Commit Graph

23330 Commits

Author SHA1 Message Date
Martin Atkins a8f97a0805 core: Use hcl.ApplyPath for ignore_changes and "requires replace"
We were previously using cty.Path.Apply, which serves a similar purpose
but implements the more restrictive traversal behaviors down at the cty
layer. hcl.ApplyPath uses the same rules as HCL expressions and so ensures
consistent behavior with normal user expressions.

cty.Path.Apply also previously had a crashing bug (discussed in #20084)
that was causing a panic here. That has now been fixed in cty, but since
we're no longer using it here that's a moot point. The HCL traversing
implementation has been fuzz-tested and unit tested a lot more thoroughly
so should not run into the same crashers we saw with cty before.
2019-01-31 11:58:30 -08:00
Martin Atkins c8d34b55ee vendor: Upgrade both HCL2 and cty
The cty change here fixes a panic situation when cty.Path.Apply is given
a null value, making it now correctly return an error.

However, the HCL2 change includes an alternative to cty.Path.Apply that
uses HCL-level rules rather than cty-level rules, so the result behaves
like an HCL expression would. Most uses of cty.Path.Apply ought to use
hcl.ApplyPath instead, to ensure that the behavior is consistent with what
users expect in the main language.
2019-01-31 11:58:30 -08:00
Radek Simko a9aee4ba0f
Merge pull request #20165 from hashicorp/vendor-bump-deps
vendor: github.com/hashicorp/terraform-config-inspect@latest
2019-01-31 19:38:58 +00:00
Radek Simko a1f93027b2
vendor: github.com/hashicorp/terraform-config-inspect@latest 2019-01-31 10:23:18 +00:00
Martin Atkins 1a8ddc26a5 Switch to Go 1.11.5
An earlier commit incorrectly updated some versions in go.mod without also
updating the vendor tree, so this also rolls those back to where they used
to be so that we can roll them forward carefully and make sure the tests
actually pass. (If we just accept these new versions as specified the
tests do not pass, so some work is required to fix those regressions.)
2019-01-30 17:16:12 -08:00
James Bardin 5fb55c3a27
Merge pull request #20160 from hashicorp/jbardin/timeout-compat
decode legacy timeouts
2019-01-30 17:34:37 -05:00
James Bardin 9cf8f48239 decode legacy timeouts
The new decoder is more precise, and unpacks the timeout block into a
single map, which ResourceTimeout.ConfigDecode was updated to handle.
We however still need to work with legacy versions of terraform, with
the old decoder.
2019-01-30 16:10:17 -05:00
James Bardin 8a3bf9a592
Merge pull request #20158 from hashicorp/jbardin/list-block
Improve list block handling in diff application
2019-01-30 15:31:05 -05:00
James Bardin fa92e69e17 simplify test check 2019-01-30 14:55:04 -05:00
James Bardin 6f7e1ff8eb more precise handling of removed list elements
When elements are removed from a list, all attributes may not be present
in the diff. Once the individual attributes diffs are applied, use the
length to truncate the flatmapped list to the correct length.
2019-01-30 14:55:04 -05:00
James Bardin 3b04b41250 fix RequiresNew in diff
With the new diff.Apply we can keep the diff mostly intact, but we need
turn off all RequiresNew flags so that the prior state is not removed
from the apply.
2019-01-30 14:55:04 -05:00
Kristin Laemmert 653bb74403
command/format: include nested blocks in `terraform show` output (#20149)
* command/format: include nested blocks in terraform show output
* command/format: fix tests
2019-01-30 10:08:59 -08:00
Martin Atkins 477da57a92 helper/plugin: Honor resource type overrides in import
One quirky aspect of our import feature is that we allow the importer to
produce additional resources alongside the one that was imported, such as
to create separate rules for each rule of an imported security group.

Providers need to be able to set the types of these other resources since
they may not match the "main" resource type. They do this by calling
ResourceData.SetType, which in turn sets InstanceState.Ephemeral.Type.

In our shims here we therefore need to copy that out into our new TypeName
field so that the new core import code can see it and create the right
type in the state.

Testing this required a minor change to the test harness to allow the
ImportStateCheck function to see the resource type.
2019-01-30 09:05:08 -08:00
Radek Simko 43983f927c
Merge pull request #20144 from hashicorp/vendor-gm-bumps
vendor: Bump dependencies (to versions w/ clean deps)
2019-01-30 00:01:28 +00:00
Radek Simko cb5a7c74ce
Merge pull request #20145 from hashicorp/t-cmd-clarify-msg
command/test: Clarify failure (add full path)
2019-01-30 00:01:09 +00:00
Radek Simko 37f397dded
command/test: Clarify failure (add full path) 2019-01-29 22:16:41 +00:00
Radek Simko dffbfce0a0
vendor: github.com/hashicorp/go-azure-helpers@0.3.2 2019-01-29 19:39:53 +00:00
Radek Simko 7b667bf1a3
vendor: github.com/hashicorp/terraform-config-inspect@latest 2019-01-29 18:47:18 +00:00
Radek Simko 4cb9a65c52
vendor: github.com/hashicorp/hil@latest 2019-01-29 18:46:04 +00:00
Radek Simko fbceb1dfb5
vendor: github.com/hashicorp/go-plugin@latest 2019-01-29 18:41:20 +00:00
Radek Simko 6749287aa3
Merge pull request #20140 from hashicorp/vendor-fix-deps
vendor: Fix incorrect checksums + run 'go mod verify'
2019-01-29 15:29:07 +00:00
Radek Simko e0d89bdc47
travis: Verify unmodified dependencies 2019-01-29 14:44:30 +00:00
Radek Simko fedcaeea8c
vendor: Fix incorrect checksums 2019-01-29 14:36:35 +00:00
Kristin Laemmert a2ac491cde
command/show: improvements to json output (#20139)
* command/show: add support for -json output for state

* command/jsonconfig: do not marshal empty count/for each expressions

* command/jsonstate: continue gracefully if the terraform version is somehow missing from state
2019-01-28 15:53:53 -08:00
Paul Tyng 50e2b1856e
Merge pull request #20137 from hashicorp/f/tf-version
Copy TF version to helper/schema provider
2019-01-28 14:58:21 -05:00
Paul Tyng bb9ae50279
Copy TF version to helper/schema provider 2019-01-28 14:38:49 -05:00
Radek Simko 2383a2de59
Merge pull request #20131 from hashicorp/b-disco-set-default-transport
disco: Set transport early (during initialization)
2019-01-28 11:44:56 +00:00
Radek Simko bd37eda076
disco: Set transport early (during initialization) 2019-01-28 11:04:56 +00:00
Martin Atkins ae0be75ae0 helper/schema: TypeMap of Resource is actually of TypeString
Historically helper/schema did not support non-primitive map attributes
because they cannot be represented unambiguously in flatmap. When we
initially implemented CoreConfigSchema here we mapped that situation to
a nested block of mode NestingMap, even though that'd never worked until
now, assuming that it'd be harmless because providers wouldn't be using
it.

It turns out that some providers are, in fact, incorrectly populating
a TypeMap schema with Elem: &schema.Resource, apparently under the false
assumption that it would constrain the keys allowed in the map. In
practice, helper/schema has just been ignoring this and treating such
attributes as map of string. (#20076)

In order to preserve the behavior of these existing incorrectly-specified
attribute definitions, here we mimic the helper/schema behavior by
presenting as an attribute of type map(string).

These attributes have also been shown in some documentation as nested
blocks (with no equals sign), so that'll need to be fixed in user
configurations as they upgrade to Terraform 0.12. However, the existing
upgrade tool rules will take care of that as a natural consequence of the
name being indicated as an attribute in the schema, rather than as a block
type.

This fixes #20076.
2019-01-25 14:12:58 -08:00
Martin Atkins 954d38e870 lang: New file-hashing functions
In prior versions, we recommended using hash functions in conjunction with
the file function as an idiom for detecting changes to upstream blobs
without fetching and comparing the whole blob.

That approach relied on us being able to return raw binary data from
file(...). Since Terraform strings pass through intermediate
representations that are not binary-safe (e.g. the JSON state), there was
a risk of string corruption in prior versions which we have avoided for
0.12 by requiring that file(...) be used only with UTF-8 text files.

The specific case of returning a string and immediately passing it into
another function was not actually subject to that corruption risk, since
the HIL interpreter would just pass the string through verbatim, but this
is still now forbidden as a result of the stricter handling of file(...).

To avoid breaking these use-cases, here we introduce variants of the hash
functions a with "file" prefix that take a filename for a disk file to
hash rather than hashing the given string directly. The configuration
upgrade tool also now includes a rule to detect the documented idiom and
rewrite it into a single function call for one of these new functions.

This does cause a bit of function sprawl, but that seems preferable to
introducing more complex rules for when file(...) can and cannot read
binary files, making the behavior of these various functions easier to
understand in isolation.
2019-01-25 10:18:44 -08:00
Martin Atkins ecaaa91da9 lang/funcs: Factor out the various hash function implementations
These all follow the pattern of creating a hash and converting it to a
string using some encoding function, so we can write this implementation
only once and parameterize it with a hash factory function and an encoding
function.

This also includes a new test for the sha512 function, which was
previously missing a test and, it turns out, actually computing sha256
instead.
2019-01-25 10:18:44 -08:00
Kristin Laemmert 6e057c529e
command/jsonplan: sort resources by address (#20113)
* command/jsonplan: sort resources by address
* command/show: extend test case to include resources with count
* command/json*: document resource ordering as consistent but undefined
2019-01-25 09:17:40 -08:00
Martin Atkins fb0c9714c1 vendor: go get github.com/zclconf/go-cty@master
This fixes some consistency problems with how number strings were parsed
in the msgpack decoder vs other situations.

This commit also includes an upgrade of HCL2 to use this new cty function,
though there's no change in behavior here since the new function is
functionally equivalent to what it replaced.
2019-01-24 16:42:21 -08:00
Kristin Laemmert 514ac6b890
command/show: improvements to show -json output (#20110)
* terraform_version is now included in state
* provisioner "name" is now provisioner "type"
2019-01-24 15:28:53 -08:00
Sander van Harmelen a30bd5cdd4
Update CHANGELOG.md 2019-01-24 20:23:45 +01:00
Sander van Harmelen 6dd9f22780
Merge pull request #20086 from hashicorp/svh/f-service-constraints
backend/remote: make sure we show the correct error
2019-01-24 20:22:20 +01:00
James Bardin 1592b4aa67
Merge pull request #20094 from hashicorp/jbardin/missing-map-values
handle empty map values
2019-01-23 20:28:34 -05:00
James Bardin 775df57217 add more tests
verify that changes to defaults are detected
2019-01-23 20:03:10 -05:00
James Bardin 7dd0acc46b don't count empty containers in diff.Apply
If there were no matching keys, and there was no diff at all, don't set
a zero count for the container. Normally Providers can't reliably detect
empty vs unset here, but there are some cases that worked.
2019-01-23 19:34:11 -05:00
Kristin Laemmert e9099b4fcc
command/jsonplan: fix panic when filteredAfter is null (#20096)
* command/jsonplan: fix panic when filteredAfter is null
* command/jsonconfig: provider short name is required to properly look up resource schema
2019-01-23 16:14:34 -08:00
Martin Atkins c70954aeab tools/terraform-bundle: refuse to bundle versions <0.12.0
Since terraform-bundle is just a different frontend to Terraform's module
installer, it is subject to the same installation constraints as Terraform
itself.

Terraform 0.12 cannot install providers targeting Terraform 0.11 and
earlier, and so therefore terraform-bundle built with Terraform 0.12
cannot either. A build of terraform-bundle from the v0.11 line must be
used instead.

Without this change, the latest revisions of terraform-bundle would
install plugins for Terraform 0.12 to bundle along with Terraform 0.10 or
0.11, which will not work at runtime due to the plugin protocol mismatch.

Until now, terraform-bundle was incorrectly labelled with its own version
number even though in practice it has no version identity separate from
Terraform itself. Part of this change, then, is to make the
terraform-bundle version match the Terraform version it was built against,
though any prior builds will of course continue to refer to themselves
as 0.0.1.

If asked to create a bundle for a version of Terraform v0.12 or greater,
an error will be returned instructing the user to use a build from the
v0.11 branch or one of the v0.11.x tags in order to bundle those versions.

This also includes a small fix for a bug where the tool would not fail
properly when the requested Terraform version is not available for
installation, instead just producing a zip file with no "terraform"
executable inside at all. Now it will fail, allowing automated build
processes to detect it and not produce a broken archive for distribution.
2019-01-23 14:43:52 -08:00
James Bardin 37b5e2dc87 don't remove empty diff values
Our new diff handling no longer requires stripping the empty diffs out,
and provider may be relying on some of the empty-value quirks in
helper/schema.
2019-01-23 17:33:23 -05:00
James Bardin 675d700a5f test for missing map entries 2019-01-23 17:04:17 -05:00
James Bardin 9b30da500d missing prefix in recounted map
Missing prefix in map recount. This generally passes tests since the
actual count should already be there and be correct, then ethe extra key
is ignored by the shims.
2019-01-23 14:57:04 -05:00
Kristin Laemmert f00fcb90bf
mildwonkey/b-show-state (#20032)
* command/show: properly marshal attribute values to json

marshalAttributeValues in jsonstate and jsonplan packages was returning
a cty.Value, which json/encoding could not marshal. These functions now
convert those cty.Values into json.RawMessages.

* command/jsonplan: planned values should include resources that are not changing
* command/jsonplan: return a filtered list of proposed 'after' attributes

Previously, proposed 'after' attributes were not being shown if the
attributes were not WhollyKnown. jsonplan now iterates through all the
`after` attributes, omitting those which are not wholly known.

The same was roughly true for after_unknown, and that structure is now
correctly populated. In the future we may choose to filter the
after_unknown structure to _only_ display unknown attributes, instead of
all attributes.

* command/jsonconfig: use a unique key for providers so that aliased
providers don't get munged together

This now uses the same "provider" key from configs.Module, e.g.
`providername.provideralias`.

* command/jsonplan: unknownAsBool needs to iterate through objects that are not wholly known

* command/jsonplan: properly display actions as strings according to the RFC,
instead of a plans.Action string.

For example:
a plans.Action string DeleteThenCreate should be displayed as ["delete",
"create"]

Tests have been updated to reflect this.

* command/jsonplan: return "null" for unknown list items.

The length of a list could be meaningful on its own, so we will turn
unknowns into "null". The same is less likely true for maps and objects,
so we will continue to omit unknown values from those.
2019-01-23 11:46:53 -08:00
Radek Simko b492c3662c
Merge pull request #20089 from hashicorp/t-cmd-fmt-sensitive-update
command/format: Add test to cover update of sensitive field
2019-01-23 15:55:53 +00:00
Radek Simko ffb887f8b7
Update CHANGELOG.md 2019-01-23 15:37:53 +00:00
Radek Simko 71d07832e2
Merge pull request #20071 from hashicorp/b-fix-json-diff-formatting
command/format: Fix nested (JSON) object formatting
2019-01-23 15:37:03 +00:00
Radek Simko f04d0b48bc
command/format: Add test to cover update of sensitive field 2019-01-23 15:32:13 +00:00
Sander van Harmelen 1e4c20686e backend/remote: make sure we show the correct error
Previously we would show two errors when there was a version constraint
error. But of course one is enough.
2019-01-23 15:09:42 +01:00