true
```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSOpsworksInstance'
% 2 ↵ ✹ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/01/02 17:11:29 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSOpsworksInstance -timeout 120m
=== RUN TestAccAWSOpsworksInstance
--- PASS: TestAccAWSOpsworksInstance (99.89s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws99.911s
```
* Adding a missing property to the Consumer Groups doc
* Support for Event Hub Authorization Rules
* Documentation for Authorization Rules
* Missed a comment
* Fixing the `no authorisation rule` state
* Making the documentation around the Permissions more explicit / updating the import url
* Fixing up the tests
* Clearing up the docs
* Fixing the linting
* Moving the validation inside of the expand
* Fixing the indentation
* Adding the Container Registry SDK
* Implementing the container registry
* Enabling the provider / registering the Resource Provider
* Acceptance Tests
* Documentation for Container Registry
* Fixing the name validation
* Validation for the Container Registry Name
* Added Import support for Containr Registry
* Storage Account is no longer optional
* Updating the docs
* Forcing a re-run in Travis
The provider now consults the Providers API to detect which providers are already
registered and uses this call to test the credentials
A new option `skip_provider_registration` / `ARM_SKIP_PROVIDER_REGISTRATION` is
now available to opt out of provider registration entirely
Ensure that the `key_name` attribute is available to `aws_key_pair`
resource dependents, even when the attribute is not specifically
set (i.e., when `key_name_prefix` or automatic naming is performed).
Fixes#10983.
* Add 'aws_vpc_peering_connection' data source.
* Changes after code review.
* Add 'accepter' and 'requester' blocks to aws_vpc_peering_connection data source output attributes.
Computed
Fixes: #10887
In the Terraform documentation, we say the following:
```
metric_aggregation_type - (Optional) The aggregation type for the policy's metrics. Valid values are "Minimum", "Maximum", and "Average". Without a value, AWS will treat the aggregation type as "Average".
```
Therefore, because the parameter wasn't set as computed, we got a diff as follows:
```
~ aws_autoscaling_policy.scale
metric_aggregation_type: "Average" => ""
```
With the change in place, we get the correct behaviour
```
% terraform plan
[WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider.
If you did not expect to see this message you will need to remove the old plugin.
See https://www.terraform.io/docs/internals/internal-plugins.html
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but
will not be persisted to local or remote state storage.
aws_launch_configuration.launch: Refreshing state... (ID: config)
aws_autoscaling_group.asg: Refreshing state... (ID: asg)
aws_autoscaling_policy.scale: Refreshing state... (ID: scale)
No changes. Infrastructure is up-to-date. This means that Terraform
could not detect any differences between your configuration and
the real physical resources that exist. As a result, Terraform
doesn't need to do anything.
```
* Documentation
* Scaffolding Consumer Groups
* Linting
* Adding a missing </li>
* User MetaData needs to explicitly be optional
* Typo
* Fixing the test syntax
* Removing the eventHubPath field since it appears to be deprecated
* Added a Complete import test
* WIP
* Updating to use SDK 7.0.1
* Calling the correct method
* Removing eventhubPath and updating the docs
* Fixing a typo
This commit modifies the GNUmakefile used for starting PostgreSQL for
testing purposes to prefer the version installed via Homebrew, followed
by the version installed via MacPorts. POSTGRES, PSQL and INITDB may be
overriden as Make variables if neither of these package management
systems is in use.
applied.
This is only a problem when the ROLE is removed before the revokation of
the schema's policies on the doomed PostgreSQL ROLE. Comment out the
tests for now to get unit tests to pass. Using hard-coded values that
exist outside of the Terraform unit test work.
removing a PostgreSQL role.
Add manual overrides if this isn't the desired behavior, but it should
universally be the desired outcome except when a ROLE name is reused
across multiple databases in the same PostgreSQL cluster, in which case
the `skip_drop_role` is necessary for all but the last PostgreSQL
provider.
We just check these for syntax rather than exact value because the
underlying archive library is free to evolve its exact encoding over time
as long as the result is semantically equivalent, and we don't want these
tests to break when we build on different versions of Go.
A new create_timeout attribute was added that had some backwards
incompatibilities, and as per discussion in #10823, it was determined we
could make upgrading to 0.8.x easier by fixing them, without really
losing any functionality.
Because create_timeout is not something stored or transmitted to the
API, it's not something we need a ForceNew on. Also, because an update
wouldn't result in an API call, we can add a state migration to avoid a
false positive diff that requires people to plan and apply but doesn't
actually make an API call.
The subsets for backend address pools and inbound nat rules weren't being hashed
properly as part of the ip_configuration hash which caused multiple
ip_configurations to be expanded and sent to the API with conflicting names
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMNetworkInterface -timeout 120m
=== RUN TestAccAzureRMNetworkInterface_basic
--- PASS: TestAccAzureRMNetworkInterface_basic (160.24s)
=== RUN TestAccAzureRMNetworkInterface_disappears
--- PASS: TestAccAzureRMNetworkInterface_disappears (157.00s)
=== RUN TestAccAzureRMNetworkInterface_enableIPForwarding
--- PASS: TestAccAzureRMNetworkInterface_enableIPForwarding (156.86s)
=== RUN TestAccAzureRMNetworkInterface_multipleLoadBalancers
--- PASS: TestAccAzureRMNetworkInterface_multipleLoadBalancers (185.87s)
=== RUN TestAccAzureRMNetworkInterface_withTags
--- PASS: TestAccAzureRMNetworkInterface_withTags (1212.92s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 1872.960s
This commit adds some basic tests for block device functionality. It also
expands the existing block device documentation as well references the
new "volume attach" resources for further block storage functionality.
This commit makes the openstack_blockstorage_volume resources better able
to handle volume creation errors upon resource creation. The cause of this
change is because there could be some storage backend error that happens
during storage provisioning that won't manifest in an "err" but will set
the volume's status to "error". We now check for a status of "error" and
propagate the error up the stack.
* Implementing Redis Cache
* Properties should never be nil
* Updating the SDK to 7.0.1
* Redis Cache updated for SDK 7.0.1
* Fixing the max memory validation tests
* Cleaning up
* Adding tests for Standard with Tags
* Int's -> Strings for the moment
* Making the RedisConfiguration object mandatory
* Only parse out redis configuration values if they're set
* Updating the RedisConfiguration object to be required in the documentaqtion
* Adding Tags to the Standard tests / importing excluding the redisConfiguration
* Removing support for import for Redis Cache for now
* Removed a scaling test
* Drop alias from state file if missing from lambda.
This commit fixes an issue where if you remove a AWS Lambda, the corresponding alias for that Lambda is also deleted.
* Added missing imports.
* Removed non-local reference to constant.
* vendor: update github.com/Ensighten/udnssdk to v1.2.1
* ultradns_tcpool: add
* ultradns.baseurl: set default
* ultradns.record: cleanup test
* ultradns_record: extract common, cleanup
* ultradns: extract common
* ultradns_dirpool: add
* ultradns_dirpool: fix rdata.ip_info.ips to be idempotent
* ultradns_tcpool: add doc
* ultradns_dirpool: fix rdata.geo_codes.codes to be idempotent
* ultradns_dirpool: add doc
* ultradns: cleanup testing
* ultradns_record: rename resource
* ultradns: log username from config, not client
udnssdk.Client is being refactored to use x/oauth2, so don't assume we
can access Username from it
* ultradns_probe_ping: add
* ultradns_probe_http: add
* doc: add ultradns_probe_ping
* doc: add ultradns_probe_http
* ultradns_record: remove duplication from error messages
* doc: cleanup typos in ultradns
* ultradns_probe_ping: add test for pool-level probe
* Clean documentation
* ultradns: pull makeSetFromStrings() up to common.go
* ultradns_dirpool: log hashIPInfoIPs
Log the key and generated hashcode used to index ip_info.ips into a set.
* ultradns: simplify hashLimits()
Limits blocks only have the "name" attribute as their primary key, so
hashLimits() needn't use a buffer to concatenate.
Also changes log level to a more approriate DEBUG.
* ultradns_tcpool: convert rdata to schema.Set
RData blocks have the "host" attribute as their primary key, so it is
used by hashRdatas() to create the hashcode.
Tests are updated to use the new hashcode indexes instead of natural
numbers.
* ultradns_probe_http: convert agents to schema.Set
Also pull the makeSetFromStrings() helper up to common.go
* ultradns: pull hashRdatas() up to common
* ultradns_dirpool: convert rdata to schema.Set
Fixes TF-66
* ultradns_dirpool.conflict_resolve: fix default from response
UltraDNS REST API User Guide claims that "Directional Pool
Profile Fields" have a "conflictResolve" field which "If not
specified, defaults to GEO."
https://portal.ultradns.com/static/docs/REST-API_User_Guide.pdf
But UltraDNS does not actually return a conflictResolve
attribute when it has been updated to "GEO".
We could fix it in udnssdk, but that would require either:
* hide the response by coercing "" to "GEO" for everyone
* use a pointer to allow checking for nil (requires all
users to change if they fix this)
An ideal solution would be to have the UltraDNS API respond
with this attribute for every dirpool's rdata.
So at the risk of foolish consistency in the sdk, we're
going to solve it where it's visible to the user:
by checking and overriding the parsing. I'm sorry.
* ultradns_record: convert rdata to set
UltraDNS does not store the ordering of rdata elements, so we need a way
to identify if changes have been made even it the order changes.
A perfect job for schema.Set.
* ultradns_record: parse double-encoded answers for TXT records
* ultradns: simplify hashLimits()
Limits blocks only have the "name" attribute as their primary key, so
hashLimits() needn't use a buffer to concatenate.
* ultradns_dirpool.description: validate
* ultradns_dirpool.rdata: doc need for set
* ultradns_dirpool.conflict_resolve: validate
tags were documented, just not implemented
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMDnsZone_ -timeout 120m
=== RUN TestAccAzureRMDnsZone_importBasic
--- PASS: TestAccAzureRMDnsZone_importBasic (89.04s)
=== RUN TestAccAzureRMDnsZone_basic
--- PASS: TestAccAzureRMDnsZone_basic (92.91s)
=== RUN TestAccAzureRMDnsZone_withTags
--- PASS: TestAccAzureRMDnsZone_withTags (105.88s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 287.912s
* provider/pagerduty: Allow 'team_responder' role for pagerduty_user resource
* Change unit test to exercise 'team_responder' and reformat
* Update the test fixture to use the 'team_responder' role
* provider/aws: Support eu-west-2
This is the new London region - we don't have access yet but several
enquiries have come from customers who do.
* provider/aws: Support eu-west-2 region
* Update hosted_zones.go
releases.
When postgresql_schema_policy lands this attribute should be removed in
order to provide a single way of accomplishing setting permissions on
schema objects.
* provider/aws: data source for AWS Hosted Zone
* add caller_reference, resource_record_set_count fields, manage private zone and trailing dot
* fix fmt
* update documentation, use string function in hostedZoneNamewq
* add vpc_id support
* add tags support
* add documentation for hosted zone data source tags support
* provider/aws: Add the aws_eip data source
* Document the aws_eip data source on the website
* provider/aws: support query by public_ip for aws_eip data source
* Initial checkin for PR request
* Added an argument to provider to allow control over whether or not TLS Certs will skip verification. Controllable via provider or env variable being set
* Initial check-in to use refactored module
* Checkin of very MVP for creating/deleting host test which works and validates basic host creation and deletion
* Check in with support for creating hosts with variables working
* Checking in work to date
* Remove code that causes travis CI to fail while I debug
* Adjust create to accept multivale
* Back on track. Working basic tests. go-icinga2-api needs more test too
* Squashing
* Back on track. Working basic tests. go-icinga2-api needs more test too
* Check in refactored hostgroup support
* Check in refactored check_command, hosts, and hsotgroup with a few test
* Checking in service code
* Add in dependency for icinga2 provider
* Add documentation. Refactor, fix and extend based on feedback from Hashicorp
* Added checking and validation around invalid URL and unavailable server
* Add support to import databases. See docs.
* Add support for renaming databases
* Add support for all known PostgreSQL database attributes, including:
* "allow_connections"
* "lc_ctype"
* "lc_collate"
* "connection_limit"
* "encoding"
* "is_template"
* "owner"
* "tablespace_name"
* "template"
Both libpq(3) and github.com/lib/pq both use `sslmode`. Prefer this vs
the non-standard `ssl_mode`. `ssl_mode` is supported for compatibility
but should be removed in the future.
Changelog: yes
Also don't specify the default and rely on github.com/lib/pq (which uses "required"
and is different than what libpq(3) uses, which is "preferred" and unsupported by
github.com/lib/pq).
* Allow import of aws_security_groups with more than one source_security_group_id rule
* Add acceptable test for security group with multiple source rules.
When importing an `aws_vpc_peering_connection`, the code assumes that
the account under Terraform control is the initiator (requester) of the
VPC peering request. This holds true when the peering connection is
between two VPCs in the same account, or when the peering connection has
been initiated from the controlled account to another.
However, when the peering connection has been initiated from a foreign
account towards the account under management, importing the peering
connection into the statefile results in values of `peer_vpc_id` and
`vpc_id` being the opposite way round to what they should be, and in the
`peer_owner_id` being set to the managed account's ID rather than the
foreign account's ID.
This patch checks the Accepter and Requester Owner IDs against the AWS
connection's reported owner ID, and reverses the mapping if it is
determined that the VPC peering connection is owned by the foreign
account.
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMVirtualMachine_plan -timeout 120m
=== RUN TestAccAzureRMVirtualMachine_plan
--- PASS: TestAccAzureRMVirtualMachine_plan (798.75s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 798.835s
This adds the new resource aws_snapshot_create_volume_permission which
manages the createVolumePermission attribute of snapshots. This allows
granting an AWS account permissions to create a volume from a particular
snapshot. This is often required to allow another account to copy a
private AMI.
The value is only multiplied by the API for topics in non-premium namespaces
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMServiceBusTopic_enablePartitioning -timeout 120m
=== RUN TestAccAzureRMServiceBusTopic_enablePartitioningStandard
--- PASS: TestAccAzureRMServiceBusTopic_enablePartitioningStandard (378.80s)
=== RUN TestAccAzureRMServiceBusTopic_enablePartitioningPremium
--- PASS: TestAccAzureRMServiceBusTopic_enablePartitioningPremium (655.00s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 1033.874s
AWS allows only the case-sensitive strings `Allow` and `Deny` to appear
in the `Effect` fields of IAM policy documents. Catch deviations from
this, including mis-casing, before hitting the API and generating an
error (the error is a generic 400 and doesn't indicate what part of the
policy doc is invalid).
* provider/datadog 9869: Validate credentials when initialising client.
* provider/datadog Pull in new version of go-datadog-api.
* provider/datadog Update testAccCheckDatadogMonitorConfigNoThresholds test config.
Fixes#8455, #5390
This add a new `no_device` attribute to `ephemeral_block_device` block,
which allows users omit ephemeral devices from AMI's predefined block
device mappings, which is useful for EBS-only instance types.
* provider/datadog #9375: Refactor tags to a list instead of a map.
Tags are allowed to be but not restricted to, key value pairs (ie: foo:bar)
but are esssentially strings. This changes allows using, and mixing of tags with
form "foo" and "foo:bar". It also allows using duplicate keys like "foo:bar" and "foo:baz".
* provider/datadog update import test.
This commit extracts the GPG code used for aws_iam_user_login_profile
into a library that can be reused for other resources, and updates the
call sites appropriately.
* provider/azurerm: Bump sdk version to 7.0.1
* Fixing the build (#10489)
* Fixing the broken tests (#10499)
* Updating the method signatures to match (#10533)
Fixes#10463
I'm really surprised this flew under the radar for years...
By having unique PRNGs, the SSH communicator could and would
generate identical ScriptPaths and two provisioners running in parallel
could overwrite each other and execute the same script. This would
happen because they're both seeded by the current time which could
potentially be identical if done in parallel...
Instead, we share the rand now so that the sequence is guaranteed
unique. As an extra measure of robustness, we also multiple by the PID
so that we're also protected against two processes at the same time.
* "external" provider for gluing in external logic
This provider will become a bit of glue to help people interface external
programs with Terraform without writing a full Terraform provider.
It will be nowhere near as capable as a first-class provider, but is
intended as a light-touch way to integrate some pre-existing or custom
system into Terraform.
* Unit test for the "resourceProvider" utility function
This small function determines the dependable name of a provider for
a given resource name and optional provider alias. It's simple but it's
a key part of how resource nodes get connected to provider nodes so
worth specifying the intended behavior in the form of a test.
* Allow a provider to export a resource with the provider's name
If a provider only implements one resource of each type (managed vs. data)
then it can be reasonable for the resource names to exactly match the
provider name, if the provider name is descriptive enough for the
purpose of the each resource to be obvious.
* provider/external: data source
A data source that executes a child process, expecting it to support a
particular gateway protocol, and exports its result. This can be used as
a straightforward way to retrieve data from sources that Terraform
doesn't natively support..
* website: documentation for the "external" provider
* add rds db for opsworks
* switched to stack in vpc
* implement update method
* add docs
* implement and document force new resource behavior
* implement retry for update and delete
* add test that forces new resource
This commit changes allowed_address_pairs from a TypeList to a TypeSet
allowing for arbitrary ordering. This solves the issue where a user
specifies an address pair one way and OpenStack returns a different
order.
* Update to latest version of go-datadog-api
* Updates to latest go-datadog-api version, which adds more complete
timeboard support.
* Add more complete timeboard support
* Adds in support for missing timeboard fields, so now we can have nice
things like conditional formats and more.
* Document new fields in datadog_timeboard resource
* Add acceptance test for datadog timeboard changes
* Add new aws_vpc_endpoint_route_table_association resource.
This commit adds a new resource which allows to a list of route tables to be
either added and/or removed from an existing VPC Endpoint. This resource would
also be complimentary to the existing `aws_vpc_endpoint` resource where the
route tables might not be specified (not a requirement for a VPC Endpoint to
be created successfully) during creation, especially where the workflow is
such where the route tables are not immediately known.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Additions by Kit Ewbank <Kit_Ewbank@hotmail.com>:
* Add functionality
* Add documentation
* Add acceptance tests
* Set VPC endpoint route_table_ids attribute to "Computed"
* Changes after review - Set resource ID in create function.
* Changes after code review by @kwilczynski:
* Removed error types and simplified the error handling in 'resourceAwsVPCEndpointRouteTableAssociationRead'
* Simplified logging in 'resourceAwsVPCEndpointRouteTableAssociationDelete'
Update our instance template to include metadata_startup_script, to
match our instance resource. Also, we've resolved the diff errors around
metadata.startup-script, and people want to use that to create startup
scripts that don't force a restart when they're changed, so let's stop
disallowing it.
Also, we had a bunch of calls to `schema.ResourceData.Set` that ignored
the errors, so I added error handling for those calls. It's mostly
bundled with this code because I couldn't be sure whether it was the
root of bugs or not, so I took care of it while addressing the startup
script issue.
* provider/openstack: Detect Region for Importing Resources
This commit changes the way the OpenStack region is detected and set.
Any time a region is required, the region attribute will first be
checked. Next, the OS_REGION_NAME environment variable will be checked.
While schema.EnvDefaultFunc handles this same situation, it is not
applicable when importing resources.
* provider/openstack: No longer ignore region in importing tests
* provider/openstack: Network and Subnet Import Fixes
This commit fixes the OpenStack Network and Subnet resources so that
importing of those resources is successful.
This change doesn't make much sense now, as projects are read-only
anyways, so there's not a lot that importing really does for you--you
can already reference pre-existing projects just by defining them in
your config.
But as we discussed #10425, this change made more and more sense. In a
world where projects can be created, we can no longer reference
pre-existing projects just by defining them in config. We get that
ability back by making projects importable.
* provider/aws: Add DeploymentRollback as a valid TriggerEvent type
* provider/aws: Add auto_rollback_configuration to aws_codedeploy_deployment_group
* provider/aws: Document auto_rollback_configuration
- part of aws_codedeploy_deployment_group
* provider/aws: Support removing and disabling auto_rollback_configuration
- part of aws_codedeploy_deployment_group resource
- when removing configuration, ensure events are removed
- when disabling configuration, preserve events in case configuration is re-enabled
* provider/aws: Add alarm_configuration to aws_codedeploy_deployment_group
* provider/aws: Document alarm_configuration
- part of aws_codedeploy_deployment_group
* provider/aws: Support removing alarm_configuration
- part of aws_codedeploy_deployment_group resource
- disabling configuration doesn't appear to work...
* provider/aws: Refactor auto_rollback_configuration tests
- Add create test
- SKIP failing test for now
- Add tests for build & map functions
* provider/aws: Refactor new aws_code_deploy_deployment_group tests
- alarm_configuration and auto_rollback_configuration only
- add assertions to deployment_group basic test
- rename config funcs to be more easy to read
- group public tests together
* provider/aws: A max of 10 alarms can be added to a deployment group.
- aws_code_deploy_deployment_group.alarm_configuration.alarms
- verified this causes test failure with expected exception
* provider/aws: Test disabling alarm_configuration and auto_rollback_configuration
- the tests now pass after rebasing the latest master branch
Google's Backend Services gives users control over the session affinity modes.
Let's allow Terraform users to leverage this option.
We don't change the default value ("NONE", as provided by Google).
* provider/azurerm: support import of route
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMRoute_import -timeout 120m
=== RUN TestAccAzureRMRoute_importBasic
--- PASS: TestAccAzureRMRoute_importBasic (166.99s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 167.066s
* provider/azurerm: fix route_table not setting routes
The resource wasn't actually setting the routes in the create/update method,
this went unnoticed as it also didn't read the routes array back to state.
Fixes#10316
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMRouteTable -timeout 120m
=== RUN TestAccAzureRMRouteTable_basic
--- PASS: TestAccAzureRMRouteTable_basic (122.96s)
=== RUN TestAccAzureRMRouteTable_disappears
--- PASS: TestAccAzureRMRouteTable_disappears (121.12s)
=== RUN TestAccAzureRMRouteTable_withTags
--- PASS: TestAccAzureRMRouteTable_withTags (136.01s)
=== RUN TestAccAzureRMRouteTable_multipleRoutes
--- PASS: TestAccAzureRMRouteTable_multipleRoutes (155.44s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 535.612s
* provider/azurerm: support import of route_table
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMRouteTable_import -timeout 120m
=== RUN TestAccAzureRMRouteTable_importBasic
--- PASS: TestAccAzureRMRouteTable_importBasic (121.90s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 121.978s
* provider/aws: Generate name for TestAccElasticBeanstalkApplicationImport
This allows tests to run concurrently.
* provider/aws: Generate names for TestAWSElasticBeanstalkEnvironment_importBasic
This allows tests to run concurrently.
* provider/azurerm: support import of virtual_machine
TF_ACC=1 go test ./builtin/providers/azurerm -v -run "TestAccAzureRMVirtualMachine_(basic|import)" -timeout 120m
=== RUN TestAccAzureRMVirtualMachine_importBasic
--- PASS: TestAccAzureRMVirtualMachine_importBasic (561.08s)
=== RUN TestAccAzureRMVirtualMachine_basicLinuxMachine
--- PASS: TestAccAzureRMVirtualMachine_basicLinuxMachine (677.49s)
=== RUN TestAccAzureRMVirtualMachine_basicLinuxMachine_disappears
--- PASS: TestAccAzureRMVirtualMachine_basicLinuxMachine_disappears (674.21s)
=== RUN TestAccAzureRMVirtualMachine_basicWindowsMachine
--- PASS: TestAccAzureRMVirtualMachine_basicWindowsMachine (1105.18s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 3017.970s
* provider/azurerm: support import of servicebus_namespace
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMServiceBusNamespace_import -timeout 120m
=== RUN TestAccAzureRMServiceBusNamespace_importBasic
--- PASS: TestAccAzureRMServiceBusNamespace_importBasic (345.80s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 345.879s
* provider/azurerm: document import of servicebus_topic and servicebus_subscription
* provider/azurerm: support import of dns record resources
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMDns[A-z]+Record_importBasic -timeout 120m
=== RUN TestAccAzureRMDnsARecord_importBasic
--- PASS: TestAccAzureRMDnsARecord_importBasic (102.84s)
=== RUN TestAccAzureRMDnsAAAARecord_importBasic
--- PASS: TestAccAzureRMDnsAAAARecord_importBasic (100.59s)
=== RUN TestAccAzureRMDnsCNameRecord_importBasic
--- PASS: TestAccAzureRMDnsCNameRecord_importBasic (98.94s)
=== RUN TestAccAzureRMDnsMxRecord_importBasic
--- PASS: TestAccAzureRMDnsMxRecord_importBasic (107.30s)
=== RUN TestAccAzureRMDnsNsRecord_importBasic
--- PASS: TestAccAzureRMDnsNsRecord_importBasic (98.55s)
=== RUN TestAccAzureRMDnsSrvRecord_importBasic
--- PASS: TestAccAzureRMDnsSrvRecord_importBasic (100.19s)
=== RUN TestAccAzureRMDnsTxtRecord_importBasic
--- PASS: TestAccAzureRMDnsTxtRecord_importBasic (97.49s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 706.000s
* provider/azurerm: support import of cdn_endpoint, document profile import
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMCdnEndpoint_import -timeout 120m
=== RUN TestAccAzureRMCdnEndpoint_importWithTags
--- PASS: TestAccAzureRMCdnEndpoint_importWithTags (207.83s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 207.907s
* provider/azurerm: support import of sql_server, fix sql_firewall import
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMSql[A-z]+_importBasic -timeout 120m
=== RUN TestAccAzureRMSqlFirewallRule_importBasic
--- PASS: TestAccAzureRMSqlFirewallRule_importBasic (153.72s)
=== RUN TestAccAzureRMSqlServer_importBasic
--- PASS: TestAccAzureRMSqlServer_importBasic (119.83s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 273.630s
Although the aws_iam_policy has a problem of normalization (refs #8350),
I think it would be useful simply to add JSON syntax validation.
I wasted a lot of time with JSON syntax errors.
Validate the aws_iam_policy using the validateJsonString helper.
This commit adds the ability to authenticate with Swauth/Swift. This can
be used in Swift-only environments that do not have a Keystone service
for authentication.
* provider/aws: Add ability to create aws_ebs_snapshot
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEBSSnapshot_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 14:18:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEBSSnapshot_
-timeout 120m
=== RUN TestAccAWSEBSSnapshot_basic
--- PASS: TestAccAWSEBSSnapshot_basic (31.56s)
=== RUN TestAccAWSEBSSnapshot_withDescription
--- PASS: TestAccAWSEBSSnapshot_withDescription (189.35s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws220.928s
```
* docs/aws: Addition of the docs for aws_ebs_snapshot resource
* provider/aws: Creation of shared schema funcs for common AWS data source
patterns
* provider/aws: Create aws_ebs_snapshot datasource
Fixes#8828
This data source will use a number of filters, owner_ids, snapshot_ids
and restorable_by_user_ids in order to find the correct snapshot. The
data source has no real use case for most_recent and will error on no
snapshots found or greater than 1 snapshot found
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEbsSnapshotDataSource_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 14:34:33 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEbsSnapshotDataSource_ -timeout 120m
=== RUN TestAccAWSEbsSnapshotDataSource_basic
--- PASS: TestAccAWSEbsSnapshotDataSource_basic (192.66s)
=== RUN TestAccAWSEbsSnapshotDataSource_multipleFilters
--- PASS: TestAccAWSEbsSnapshotDataSource_multipleFilters (33.84s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws226.522s
```
* docs/aws: Addition of docs for the aws_ebs_snapshot data source
Adds the new resource `aws_ebs_snapshot`
This update adds ALB support to the
wait_for_elb_capacity/min_elb_capacity options. Target groups are
handled in nearly the same way as Classic ELBs, so the change should be
transparent. This supports both ALB target groups and classic ELBs being
attached to the ASG at the same time.
* provider/aws: Add aws_alb data source
This adds the aws_alb data source for getting information on an AWS
Application Load Balancer.
The schema is nearly the same as the resource of the same name, with
most of the resource population logic de-coupled into its own function
so that they can be shared between the resource and data source.
* provider/aws: aws_alb data source language revisions
* Multiple/zero result error slightly updated to be a bit more
specific.
* Fixed relic of the copy of the resource docs (resource -> data
source)
When `force_destroy` was specifed on an `aws_iam_user` resource, only IAM
access keys and the login profile were destroyed. If a multi-factor auth
device had been activated for that user, deletion would fail as follows:
```
* aws_iam_user.testuser1: Error deleting IAM User testuser1: DeleteConflict: Cannot delete entity, must delete MFA device first.
status code: 409, request id: aa41b1b7-ac4d-11e6-bb3f-3b4c7a310c65
```
This commit iterates over any of the user's MFA devices and deactivates
them before deleting the user. It follows a pattern similar to that used
to remove users' IAM access keys before deletion.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUser_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/20 17:09:00 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUser_ -timeout 120m
=== RUN TestAccAWSUser_importBasic
--- PASS: TestAccAWSUser_importBasic (5.70s)
=== RUN TestAccAWSUser_basic
--- PASS: TestAccAWSUser_basic (11.12s)
PASS
ok github.com/rhenning/terraform/builtin/providers/aws 20.840s
```
This commit adds the openstack_compute_volume_attach_v2 resource. This
resource enables a volume to be attached to an instance by using the
OpenStack Compute (Nova) v2 volumeattach API.
This commit adds the openstack_blockstorage_volume_attach_v2 resource. This
resource enables a volume to be attached to an instance by using the OpenStack
Block Storage (Cinder) v2 API.
Fixes a case where ResourceConfig.get inadvertently returns a nil value.
Add an integration test where assigning a map to a list via
interpolation would panic.
* provider/github: add GitHub labels resource
Provides a GitHub issue label resource.
This resource allows easy management of issue labels for an
organisation's repositories. A name, and a color can be set.
These attributes can be updated without creating a new resource.
* provider/github: add documentation for GitHub issue labels resource
* provider/aws: Add aws_alb_listener data source
This adds the aws_alb_listener data source to get information on an AWS
Application Load Balancer listener.
The schema is slightly modified (only option-wise, attributes are the
same) and we use the aws_alb_listener resource read function to get the
data.
Note that the HTTPS test here may fail due until
hashicorp/terraform#10180 is merged.
* provider/aws: Add aws_alb_listener data source docs
Now documented.
When using the static NAT resource, you no longer have to specify a `network_id`. This can be inferred from the choosen `virtual_machine_id` and/or the `vm_guest_ip`.
* provider/scaleway: increase wait for server time
according to the scaleway community, shutdown/ startup might actually take an
hour. since a regular shutdown transfers data this is bound by the size of the
actual volumes in use.
https://community.online.net/t/solving-the-long-shutdown-boot-when-only-needed-to-attach-detach-a-volume/326
anyhow, 20 minutes seems quite optimistic, and we've seen some timeout errors in
the logs, too
* provider/scaleway: clear cache on volume attachment
the volume attachment errors quite often, and while I have no hard evidence
(yet) I guess it might be related to the cache that the official scaleway SDK
includes.
for now this is just a tiny experiment, clearing the cache when creating/
destroying volume attachments. let's see if this improves anything, really
* provider/scaleway: guard against attaching already attached volumes
* provider/scaleway: use cheaper instance types for tests
Scaleway bills by the hour and C2S costs much more than C1, since in the tests
we just spin up instances, to destroy them later on...
Looks like sometimes it takes some time for IAM certificates to
propagate, which can cause errors on ALB listener creation.
Possibly same thing as hashicorp/terraform#5178, but for ALB
now instead of ELB.
This was discovered via acceptance tests, specifically the
TestAccAWSALBListener_https test. Updated the creation process to wait
on CertificateNotFound for a max of 5min.
- Per our discussion around the PR to increase this initially, we
weren't sure if 1 minute would be sufficient. Well, it turns out it
wasn't for me today (we don't delete these often so not sure how
often people run into this).
Picking another somewhat arbitrary value of 5 minutes in the hopes
that it will be sufficient (today it took a little over 2 minutes).
Since the Lambda CreateFunction call may include an up to 50MB payload,
the request can easily take more than a minute. This increases the
timeout to 10 minutes.
Fixes#10042Fixes#9989
Another panic was found with this resource. IT essentially was causing a
panic when no certificates were found. This was due to the casting of
status to []string
There are times when there are no statuses passed in. Made the error
message a lot more generic now rather than having something like this
```
No certificate with statuses [] for domain mytestdomain.com found in this region.
```
This now becomes:
```
No certificate for domain mytestdomain.com found in this region.
```
Also, added a test to show that the panic is gone
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAwsAcmCertificateDataSource_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/11 15:11:33 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAwsAcmCertificateDataSource_ -timeout 120m
=== RUN TestAccAwsAcmCertificateDataSource_noMatchReturnsError
--- PASS: TestAccAwsAcmCertificateDataSource_noMatchReturnsError (6.07s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws6.094s
```
* provider/azurerm: allow updating of lb_rule resource
* check if rule is being updated rather than assuming created
* added test to cover guard against multiple rules with the same name
TF_ACC=1 go test ./builtin/providers/azurerm -v -run "TestAccAzureRMLoadBalancerRule_" -timeout 120m
=== RUN TestAccAzureRMLoadBalancerRule_basic
--- PASS: TestAccAzureRMLoadBalancerRule_basic (157.45s)
=== RUN TestAccAzureRMLoadBalancerRule_removal
--- PASS: TestAccAzureRMLoadBalancerRule_removal (163.67s)
=== RUN TestAccAzureRMLoadBalancerRule_inconsistentReads
--- PASS: TestAccAzureRMLoadBalancerRule_inconsistentReads (150.00s)
=== RUN TestAccAzureRMLoadBalancerRule_update
--- PASS: TestAccAzureRMLoadBalancerRule_update (164.20s)
=== RUN TestAccAzureRMLoadBalancerRule_duplicateRules
--- PASS: TestAccAzureRMLoadBalancerRule_duplicateRules (137.51s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 772.846s
* provider/azurerm: allow updating of lb_nat_rule resource
* check if NAT rule is being updated rather than assuming created
* added test to cover guard against multiple NAT rules with the same name
TF_ACC=1 go test ./builtin/providers/azurerm -v -run "TestAccAzureRMLoadBalancerNatRule" -timeout 120m
=== RUN TestAccAzureRMLoadBalancerNatRule_basic
--- PASS: TestAccAzureRMLoadBalancerNatRule_basic (148.48s)
=== RUN TestAccAzureRMLoadBalancerNatRule_removal
--- PASS: TestAccAzureRMLoadBalancerNatRule_removal (163.48s)
=== RUN TestAccAzureRMLoadBalancerNatRule_update
--- PASS: TestAccAzureRMLoadBalancerNatRule_update (176.97s)
=== RUN TestAccAzureRMLoadBalancerNatRule_duplicate
--- PASS: TestAccAzureRMLoadBalancerNatRule_duplicate (136.36s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 625.301s
* provider/azurerm: allow updating of lb_probe resource
* check if probe is being updated rather than assuming created
* added test to cover guard against multiple probes with the same name
TF_ACC=1 go test ./builtin/providers/azurerm -v -run "TestAccAzureRMLoadBalancerProbe" -timeout 120m
=== RUN TestAccAzureRMLoadBalancerProbe_basic
--- PASS: TestAccAzureRMLoadBalancerProbe_basic (134.53s)
=== RUN TestAccAzureRMLoadBalancerProbe_removal
--- PASS: TestAccAzureRMLoadBalancerProbe_removal (168.06s)
=== RUN TestAccAzureRMLoadBalancerProbe_update
--- PASS: TestAccAzureRMLoadBalancerProbe_update (175.99s)
=== RUN TestAccAzureRMLoadBalancerProbe_duplicate
--- PASS: TestAccAzureRMLoadBalancerProbe_duplicate (139.01s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 617.598s
* provider/azurerm: allow updating of lb_nat_pool resource
* check if NAT pool is being updated rather than assuming created
* added test to cover guard against multiple NAT pools with the same name
TF_ACC=1 go test ./builtin/providers/azurerm -v -run "TestAccAzureRMLoadBalancerNatPool" -timeout 120m
=== RUN TestAccAzureRMLoadBalancerNatPool_basic
--- PASS: TestAccAzureRMLoadBalancerNatPool_basic (146.52s)
=== RUN TestAccAzureRMLoadBalancerNatPool_removal
--- PASS: TestAccAzureRMLoadBalancerNatPool_removal (158.34s)
=== RUN TestAccAzureRMLoadBalancerNatPool_update
--- PASS: TestAccAzureRMLoadBalancerNatPool_update (174.05s)
=== RUN TestAccAzureRMLoadBalancerNatPool_duplicate
--- PASS: TestAccAzureRMLoadBalancerNatPool_duplicate (136.94s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 615.866s
* allow underscore in database_name [redshift]
Fixes#10009
* Added Test Cases To Validate Redshift DBName
* Remove Old Test Cases Regarding Redshift DBName Validation
* Added More Test Cases For Redshift DBName
Also added a test to prove that the computed value gets set
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBInstance_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/10 06:26:22 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDBInstance_basic -timeout 120m
=== RUN TestAccAWSDBInstance_basic
--- PASS: TestAccAWSDBInstance_basic (634.33s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws634.347s
```
Fixes#9989
When passing a list of statuses to the acm_certificate data source, we
were trying to cast a schema.TypeList directly to []string
We need to do it via an []interface{} and then cast to string when
ranging over the results. Without this, we get a panic
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMDnsARecord_basic -timeout 120m
=== RUN TestAccAzureRMDnsARecord_basic
--- PASS: TestAccAzureRMDnsARecord_basic (91.92s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 91.994s
* Added key_name_prefix to aws_key_pair resource schema.
* Added logic to prefix the aws_key_pair name on create.
* Added aws_key_pair test config for key_name_prefix case.
* Copied test cases from testAccAWSSecurityGroup namespace.
* Modified copied test case to suit aws_key_pair resource.
* Changed required flag to optional on key_name argument for aws_key_pair resource.
* Added documentation for key_name_prefix argument.
* Code style fix.
* Fixed undefined variable error in test.
Picked up from where #6548 left off
settings and protected_settings take JSON objects as strings to make extension
generic
TF_ACC=1 go test ./builtin/providers/azurerm -v -run "TestAccAzureRMVirtualMachineExtension" -timeout 120m
=== RUN TestAccAzureRMVirtualMachineExtension_importBasic
--- PASS: TestAccAzureRMVirtualMachineExtension_importBasic (697.55s)
=== RUN TestAccAzureRMVirtualMachineExtension_basic
--- PASS: TestAccAzureRMVirtualMachineExtension_basic (824.17s)
=== RUN TestAccAzureRMVirtualMachineExtension_concurrent
--- PASS: TestAccAzureRMVirtualMachineExtension_concurrent (929.74s)
=== RUN TestAccAzureRMVirtualMachineExtension_linuxDiagnostics
--- PASS: TestAccAzureRMVirtualMachineExtension_linuxDiagnostics (803.19s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 3254.663s
this PR fixes a flakyness in the `scaleway_volume_attachment` resource, as
described below:
when attaching/ detaching a volume from a `scaleway_server`, the server needs to
be stopped. even though the code already waits for the server to be stopped, the
`PatchServer` calls gets a `400 server is being stopped or rebooted` error
response.
If the API returns the `400` we bail, leaving terraform in a broken state.
Assuming this is the only error that the API might return to us, as the payload
itself is correct, this retry behaviour should fix the issue.
\cc @stack72 PTAL
When configuring an instance's attached disk, if the attached disk has
both the disk and type attributes set, it would previously cause
terraform to crash with a nil pointer exception. The root cause was that
we only instantiate the InitializeParams property of the disk if its
disk attribute isn't set, and we try to write to the InitializeParams
property when the type attribute is set. So setting both caused the
InitializeParams property to not be initialized, then written to.
Now we throw an error explaining that the configuration can't have both
the disk and the type set.
Fixes#6495.
Fixes#9895
The replication_group_id should allow length to be max of 20 not 16
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestResourceAWSElastiCacheReplicationGroupIdValidation'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/07 16:17:52 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestResourceAWSElastiCacheReplicationGroupIdValidation -timeout
120m
=== RUN TestResourceAWSElastiCacheReplicationGroupIdValidation
--- PASS: TestResourceAWSElastiCacheReplicationGroupIdValidation (0.00s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws0.032s
```
The work to add the arn_suffix in #9734 skipped adding the targetgroup/
part of the arn
This PR adds it
//cc @firthh
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALBTargetGroup_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/07 12:19:16 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALBTargetGroup_ -timeout 120m
=== RUN TestAccAWSALBTargetGroup_basic
--- PASS: TestAccAWSALBTargetGroup_basic (47.23s)
=== RUN TestAccAWSALBTargetGroup_changeNameForceNew
--- PASS: TestAccAWSALBTargetGroup_changeNameForceNew (80.09s)
=== RUN TestAccAWSALBTargetGroup_changeProtocolForceNew
--- PASS: TestAccAWSALBTargetGroup_changeProtocolForceNew (87.45s)
=== RUN TestAccAWSALBTargetGroup_changePortForceNew
--- PASS: TestAccAWSALBTargetGroup_changePortForceNew (78.47s)
=== RUN TestAccAWSALBTargetGroup_changeVpcForceNew
--- PASS: TestAccAWSALBTargetGroup_changeVpcForceNew (73.53s)
=== RUN TestAccAWSALBTargetGroup_tags
--- PASS: TestAccAWSALBTargetGroup_tags (75.60s)
=== RUN TestAccAWSALBTargetGroup_updateHealthCheck
--- PASS: TestAccAWSALBTargetGroup_updateHealthCheck (76.40s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 518.777s
```
fixes#9110
An error was found where, static_routes_only was not set on a vpn
connection import. This commit introduces setting the static_routes_only
to false when no Options are found. This follows the AWS convention as follows:
```
- options (structure)
Indicates whether the VPN connection requires static routes. If you are creating a VPN connection for a device that does not support BGP, you must specify true .
Default: false
```
So we take it that `static_options_only` is false by default
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpnConnection_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 10:38:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpnConnection_ -timeout 120m
=== RUN TestAccAWSVpnConnection_importBasic
--- PASS: TestAccAWSVpnConnection_importBasic (178.29s)
=== RUN TestAccAWSVpnConnection_basic
--- PASS: TestAccAWSVpnConnection_basic (336.81s)
=== RUN TestAccAWSVpnConnection_withoutStaticRoutes
--- PASS: TestAccAWSVpnConnection_withoutStaticRoutes (195.45s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 710.572s
```
* Implemented EventHubs
* Missing the sidebar link
* Fixing the type
* Fixing the docs for Namespace
* Removing premium tests
* Checking the correct status code on delete
* Added a test case for the import
* Documentation for importing
* Fixing a typo
We now generate the read operation which sets the various encodings of
the random value such that adding new ones does not require generating a
new random value.
We also verify that these are set correctly via the acceptance tests.
This commit makes three related changes to the `random_id` resource:
1. Deprecate the `b64` attribute
2. Introduce a new `b64_url` attribute which functions in the same
manner as the original `b64` attribute
3. Introduce a new `b64_std` attribute which uses standard base64
encoding for the value rather than URL encoding.
Resource identifiers continue to use URL encoded base 64.
The reason for adding standard encoding of the base 64 value is to allow
the use of generated values as a Serf Encryption Key for separating
Consul clusters - these rely on standard encoding and do not permit some
characters which are allowed by URL encoding. `b64_url` is introduced
in order that there is consistency in specifying the desired encoding
during interpolation.
This dep was meant as a stopgap for a patch in the stdlib of Go which I
wrote.
The patch was released in Go 1.7. We can now remove my fork and go back
to the stdlib
Use this data source to get the ARN of a certificate in AWS Certificate
Manager (ACM). The process of requesting and verifying a certificate in ACM
requires some manual steps, which means that Terraform cannot automate the
creation of ACM certificates. But using this data source, you can reference
them by domain without having to hard code the ARNs as input.
The acceptance test included requires an ACM certificate be pre-created
in and information about it passed in via environment variables. It's a
bit sad but there's really no other way to do it.
When computing the set key for an EBS block device, we were using
the wrong function; we had hashEphemeralBlockDevice instead of
hashEbsBlockDevice. This caused a panic by trying to access the
virtual_name attribute that will never be set for EBS block
devices.
To fix this, I switched to the hashEbsBlockDevice function, which
is already being used to compute a Set key in the Schema. But in
the default case, where the snapshot_id attribute isn't specified,
this also caused a panic. I updated the way the string to hash is
generated to check for the existence of the device_name and
snapshot_id attributes before we use them, to avoid panics when
these optional attributes aren't set.
Spot fleet requests can have EBS volumes attached to them, and at
the moment we're getting reports that crashes can be experienced
with them. This adds an acceptance test that exercises creating
a Spot Fleet request that has a non-instance EBS volume attached.
This successfully reproduces the panic.
* GH-8755 - Adding in support to attach ASG to ELB as independent action
* GH-8755 - Adding in docs
* GH-8755 - Adjusting attribute name and responding to other PR feedback
In #8502 it was requested that we add support for the EnableSNI
parameter of Route53's health checks; this enables customers to
manually specify whether or not the health check will use SNI when
communicating with the endpoint.
The customer originally requested we default to `false`. While
implementing the issue, I discovered that when creating health
checks with a Type set to HTTP, Amazon's default value for EnableSNI
is `false`. However, when creating health checks with a Type set to
HTTPS, Amazon's default value is `true`. So rather than setting a
default value, I made the attribute computed.
Fixes#9658Fixes#8728
Originally, this would ForceNew as follows:
```
-/+ aws_alb.alb_test
arn: "arn:aws:elasticloadbalancing:us-west-2:187416307283:loadbalancer/app/test-alb-9658/3459cd2446b76901" => "<computed>"
arn_suffix: "app/test-alb-9658/3459cd2446b76901" => "<computed>"
dns_name: "test-alb-9658-1463108301.us-west-2.elb.amazonaws.com" => "<computed>"
enable_deletion_protection: "false" => "false"
idle_timeout: "30" => "30"
internal: "false" => "false"
name: "test-alb-9658" => "test-alb-9658"
security_groups.#: "2" => "1" (forces new resource)
security_groups.1631253634: "sg-3256274b" => "" (forces new resource)
security_groups.3505955000: "sg-1e572667" => "sg-1e572667" (forces new resource)
subnets.#: "2" => "2"
subnets.2407170741: "subnet-ee536498" => "subnet-ee536498"
subnets.2414619308: "subnet-f1a7b595" => "subnet-f1a7b595"
tags.%: "1" => "1"
tags.TestName: "TestAccAWSALB_basic" => "TestAccAWSALB_basic"
vpc_id: "vpc-dd0ff9ba" => "<computed>"
zone_id: "Z1H1FL5HABSF5" => "<computed>"
Plan: 1 to add, 0 to change, 1 to destroy.
```
When the ALB was ForceNew, the ARN changed. The test has been updated to include a check to make sure that the ARNs are the same after the update
After this change, it looks as follows:
```
~ aws_alb.alb_test
security_groups.#: "1" => "2"
security_groups.1631253634: "" => "sg-3256274b"
security_groups.3505955000: "sg-1e572667" => "sg-1e572667"
Plan: 0 to add, 1 to change, 0 to destroy.
```
Test Results:
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_' ✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 12:20:58 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout 120m
=== RUN TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (64.25s)
=== RUN TestAccAWSALB_generatedName
--- PASS: TestAccAWSALB_generatedName (65.04s)
=== RUN TestAccAWSALB_namePrefix
--- PASS: TestAccAWSALB_namePrefix (67.02s)
=== RUN TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (96.06s)
=== RUN TestAccAWSALB_updatedSecurityGroups
--- PASS: TestAccAWSALB_updatedSecurityGroups (101.61s)
=== RUN TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (59.83s)
=== RUN TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (162.65s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 616.489s
```
* provider/aws: Provide the option to skip_destroy on
aws_volume_attachment
When you want to attach and detach pre-existing EBS volumes to an
instance, we would do that as follows:
```
resource "aws_instance" "web" {
ami = "ami-21f78e11"
availability_zone = "us-west-2a"
instance_type = "t1.micro"
tags {
Name = "HelloWorld"
}
}
data "aws_ebs_volume" "ebs_volume" {
filter {
name = "size"
values = ["${aws_ebs_volume.example.size}"]
}
filter {
name = "availability-zone"
values = ["${aws_ebs_volume.example.availability_zone}"]
}
filter {
name = "tag:Name"
values = ["TestVolume"]
}
}
resource "aws_volume_attachment" "ebs_att" {
device_name = "/dev/sdh"
volume_id = "${data.aws_ebs_volume.ebs_volume.id}"
instance_id = "${aws_instance.web.id}"
skip_destroy = true
}
```
The issue here is that when we run a terraform destroy command, the volume tries to get detached from a running instance and goes into a non-responsive state. We would have to force_destroy the volume at that point and risk losing any data on it.
This PR introduces the idea of `skip_destroy` on a volume attachment. tl;dr:
We want the volume to be detached from the instane when the instance itself has been destroyed. This way the normal shut procedures will happen and protect the disk for attachment to another instance
Volume Attachment Tests:
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVolumeAttachment_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 00:47:27 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVolumeAttachment_ -timeout 120m
=== RUN TestAccAWSVolumeAttachment_basic
--- PASS: TestAccAWSVolumeAttachment_basic (133.49s)
=== RUN TestAccAWSVolumeAttachment_skipDestroy
--- PASS: TestAccAWSVolumeAttachment_skipDestroy (119.64s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 253.158s
```
EBS Volume Tests:
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEBSVolume_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/02 01:00:18 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSEBSVolume_ -timeout 120m
=== RUN TestAccAWSEBSVolume_importBasic
--- PASS: TestAccAWSEBSVolume_importBasic (26.38s)
=== RUN TestAccAWSEBSVolume_basic
--- PASS: TestAccAWSEBSVolume_basic (26.86s)
=== RUN TestAccAWSEBSVolume_NoIops
--- PASS: TestAccAWSEBSVolume_NoIops (27.89s)
=== RUN TestAccAWSEBSVolume_withTags
--- PASS: TestAccAWSEBSVolume_withTags (26.88s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 108.032s
```
* Update volume_attachment.html.markdown
There are three equivalent forms for expressing "everyone" (including
anonymous) in IAM policies:
- "Principals": "*"
- "Principals": {"AWS": "*"}
- "Principals": {"*": "*"}
The more-constrained syntax used by our aws_iam_policy_document data
source means that the user can only express the latter two of these
directly. However, when returning IAM policies from the API AWS likes to
normalize to the first form, causing unresolvable diffs.
This fixes#9335 by handling the "everyone" case as a special case,
serializing it in JSON as the "*" shorthand form.
This change does *not* address the normalization of hand-written policies
containing such elements. A similar change would need to be made in
the external package github.com/jen20/awspolicyequivalence in order to
avoid the issue for hand-written policies.
This will allows us to filter a specific ebs_volume for attachment to an
aws_instance
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSEbsVolumeDataSource_'✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/01 12:39:19 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSEbsVolumeDataSource_ -timeout 120m
=== RUN TestAccAWSEbsVolumeDataSource_basic
--- PASS: TestAccAWSEbsVolumeDataSource_basic (28.74s)
=== RUN TestAccAWSEbsVolumeDataSource_multipleFilters
--- PASS: TestAccAWSEbsVolumeDataSource_multipleFilters (28.37s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws57.145s
```
tags were not being set in the read function
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMSqlDatabase_basic -timeout 120m
=== RUN TestAccAzureRMSqlDatabase_basic
--- PASS: TestAccAzureRMSqlDatabase_basic (190.60s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm 190.719s
* Allow `active` state while waiting for the VPC Peering Connection.
This commit adds `active` as one of the valid states in which the VPC Peering
Connection can be when it being created.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Add more valid states.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
Fixes#9628Fixes#9298
When a route53_record alias is updated in the console, AWS prepends
`dualstack.` to the name. This is there incase IPV6 is wanted. It is
exactly the same without it as it is with it
In order to stop perpetual diffs, I introduced a normalizeFunc that will
that tke alias name and strip known issues:
* dualstack
* trailing dot
This normalize fun will continue to grow I'm sure
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRoute53Record_' ✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/29 00:28:12 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRoute53Record_ -timeout 120m
=== RUN TestAccAWSRoute53Record_basic
--- PASS: TestAccAWSRoute53Record_basic (124.64s)
=== RUN TestAccAWSRoute53Record_basic_fqdn
--- PASS: TestAccAWSRoute53Record_basic_fqdn (132.07s)
=== RUN TestAccAWSRoute53Record_txtSupport
--- PASS: TestAccAWSRoute53Record_txtSupport (134.07s)
=== RUN TestAccAWSRoute53Record_spfSupport
--- PASS: TestAccAWSRoute53Record_spfSupport (113.36s)
=== RUN TestAccAWSRoute53Record_generatesSuffix
--- PASS: TestAccAWSRoute53Record_generatesSuffix (112.62s)
=== RUN TestAccAWSRoute53Record_wildcard
--- PASS: TestAccAWSRoute53Record_wildcard (162.84s)
=== RUN TestAccAWSRoute53Record_failover
--- PASS: TestAccAWSRoute53Record_failover (126.18s)
=== RUN TestAccAWSRoute53Record_weighted_basic
--- PASS: TestAccAWSRoute53Record_weighted_basic (121.10s)
=== RUN TestAccAWSRoute53Record_alias
--- PASS: TestAccAWSRoute53Record_alias (118.14s)
=== RUN TestAccAWSRoute53Record_s3_alias
--- PASS: TestAccAWSRoute53Record_s3_alias (155.07s)
=== RUN TestAccAWSRoute53Record_weighted_alias
--- PASS: TestAccAWSRoute53Record_weighted_alias (235.41s)
=== RUN TestAccAWSRoute53Record_geolocation_basic
^[[C--- PASS: TestAccAWSRoute53Record_geolocation_basic (125.32s)
=== RUN TestAccAWSRoute53Record_latency_basic
--- PASS: TestAccAWSRoute53Record_latency_basic (122.23s)
=== RUN TestAccAWSRoute53Record_TypeChange
--- PASS: TestAccAWSRoute53Record_TypeChange (231.98s)
=== RUN TestAccAWSRoute53Record_empty
--- PASS: TestAccAWSRoute53Record_empty (116.48s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 2131.526s
```
Before this fix, I was getting the following by recreating the code in
```
~ aws_route53_record.alias
alias.1563903989.evaluate_target_health: "true" => "false"
alias.1563903989.name: "9828-recreation-106795730.us-west-2.elb.amazonaws.com." => ""
alias.1563903989.zone_id: "Z1H1FL5HABSF5" => ""
alias.318754017.evaluate_target_health: "" => "true"
alias.318754017.name: "" => "9828-recreation-106795730.us-west-2.elb.amazonaws.com"
alias.318754017.zone_id: "" => "Z1H1FL5HABSF5"
Plan: 0 to add, 1 to change, 0 to destroy.
```
After this fix:
```
No changes. Infrastructure is up-to-date. This means that Terraform
could not detect any differences between your configuration and
the real physical resources that exist. As a result, Terraform
doesn't need to do anything.
When creating a CloudWatch Metric for an Application Load Balancer Target Group it is
neccessary to use the suffix of the ARN as the reference to the load
balancer TG . This commit exposes that as an attribute on the `aws_alb_target_group`
resource to prevent the need to use regular expression substitution to
make the reference.
Fixes#9410
When importing an azurerm_virtual_network that has no DNSServers,
terraform was throwing a panic as it was trying to dereference that list
of servers to set to state
This commit adds a simple check to make sure there are DNSServers before
dereferencing them
```
make testacc TEST=./builtin/providers/azurerm TESTARGS='-run=TestAccAzureRMVirtualNetwork_' 2 ↵ ✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/31 11:20:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/azurerm -v
-run=TestAccAzureRMVirtualNetwork_ -timeout 120m
=== RUN TestAccAzureRMVirtualNetwork_importBasic
--- PASS: TestAccAzureRMVirtualNetwork_importBasic (150.63s)
=== RUN TestAccAzureRMVirtualNetwork_basic
--- PASS: TestAccAzureRMVirtualNetwork_basic (122.90s)
=== RUN TestAccAzureRMVirtualNetwork_disappears
--- PASS: TestAccAzureRMVirtualNetwork_disappears (113.07s)
=== RUN TestAccAzureRMVirtualNetwork_withTags
--- PASS: TestAccAzureRMVirtualNetwork_withTags (139.56s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/azurerm526.168
```
Fixes#8679
The CallerReference attribute we passed to AWS in route53_health_checks
was `time.Now().Format(time.RFC3339Nano)`
When creating multiple resources with the Count meta-parameter, this was
causing issues as follows:
```
* aws_route53_health_check.healthstate.0: HealthCheckAlreadyExists: A different health check has already been created with the specified caller reference.
```
We have now exposed a new attribute called `reference_name` that can be set to pass multiple resources to the request
```
make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRoute53HealthCheck_' 130 ↵ ✹
==> Cecking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/31 10:41:07 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRoute53HealthCheck_ -timeout 120m
=== RUN TestAccAWSRoute53HealthCheck_importBasic
--- PASS: TestAccAWSRoute53HealthCheck_importBasic (17.08s)
=== RUN TestAccAWSRoute53HealthCheck_basic
--- PASS: TestAccAWSRoute53HealthCheck_basic (28.17s)
=== RUN TestAccAWSRoute53HealthCheck_withSearchString
--- PASS: TestAccAWSRoute53HealthCheck_withSearchString (28.07s)
=== RUN TestAccAWSRoute53HealthCheck_withChildHealthChecks
--- PASS: TestAccAWSRoute53HealthCheck_withChildHealthChecks (20.71s)
=== RUN TestAccAWSRoute53HealthCheck_IpConfig
--- PASS: TestAccAWSRoute53HealthCheck_IpConfig (16.09s)
=== RUN TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck
--- PASS: TestAccAWSRoute53HealthCheck_CloudWatchAlarmCheck (22.42s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 132.568s
```
The update of the test was causing a test failure - it was setting
desired_count to 1 when miz_size was set to 2 - this was causing a
perpetual diff in the test
Was failing due to using IAM user `test-name` as it was being used in
more than 1 place - this has been replaced by a random user and random
policy names now
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSUserPolicyAttachment_basic' 2 ↵ ✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/31 08:39:08 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSUserPolicyAttachment_basic -timeout 120m
=== RUN TestAccAWSUserPolicyAttachment_basic
--- PASS: TestAccAWSUserPolicyAttachment_basic (32.04s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 32.053s
```
Previously this resource (and, by extension, the aws_ami_copy and
aws_ami_from_instance resources that share much of its implementation)
was handling correctly the case where an AMI had been recently
deregistered, and was thus still returned from the API, but not correctly
dealing with the situation where the AMI has been removed altogether.
Now we additionally handle the NotFound error returned by the API when
we request a non-existent AMI, and remove the AMI from the state in the
same way we do for deregistered AMIs.
This resource allows writing a generic secret, and indeed anything else
that obeys the expected create/update/delete lifecycle, into vault via
writes to its logical path namespace.
To reduce the risk of secret exposure via Terraform state and log output,
we default to creating a relatively-short-lived token (20 minutes) such
that Vault can, where possible, automatically revoke any retrieved
secrets shortly after Terraform has finished running.
This has some implications for usage of this provider that will be spelled
out in more detail in the docs that will be added in a later commit, but
the most significant implication is that a plan created by "terraform plan"
that includes secrets leased from Vault must be *applied* before the
lease period expires to ensure that the issued secrets remain valid.
No resources yet. They will follow in subsequent commits.
* provider/google Document MySQL versions for second generation instances
Google Cloud SQL has first-gen and second-gen instances with different
supported versions of MySQL.
* provider/google Increase SQL Admin operation timeout to 10 minutes
Creating SQL instances for MySQL 5.7 can take over 7 minutes,
so the timeout needs to be increased to allow the
google_sql_database_instance resource to successfully create.
This commit adds an ability to modify the `AutoMinorVersionUpgrade` property of the
Replication Group (which is enabled by default) accordingly.
Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>
* Adding private gateway and static route resource to cloudstack provider
Testing the private gateway and static route resource requires a ROOT
account in Cloudstack
* changes requested by reviewer
Fixes#9654
Before the fix, I created an ASG with a schedule on it. Went to the AWS
console and deleted the schedule. A terraform plan looked as follows:
```
% terraform plan
See https://www.terraform.io/docs/internals/internal-plugins.html
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but
will not be persisted to local or remote state storage.
aws_launch_configuration.foobar: Refreshing state... (ID:
terraform-test-foobar5)
aws_autoscaling_group.foobar: Refreshing state... (ID:
terraform-test-foobar5)
aws_autoscaling_schedule.foobar: Refreshing state... (ID: foobar)
Error refreshing state: 1 error(s) occurred:
* aws_autoscaling_schedule.foobar: Unable to find Autoscaling
* Scheduled Action: []*autoscaling.ScheduledUpdateGroupAction(nil)
```
After the fix:
```
terraform plan 1 ↵
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but
will not be persisted to local or remote state storage.
aws_launch_configuration.foobar: Refreshing state... (ID: terraform-test-foobar5)
aws_autoscaling_group.foobar: Refreshing state... (ID: terraform-test-foobar5)
aws_autoscaling_schedule.foobar: Refreshing state... (ID: foobar)
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed. Cyan entries are data sources to be read.
Note: You didn't specify an "-out" parameter to save this plan, so when
"apply" is called, Terraform can't guarantee this is what will execute.
+ aws_autoscaling_schedule.foobar
arn: "<computed>"
autoscaling_group_name: "terraform-test-foobar5"
desired_capacity: "0"
end_time: "2018-01-16T13:00:00Z"
max_size: "0"
min_size: "0"
recurrence: "<computed>"
scheduled_action_name: "foobar"
start_time: "2018-01-16T07:00:00Z"
Plan: 1 to add, 0 to change, 0 to destroy.
```
Tests run as expected:
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSAutoscalingSchedule_' 2 ↵ ✹
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/27 17:45:19 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAutoscalingSchedule_ -timeout 120m
=== RUN TestAccAWSAutoscalingSchedule_basic
--- PASS: TestAccAWSAutoscalingSchedule_basic (140.94s)
=== RUN TestAccAWSAutoscalingSchedule_disappears
--- PASS: TestAccAWSAutoscalingSchedule_disappears (179.17s)
=== RUN TestAccAWSAutoscalingSchedule_recurrence
--- PASS: TestAccAWSAutoscalingSchedule_recurrence (186.72s)
=== RUN TestAccAWSAutoscalingSchedule_zeroValues
--- PASS: TestAccAWSAutoscalingSchedule_zeroValues (167.73s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 674.530s
```
* provider/aws: data source for AWS Security Group
* provider/aws: add documentation for data source for AWS Security Group
* provider/aws: data source for AWS Security Group (improve if condition and syntax)
* fix fmt
* provider/scaleway: fix scaleway_volume_attachment with count > 1
since scaleway requires servers to be powered off to attach volumes to, we need
to make sure that we don't power down a server twice, or power up a server while
it's supposed to be modified.
sadly terraform doesn't seem to sport serialization primitives for usecases like
this, but putting the code in question behind a `sync.Mutex` does the trick, too
fixes#9417
* provider/scaleway: use mutexkv to lock per-resource
following @dcharbonnier suggestion. thanks!
* provider/scaleway: cleanup waitForServerState signature
* provider/scaleway: store serverID in var
* provider/scaleway: correct imports
* provider/scaleway: increase timeouts
* Improve messaging when storage account isn't found.
* Add client for finding resources when you don't know it's resource group.
* Add function to find Storage Account resource group name.
* Use the storage account resource group, not the virtual machine's resource group when deleting VHDs.
* Add description of storage account ID for clarity.
* Improve VHD deletion test when storage account is in different resource group.
* Use common function for ID parsing of storage account.
* Add AWS Prefix List data source.
AWS Prefix List data source acceptance test.
AWS Prefix List data source documentation.
* Improve error message when PL not matched.
* provider/scaleway speedup server deletion
using `terminate` instead of `poweroff` leads to a faster shutdown
fixes#9430
* provider/scaleway: extract server shutdown code