Commit Graph

894 Commits

Author SHA1 Message Date
David Glasser 14af879fe0 command: also print plan for destroy 2017-06-27 11:22:31 -07:00
David Glasser 039d36bf91 command: add "apply -auto-approve=false" flag
A common reason to want to use `terraform plan` is to have a chance to
review and confirm a plan before running it.  If in fact that is the
only reason you are running plan, this new `terraform apply -auto-approve=false`
flag provides an easier alternative to

    P=$(mktemp -t plan)
    terraform refresh
    terraform plan -refresh=false -out=$P
    terraform apply $P
    rm $P

The flag defaults to true for now, but in a future version of Terraform it will
default to false.
2017-06-27 11:22:26 -07:00
James Bardin 22074f1029 Merge pull request #15408 from hashicorp/jbardin/import-plugin-dir
Make sure import uses complete plugin path
2017-06-27 13:07:47 -04:00
Patrick Aikens 7775ef809b Display correct to and from backends in copy message when migrating to new remote state (#15318) 2017-06-27 19:05:45 +03:00
James Bardin 85b9069eb7 test import with -plugin-dir
The import command wasn't loading the full plugin path for discovery.
Run a basic plugin init sequence, and verify we can find a plugin (even
though the plugin is invalid and will fail).
2017-06-27 11:07:45 -04:00
James Bardin 0cbd51c365 find -plugin-dir during import
The import command wasn't loading the plugin path at all, relying on the
local directory for binaries.

Load the plugin dir into Meta, and pass in ForceLocal for consistency.
The Backend returned was going to be a Local anyway, so the added check
wasn't ensuring anything.
2017-06-26 18:28:45 -04:00
Martin Atkins 3df164502a command: don't prompt for state migration if TF_INPUT is set
The "confirm" method was directly checking the meta struct's input field,
but that only represents the -input command line flag, and doesn't
respect the TF_INPUT environment variable.

By calling the Input method instead, we check both.

This fixes #15338.
2017-06-26 11:22:29 -07:00
James Bardin 833cc9a6c5 Fix state mv/rm -backup documentation
There is only one backup made, contrary to the help text. We may want to
implement that, but the documentation should match the current behavior.
2017-06-23 14:46:09 -04:00
James Bardin 6e7baaaeff don't load the backend when -state is provided
When using a `state` command, if the `-state` flag is provided we do not
want to modify the Backend state. In this case we should always create a
local state instance.

The backup flag was also being ignored, and some tests were relying on
that, which have been fixed.
2017-06-23 14:41:49 -04:00
James Bardin 5f939b42fe test that `state mv -state` doesn't use Backend
If we provide a -state flag to a state command, we do not want terraform
to modify the backend state. This test fails since the state specified
in the backend doesn't exist
2017-06-23 14:39:37 -04:00
James Bardin 4893fcc24f improve plugin error formatting
Remove "checksum" from the error, and only indicate that the plugin has
changed.

Always show requested versions even if it's "any", and found versions of
plugins.
2017-06-22 15:31:36 -04:00
James Bardin 103ab20b00 add required and found versions to error output
Provide the user with feedback showing the version requirements and the
versions found when there's is a plugin error
2017-06-22 14:20:50 -04:00
James Bardin 7a955f990c make display plugin checksum error to user
The error follows a generic message, so can be ignored by users who may
not understand the implications.
2017-06-22 13:38:55 -04:00
Martin Atkins 0dc6d97a37 command/format: minor adjustments to plan rendering
This change makes various minor adjustments to the rendering of plans
in the output of "terraform plan":

- Resources are identified using the standard resource address syntax,
  rather than exposing the legacy internal representation used in the
  module diff resource keys. This fixes #8713.

- Subjectively, having square brackets in the addresses made it look more
  visually "off" when the same name but with different indices were
  shown together with differing-length "symbols", so the symbols are now
  all padded and right-aligned to three characters for consistent layout
  across all operations.

- The -/+ action is now more visually distinct, using several different
  colors to help communicate what it will do and including a more obvious
  "(new resource required)" marker to help draw attention to this not
  being just an update diff. This fixes #15350.

- The resources are now sorted in a manner that sorts index [10] after
  index [9], rather than after index [1] as we did before. This makes it
  easier to scan the list and avoids the common confusion where it seems
  that there are only 10 items when in fact there are 11-20 items with
  all the tens hiding further up in the list.
2017-06-22 07:03:23 -07:00
Martin Atkins 40e2fbb8e9 command: init to allow plugin init without backend init
Previously init would crash if given these options:
    -backend=false -get-plugins=true

This is because the state is used as a source of provider dependency
information, and we need to instantiate the backend to get the state.

To avoid the crash, we now use the following adjusted behavior:

- if -backend=true, we behave as before

- if -backend=false, we instead try to instantiate the backend the same
  way any other command would, without modifying its configuration

- if we're able to instantiate the backend, we use it to fetch state
  for dependency resolution purposes

- if the backend is not instantiable then we assume it's not yet
  configured and proceed with a nil state, which may cause us to see an
  incomplete picture of the dependencies but still allows the install
  to succeed. Subsequently running "terraform plan" will not work until
  the backend is (re-)initialized, so the incomplete picture of required
  plugins is safe.
2017-06-21 11:43:28 -07:00
Martin Atkins 3dc7d618f7 command: avoid empty string constraints in plugin install errors
This takes care of a few dangling cases where we were still stringifying
empty version constraints, which creates confusing error messages due to
it stringing as the empty string.

For the "no suitable versions available" message, we fall back on the
"provider not found" message if no versions were found even though it's
unconstrained. This should only happen in an edge case where the
provider's index page exists on the releases server but no versions are
yet present.

For the message about plugin protocol versions, this again is an edge
case since with no constraints this should happen only if we release
an incompatible Terraform version but don't release a new version of the
plugin that's compatible. In this case we just show the constraint as
"(any version)" to make sure we always show _something_.
2017-06-21 09:18:17 -07:00
James Bardin c10f5caf05 Merge pull request #15345 from hashicorp/jbardin/plugin-sig
verify automatically downloaded plugins
2017-06-20 17:05:54 -04:00
Martin Atkins 9c2fe3456b command: purge unused plugins as a side effect of plugin installation
Previously we only did this when _upgrading_, but that's unnecessarily
specific and confusing since e.g. plugins can get upgraded implicitly by
constraint changes, which would not then trigger the purge process.

Instead, we'll assume that the user is able to easily re-download plugins
that were purged here, or if they need more specific guarantees they will
manage manually a plugin directory and disable the auto-install behavior
using `-plugin-dir`.
2017-06-20 13:40:03 -07:00
Martin Atkins d48dcbb4a5 command: more-helpful error messages from plugin installation
Now we are able to recognize and handle a few special error situations
from plugin installation with more verbose error messages that give the
user better feedback on how to proceed.
2017-06-20 13:39:45 -07:00
James Bardin 0a47228065 add -verify-plugins flag to init
This provides the user with the option to disable plugin signature
verification.
2017-06-20 13:14:31 -04:00
James Bardin 6728c48d8c fix whitespace around backend init success message
make it better match the surrounding messages.
2017-06-19 12:08:42 -04:00
James Bardin da385c4268 Don't show plugin init message if there are none
Skip the message and plugin initialization if there are none in the
config.
2017-06-19 12:08:42 -04:00
James Bardin 2e57d284cb Merge pull request #15323 from hashicorp/jbardin/constraint-suggestion
remove "~> 0.0" constraint suggestions
2017-06-16 18:20:24 -04:00
James Bardin ec99b6910b remove "~> 0.0" constraint suggestions
Don't suggest constraints when the available plugin isn't versioned.

Add zero version const for comparisons.
2017-06-16 16:25:36 -04:00
James Bardin 270eedd4b8 always pass in the full plugin path to dicovery
Discovery no longer tries to walk into OS_ARCH dirs, so always pass in
the full search path.
2017-06-16 14:09:47 -04:00
James Bardin be2069ac81 add -plugin-dir option
The -plugin-dir option lets the user specify custom search paths for
plugins. This overrides all other plugin search paths, and prevents the
auto-installation of plugins.

We also make sure that the availability of plugins is always checked
during init, even if -get-plugins=false or -plugin-dir is set.
2017-06-15 15:23:16 -04:00
James Bardin 000e860706 Add plugin dir scaffolding
add pluginDir to command.Meta, the flag to initialize it, and the
methods to save and restore it.
2017-06-15 14:26:12 -04:00
James Bardin f723270e3e search the vendor directory for plugins
The default location for users to manually add plugins will be
./terraform.d/plugins/
2017-06-15 10:12:00 -04:00
James Bardin 4f5e92e4c0 reverse init test to check for dataDir in PWD
init should always write intternal data to the current directory, even
when a path is provided. The inherited behavior no longer applies to the
new use of init.
2017-06-14 15:22:30 -04:00
James Bardin 55bf19e548 always write to dataDir in the current directory
Now that init can take a directory for configuration, the old behavior
of writing the .terraform data directory into the target path no longer
makes sense. Don't change the dataDir field during init, and write to
the default location.

Clean up all references to Meta.dataDir, and only use the getter method
in case we chose to dynamically override this at some point.
2017-06-14 15:14:26 -04:00
Martin Atkins 6979a07754 command: init -upgrade for provider plugins
Now when -upgrade is provided to "terraform init" (and plugin installation
isn't disabled) it will:

- ignore the contents of the auto-install plugin directory when deciding
  what is "available", thus causing anything there to be reinstalled,
  possibly at a newer version.
- if installation completes successfully, purge from the auto-install
  plugin directory any plugin-looking files that aren't in the set of
  chosen plugins.

As before, plugins outside of the auto-install directory are able to
take precedence over the auto-install ones, and these will never be
upgraded nor purged.

The thinking here is that the auto-install directory is an implementation
detail directly managed by Terraform, and so it's Terraform's
responsibility to automatically keep it clean as plugins are upgraded.

We don't yet have the -plugin-dir option implemented, but once it is it
should circumvent all of this behavior and just expect providers to be
already available in the given directory, meaning that nothing will be
auto-installed, -upgraded or -purged.
2017-06-13 12:28:07 -07:00
Martin Atkins f753974bb3 plugin/discovery: Installer interface, and provider implementation
Previously we had a "getProvider" function type used to implement plugin
fetching. Here we replace that with an interface type, initially with
just a "Get" function.

For now this just simplifies the interface by allowing the target
directory and protocol version to be members of the struct rather than
passed as arguments.

A later change will extend this interface to also include a method to
purge unused plugins, so that upgrading frequently doesn't leave behind
a trail of unused executable files.
2017-06-13 12:28:07 -07:00
Gavin Williams 5834333ea3 command: terraform get -upgrade
As of this commit this just upgrades modules, but this option will also
later upgrade plugins and indeed anything else that's being downloaded and
installed as part of the init.
2017-06-13 12:28:07 -07:00
James Bardin be900e8085 Merge pull request #15258 from hashicorp/jbardin/remove-providers
Remove providers from core
2017-06-12 14:13:11 -04:00
James Bardin cbbbcea4b9 stop err scanner goroutines between tests 2017-06-12 13:52:30 -04:00
James Bardin 77a32f3df0 remove "core" distinction
Since there is little left that isn't core, remove the distinction for
now to reduce confusion, since a "core" binary will mostly work except
for provisioners.
2017-06-12 13:43:54 -04:00
James Bardin 7e7f53954d remove internal provider test from command pkg 2017-06-12 13:43:52 -04:00
James Bardin 81ac0ed204 re-generate plugin list 2017-06-12 13:42:07 -04:00
Radek Simko 4e85f552e7 Merge pull request #15246 from hashicorp/b-fix-cmd-provider-crash
command/providers: Avoid crash when no configs found
2017-06-12 15:48:55 +01:00
James Bardin a30007b41d Merge pull request #15032 from hashicorp/jbardin/init
change init args to remove source copy
2017-06-12 09:06:32 -04:00
Radek Simko f5ff67c530
command/providers: Add regression test 2017-06-10 12:02:01 +01:00
Radek Simko ee30df3efd
command/providers: Enable processing of meta-parameters
This will enable proper colouring of the output, like for other commands.
2017-06-10 11:51:06 +01:00
Radek Simko 86fbcfac83
command/providers: Avoid crash when no configs found 2017-06-10 11:51:03 +01:00
Martin Atkins f7ce6a15f8 backend: Operation.Environment renamed to "Workspace"
This is part of an effort to switch this terminology across all of
Terraform.
2017-06-09 16:26:26 -07:00
Martin Atkins 418a8a8bc9 command + backend: rename various API objects to "Workspace" terminology
We're shifting terminology from "environment" to "workspace". This takes
care of some of the main internal API surface that was using the old
terminology, though is not intended to be entirely comprehensive and is
mainly just to minimize the amount of confusion for maintainers as we
continue moving towards eliminating the old terminology.
2017-06-09 16:26:25 -07:00
Martin Atkins 5f9f13ab8f command: show warnings from backend config validation
Previously we just silently ignored warnings from validating the backend
config, but now that we have a deprecated argument it's important to print
these out so users can respond to the deprecation warning.
2017-06-09 15:01:39 -07:00
Martin Atkins 31d556894f command: shallow UI-focused rename of "environment" to "workspace"
Feedback after 0.9 was that the term "environment" was confusing due to
it colliding with several other concepts, such as OS environment
variables, a non-aligned Terraform Enterprise concept, and differing ideas
of "environment" within various organizations.

This new term "workspace" is intended to ease some of that confusion. This
term is not used anywhere else in Terraform today, and we expect it to not
be used in a manner that would be confusing within user organizations.

This begins a deprecation cycle for the "terraform env" family of commands,
instead moving to an equivalent set of "terraform workspace" commands.

There are some remaining references to the old "environment" concept in
the code, which will be cleaned up in a separate change. This change is
instead focused on text visible in the UI and wording within code comments
for the benefit of human maintainers of the code.
2017-06-09 15:01:39 -07:00
David Glasser c25d848ffb core: allow overriding environment name via env var
This allows you to run multiple concurrent terraform operations against
different environments from the same source directory.

Fixes #14447.

Also removes some dead code which appears to do the same thing as the function I
modified.
2017-06-09 15:01:39 -07:00
James Bardin 2bfcdbbd08 change init args to remove source copy
When init was modified in 0.9 to initialize a terraform working
directory, the legacy behavior was kept to copy or fetch module sources.
This left the init command without the ability that the plan and apply
commands have to target a specific directory for the operation.

This commit removes the legacy behavior altogether, and allows init to
target a directory for initialization, bringing it into parity with plan
and apply. If one want to copy a module to the target or current
directory, that will have to be done manually before calling init. We
can later reintroduce fetching modules with init without breaking this
new behavior, by adding the source as an optional second argument.

The unit tests testing the copying of sources with init have been
removed, as well as some out of date (and commented out) init tests
regarding remote states.
2017-06-09 17:50:14 -04:00
James Bardin d1c50efb01 change providers.json to lock.json
It might not just be for providers, and it's in the plugins dir, so
lock.json seems descriptive enough.
2017-06-09 14:03:59 -07:00
James Bardin 08592c2602 update plugin name in command test 2017-06-09 14:03:59 -07:00
James Bardin a529b64cc8 better init error output
Provide log-form message when a provider isn't found, along with the
desired constraints.
2017-06-09 14:03:59 -07:00
James Bardin fdbfc17fae missing constraints passed erroniously
ConstrainVersions was documented as returning nil, but it was instead
returning an empty set. Use the Count() method to check for nil or
empty. Add test to verify failed constraints will show up as missing.
2017-06-09 14:03:59 -07:00
Martin Atkins 766f8e5d64 command init: remove confusing uses of "environment" in the usage
"environment" is a very overloaded term, so here we prefer to use the
term "working directory" to talk about a local directory where operations
are executed on a given Terraform configuration.
2017-06-09 14:03:59 -07:00
Martin Atkins 3c429b3628 command init: show log output for each provider plugin downloaded
Each provider plugin will take at least a few seconds to download, so
providing feedback about each one should make users feel less like
Terraform has hung.

Ideally we'd show ongoing progress during the download, but that's not
possible without re-working go-getter, so we'll accept this as an interim
solution for now.
2017-06-09 14:03:59 -07:00
Martin Atkins 4571a16b15 command: remove Meta.forceProviderSHA256s
This was added with the idea of using it to override the SHA256 hashes
to match those hypothetically stored in a plan, but we already have a
mechanism elsewhere for populating context fields from plan fields, so
this is not actually necessary.
2017-06-09 14:03:59 -07:00
Martin Atkins 9aae06db97 command: update mockGetProvider.GetProvider for new interface
The expected type was changed in the mainline code but the tests were not
updated to match.
2017-06-09 14:03:59 -07:00
Martin Atkins 4ba20f9c1c command init: show suggested constraints for unconstrained providers
When running "terraform init" with providers that are unconstrained, we
will now produce information to help the user update configuration to
constrain for the particular providers that were chosen, to prevent
inadvertently drifting onto a newer major release that might contain
breaking changes.

A ~> constraint is used here because pinning to a single specific version
is expected to create dependency hell when using child modules. By using
this constraint mode, which allows minor version upgrades, we avoid the
need for users to constantly adjust version constraints across many
modules, but make major version upgrades still be opt-in.

Any constraint at all in the configuration will prevent the display of
these suggestions, so users are free to use stronger or weaker constraints
if desired, ignoring the recommendation.
2017-06-09 14:03:59 -07:00
James Bardin e0f2235f66 update init command with new GetProvider signature
GetProvider needs the plugin protocol version to be passed in
2017-06-09 14:03:59 -07:00
Martin Atkins 032f71f1ff command: produce provider lock file during "terraform init"
Once we've installed the necessary plugins, we'll do one more walk of
the available plugins and record the SHA256 hashes of all of the plugins
we select in the provider lock file.

The file we write here gets read when we're building ContextOpts to
initialize the main terraform context, so any command that works with
the context will then fail if any of the provider binaries change.
2017-06-09 14:03:59 -07:00
Martin Atkins 6ba6508ec9 command: pass the locked plugin hashes into ContextOpts
By reading our lock file and passing this into the context, we ensure that
only the plugins referenced in the lock file can be used. As of this
commit there is no way to create that lock file, but that will follow soon
as part of "terraform init".

We also provide a way to force a particular set of SHA256s. The main use
for this is to allow us to persist a set of plugins in the plan and
check the same plugins are used during apply, but it may also be useful
for automated tests.
2017-06-09 14:03:59 -07:00
Martin Atkins 720670fae7 command: helper to manage the provider plugins lock file
This is just a JSON file with the SHA256 digests of the plugin
executables.
2017-06-09 14:03:59 -07:00
Martin Atkins 7d0a98af46 command: provider resolver to also check SHA256 constraints when set
In addition to looking for matching versions, the caller can also
optionally require a specific executable by its SHA256 digest.
2017-06-09 14:03:59 -07:00
Martin Atkins e3401947a6 plugin/discovery: PluginRequirements can specify SHA256 digests
As well as constraining plugins by version number, we also want to be
able to pin plugins to use specific executables so that we can detect
drift in available plugins between commands.

This commit allows such requirements to be specified, but doesn't yet
specify any such requirements, nor validate them.
2017-06-09 14:03:59 -07:00
Martin Atkins 9a398a7793 command: require resource to be in config before import
Previously we encouraged users to import a resource and _then_ write the
configuration block for it. This ordering creates lots of risk, since
for various reasons users can end up subsequently running Terraform
without any configuration in place, which then causes Terraform to want
to destroy the resource that was imported.

Now we invert this and require a minimal configuration block be written
first. This helps ensure that the user ends up with a correlated resource
config and state, protecting against any inconsistency caused by typos.

This addresses #11835.
2017-06-09 14:03:59 -07:00
Martin Atkins 7d8719150c command: validate import resource address early
Previously we deferred validation of the resource address on the import
command until we were in the core guts, which caused the error responses
to be rather unhelpful.

By validating these things early we can give better feedback to the user.
2017-06-09 14:03:59 -07:00
Martin Atkins f6305fcc27 command: remove commented-out, misplaced tests
For some reason there was a block of commented-out tests for the refresh
command in the test file for the import command. Here we remove them to
reduce the noise in this file.
2017-06-09 14:03:59 -07:00
James Bardin 044ad5ef59 rename some Constraints methods per code review 2017-06-09 14:03:59 -07:00
James Bardin 2994c6ac5d add init getPlugin test
add a mock plugin getter, and test that we can fetch requested version
of the plugins.
2017-06-09 14:03:59 -07:00
James Bardin 4c32cd432a make getProvider pluggable 2017-06-09 14:03:59 -07:00
James Bardin 66ebff90cd move some more plugin search path logic to command
Make less to change when we remove the old search path
2017-06-09 14:03:59 -07:00
James Bardin 2749946f5c basic plugin getter
Add discovery.GetProviders to fetch plugins from the relases site.

This is an early version, with no tests, that only (probably) fetches
plugins from the default location. The URLs are still subject to change,
and since there are no plugin releases, it doesn't work at all yet.
2017-06-09 14:03:59 -07:00
James Bardin 7d2d951f27 Rename VersionSet to Constraints
VersionSet is a wrapper around version.Contraints, so rename it it as
such.
2017-06-09 14:03:59 -07:00
James Bardin 718ede0636 have Meta.Backend use a Config rather than loading
Instead of providing the a path in BackendOpts, provide a loaded
*config.Config instead. This reduces the number of places where
configuration is loaded.
2017-06-09 14:03:59 -07:00
Martin Atkins 3af0ecdf01 command: "terraform providers" command
This new command prints out the tree of modules annotated with their
associated required providers.

The purpose of this command is to help users answer questions such as
"why is this provider required?", "why is Terraform using an older version
of this provider?", and "what combination of modules is creating an
impossible provider version situation?"

For configurations using many modules this sort of question is likely to
come up a lot once we support versioned providers.

As a bonus use-case, this command also shows explicitly when a provider
configuration is being inherited from a parent module, to help users to
understand where the configuration is coming from for each module when
some child modules provide their own provider configurations.
2017-06-09 14:03:59 -07:00
Martin Atkins 4ab8973520 core: provide config to all import context tests
We're going to use config to determine provider dependencies, so we need
to always provide a config when instantiating a context or we'll end up
loading no providers at all.

We previously had a test for running "terraform import -config=''" to
disable the config entirely, but this test is now removed because it makes
no sense. The actual functionality its testing still remains for now,
but it will be removed in a subsequent commit when we start requiring that
a resource to be imported must already exist in configuration.
2017-06-09 14:03:59 -07:00
Martin Atkins c835ef8ff3 Update tests for the new ProviderResolver interface
Rather than providing an already-resolved map of plugins to core, we now
provide a "provider resolver" which knows how to resolve a set of provider
dependencies, to be determined later, and produce that map.

This requires the context to be instantiated in a different way, so this
very noisy diff is a mostly-mechanical update of all of the existing
places where contexts get created for testing, using some adapted versions
of the pre-existing utilities for passing in mock providers.
2017-06-09 14:03:59 -07:00
Martin Atkins 7ca592ac06 core: use ResourceProviderResolver to resolve providers
Previously the set of providers was fixed early on in the command package
processing. In order to be version-aware we need to defer this work until
later, so this interface exists so we can hold on to the possibly-many
versions of plugins we have available and then later, once we've finished
determining the provider dependencies, select the appropriate version of
each provider to produce the final set of providers to use.

This commit establishes the use of this new mechanism, and thus populates
the provider factory map with only the providers that result from the
dependency resolution process.

This disables support for internal provider plugins, though the
mechanisms for building and launching these are still here vestigially,
to be cleaned up in a subsequent commit.

This also adds a new awkward quirk to the "terraform import" workflow
where one can't import a resource from a provider that isn't already
mentioned (implicitly or explicitly) in config. We will do some UX work
in subsequent commits to make this behavior better.

This breaks many tests due to the change in interface, but to keep this
particular diff reasonably easy to read the test fixes are split into
a separate commit.
2017-06-09 14:03:59 -07:00
Martin Atkins d6b6dbb5c6 command: correct provider name in the test fixture for push
Currently this doesn't matter much, but we're about to start checking the
availability of providers early on and so we need to use the correct name
for the mock set of providers we use in command tests, which includes
only a provider named "test".

Without this change, the "push" tests will begin failing once we start
verifying this, since there's no "aws" provider available in the test
context.
2017-06-09 14:03:59 -07:00
Martin Atkins 9b4f15c261 plugin: move Client function into plugin, from plugin/discovery
Having this as a method of PluginMeta felt most natural, but unfortunately
that means that discovery must depend on plugin and plugin in turn
depends on core Terraform, thus making the discovery package hard to use
without creating dependency cycles.

To resolve this, we invert the dependency and make the plugin package be
responsible for instantiating clients given a meta, using a top-level
function.
2017-06-09 14:03:59 -07:00
Martin Atkins 8364383c35 Push plugin discovery down into command package
Previously we did plugin discovery in the main package, but as we move
towards versioned plugins we need more information available in order to
resolve plugins, so we move this responsibility into the command package
itself.

For the moment this is just preserving the existing behavior as long as
there are only internal and unversioned plugins present. This is the
final state for provisioners in 0.10, since we don't want to support
versioned provisioners yet. For providers this is just a checkpoint along
the way, since further work is required to apply version constraints from
configuration and support additional plugin search directories.

The automatic plugin discovery behavior is not desirable for tests because
we want to mock the plugins there, so we add a new backdoor for the tests
to use to skip the plugin discovery and just provide their own mock
implementations. Most of this diff is thus noisy rework of the tests to
use this new mechanism.
2017-06-09 14:03:59 -07:00
Jake Champlin 7894478c8c Merge pull request #14681 from svanharmelen/f-review
Use `helpers.shema.Provisoner` in Chef provisioner V2
2017-05-30 14:26:51 -04:00
James Bardin dbe9599820 remove dead code 2017-05-26 15:01:39 -04:00
James Bardin b3795e2d29 remove old state hook code 2017-05-24 16:16:35 -04:00
Mat Schaffer 76d4abd12a Fix typo on state migration input error 2017-05-23 20:50:12 -07:00
Vladislav Rassokhin df4342bc3d Regenerate plugin list since provisioners were changed in previous commits 2017-05-19 20:54:08 +02:00
David Glasser 783908ee25 core: fix bad Sprintf in backend migration message (#14601)
Before this, invoking this codepath would print

    Terraform has successfully migrated from legacy remote state to your
    configured remote state.%!(EXTRA string=s3)
2017-05-19 17:01:44 +03:00
Paul Stack 055c18e302 core/provider-split: Split out the Oracle OPC provider to new structure (#14362)
* core/providersplit: Split OPC Provider to separate repo

As we march towards Terraform 0.10.0, we are going to start building the
terraform providers as separate binaries - this will allow us to
continually release them. Before we go to 0.10.0, we need to be able to
continue building providers in the same manner, therefore, we have
hardcoded the path of the provider in the generate-plugins.go file

The interim solution will require us to vendor the opc provider and any
child dependencies, but when we get to 0.10.0, we will no longer have to
do this - the core will auto download the plugin binary. The plugin
package will have it's own dependencies vendored as well.

* core/providersplit: Removing the builtin version of OPC provider

* core/providersplit: Vendoring the OPC plugin

* core/providersplit: update internal plugin list

* core/providersplit: remove unused govendor item
2017-05-16 19:53:25 +03:00
yanndegat 21d8125d5c provider/ovh: new provider (#12669)
* vendor: add go-ovh

* provider/ovh: new provider

* provider/ovh: Adding PublicCloud User Resource

* provider/ovh: Adding VRack Attachment Resource

* provider/ovh: Adding PublicCloud Network Resource

* provider/ovh: Adding PublicCloud Subnet Resource

* provider/ovh: Adding PublicCloud Regions Datasource

* provider/ovh: Adding PublicCloud Region Datasource

* provider/ovh: Fix Acctests using project's regions
2017-05-16 17:26:43 +03:00
Dmitrii Korotovskii ace0456d58 http provider and http request data source 2017-05-08 17:37:48 -07:00
James Bardin 947db2304a it's possible to get a nil diff in PreApply
Looking through the operations in node_resource_apply and
node_resource_destroy, there are multiple nil checks for diffApply, so
one we need to continue to assume that the diff can be nil through there
until we ensure that it is non-nill in all cases.

So regardless of how we came to get a nil diff in the UiHook PreApply
method, we need to check it.
2017-04-28 21:59:56 -04:00
Justin LaRose c6ad44de10 update error response when env does not exist (#14009) 2017-04-27 11:22:30 +01:00
stack72 898ac02854
Merge branch 'feature/gitlab_provider' of https://github.com/richardc/terraform into richardc-feature/gitlab_provider 2017-04-27 05:08:12 +12:00
Edward Betts be265479a9 correct spelling mistakes (#13979) 2017-04-27 02:10:04 +12:00
James Bardin 6ef7c83ec5 add data-loss warning to SIGINT handler in apply
Warning user about data loss after receiving an interrupt.
2017-04-25 11:43:59 -04:00
Richard Clamp 631b0b865c provider/gitlab: add gitlab provider and `gitlab_project` resource
Here we add a basic provider with a single resource type.

It's copied heavily from the `github` provider and `github_repository`
resource, as there is some overlap in those types/apis.

~~~
resource "gitlab_project" "test1" {
  name = "test1"
  visibility_level = "public"
}
~~~

We implement in terms of the
[go-gitlab](https://github.com/xanzy/go-gitlab) library, which provides
a wrapping of the [gitlab api](https://docs.gitlab.com/ee/api/)

We have been a little selective in the properties we surface for the
project resource, as not all properties are very instructive.
Notable is the removal of the `public` bool as the `visibility_level`
will take precedent if both are supplied which leads to confusing
interactions if they disagree.
2017-04-24 11:38:20 +01:00
Martin Atkins b1763e262a Restore stringer-generated files back to new version
stringer has changed the boilerplate it generates in a recent version.
We'd previously updated to the new format but accientally rolled back
to the old while merging a long-running feature branch.

This restores us back to the new format again.
2017-04-21 14:49:18 -07:00
Jasmin Gacic 61499cfcf0 Provider Oneandone (#13633)
* Terraform Provider 1&1

* Addressing pull request remarks

* Fixed imports

* Fixing remarks

* Test optimiziation
2017-04-21 17:19:10 +03:00
James Bardin dca89519ec Merge pull request #13825 from hashicorp/jbardin/reconfigure
add init -reconfigure flag
2017-04-21 09:03:12 -04:00
James Bardin 0e0f0b64b9 add init -reconfigure test
Check that we can reconfigure a backend ignoring the saved config, and
without effecting the saved backend.
2017-04-20 18:15:47 -04:00
James Bardin 7aa2ce8341 add -reconfigure option for init
The reconfigure flag will force init to ignore any saved backend state.
This is useful when a user does not want any backend migration to
happen, or if the saved configuration can't be loaded at all for some
reason.
2017-04-20 18:15:46 -04:00
Jake Champlin 35388cbc31 Merge pull request #13468 from hashicorp/f-oracle-compute
provider/opc: Add Oracle Compute Provider
2017-04-20 14:52:39 -04:00
Quentin Machu bf8d932d23
provider/local: Implement a new local_file resource
This commit adds the ability to provision files locally.
This is useful for cases where TerraForm generates assets
such as TLS certificates or templated documents that need
to be saved locally.

- While output variables can be used to return values to
the user, it is not extremly suitable for large content or
when many of these are generated, nor is it practical for
operators to manually save them on disk.
- While `local-exec` could be used with an `echo`, this
provider works across platforms and do not require any
convoluted escaping.
2017-04-13 14:57:29 -07:00
James Bardin d1b4df42ed missing PersistState in env new 2017-04-12 13:57:22 -04:00
David Joos bbd2e6de35 Fix for minor typo
"destionation" -> "destination"
2017-04-11 13:04:36 +01:00
tombuildsstuff 3a084b061a Merge branch 'master' into f-oracle-merge 2017-04-07 11:15:36 +01:00
Jake Champlin 456d43e200
Merge remote-tracking branch 'origin/master' into f-oracle-compute 2017-04-04 16:14:51 -04:00
James Bardin fb4a365d12 noop migrate copy, add -lock and -input
A couple commits got rebased together here, and it's easier to enumerate
them in a single commit.

Skip copying of states during migration if they are the same state. This
can happen when trying to reconfigure a backend's options, or if the
state was manually transferred. This can fail unexpectedly with locking
enabled.

Honor the `-input` flag for all confirmations (the new test hit some
more). Also unify where we reference the Meta.forceInitCopy and transfer
the value to the existing backendMigrateOpts.force field.
2017-04-04 14:54:48 -04:00
James Bardin aad143b6d1 set stateLock to true when building meta flagSet
Any commands that use `stateLock` should have a flag to set that
value, but set a failsafe to true just in case.
2017-04-04 14:44:58 -04:00
James Bardin d059939f88 Merge pull request #13262 from hashicorp/jbardin/lock-timeouts
lock timeouts
2017-04-04 14:30:20 -04:00
Radek Simko fc72a20c66 command/hook_ui: Increase max length of state IDs (#13317) 2017-04-04 15:41:54 +01:00
Jake Champlin edc524df55
provider/opc: Update OPC Provider
Updates the OPC provider to a fully working version.
2017-04-03 18:24:57 -04:00
James Bardin 3d604851c2 test -lock-timeout from cli 2017-04-03 11:50:19 -04:00
James Bardin 5eca913b14 add cli flags for -lock-timeout
Add the -lock-timeout flag to the appropriate commands.
Add the -lock flag to `init` and `import` which were missing it.
Set both stateLock and stateLockTimeout in Meta.flagsSet, and remove the
extra references for clarity.
2017-04-01 17:09:21 -04:00
James Bardin 305ef43aa6 provide contexts to clistate.Lock calls
Add fields required to create an appropriate context for all calls to
clistate.Lock.

Add missing checks for Meta.stateLock, where we would attempt to lock,
even if locking should be skipped.
2017-04-01 17:09:20 -04:00
James Bardin 3f0dcd1308 Have the clistate Lock use LockWithContext
- Have the ui Lock helper use state.LockWithContext.
- Rename the message package to clistate, since that's how it's imported
  everywhere.
- Use a more idiomatic placement of the Context in the LockWithContext
  args.
2017-04-01 17:09:20 -04:00
James Bardin 75458a182d remove extra state.Locker assertions
All states are lockers, so get rid of extra asertions.
2017-04-01 17:01:45 -04:00
James Bardin 8050eda52d don't delete local state on a local backend
Don't erase local state during backend migration if the new and old
paths are the same. Skipping the confirmation and copy are handled in
another patch, but the local state was always erased by default, even
when it was our new state.
2017-03-31 15:26:23 -04:00
James Bardin 50023e9a60 honor `input=false` in state migration
return an error when confirming a copy if -input=false
2017-03-29 18:11:45 -04:00
James Bardin 7d23e1ef20 add equivalent tests to meta_backend_test 2017-03-29 17:50:55 -04:00
James Bardin c891ab50b7 detect when backend.Hash needs update
It's possible to not change the backend config, but require updating the
stored backend state by moving init options from the config file to the
`-backend-config` flag. If the config is the same, but the hash doesn't
match, update the stored state.
2017-03-29 16:03:51 -04:00
James Bardin ff2d753062 add Rehash to terraform.BackendState
This method mirrors that of config.Backend, so we can compare the
configration of a backend read from a config vs that of a backend read
from a state. This will prevent init from reinitializing when using
`-backend-config` options that match the existing state.
2017-03-29 15:53:42 -04:00
Martin Atkins 76dca009e0 Allow escaped interpolation-like sequences in variable defaults
The variable validator assumes that any AST node it gets from an
interpolation walk is an indicator of an interpolation. Unfortunately,
back in f223be15 we changed the interpolation walker to emit a LiteralNode
as a way to signal that the result is a literal but not identical to the
input due to escapes.

The existence of this issue suggests a bit of a design smell in that the
interpolation walker interface at first glance appears to skip over all
literals, but it actually emits them in this one situation. In the long
run we should perhaps think about whether the abstraction is right here,
but this is a shallow, tactical change that fixes #13001.
2017-03-29 09:25:57 -07:00
Martin Atkins 21cd5595e2 Update stringer-generated files to new boilerplate
golang/tools commit 23ca8a263 changed the format of the leading comment
to comply with some new standards discussed here:
https://golang.org/issue/13560

This is the result of running generate with the latest version of
stringer. Everyone working on Terraform will need to update stringer
after this is merged, to avoid reverting this:
    go get -u golang.org/x/tools/cmd/stringer
2017-03-29 08:07:06 -07:00
James Bardin f172b4a023 Merge pull request #13105 from hashicorp/jbardin/command-env
disallow env names that aren't url-safe
2017-03-27 18:53:44 -04:00
James Bardin 2cffa25235 Add test to verify that Validation isn't called
The apply won't succeed because we don't have a valid plan, but this
verifies that providing a plan file prevents Validation.
2017-03-27 18:39:18 -04:00
James Bardin 9d118325b3 Reject names that aren't url-safe
Environment names can be used in a number of contexts, and should be
properly escaped for safety. Since most state names are store in path
structures, and often in a URL, use `url.PathEscape` to check for
disallowed characters
2017-03-27 18:00:56 -04:00
James Bardin 8027fe9e08 Don't Validate if we have an execution plan
The plan file should contain all data required to execute the apply
operation. Validation requires interpolation, and the `file()`
interpolation function may fail if the module files are not present.
This is the case currently with how TFE executes plans.
2017-03-27 17:11:50 -04:00
James Bardin 54e536cfe0 add `-force-copy` option to init command
The `-force-copy` option will suppress confirmation for copying state
data.

Modify some tests to use the option, making sure to leave coverage of
the Input code path.
2017-03-22 08:47:26 -04:00
Mitchell Hashimoto d01886a644
command: remove legacy remote state on migration
Fixes #12871

We were forgetting to remove the legacy remote state from the actual
state value when migrating. This only causes an issue when saving a plan
since the plan contains the state itself and causes an error where both
a backend + legacy state exist.

If saved plans aren't used this causes no noticable issue.

Due to buggy upgrades already existing in the wild, I also added code to
clear the remote section if it exists in a standard unchanged backend
2017-03-20 10:14:59 -07:00
Mitchell Hashimoto 23505cc2a8 Merge pull request #12818 from hashicorp/b-legacy
command: use backendinit instead of initializing legacy directly
2017-03-17 11:06:01 -07:00
James Bardin 434e78158a Merge pull request #12812 from hashicorp/jbardin/hook-ui-race
fix race in hook ui PreApply test
2017-03-17 14:05:39 -04:00
Mitchell Hashimoto 4f59576231
command: fix awkward wording in message 2017-03-17 10:52:22 -07:00
James Bardin b9931c437d fix race in hook ui PreApply test
Fix a race in the PreApply test, and make the PreApply background task
actually concealable.
2017-03-17 13:49:05 -04:00
Mitchell Hashimoto 96e38041ab
command: use backendinit instead of initializing legacy directly
Fixes #12806

This should've been part of 2c19aa69d9

This is the same issue, just missed a spot. Tests are hard to cover for
this since we're removing the legacy backends one by one, eventually
it'll be gone. A good sign is that we don't import backendlegacy at all
anymore in command/
2017-03-17 10:41:13 -07:00
Mitchell Hashimoto c87f3dfdd5
command/init: add test for -backend-config k/v 2017-03-17 10:22:48 -07:00
Mitchell Hashimoto df8529719c
command/init: backend-config accepts key=value pairs
This augments backend-config to also accept key=value pairs.
This should make Terraform easier to script rather than having to
generate a JSON file.

You must still specify the backend type as a minimal amount in
configurations, example:

```
terraform { backend "consul" {} }
```

This is required because Terraform needs to be able to detect the
_absense_ of that value for unsetting, if that is necessary at some
point.
2017-03-16 23:27:05 -07:00
Mitchell Hashimoto e1f4eca93c
command: apply needs to look at the right field for backend state
Plans were properly encoding backend configuration but the apply was
reading it from the wrong field. :( This meant that every apply from a
plan was applying it locally with backends.

This needs to get released ASAP.
2017-03-16 15:44:15 -07:00
Mitchell Hashimoto 25312c8985
command/push: update copy for remote state error 2017-03-16 14:41:37 -07:00
James Bardin 9bfa361e21 Merge pull request #12778 from hashicorp/jbardin/GH-12741
change to default state after backend migration
2017-03-16 16:07:25 -04:00
Mitchell Hashimoto 6921457601 Merge pull request #12777 from hashicorp/b-refresh-empty
backend/local: allow refresh on empty/non-existent state
2017-03-16 13:04:27 -07:00
James Bardin ea095eda87 change to default state after backend migration
When migrating from a multi-state backend to a single-state backend, we
have to ensure that our locally configured environment is changed back
to "default", or we won't be able to access the new backend.
2017-03-16 15:55:32 -04:00
Mitchell Hashimoto 2be1f55cbb
backend/local: allow refresh on empty/non-existent state
This allows a refresh on a non-existent or empty state file. We changed
this in 0.9.0 to error which seemed reasonable but it turns out this
complicates automation that runs refresh since it now needed to
determine if the state file was empty before running.

Its easier to just revert this into a warning with exit code zero.

The reason this changed is because in 0.8.x and earlier, the output
would be simply empty with exit code zero which seemed odd.
2017-03-16 12:11:31 -07:00
Mitchell Hashimoto 81639480fb
command: recompute config hash with ConfigFile set
Fixes #12749

If we merge in an extra partial config we need to recompute the hash to
compare with the old value to detect that change.

This hash needs to NOT be stored and just used as a temporary. We want
to keep the original hash in the state so that we don't detect a change
from the config (since the config will always be partial).
2017-03-16 11:47:59 -07:00
Mitchell Hashimoto 87201ec854
command/push: test for push with new backends 2017-03-16 10:52:58 -07:00
Mitchell Hashimoto 8b208a597d
command/push: don't allow pushing with local backend 2017-03-16 10:47:48 -07:00
Radek Simko 4448e45678 Merge pull request #12372 from hashicorp/f-kubernetes
kubernetes: Add provider + namespace resource
2017-03-16 07:18:39 +00:00
Mitchell Hashimoto f7964194eb
command: fix odd formatting that snuck in 2017-03-13 16:41:33 -07:00
Mitchell Hashimoto d475fc29a8
command: test that terraform meta information is passed through 2017-03-13 16:31:35 -07:00
Radek Simko f1db0fcf9b
kubernetes: Add provider + namespace resource 2017-03-13 21:19:17 +00:00