This commit adds a new callback, DiffSuppressFunc, to the schema.Schema
structure. If set for a given schema, a callback to the user-supplied
function will be made for each attribute for which the default
type-based diff mechanism produces an attribute diff. Returning `true`
from the callback will suppress the diff (i.e. pretend there was no
diff), and returning false will retain it as part of the plan.
There are a number of motivating examples for this - one of which is
included as an example:
1. On SSH public keys, trailing whitespace does not matter in many
cases - and in some cases it is added by provider APIs. For
digitalocean_ssh_key resources we previously had a StateFunc that
trimmed the whitespace - we now have a DiffSuppressFunc which
verifies whether the trimmed strings are equivalent.
2. IAM policy equivalence for AWS. A good proportion of AWS issues
relate to IAM policies which have been "normalized" (used loosely)
by the IAM API endpoints. This can make the JSON strings differ
from those generated by iam_policy_document resources or template
files, even though the semantics are the same (for example,
reordering of `bucket-prefix/` and `bucket-prefix/*` in an S3
bucket policy. DiffSupressFunc can be used to test for semantic
equivalence rather than pure text equivalence, but without having to
deal with the complexity associated with a full "provider-land" diff
implementation without helper/schema.
IPV6 Addresses are generally case insensitive but it is recommented to
store them as lowercase (https://tools.ietf.org/html/rfc5952#section-4.3)
When Terraform didn't store them as LowerCase, we got the following
error when using in DNS records:
```
-/+ digitalocean_record.web6
domain: "mydomain.com" => "mydomain.com"
fqdn: "web02.in.mydomain.com" => "<computed>"
name: "web02.in" => "web02.in"
port: "0" => "<computed>"
priority: "0" => "<computed>"
type: "AAAA" => "AAAA"
value: "2a03:b0c0:0003:00d0:0000:0000:0b66:6001" => "2A03:B0C0:0003:00D0:0000:0000:0B66:6001" (forces new resource)
weight: "0" => "<computed>"
```
There was no need for this to be the case. We now enforce lowercase on both state and also when responses are returned from the API
```
% make testacc TEST=./builtin/providers/digitalocean TESTARGS='-run=TestAccDigitalOceanTag_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
TF_ACC=1 go test ./builtin/providers/digitalocean -v
-run=TestAccDigitalOceanTag_ -timeout 120m
=== RUN TestAccDigitalOceanTag_importBasic
--- PASS: TestAccDigitalOceanTag_importBasic (2.42s)
=== RUN TestAccDigitalOceanTag_Basic
--- PASS: TestAccDigitalOceanTag_Basic (1.72s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/digitalocean
4.151s
```
```
make testacc TEST=./builtin/providers/digitalocean
TESTARGS='-run=TestAccDigitalOceanDomain_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/digitalocean -v -run=TestAccDigitalOceanDomain_ -timeout 120m
=== RUN TestAccDigitalOceanDomain_importBasic
--- PASS: TestAccDigitalOceanDomain_importBasic (3.07s)
=== RUN TestAccDigitalOceanDomain_Basic
--- PASS: TestAccDigitalOceanDomain_Basic (1.99s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/digitalocean
5.072s
```
```
make testacc TEST=./builtin/providers/digitalocean
TESTARGS='-run=TestAccDigitalOceanSSHKey_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/digitalocean -v -run=TestAccDigitalOceanSSHKey_ -timeout 120m
=== RUN TestAccDigitalOceanSSHKey_importBasic
--- PASS: TestAccDigitalOceanSSHKey_importBasic (2.13s)
=== RUN TestAccDigitalOceanSSHKey_Basic
--- PASS: TestAccDigitalOceanSSHKey_Basic (1.52s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/digitalocean
3.665s
```
Fixes#6673
When a floating IP is changed in the DO console, this PR will allow it
to be reassociated to the machine that Terraform attached it to and
change it back
The region returned by the API is always lowercase therefore when you specify a region uppercase in your config file it forces the droplet to be regenerated on every ```terraform apply``` (even when it is not needed).
This applies the same fix to `digitalocean_ssh_key` as #5588 applies to
droplets. Fixes#5402. The report there gives weight to my theory that
this occurs when there are transport issues.
* Add SSH Keys to all droplets in tests, this prevents acctests from
spamming account owner email with root password details
* Add a new helper/acctest package to be a home for random string / int
implementations used in tests.
* Insert some random details into record tests to prevent collisions
* Normalize config style in tests to hclfmt conventions
The error string for 404s on DNS domains has (apparently)
changed, causing things to be a little sad when you modify
DNS domains from the DO console instead of terraform. This
is just the same fix as was applied to droplets around this
time last month.
While I was at it I just fixed this everywhere I saw it in the
DO provider source tree.
James Nugent