Fixes the `TestAccAwsAPIGatewayMethod_customauthorizer` acceptance test which would previously fail if the iam_role resources would leak
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAwsAPIGatewayMethod_customauthorizer'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/09 09:10:07 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAwsAPIGatewayMethod_customauthorizer -timeout 120m
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 0.022s
```
An AWS Security Group Rule requires at least one of `cidr_blocks`, `self`, or `source_security_group_id` in order to be successfully created.
If the `aws_security_group_rule` doesn't contain one of these attributes, the AWS API will still return a `200` response, and not report any error in the response.
Example response from the API on a malformed submission:
```
2017/02/08 16:04:33 [DEBUG] plugin: terraform: -----------------------------------------------------
2017/02/08 16:04:33 [DEBUG] plugin: terraform: aws-provider (internal) 2017/02/08 16:04:33 [DEBUG] [aws-sdk-go] DEBUG: Response ec2/AuthorizeSecurityGroupIngress Details:
2017/02/08 16:04:33 [DEBUG] plugin: terraform: ---[ RESPONSE ]--------------------------------------
2017/02/08 16:04:33 [DEBUG] plugin: terraform: HTTP/1.1 200 OK
2017/02/08 16:04:33 [DEBUG] plugin: terraform: Connection: close
2017/02/08 16:04:33 [DEBUG] plugin: terraform: Transfer-Encoding: chunked
2017/02/08 16:04:33 [DEBUG] plugin: terraform: Content-Type: text/xml;charset=UTF-8
2017/02/08 16:04:33 [DEBUG] plugin: terraform: Date: Wed, 08 Feb 2017 21:04:33 GMT
2017/02/08 16:04:33 [DEBUG] plugin: terraform: Server: AmazonEC2
2017/02/08 16:04:33 [DEBUG] plugin: terraform: Vary: Accept-Encoding
2017/02/08 16:04:33 [DEBUG] plugin: terraform:
2017/02/08 16:04:33 [DEBUG] plugin: terraform: 102
2017/02/08 16:04:33 [DEBUG] plugin: terraform: <?xml version="1.0" encoding="UTF-8"?>
2017/02/08 16:04:33 [DEBUG] plugin: terraform: <AuthorizeSecurityGroupIngressResponse xmlns="http://ec2.amazonaws.com/doc/2016-11-15/">
2017/02/08 16:04:33 [DEBUG] plugin: terraform: <requestId>ac08c33f-8043-46d4-b637-4c4b2fc7a094</requestId>
2017/02/08 16:04:33 [DEBUG] plugin: terraform: <return>true</return>
2017/02/08 16:04:33 [DEBUG] plugin: terraform: </AuthorizeSecurityGroupIngressResponse>
2017/02/08 16:04:33 [DEBUG] plugin: terraform: 0
2017/02/08 16:04:33 [DEBUG] plugin: terraform:
2017/02/08 16:04:33 [DEBUG] plugin: terraform:
2017/02/08 16:04:33 [DEBUG] plugin: terraform: -----------------------------------------------------
```
This previously caused Terraform to wait until the security_group_rule propagated, which never happened due to the silent failure.
The changeset ensures that one of the required attributes are set prior to creating the aws_security_group_rule.
Also catches the error returned from the retry function. Previously the error was ignored, and only logged at the `DEBUG` level.
Previously, an `aws_rds_cluster` that contains active instance groups would timeout on a destroy, if the destroy was able to only target the rds_cluster and not include the instance groups.
This would result in a `400` response from AWS, and Terraform would sit in a wait-loop until a 15-minute timeout while waiting for the cluster to be destroyed.
This catches the error returned from the `DeleteDBCluster` function call such that the proper error case can be returned to the user.
`400` from the AWS API:
```
2017/02/08 13:40:47 [DEBUG] plugin: terraform: ---[ RESPONSE ]--------------------------------------
2017/02/08 13:40:47 [DEBUG] plugin: terraform: HTTP/1.1 400 Bad Request
2017/02/08 13:40:47 [DEBUG] plugin: terraform: Connection: close
2017/02/08 13:40:47 [DEBUG] plugin: terraform: Content-Length: 337
2017/02/08 13:40:47 [DEBUG] plugin: terraform: Content-Type: text/xml
2017/02/08 13:40:47 [DEBUG] plugin: terraform: Date: Wed, 08 Feb 2017 18:40:46 GMT
2017/02/08 13:40:47 [DEBUG] plugin: terraform: X-Amzn-Requestid: 1b4a76cc-ee2e-11e6-867d-2311ebaffd3e
2017/02/08 13:40:47 [DEBUG] plugin: terraform:
2017/02/08 13:40:47 [DEBUG] plugin: terraform: <ErrorResponse xmlns="http://rds.amazonaws.com/doc/2014-10-31/">
2017/02/08 13:40:47 [DEBUG] plugin: terraform: <Error>
2017/02/08 13:40:47 [DEBUG] plugin: terraform: <Type>Sender</Type>
2017/02/08 13:40:47 [DEBUG] plugin: terraform: <Code>InvalidDBClusterStateFault</Code>
2017/02/08 13:40:47 [DEBUG] plugin: terraform: <Message>Cluster cannot be deleted, it still contains DB instances in non-deleting state.</Message>
2017/02/08 13:40:47 [DEBUG] plugin: terraform: </Error>
2017/02/08 13:40:47 [DEBUG] plugin: terraform: <RequestId>1b4a76cc-ee2e-11e6-867d-2311ebaffd3e</RequestId>
2017/02/08 13:40:47 [DEBUG] plugin: terraform: </ErrorResponse>
2017/02/08 13:40:47 [DEBUG] plugin: terraform:
2017/02/08 13:40:47 [DEBUG] plugin: terraform: -----------------------------------------------------
```
Error returns now, as expected:
```
Error applying plan:
2017/02/08 13:40:47 [DEBUG] plugin: waiting for all plugin processes to complete...
1 error(s) occurred:
* aws_rds_cluster.jake (destroy): 1 error(s) occurred:
2017/02/08 13:40:47 [DEBUG] plugin: terraform: aws-provider (internal) 2017/02/08 13:40:47 [DEBUG] plugin: waiting for all plugin processes to complete...
* aws_rds_cluster.jake: RDS Cluster cannot be deleted: Cluster cannot be deleted, it still contains DB instances in non-deleting state.
```
Our DNS tests were using terraform.test as a DNS name, which GCP was
erroring on, as we haven't proven we own the domain (and can't, as we
don't). To solve this, I updated the tests to use hashicorptest.com,
which we _do_ own, and which we have proven ownership of. The tests now
pass.
Found in testing that a timeout of 30 seconds didn't allow for the error
message that codebuild wasn't supported in eu-west-2
Discussed this with @radeksimko and he suggested a timeout raise
Previously the db_event_subscription import would only work if there was a single db_event_subscription resource. This fixes the import, allowing it to work as expected.
Also fixes the acceptance test for the resource to reflect this.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBEventSubscription_importBasic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/07 10:38:10 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBEventSubscription_importBasic -timeout 120m
=== RUN TestAccAWSDBEventSubscription_importBasic
--- PASS: TestAccAWSDBEventSubscription_importBasic (633.33s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 633.353s
```
* Adds schema for fastly healthcheck
* Handles changes to the fastly healthcheck
* Flattens and refreshed fastly healthchecks
* Adds testing for fastly healthcheck
* Adds website documentation for fastly healthcheck
* Fixes terraform syntax in test examples
Fixes the `TestAccAWSDBEventSubscription_basicUpdate` acceptance test
`TestAccAWSDBEventSubscription_importBasic` is still failing, but has been failing since November.
This changes removes read of the deprecated `policy_data` attr in
the `google_project` resource.
0.8.5 introduced new behavior that incorrectly read the `policy_data`
field during the read lifecycle event. This caused Terraform to
assume it owned not just policy defined in the data source, but
everything that was associated with the project. Migrating from 0.8.4
to 0.8.5, this would cause the config (partial) to be compared to the
state (complete, as it was read from the API) and assume some
policies had been explicitly deleted. Terraform would then delete them.
Fixes#11556
Allows the user to specify the log format version when setting up `s3logging` on the fastly service resource.
Requires an update to the vendored `go-fastly` dependency.
Also adds an additional acceptance test for the new attribute.
```
$ make testacc TEST=./builtin/providers/fastly TESTARGS='-run=TestAccFastlyServiceV1_s3logging'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/02/06 14:51:55 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/fastly -v -run=TestAccFastlyServiceV1_s3logging -timeout 120m
=== RUN TestAccFastlyServiceV1_s3logging_basic
--- PASS: TestAccFastlyServiceV1_s3logging_basic (36.11s)
=== RUN TestAccFastlyServiceV1_s3logging_s3_env
--- PASS: TestAccFastlyServiceV1_s3logging_s3_env (15.35s)
=== RUN TestAccFastlyServiceV1_s3logging_formatVersion
--- PASS: TestAccFastlyServiceV1_s3logging_formatVersion (15.71s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/fastly 67.186s
```
- OpenStack provider now supports either a path or the file contents for
`cacert_file`, `cert`, and `key`
- Makes it easier to automate TF by passing in certs as environment
variables
- set `OS_SSL_TESTS=true` to run the acceptance tests
Updates vendored Nomad jobspec parser such that parameterized nomad job files can no be parsed and used with Terraform.
Also fixes tests to adhere to new jobspec version, and update documentation to reflect such as well.
Jake Champlin