Commit Graph

324 Commits

Author SHA1 Message Date
Martin Atkins 88bddd7143 go.mod: go get go get golang.org/x/tools@v0.1.7
This also transitively upgrades golang.org/x/sys and golang.org/x/net,
but there do not seem to be any significant changes compared to the
commits we were previously using.
2021-10-13 17:37:37 -07:00
dependabot[bot] b0d10c9857 build(deps): bump github.com/xanzy/ssh-agent from 0.2.1 to 0.3.1
Bumps [github.com/xanzy/ssh-agent](https://github.com/xanzy/ssh-agent) from 0.2.1 to 0.3.1.
- [Release notes](https://github.com/xanzy/ssh-agent/releases)
- [Commits](https://github.com/xanzy/ssh-agent/compare/v0.2.1...v0.3.1)

---
updated-dependencies:
- dependency-name: github.com/xanzy/ssh-agent
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-13 10:43:46 -07:00
dependabot[bot] 051629d74a build(deps): bump github.com/agext/levenshtein from 1.2.2 to 1.2.3
Bumps [github.com/agext/levenshtein](https://github.com/agext/levenshtein) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/agext/levenshtein/releases)
- [Commits](https://github.com/agext/levenshtein/compare/v1.2.2...v1.2.3)

---
updated-dependencies:
- dependency-name: github.com/agext/levenshtein
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-12 10:44:05 -07:00
Martin Atkins 02ca4e970c go.mod: replace github.com/dgrijalva/jwt-go with .../golang-jwt/jwt
CVE-2020-26160 is a high-severity advisory reported against this module.

The dgrijalva package is no longer maintained but our legacy etcv2 backend
depends on it indirectly, via go.etcd.io/etcd/client. The golang-jwt
package is the blessed successor of the original, and has a v3 line which
is compatible with the v3 line of dgrijalva, and so through this replace
we can get a fix for the advisory without other significant behavior
change.

We've preserved the etcdv2 backend as-is on a best-effort basis in order
to support anyone who is already using it, but recommend that users switch
to etcdv3 or to some other backend for ongoing use.

We also have future plans to make state storage be a matter for provider
plugins rather than built in to Terraform CLI, at which point this backend
will either become obsolete or be factored out into its own plugin, at
which point we can remove this "replace" directive and the associated
dependency altogether.
2021-10-12 10:35:07 -07:00
dependabot[bot] 2fd5ca3767 build(deps): bump honnef.co/go/tools from 0.0.1-2020.1.4 to 0.3.0-0.dev
Bumps [honnef.co/go/tools](https://github.com/dominikh/go-tools) from 0.0.1-2020.1.4 to 0.3.0-0.dev.
- [Release notes](https://github.com/dominikh/go-tools/releases)
- [Commits](https://github.com/dominikh/go-tools/compare/v0.0.1-2020.1.4...v0.3.0-0.dev)

---
updated-dependencies:
- dependency-name: honnef.co/go/tools
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-12 10:34:27 -07:00
Martin Atkins 55f0d06314 go.mod: go get github.com/lib/pq@v1.10.3
This is just a routine upgrade to the latest v1 release.
2021-10-12 10:32:38 -07:00
dependabot[bot] eec4a838e0 Bump github.com/mitchellh/copystructure from 1.0.0 to 1.2.0
Bumps [github.com/mitchellh/copystructure](https://github.com/mitchellh/copystructure) from 1.0.0 to 1.2.0.
- [Release notes](https://github.com/mitchellh/copystructure/releases)
- [Commits](https://github.com/mitchellh/copystructure/compare/v1.0.0...v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/mitchellh/copystructure
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-12 10:11:55 -07:00
dependabot[bot] 2dd15caf87 Bump github.com/hashicorp/go-plugin from 1.4.1 to 1.4.3
Bumps [github.com/hashicorp/go-plugin](https://github.com/hashicorp/go-plugin) from 1.4.1 to 1.4.3.
- [Release notes](https://github.com/hashicorp/go-plugin/releases)
- [Commits](https://github.com/hashicorp/go-plugin/compare/v1.4.1...v1.4.3)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-10-12 10:10:49 -07:00
Martin Atkins 2e6b6e9a6b go.mod: go get google.golang.org/protobuf@v1.27.1 2021-10-11 16:37:39 -07:00
James Bardin 94ed6a0c84 update the go.mod format for go1.17.2 2021-10-08 15:54:13 -04:00
Alisdair McDiarmid e09bad76ff build: Add exhaustive switch statement lint
For now, only check the JSON views package, since this was the instance
that most recently tripped us up. There are a few dozen failures
elsewhere in Terraform which would need to be addressed before expanding
this to other packages.
2021-09-24 15:12:44 -04:00
James Bardin 5eb7170f70 add staticcheck to tools 2021-08-31 17:58:40 -04:00
Li Kexian 3f876d14d8 fixed tencentcloud tag 2021-08-23 09:46:35 +08:00
Martin Atkins ce96d82de0 build: Centralize our protobuf compilation steps
We have a few different .proto files in this repository that all need to
get recompiled into .pb.go files each time we change them, but we were
previously handling that with some scripts that just assumed that protoc
and the relevant plugins were already installed on the system somewhere,
at the right versions.

In practice we've been constantly flopping between different versions of
these tools due to folks having different versions installed in their
development environments. In particular, the state of the .pb.go files
in the prior commit wasn't reproducible by any single version of the tools
because they've all slightly diverged from one another.

In the interests of being more consistent here and avoiding accidental
inconsistencies, we'll now centralize the protocol buffer compile steps
all into a single tool that knows how to fetch and install the expected
versions of the various tools we need and then run those tools with the
right options to get a stable result.

If we want to upgrade to either a newer protoc or a newer protoc-gen-go
in future then we'll do that in a central location and update all of the
.pb.go files at the same time, so that we're always consistently tracking
the same version of protocol buffers everywhere.

While doing this I attempted to keep as close as possible to the toolchain
we'd most recently used, but since they were not consistent with each
other they've now all changed which version numbers they record at minimum,
and the planproto stub in particular now also has a slightly different
descriptor serialization but is otherwise offering the same API.
2021-08-20 16:18:48 -07:00
James Bardin 498dc36635
Merge pull request #29421 from hashicorp/jbardin/tencentcloud-cleanup
cleanup tencentcloud missing tag
2021-08-20 09:38:26 -04:00
James Bardin b543705840 cleanup tencentcloud missing tag
TencentCloud deleted all their v3 tags, so any system that does not use
the global Go proxy will fail to find the
github.com/tencentcloud/tencentcloud-sdk-go module source.

Update go.mod to point to the specific commit rather than the
incompatible and missing version tag.
2021-08-19 14:33:09 -04:00
Graham Davison e113974fb2 Updates `github.com/hashicorp/aws-sdk-go-base` from 0.6.0 to 0.7.1 2021-08-19 10:51:43 -07:00
Dominik Keil b764b3f8a6 Bumping AWS GO SDK to 1.38.42 to fix error when an AWS profile uses both SSO config and credential_process at the same time 2021-08-18 14:47:41 -07:00
James Bardin d3ea864ab3 github.com/zclconf/go-cty@v1.9.1 2021-08-18 09:03:31 -04:00
Martin Atkins 94f4f8e25d go.mod: Opt in to pruned module graphs
Go 1.17 has a new treatment of go.mod where it tracks more indirect
dependencies in return for needing to fetch and load fewer transitive
go.mod files.

This commit opts in to that new treatment and adds all of the additional
indirect dependencies which contain packages that Terraform directly or
indirectly makes use of.

There are more details on what's going on here in the "Lazy Module Loading"
design document:
    http://golang.org/design/36460-lazy-module-loading

(the design document was written assuming this would land in Go 1.15, but
it actually landed in Go 1.17 and so it's "go 1.17" that selects the new
behavior in spite of the examples in that document.)
2021-08-17 15:20:05 -07:00
Rémi Lapeyre da6717761e Merge remote-tracking branch 'origin/main' into update-consul 2021-07-28 12:18:01 +02:00
James Bardin dfbacdc734 update hcl v2.10.1 2021-07-21 08:59:37 -04:00
Kevin Burke c047958b57 go.mod,backend: update coreos/etcd dependency to release-3.4 branch
etcd rewrote its import path from coreos/etcd to go.etcd.io/etcd.
Changed the imports path in this commit, which also updates the code
version.

This lets us remove the github.com/ugorji/go/codec dependency, which
was pinned to a fairly old version. The net change is a loss of 30,000
lines of code in the vendor directory. (I first noticed this problem
because the outdated go/codec dependency was causing a dependency
failure when I tried to put Terraform and another project in the same
vendor directory.)

Note the version shows up funkily in go.mod, but I verified
visually it's the same commit as the "release-3.4" tag in
github.com/coreos/etcd. The etcd team plans to fix the release version
tagging in v3.5, which should be released soon.
2021-07-20 12:27:22 -04:00
Rémi Lapeyre 3c34e15d40 Update the Consul API client
Some users would want to use Consul namespaces when using the Consul
backend but the version of the Consul API client we use is too old and
don't support them. In preparation for this change this patch just update
it the client and replace testutil.NewTestServerConfig() by
testutil.NewTestServerConfigT() in the tests.
2021-07-14 14:49:13 +02:00
James Bardin 04e0ed79fa update go-cty to v1.9.0 2021-07-07 10:07:42 -04:00
Alisdair McDiarmid ed0fc8a3ff go get github.com/zclconf/go-cty@v1.8.4 2021-06-21 12:14:14 -04:00
CJ Horton 16bc8f6442 go get go-tfe@v0.15.0 2021-05-18 15:35:29 -07:00
Alisdair McDiarmid 73d07e28c0
Merge pull request #28296 from upodroid/gcs-imp-v2
backend/gcs Rework Service Account Impersonation
2021-05-17 11:42:11 -04:00
Alisdair McDiarmid b0f44fc293 go get github.com/zclconf/go-cty@v1.8.3 2021-05-04 17:01:37 -04:00
Chris Arcand 2756f5ed08 Update Terraform Cloud/Enterprise client to v0.14.0 2021-05-03 22:25:56 -05:00
upodroid 5a60db0974 replace gomod 2021-04-26 14:34:11 +01:00
upodroid b243dbd93d Merge branch 'main' of github.com:hashicorp/terraform into gcs-imp-v2 2021-04-26 14:20:28 +01:00
James Bardin 4997b9b5bb
Merge pull request #28424 from hashicorp/jbardin/dynamic
Better planing of unknown dynamic blocks
2021-04-23 18:26:21 -04:00
Martin Atkins bfd4c964ee dependencies: update cty from v1.8.1 to v1.8.2
This includes the improvements to various collection-related functions to
make them handle marks more precisely. For Terraform in particular that
translates into handling sensitivity more precisely, so that non-sensitive
collections that happen to contain sensitive elements won't get simplified
into wholly-sensitive collections when using these functions.
2021-04-21 09:49:56 -07:00
Kristin Laemmert b649a8ddd1
deps: update go-plugin to v1.4.1 (#28465)
+ go mod tidy
2021-04-21 11:41:22 -04:00
James Bardin f8493bf5cd update hcl
update to v2.10.0
2021-04-20 17:04:56 -04:00
upodroid 1280b86d92 tweak go.mod replaces 2021-04-16 16:12:04 +01:00
upodroid 5441d88233 add impersonation 2021-04-06 23:58:24 +01:00
Matthew Hooker 49c984ff77
bump go-getter to 1.5.2 (#28189) 2021-04-05 09:01:47 -04:00
Matthew Frahry 3961f08e63 dependencies: upgrade all the azure things 2021-03-22 09:22:16 -07:00
James Bardin 523eddd760 update hcl and go-cty 2021-03-16 16:50:30 -04:00
Martin Atkins 5f3fb00af5 config: Use Unicode 13 rules for string manipulation
Although we don't typically do configuration-level string wrangling
directly in Terraform, we delegate to several other upstream libraries
that do. These upgrades all switch to newer versions that support the
latest definitions from Unicode 13, primarily affecting operations such
as converting strings to upper/lowercase or splitting strings into
component characters (substr, reverse, etc).

The tests for the upstream libraries didn't show any regressions from
these updates, so the Unicode 13 changes seem to be backward-compatible
additions rather than significant breaking changes.

(Our go.mod file had also become non-canonical in some ways, and the Go
toolchain fixed that as part of this work, causing a few extra style-only
diffs here that shouldn't cause any change in behavior.)
2021-02-23 09:56:06 -08:00
Martin Atkins 7f78342953 command: Experimental "terraform test" command
This is just a prototype to gather some feedback in our ongoing research
on integration testing of Terraform modules. The hope is that by having a
command integrated into Terraform itself it'll be easier for interested
module authors to give it a try, and also easier for us to iterate quickly
based on feedback without having to coordinate across multiple codebases.

Everything about this is subject to change even in future patch releases.
Since it's a CLI command rather than a configuration language feature it's
not using the language experiments mechanism, but generates a warning
similar to the one language experiments generate in order to be clear that
backward compatibility is not guaranteed.
2021-02-22 14:21:45 -08:00
Martin Atkins 8330f8e991 internal/moduletest: Experimental module testing helpers
As part of ongoing research into Terraform testing we'd like to use an
experimental feature to validate our current understanding that expressing
tests as part of the Terraform language, as opposed to in some other
language run alongside, is a good and viable way to write practical
module integration tests.

This initial experimental incarnation of that idea is implemented as a
provider, just because that's an easier extension point for research
purposes than a first-class language feature would be. Whether this would
ultimately emerge as a provider similar to this or as custom language
constructs will be a matter for future research, if this first
experiment confirms that tests written in the Terraform language are the
best direction to take.

The previous incarnation of this experiment was an externally-developed
provider apparentlymart/testing, listed on the Terraform Registry. That
helped with showing that there are some useful tests that we can write
in the Terraform language, but integrating such a provider into Terraform
will allow us to make use of it in the also-experimental "terraform test"
command, which will follow in subsequent commits, to see how this might
fit into a development workflow.
2021-02-22 14:21:45 -08:00
Matthew Frahry cb041053e9 Merge with master 2021-02-15 14:37:40 -08:00
James Bardin a033598224 update hcl and terraform-config-inspect 2021-02-09 08:37:59 -05:00
Brian Flad ad8a2e8b91 deps: Bump github.com/aws/aws-sdk-go@v1.37.0
Changes:

```
* backend/s3: Support for AWS Single-Sign On (SSO) cached credentials
```

Updated via:

```
go get github.com/aws/aws-sdk-go@v1.37.0
go mod tidy
```

Please note that Terraform CLI will not initiate or perform the AWS SSO login flow. It is expected that you have already performed the SSO login flow using AWS CLI using the `aws sso login` command, or by some other mechanism before executing Terraform. More precisely, this credential handling must find a valid non-expired access token for the AWS SSO user portal URL in `~/.aws/sso/cache`. If a cached token is not found, is expired, or the file is malformed an error will be returned.

You can use configure AWS SSO credentials from the AWS shared configuration file by specifying the required keys in the profile:

```
sso_account_id
sso_region
sso_role_name
sso_start_url
```

For example, the following defines a profile "devsso" and specifies the AWS SSO parameters that defines the target account, role, sign-on portal, and the region where the user portal is located. Note: all SSO arguments must be provided, or an error will be returned.

```
[profile devsso]
sso_start_url = https:my-sso-portal.awsapps.com/start
sso_role_name = SSOReadOnlyRole
sso_region = us-east-1
sso_account_id = 123456789012
```

Additional Resources

* [Configuring the AWS CLI to use AWS Single Sign-On](https:docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html)
* [AWS Single Sign-On User Guide](https:docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html)
2021-01-28 15:22:01 -05:00
Martin Atkins d2c3403ab6 command: Use the new terminal.Streams object
Here we propagate in the initialized terminal.Streams from package main,
and then onwards to backends running in CLI mode.

This also replaces our use of helper/wrappedstreams to determine whether
stdin is a terminal or a pipe. helper/wrappedstreams returns incorrect
file descriptors on Windows, causing StdinPiped to always return false on
that platform and thus causing one of the odd behaviors discussed in

Finally, this includes some wrappers around the ability to look up the
number of columns in the terminal in preparation for use elsewhere. These
wrappers deal with the fact that our unit tests typically won't populate
meta.Streams.
2021-01-13 15:37:04 -08:00
Martin Atkins 17728c8fe8 internal/terminal: Interrogate and initialize the terminal, if any
This is a helper package that creates a very thin abstraction over
terminal setup, with the main goal being to deal with all of the extra
setup we need to do in order to get a UTF-8-supporting virtual terminal
on a Windows system.
2021-01-13 15:37:04 -08:00
Alisdair McDiarmid fd79c61eb5 go get github.com/hashicorp/hcl/v2@v2.8.2 2021-01-06 09:45:38 -05:00