Commit Graph

189 Commits

Author SHA1 Message Date
Martin Atkins 43c1ec69e2 build: Use Go 1.14
This implies some notable changes that will have a visible impact to
end-users of official Terraform releases:

- Terraform is no longer compatible with MacOS 10.10 Yosemite, and
  requires at least 10.11 El Capitan. (Relatedly, Go 1.14 is planned to be
  the last release to support El Capitan, so while that remains supported
  for now, it's notable that Terraform 0.13 is likely to be the last major
  release of Terraform supporting it, with 0.14 likely to further require
  MacOS 10.12 Sierra.)

- Terraform is no longer compatible with FreeBSD 10.x, which has reached
  end-of-life. Terraform now requires FreeBSD 11.2 or later.

- Terraform now supports TLS 1.3 when it makes connections to remote
  services such as backends and module registries. Although TLS 1.3 is
  backward-compatible in principle, some legacy systems reportedly work
  incorrectly when attempting to negotiate it. (This change does not
  affect outgoing requests made by provider plugins, though they will see
  a similar change in behavior once built with Go 1.13 or later.)

- Ed25519 certificates are now supported for TLS 1.2 and 1.3 connections.

- On UNIX systems where "use-vc" is set in resolv.conf, TCP will now be
  used for DNS resolution. This is unlikely to cause issues in practice
  because a system set up in this way can presumably already reach its
  nameservers over TCP (or else other applications would misbehave), but
  could potentially lead to lookup failures in unusual situations where a
  system only runs Terraform, has historically had "use-vc" in its
  configuration, but yet is blocked from reaching its configured
  nameservers over TCP.

- Some parts of Terraform now support Unicode 12.0 when working with
  strings. However, notably the Terraform Language itself continues to
  use the text segmentation tables from Unicode 9.0, which means it lacks
  up-to-date support for recognizing modern emoji combining forms as
  single characters. (We may wish to upgrade the text segmentation tables
  to Unicode 12.0 tables in a later commit, to restore consistency.)

This also includes some changes to the contents of "vendor", and
particularly to the format of vendor/modules.txt, per the changes to
vendoring in the Go 1.14 toolchain. This new syntax is activated by the
specification of "go 1.14" in the go.mod file.

Finally, the exact format of error messages from the net/http library has
changed since Go 1.12, and so a couple of our tests needed updates to
their expected error messages to match that.
2020-03-04 13:26:50 -08:00
James Bardin 7d3fe3b404 update cty 2020-03-03 15:20:11 -05:00
Martin Atkins 02576988c1 lang: "try" and "can" functions
These are intended to make it easier to work with arbitrary data
structures whose shape might not be known statically, such as the result
of jsondecode(...) or yamldecode(...) of data from a separate system.

For example, in an object value which has attributes that may or may not
be set we can concisely provide a fallback value to use when the attribute
isn't set:

    try(local.example.foo, "fallback-foo")

Using a "try to evaluate" model rather than explicit testing fits better
with the usual programming model of the Terraform language where values
are normally automatically converted to the necessary type where possible:
the given expression is subject to all of the same normal type conversions,
which avoids inadvertently creating a more restrictive evaluation model
as might happen if this were handled using checks like a hypothetical
isobject(...) function, etc.
2020-01-10 15:23:25 -08:00
Martin Atkins b62e9a7227 vendor: go get github.com/hashicorp/hcl/v2@v2.3.0
This brings in the new HCL extension functions "try", "can", and
"convert", along with the underlying HCL and cty infrastructure that allow
them to work.
2020-01-10 15:23:25 -08:00
Martin Atkins eda57670ce go get github.com/apparentlymart/go-versions@master 2020-01-10 09:41:27 -08:00
Kristin Laemmert 18dd1bb4d6
Mildwonkey/tfconfig upgrade (#23670)
* deps: bump terraform-config-inspect library
* configs: parse `version` in new required_providers block

With the latest version of `terraform-config-inspect`, the
required_providers attribute can now be a string or an object with
attributes "source" and "version". This change allows parsing the
version constraint from the new object while ignoring any given source attribute.
2020-01-10 11:54:53 -05:00
James Bardin 9e5fca67e8 update go-getter
Update to a go1.12 compatible branch of v1.4.1, which removes the
Header.Clone methods which were added in go1.13.
2020-01-06 20:44:02 -05:00
Martin Atkins 9a17497d3f vendor: go get github.com/hashicorp/hcl/v2@v2.2.0
This also includes an upgrade to cty v1.1.1 because HCL calls for it.

The changes in these two libraries are mainly to codepaths that don't
directly affect Terraform, but including this upgrade will cause some
small improvements to Terraform's error messages for type conversion
problems.
2019-12-12 10:36:23 -08:00
Pam Selle 717ed70c21 Run of vendor and tidy 2019-12-09 11:34:12 -05:00
Martin Atkins 6db3cf8e5b vendor: upgrade Azure SDK and Azure/go-autorest
This involves some minor changes to the "azure" backend code to account
for upstream breaking changes.
2019-12-02 10:04:49 -08:00
Pam Selle 1077f01e08 Point to updated go-tfe 2019-11-15 14:14:17 -05:00
Bastien Penavayre e7022679b2 vendor: go get github.com/mitchellh/panicwrap@v1.0.0 2019-11-05 16:22:45 -08:00
Radek Simko 7860f55e4f
Version tools per Go convention under tools.go 2019-10-17 22:23:39 +02:00
Pam Selle a8dcd0cab2 go mod vendor; go mod tidy 2019-10-17 11:14:30 -04:00
Pam Selle 57cf6d74ce Point to tfignore branch of go-tfe 2019-10-17 11:12:00 -04:00
Radek Simko 9051591899
go mod tidy & go mod vendor 2019-10-11 22:41:27 +01:00
Stas Alekseev 6656104f8f deps: github.com/hashicorp/aws-sdk-go-base@v0.4.0 (#22994) 2019-10-11 12:50:12 -04:00
Martin Atkins 39e609d5fd vendor: switch to HCL 2.0 in the HCL repository
Previously we were using the experimental HCL 2 repository, but now we'll
shift over to the v2 import path within the main HCL repository as part of
actually releasing HCL 2.0 as stable.

This is a mechanical search/replace to the new import paths. It also
switches to the v2.0.0 release of HCL, which includes some new code that
Terraform didn't previously have but should not change any behavior that
matters for Terraform's purposes.

For the moment the experimental HCL2 repository is still an indirect
dependency via terraform-config-inspect, so it remains in our go.sum and
vendor directories for the moment. Because terraform-config-inspect uses
a much smaller subset of the HCL2 functionality, this does still manage
to prune the vendor directory a little. A subsequent release of
terraform-config-inspect should allow us to completely remove that old
repository in a future commit.
2019-10-02 15:10:21 -07:00
Paul Thrasher bc2d888b7b
update to go-tfe 0.3.23
this fixes the attr types

Signed-off-by: Paul Thrasher <pthrasher@hashicorp.com>
2019-09-27 14:16:05 -07:00
Paul Thrasher 29c8ca485e
go-tfe dep update to 0.3.22
Signed-off-by: Paul Thrasher <pthrasher@hashicorp.com>
2019-09-27 14:15:40 -07:00
wata_mac 6f83197856 go get github.com/apparentlymart/go-cidr@v1.0.1
This includes fixes in the handling of IPv6 prefixes that leave a host
portion longer than the size of int on the target platform.
2019-09-09 14:31:21 -07:00
Martin Atkins 6bba3ceb42 command: "terraform login" command 2019-09-09 11:15:23 -07:00
Radek Simko 5fb1e08678
vendor: Bump go-getter to 1.4.0 2019-09-09 14:04:58 +02:00
Radek Simko b8fd6df225
vendor: Bump github.com/golang/protobuf to 1.3.2 2019-09-05 14:47:27 +02:00
Brian Flad 19cf34114f
lang/funcs: Switch fileset() function glob implementation to github.com/bmatcuk/doublestar to support additional glob patterns
This allows the usage of the glob patterns `**` and `{alternative1,...}` to simplify Terraform configuration logic for more complex file matching.
2019-08-30 20:22:03 -04:00
Martin Atkins aa6dca4912 vendor: go get github.com/chzyer/readline@master
This new version includes Solaris support, the lack of which previously
caused us to disable readline-using features ("terraform console") on
Solaris builds.
2019-08-30 14:42:19 -07:00
Martin Atkins f3fe3bfb5f vendor: go get golang.org/x/sys
We'll use this to call the Windows ReplaceFile API for safe file
replacement when updating credentials.tf.json in "terraform login" and
"terraform logout".
2019-08-23 11:57:11 -07:00
Radek Simko 16ba85083f
deps: Bump github.com/go-test/deep to 1.0.3 2019-08-21 11:32:13 +01:00
Radek Simko f3357aad45
vendor: Downgrade Azure dependencies
This is to allow Terraform providers to upgrade to at least
one more minor version of the plugin SDK without major UX hiccups.

This concludes (unsuccessful) experiments involving upgrades
to SDK with https://github.com/Azure/go-autorest/pull/455

Even with that patch all providers still experience broken UX
as described in https://github.com/hashicorp/terraform/pull/22490

This downgrade reduces the uncomfort to only a handful of providers
from >100s. The affected providers more or less directly depend on
Azure SDK(s), which is ~8.

Affected providers practically cannot consume Terraform Plugin SDK
with this patch (downgraded Azure SDKs) and can just wait for
extracted Terraform Plugin SDK which is planned to be released soon.

This reverts the following PRs:

 - https://github.com/hashicorp/terraform/pull/22247
 - https://github.com/hashicorp/terraform/pull/22248
 - https://github.com/hashicorp/terraform/pull/22524
 - https://github.com/hashicorp/terraform/pull/22525

and it is otherwise result of the following commands

```
go get github.com/Azure/azure-sdk-for-go@v21.3.0
go get github.com/hashicorp/go-azure-helpers@166dfd221bb2
go mod tidy
```
2019-08-20 15:52:11 +01:00
Radek Simko dee450cf8c
vendor: Bump go-azure-helpers to 0.7.0 2019-08-20 09:32:02 +01:00
wata_mac f68d94b608 Bump github.com/hashicorp/hcl2 2019-08-11 16:43:12 +09:00
Alex Pilon e2eb70b737
remove satori/go.uuid in favor of google/uuid 2019-08-09 15:09:41 -04:00
James Bardin 01f4dd4588 update deps to match the aws provider
Update the aws-sdk-go-base and aws-sdk-go packages to ensure the same
client behavior as the aws provider.
2019-08-07 16:33:57 -04:00
Chris Marchesi d43fc71135
modules: update go-azure-helpers to v0.5.0
To help address the issues posed on #22087 and #22085.
2019-08-01 11:57:34 -07:00
Chris Marchesi 04c5f0ffb2
Merge pull request #22247 from hashicorp/v0.12.5-updated-azure
modules: update Azure deps to latest
2019-08-01 11:57:07 -07:00
Brian Flad 710b01a54f
Merge pull request #22253 from hashicorp/v-aws-sdk-go-v1.21.7
deps: github.com/aws/aws-sdk-go@v1.21.7
2019-07-30 15:27:19 -04:00
Kristin Laemmert 664fb5d51e vendor: upgrade go-cty-yaml dependency
Fixes #22223
2019-07-30 12:27:49 -04:00
Chris Marchesi 92c46c55f4
modules: update Azure deps to latest
The dependencies here are dated and are causing conflicts with the
ACME provider, namely the version of the top-level autorest package.

This explicitly updates the Azure SDK and autorest packages, with the
separately versioned sub-packages being added automatically.
2019-07-30 09:12:14 -07:00
He Guimin a490dfa495 backend/oss: Support for assume role config 2019-07-30 23:27:17 +08:00
Brian Flad acf794b07f
deps: github.com/aws/aws-sdk-go@v1.21.7
Notable changes (from Terraform AWS Provider CHANGELOG):

```
NOTES:

* backend/s3: Region validation now automatically supports the new `me-south-1` Middle East (Bahrain) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the [previous new region announcement blog post](https://aws.amazon.com/blogs/aws/now-open-aws-asia-pacific-hong-kong-region/). When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. `error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid`).
* backend/s3: After this update, the AWS Go SDK will prefer credentials found via the `AWS_PROFILE` environment variable when both the `AWS_PROFILE` environment variable and the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables are statically defined. Previously the SDK would ignore the `AWS_PROFILE` environment variable, if static environment credentials were also specified. This is listed as a bug fix in the AWS Go SDK release notes.

ENHANCEMENTS:

* backend/s3: Add support for assuming role via web identity token via the `AWS_WEB_IDENTITY_TOKEN_FILE` and `AWS_ROLE_ARN` environment variables
* backend/s3: Support automatic region validation for `me-south-1`

BUG FIXES:

* backend/s3: Load credentials via the `AWS_PROFILE` environment variable (if available) when `AWS_PROFILE` is defined along with `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
```

Updated via:

```
go get github.com/aws/aws-sdk-go@v1.21.7
go mod tidy
go mod vendor
```

Verification with this update:

```hcl
terraform {
  backend "s3" {
    bucket = "me-south-1-testing"
    key    = "test"
    region = "me-south-1"
  }
}

output "test" {
  value = timestamp()
}
```

Outputs:

```
$ terraform apply

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

test = 2019-07-30T12:49:19Z
```

If the new region is not properly enabled for the account, errors like the below will be received:

```
$ terraform init

Initializing the backend...

Error: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
```

To use this region before this update:

```hcl
terraform {
  # ... potentially other configuration ...

  backend "s3" {
    # ... other configuration ...

    region                 = "me-south-1"
    skip_region_validation = true
  }
}
```
2019-07-30 08:51:39 -04:00
Pam Selle d34103696f Upgrade HCL to include fmt fix, involves #21434 2019-07-25 11:27:51 -04:00
James Bardin f69e4df5c5 update hcl2
Includes fixes for conditionals with unknown values.
2019-07-18 20:26:45 -04:00
James Bardin bb17734bb6
Merge pull request #22037 from hashicorp/jbardin/ssh-alive
monitor ssh connection live-ness
2019-07-16 14:04:13 -04:00
Brian Flad fdbabf9e23
Merge pull request #21908 from ajayk/v-aws-sdk-go-v1.20.10
deps: github.com/aws/aws-sdk-go@v1.20.10
2019-07-12 13:46:06 -04:00
ajayk fd8aca539e update to aws-sdk-go-v1.20.19 2019-07-11 17:52:31 -07:00
James Bardin 2206512e58 update ssh and crypto deps 2019-07-11 09:44:22 -04:00
James Bardin e4fbc49fb8 udpate cty 2019-07-08 12:42:28 -04:00
James Bardin 8c43bb2b52 update hcl2 2019-07-02 15:10:20 -04:00
James Bardin 284a232ffb update go-getter
The bitbucket 1.0 api was recently disabled. Update go-getter to
support 2.0
2019-07-01 16:12:37 -04:00
ajayk 659e364d65 deps: github.com/aws/aws-sdk-go@v1.20.10 2019-06-26 20:11:49 -07:00