Commit Graph

24674 Commits

Author SHA1 Message Date
Pam Selle 0a893f8c53 Update to equality vs comparison 2019-07-30 10:51:14 -04:00
Paul Tyng e400c25358
Minor typo 2019-07-30 10:43:46 -04:00
Paul Tyng 366f70a71e
Update copy for Exists
You can signal the same information in `Read` with an empty ID if the object does not exist, Implementing `Exists` is not the only way to do so and in some providers is also not the preferred way.
2019-07-30 10:37:58 -04:00
Brian Flad acf794b07f
deps: github.com/aws/aws-sdk-go@v1.21.7
Notable changes (from Terraform AWS Provider CHANGELOG):

```
NOTES:

* backend/s3: Region validation now automatically supports the new `me-south-1` Middle East (Bahrain) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the [previous new region announcement blog post](https://aws.amazon.com/blogs/aws/now-open-aws-asia-pacific-hong-kong-region/). When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. `error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid`).
* backend/s3: After this update, the AWS Go SDK will prefer credentials found via the `AWS_PROFILE` environment variable when both the `AWS_PROFILE` environment variable and the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables are statically defined. Previously the SDK would ignore the `AWS_PROFILE` environment variable, if static environment credentials were also specified. This is listed as a bug fix in the AWS Go SDK release notes.

ENHANCEMENTS:

* backend/s3: Add support for assuming role via web identity token via the `AWS_WEB_IDENTITY_TOKEN_FILE` and `AWS_ROLE_ARN` environment variables
* backend/s3: Support automatic region validation for `me-south-1`

BUG FIXES:

* backend/s3: Load credentials via the `AWS_PROFILE` environment variable (if available) when `AWS_PROFILE` is defined along with `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
```

Updated via:

```
go get github.com/aws/aws-sdk-go@v1.21.7
go mod tidy
go mod vendor
```

Verification with this update:

```hcl
terraform {
  backend "s3" {
    bucket = "me-south-1-testing"
    key    = "test"
    region = "me-south-1"
  }
}

output "test" {
  value = timestamp()
}
```

Outputs:

```
$ terraform apply

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

test = 2019-07-30T12:49:19Z
```

If the new region is not properly enabled for the account, errors like the below will be received:

```
$ terraform init

Initializing the backend...

Error: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
```

To use this region before this update:

```hcl
terraform {
  # ... potentially other configuration ...

  backend "s3" {
    # ... other configuration ...

    region                 = "me-south-1"
    skip_region_validation = true
  }
}
```
2019-07-30 08:51:39 -04:00
James Bardin 8b2646c2a6
Merge pull request #22149 from hashicorp/jbardin/state-show-deposed
account for deposed in terraform show
2019-07-29 14:25:02 -07:00
James Bardin 7648f99bca
Merge pull request #22236 from hashicorp/jbardin/nil-in-config
don't reflect nil in schema validation
2019-07-29 14:08:37 -07:00
James Bardin 345dfaccb6 Account for deposed instances in show command, adding the details for
each deposed instance.
Prevent crash if the current instance is missing.
2019-07-29 17:02:44 -04:00
James Bardin 5878527732
Merge pull request #22221 from hashicorp/jbardin/min-items
MinItems with dynamic blocks
2019-07-29 09:45:42 -07:00
James Bardin 016c4f782d don't reflect nil in schema validation
Nil values were not previously expected during validation, but they can
appear in some situations with the new protocol. Add checks to prevent
using zero reflect.Values.
2019-07-29 12:38:35 -04:00
Pam Selle 6ed09cbc4d
Merge pull request #22230 from tmccombs/for_each_provision
Support using self in the provisioner of resources that use for_each
2019-07-29 10:43:56 -04:00
Thayne McCombs b9af3cd86b Support using self in the provisioner of resources that use for_each 2019-07-29 01:18:33 -06:00
James Bardin 4bed030d40 don't validate MinItems with unknowns in a block
If there are unknowns, the block may have come from a dynamic
declaration, and we can't validate MinItems. Once the blocks are
expanded, we will get the full config for validation without any unknown
values.
2019-07-27 11:50:28 -07:00
James Bardin 67dbd6d345 don't check MinItems with unknowns in blocks
If a block was defined via "dynamic", there will be only one block value
until the expansion is known. Since we can't detect dynamic blocks at
this point, don't verify MinItems while there are unknown values in the
config.

The decoder spec can also only check for existence of a block, so limit
the check to 0 or 1.
2019-07-27 11:50:28 -07:00
James Bardin 682286e184 test for Required win MinItems > 1 2019-07-26 14:36:19 -07:00
Pam Selle f184d2c62a Docs to assist with #21978 2019-07-26 16:14:23 -04:00
Pam Selle 112b7755c0
Update CHANGELOG.md 2019-07-26 11:44:57 -04:00
Pam Selle 360068b3cb
Merge pull request #21922 from pselle/resource_for_each
Resource for_each
2019-07-26 11:41:56 -04:00
Pam Selle 1b25cb7d4a Docs updates for data resources, update expressions ref 2019-07-26 11:22:10 -04:00
Pam Selle e7d8ac5ad7 Remove panic, update comment 2019-07-26 11:22:10 -04:00
Pam Selle 799ebbf79b
Update CHANGELOG.md 2019-07-25 17:36:30 -04:00
Pam Selle a534e9c784
Merge pull request #22209 from pselle/heredocs
Upgrade HCL to include fmt fix
2019-07-25 17:35:13 -04:00
Pam Selle fadbe69da6
Merge pull request #22213 from hashicorp/d-remote-state-backend
docs: Update example remote_state to use remote backend
2019-07-25 17:15:26 -04:00
Thayne McCombs 7c678d104f Add support for for_each for data blocks.
This also fixes a few things with resource for_each:

It makes validation more like validation for count.

It makes sure the index is stored in the state properly.
2019-07-25 16:59:06 -04:00
Paul Hinze 69d44f763f
docs: Update example remote_state to use remote backend
The "remote" backend supersedes the "atlas" backend so this is the one we should use in the example.
2019-07-25 13:33:41 -05:00
Pam Selle d34103696f Upgrade HCL to include fmt fix, involves #21434 2019-07-25 11:27:51 -04:00
Radek Simko c41e98a075
Merge pull request #19166 from manojlds/patch-1
Minor edits to improve the reading flow
2019-07-24 08:51:52 +01:00
Kristin Laemmert bc13ec7488
Update CHANGELOG.md 2019-07-23 13:07:06 -04:00
Kristin Laemmert 66f4a48b8c
configs/configupgrade: fix panic on nil hilNode (#22181)
In some cases (see #22020 for a specific example), the parsed hilNode
can be nil. This causes a series of panics. Instead, return an error and
move on.
2019-07-23 13:05:37 -04:00
The Terraform Team eaa57243c7
Merge pull request #22182 from hashicorp/appilon/hashibot-lock-closed
[hashibot] configure issue locker
2019-07-23 12:31:55 -04:00
Alex Pilon 2b068c595b
configure issue locker 2019-07-23 12:08:11 -04:00
James Bardin 1bd65bd4b2
Merge pull request #22169 from hashicorp/jbardin/dynamic-on-attr
invlaid use of dynamic with attrs should not panic
2019-07-23 09:50:43 -04:00
Kristin Laemmert a16e1fc0a1
command/init: omit a warning if -backend-config is used with no backend (#22164)
* command/init: omit a warning if -backend-config is used with no backend
block

Terraform would silently accept - and swallow - `-backend-config` on the
CLI when there was no `backend` block. Since it is mostly expected to
override existing backend configuration, terraform
should omit a warning if there is no backend configuration to
override.

If the user intended to override the default (local) backend
configuration, they can first add a `backend` block to the `terraform` block to silence the warning (or just ignore it):

```hcl
terraform {
  backend "local" {}
}
```
2019-07-23 08:08:28 -04:00
James Bardin 6e222375c7 invlaid use of dynamic with attrs should not panic
Mistakenly using dynamic on an attribute will lead to a panic when
attempting to resolve variable references with a partial body, because
the dynamic blocks have yet to be expanded and validated. Check that the
block element type is actually an object before generating a schema.
2019-07-22 17:16:18 -04:00
Chris Griggs a02e43b86e
Merge pull request #22165 from hashicorp/cgriggs01-aci
[Website] Cisco ACI links
2019-07-22 08:04:09 -07:00
Pam Selle 7d905f6777 Resource for_each 2019-07-22 10:51:16 -04:00
Kristin Laemmert 16fa18c139
Update CHANGELOG.md 2019-07-22 09:07:43 -04:00
Kristin Laemmert 412d459292
backend/remote: remove milseading contents from error message (#22148)
Previously, terraform was returning a potentially-misleading error
message in response to anything other than a 404 from the
b.client.Workspaces.Read operation. This PR simplifies Terraform's error
message with the intent of encouraging those who encounter it to focus
on the error message returned from the tfe client.

The added test is odd, and a bit hacky, and possibly overkill.
2019-07-22 09:06:39 -04:00
Mark 3031aca971 Add SSH cert authentication method for connection via Bastion 2019-07-21 09:32:48 +03:00
James Bardin 4c337cc51d update CHANGELOG.md 2019-07-19 16:43:26 -04:00
James Bardin a0b0c29ad2
Merge pull request #22146 from hashicorp/jbardin/get-panic
missing error check in discovery
2019-07-19 16:28:47 -04:00
James Bardin 666838f309 missing error check in discovery 2019-07-19 15:20:50 -04:00
Radek Simko b117457c6a
Update CHANGELOG.md 2019-07-19 19:52:10 +01:00
Radek Simko 68d729bfaa
Merge pull request #22097 from dancyatfranz/master
Improve ssh connection debug messages
2019-07-19 19:51:25 +01:00
James Bardin cb723702d9 update CHANGELOG.md 2019-07-19 14:47:30 -04:00
Ahmon Dancy f9db6651b8 Improve ssh connection debug messages
1) Mention the host and port in the "Connecting..." message.

2) Mention the username in the post-connection handshaking message.

3) If handshaking fails, mention the user, host, and port in the error
   message that will eventually be returned to the user.
2019-07-19 08:49:00 -07:00
Radek Simko 8d799ff8fc
Update CHANGELOG.md 2019-07-19 11:32:07 +01:00
Martin Atkins d41fc8d517 states/statefile: additional context for some v3 upgrade error messages
Some of our errors returned here were lacking context about what part of
the file was problematic, which led to some useless error reporting for
some real-world situations that this upgrade process doesn't seem to be
catching.

Here we add additional context to those error cases, as a step towards
tracking down exactly which upgrade cases are missing here so that we can
potentially fix them in a subsequent release.
2019-07-18 18:20:53 -07:00
James Bardin 4b79f85a25
Merge pull request #22137 from hashicorp/jbardin/update-hcl2
update hcl2
2019-07-18 20:55:36 -04:00
James Bardin f69e4df5c5 update hcl2
Includes fixes for conditionals with unknown values.
2019-07-18 20:26:45 -04:00
appilon 15c71e8538
Merge pull request #22130 from hashicorp/appilon/prune-meta-command
[Cleanup] prune dead code from command/meta
2019-07-18 16:35:08 -04:00