The backend state tests weren't properly checking for persistence.
Update the test to persist states and fetch them again from the backend,
checking that lineage is preserved.
Updates the `data_source_route53_zone` acceptance test to better handle parallel runs. Also better handles tests that potentially leak resources by adding a random integer suffix to domain names.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRolePolicyAttachment_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/03/22 20:18:05 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRolePolicyAttachment_basic -timeout 120m
=== RUN TestAccAWSRolePolicyAttachment_basic
--- PASS: TestAccAWSRolePolicyAttachment_basic (31.94s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 31.949s
```
* provider/ns1: Ensure provider checks for credentials
* provider/ns1: stick with GetOk for provider config vars
* provider/ns1: NS1 go client fixes for handling http errors
* provider/github: add repository_webhook resource
`repository_webhook` can be used to manage webhooks for repositories.
It is currently limited to organization repositories only.
The changeset includes both documentation and tests.
The tests are green:
```
make testacc TEST=./builtin/providers/github
TESTARGS='-run=TestAccGithubRepositoryWebhook_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/03/21 16:20:07 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/github -v
-run=TestAccGithubRepositoryWebhook_basic -timeout 120m
=== RUN TestAccGithubRepositoryWebhook_basic
--- PASS: TestAccGithubRepositoryWebhook_basic (5.10s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/github 5.113s
```
* provider/github: add github_organization_webhook
the `github_organization_webhook` resource is similar to the
`github_repository_webhook` resource, but it manages webhooks for an
organization.
the tests are green:
```
make testacc TEST=./builtin/providers/github
TESTARGS='-run=TestAccGithubOrganizationWebhook'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/03/21 17:23:33 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/github -v
-run=TestAccGithubOrganizationWebhook -timeout 120m
=== RUN TestAccGithubOrganizationWebhook_basic
--- PASS: TestAccGithubOrganizationWebhook_basic (2.09s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/github 2.109s
```
Fixes: #12764
AWS ALB Allows the Subnets to be changed using the SetSubnets func -
previously we set ForceNew: true on this change
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSALB_' ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/03/18 16:55:52 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSALB_ -timeout 120m
=== RUN TestAccAWSALB_basic
--- PASS: TestAccAWSALB_basic (342.95s)
=== RUN TestAccAWSALB_generatedName
--- PASS: TestAccAWSALB_generatedName (362.05s)
=== RUN TestAccAWSALB_namePrefix
--- PASS: TestAccAWSALB_namePrefix (311.21s)
=== RUN TestAccAWSALB_tags
--- PASS: TestAccAWSALB_tags (344.05s)
=== RUN TestAccAWSALB_updatedSecurityGroups
--- PASS: TestAccAWSALB_updatedSecurityGroups (515.61s)
=== RUN TestAccAWSALB_updatedSubnets
--- PASS: TestAccAWSALB_updatedSubnets (313.94s)
=== RUN TestAccAWSALB_noSecurityGroup
--- PASS: TestAccAWSALB_noSecurityGroup (293.54s)
=== RUN TestAccAWSALB_accesslogs
--- PASS: TestAccAWSALB_accesslogs (492.01s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 2975.402s
```
Fixes: #12895
The AWS API returns both dissociated and associated IPv6 CIDRs. The UI
only returns the associated. Therefore, the assumption was made that we
would always take the 1st association in the set to use for state
We now loop over the set and look for the associated IPv6 CIDR before
using that in state
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSVpc_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/03/20 21:21:02 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSVpc_ -timeout 120m
=== RUN TestAccAWSVpc_importBasic
--- PASS: TestAccAWSVpc_importBasic (65.91s)
=== RUN TestAccAWSVpc_basic
--- PASS: TestAccAWSVpc_basic (50.88s)
=== RUN TestAccAWSVpc_enableIpv6
--- PASS: TestAccAWSVpc_enableIpv6 (49.89s)
=== RUN TestAccAWSVpc_dedicatedTenancy
--- PASS: TestAccAWSVpc_dedicatedTenancy (50.59s)
=== RUN TestAccAWSVpc_tags
--- PASS: TestAccAWSVpc_tags (98.89s)
=== RUN TestAccAWSVpc_update
--- PASS: TestAccAWSVpc_update (93.46s)
=== RUN TestAccAWSVpc_bothDnsOptionsSet
--- PASS: TestAccAWSVpc_bothDnsOptionsSet (20.71s)
=== RUN TestAccAWSVpc_DisabledDnsSupport
--- PASS: TestAccAWSVpc_DisabledDnsSupport (49.55s)
=== RUN TestAccAWSVpc_classiclinkOptionSet
--- PASS: TestAccAWSVpc_classiclinkOptionSet (54.92s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 534.829s
```
Leaked resources may prevent this resource from correctly passing acceptance tests. Seeding the policy names with random integer suffixes allows tests to pass regardless of resource leaks.
```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRolePolicyAttachment_basic'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/03/22 19:58:58 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRolePolicyAttachment_basic -timeout 120m
=== RUN TestAccAWSRolePolicyAttachment_basic
--- PASS: TestAccAWSRolePolicyAttachment_basic (31.98s)
PASS
ok github.com/hashicorp/terraform/builtin/providers/aws 31.989s
```
This adds named state (environment) support to the S3 backend.
A state NAME will prepend the configured s3 key with `env:/NAME/`.
The default state will remain rooted in the bucket for backwards
compatibility.
Locks in DynamoDB use the S3 key as the as the primary key value, so
locking will work as expected for multiple states.
Terraform will automatically search for AWS API credentials or Instance Profile Credentials. I wish I'd known that when I first read these docs.
Saving credentials outside of tf config files is a much better plan for situations where config files end up in source control and or where multiple people collaborate. Making this information available early will allow new users to set up a much more secure and robust plan for deploying terraform at scale and in production environments.