Commit Graph

26093 Commits

Author SHA1 Message Date
James Bardin b829de086f update CHANGELOG.md 2020-06-08 10:24:23 -04:00
James Bardin ea0b4df96f
Merge pull request #25144 from sharkyze/configs/fix-looksLikeSentences-index-out-of-range
config/name_values: fix index out of range in looksLikeSentences
2020-06-08 10:22:48 -04:00
James Bardin fdfe7e5cb7 update CHANGELOG.md 2020-06-08 10:21:18 -04:00
James Bardin 0b5746b6bb
Merge pull request #25176 from hashicorp/jbardin/module-expansion-transformer
Incorrect early return in module expansion transformer
2020-06-08 10:19:05 -04:00
Kristin Laemmert 30ab95fb55
Update CHANGELOG.md 2020-06-08 08:29:15 -04:00
Kristin Laemmert 58bcc2e9bb
addrs: detect builtin provider when parsing legacy provider string (#25154)
* addrs: detect builtin provider when parsing legacy provider string

The ParseLegacyAbsProviderConfig was not detecting builtin providers
("terraform"), which caused issues for all users with 0.12 state and
the "terraform_remote_state" data source. Since "terraform" is the only
built-in provider this adds a very simple check to the parser so it
properly returns the builtin FQN.

* add tests to the addrs package
2020-06-08 08:27:36 -04:00
Alisdair McDiarmid d741c3f917
Update CHANGELOG.md 2020-06-08 07:21:47 -04:00
Alisdair McDiarmid 3f62e4686b
Merge pull request #25146 from hashicorp/alisdair/simplify-makefile
Makefile: remove unused targets
2020-06-08 07:17:54 -04:00
Alisdair McDiarmid ba374baef0 Makefile: remove unused targets
Most of the targets in the Makefile have not been used in either CI or
the normal development workflow for some time. Removing them clarifies
that the expected way to build Terraform locally is simple: go install.

Remaining targets:

- fmtcheck, generate: these are used in CI to verify that the code is
  correctly formatted and that generate has been run appropriately
- protobuf: referenced in CONTRIBUTING.md as the simplest way to build
  the proto files
- website, website-test: used to compile and test the local website in
  isolation from the terraform-website repo
2020-06-08 07:02:54 -04:00
James Bardin 198c632e04 incorrect early return during module transformer
The recursive call should only return immediately on error.

The switch statement to find the current path should not use
ReferenceOutside, as we are getting the path for configuration, not for
references. This case would not have been taken currently, since all
GraphNodeReferenceOutside are also GraphNodeModulePath.
2020-06-06 21:45:05 -04:00
James Bardin 242a916a17 variable ModulePath must return configured path
The parent path case is handled ReferenceOutside
2020-06-06 21:45:05 -04:00
James Bardin 9722686b62 validation test with multiple nested modules 2020-06-06 21:44:41 -04:00
Brian Flad 5e3c02ba27
Update CHANGELOG for #25134 2020-06-05 16:43:20 -04:00
Brian Flad ba081aa10a
backend/s3: Updates for Terraform v0.13.0 (#25134)
* deps: Update github.com/hashicorp/aws-sdk-go-base@v0.5.0

Updated via:

```
$ go get github.com/hashicorp/aws-sdk-go-base@v0.5.0
$ go mod tidy
$ go mod vendor
```

* backend/s3: Updates for Terraform v0.13.0

Reference: https://github.com/hashicorp/terraform/issues/13410
Reference: https://github.com/hashicorp/terraform/issues/18774
Reference: https://github.com/hashicorp/terraform/issues/19482
Reference: https://github.com/hashicorp/terraform/issues/20062
Reference: https://github.com/hashicorp/terraform/issues/20599
Reference: https://github.com/hashicorp/terraform/issues/22103
Reference: https://github.com/hashicorp/terraform/issues/22161
Reference: https://github.com/hashicorp/terraform/issues/22601
Reference: https://github.com/hashicorp/terraform/issues/22992
Reference: https://github.com/hashicorp/terraform/issues/24252
Reference: https://github.com/hashicorp/terraform/issues/24253
Reference: https://github.com/hashicorp/terraform/issues/24480
Reference: https://github.com/hashicorp/terraform/issues/25056

Changes:

```
NOTES

* backend/s3: Deprecated `lock_table`, `skip_get_ec2_platforms`, `skip_requesting_account_id` arguments have been removed
* backend/s3: Credential ordering has changed from static, environment, shared credentials, EC2 metadata, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata) to static, environment, shared credentials, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata)
* The `AWS_METADATA_TIMEOUT` environment variable no longer has any effect as we now depend on the default AWS Go SDK EC2 Metadata client timeout of one second with two retries

ENHANCEMENTS

* backend/s3: Always enable shared configuration file support (no longer require `AWS_SDK_LOAD_CONFIG` environment variable)
* backend/s3: Automatically expand `~` prefix for home directories in `shared_credentials_file` argument
* backend/s3: Add `assume_role_duration_seconds`, `assume_role_policy_arns`, `assume_role_tags`, and `assume_role_transitive_tag_keys` arguments

BUG FIXES

* backend/s3: Ensure configured profile is used
* backend/s3: Ensure configured STS endpoint is used during AssumeRole API calls
* backend/s3: Prefer AWS shared configuration over EC2 metadata credentials
* backend/s3: Prefer ECS credentials over EC2 metadata credentials
* backend/s3: Remove hardcoded AWS Provider messaging
```

Output from acceptance testing:

```
--- PASS: TestBackend (16.32s)
--- PASS: TestBackendConfig (0.58s)
--- PASS: TestBackendConfig_AssumeRole (0.02s)
--- PASS: TestBackendConfig_conflictingEncryptionSchema (0.00s)
--- PASS: TestBackendConfig_invalidKey (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyEncoding (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyLength (0.00s)
--- PASS: TestBackendExtraPaths (13.21s)
--- PASS: TestBackendLocked (28.98s)
--- PASS: TestBackendPrefixInWorkspace (5.65s)
--- PASS: TestBackendSSECustomerKey (17.60s)
--- PASS: TestBackend_impl (0.00s)
--- PASS: TestForceUnlock (17.50s)
--- PASS: TestKeyEnv (50.25s)
--- PASS: TestRemoteClient (4.78s)
--- PASS: TestRemoteClientLocks (16.85s)
--- PASS: TestRemoteClient_clientMD5 (12.08s)
--- PASS: TestRemoteClient_impl (0.00s)
--- PASS: TestRemoteClient_stateChecksum (17.92s)
```
2020-06-05 16:41:32 -04:00
Chris Stephens 2dd64a7816
plans: Update error message for apply validation (#21312)
* Update error message for apply validation

Add a hint that the validation failure has occurred at the root of the resource
schema to the error message. This is because the root resource has an empty
path when being validated and the path is being relied upon to provide context
into the error message.
2020-06-05 15:08:10 -04:00
Alisdair McDiarmid 6c3ad8eaad
Merge pull request #25147 from hashicorp/dont-use-demo-in-config
use example.com address in consul backend config
2020-06-05 13:46:55 -04:00
Matthew Irish e36ed8968b
use example.com address in consul backend config
Currently the example config for the Consul backend uses a live Consul demo cluster at `demo.consul.io`. This results in TF state with sensitive information and all being stored on a public site when users just copy and paste the config. This PR changes it so that the config address isn't the public demo cluster.
2020-06-05 10:35:32 -05:00
Kristin Laemmert 0b38ab3078
Update CHANGELOG.md 2020-06-05 09:13:50 -04:00
Kristin Laemmert e6cf6cd758
backend/remote: do not panic if PrepareConfig or Configure receive null (#25135)
* backend/remote: do not panic if PrepareConfig or Configure receive null
objects

If a user cancels (ctrl-c) terraform init while it is requesting missing
configuration options for the remote backend, the PrepareConfig and
Configure functions would receive a null cty.Value which would result in
panics. This PR adds a check for null objects to the two functions in
question.

Fixes #23992
2020-06-05 09:11:44 -04:00
samir elsharkawy 5dfc266da9 config/name_values: fix index out of range in looksLikeSentences 2020-06-05 13:29:43 +02:00
James Bardin 023454a3a6
Merge pull request #25138 from hashicorp/jbardin/module-data-depends-on
Data source within modules using depends_on
2020-06-04 21:54:04 -04:00
James Bardin c3ec4d8e26 get whether parent modules have depends_on set
During refresh, data sources need to know if their parent modules have
depends_on configured at all. Pass this info back through the search for
depends_on resources, and delay refresh when it's set.
2020-06-04 18:07:06 -04:00
James Bardin 4637be4377 add a way to force depends_on behavior of data
Resources that are not yet created will not be in the graph during
refresh, and therefore cannot be attached to the data source nodes. In
this case we still need to indicate if there are depends_on entries
inherited from the module call, which we can do with the forceDependsOn
field.
2020-06-04 18:03:32 -04:00
James Bardin e74ebe1787 get more depends_on info for data source
Since data sources may be read during refresh or early in plan, they
need to know if there are any inherited dependencies from containing
modules too.
2020-06-04 18:03:14 -04:00
James Bardin a03c86f612 add DependsOn method to moduleExpandModule
We'll need this again for getting the transitive depends_on references
from parent module calls. This is needed to inform us how to handle data
sources during refresh and plan.
2020-06-04 18:03:03 -04:00
James Bardin 535267e986 add dependsOn to evalDataRead
this is also needed during refresh, so move it into the base struct type
2020-06-04 18:03:03 -04:00
James Bardin 58babccc7a improve depends_on test to check ordering 2020-06-04 18:03:03 -04:00
Lars Lehtonen 3ddfa66ca4
internal/modsdir: Fix Dropped Error (#24600)
* internal/modsdir: fix dropped error

* fix typo to unmarshalling

Co-authored-by: Daniel Dreier <danieldreier@users.noreply.github.com>
2020-06-04 10:26:26 -04:00
Shunsuke Miyoshi dc3ce1bbf7
command/refresh: fix state file path (#22885)
* fix default state file path for refresh command
2020-06-04 10:24:53 -04:00
Alisdair McDiarmid b3d3d6460e Update CHANGELOG.md 2020-06-04 08:52:49 -04:00
Alisdair McDiarmid fbb966b97b command: Fix 0.13upgrade usage 2020-06-04 08:51:24 -04:00
Alisdair McDiarmid 9b73e68ce9
Merge pull request #25127 from minamijoyo/add-yes-to-0.13upgrade-help
Add `-yes` flag to 0.13upgrade help message
2020-06-04 08:44:22 -04:00
Masayuki Morita f266956a5d Add `-yes` flag to 0.13upgrade help message
It seems to be implemented but not shown in help message.

FYI: A help message for 0.12upgrade command on the 0.12 branch.
https://github.com/hashicorp/terraform/blob/v0.12.26/command/012_config_upgrade.go#L235-L243
2020-06-04 11:11:46 +09:00
Alvin Huang 73ccbd146f Cleanup after v0.13.0-beta1 release 2020-06-03 14:43:54 -04:00
hashicorp-ci 4befa3c7d9
Release v0.13.0-beta1 2020-06-03 18:10:37 +00:00
Alisdair McDiarmid 6f04215cc0
Update CHANGELOG.md 2020-06-03 11:54:10 -04:00
Alisdair McDiarmid c921c8580e
Merge pull request #25112 from hashicorp/alisdair/support-openssh-rsa-key-encoding
lang/funcs: Add support for OpenSSH RSA key format
2020-06-03 11:52:10 -04:00
Alisdair McDiarmid de0e67e5f6
Merge pull request #25110 from hashicorp/alisdair/credentials-source-nil-receiver
command: Fix panic for nil credentials source
2020-06-03 11:51:49 -04:00
Alisdair McDiarmid a4f5e04066 lang/funcs: Add support for OpenSSH RSA key format
Previously this function only supported the x509 RSA private key format.
More recent versions of OpenSSH default to generating a new PEM key
format, which this commit now supports using the x/crypto/ssh package.

Also improve the returned error messages for various invalid ciphertext
or invalid private key errors.
2020-06-03 10:50:38 -04:00
Alisdair McDiarmid f1f24df7ff main: Pass untyped nil for missing creds source
If we are unable to create a credentials source for some reason, we can
rely on the disco object to nil-check it before calling any of its
methods. However to do this we must ensure that we pass untyped nil.
This commit rearranges the initialization to ensure that this happens.

The user-facing bug that triggered this work is that running init when
the HOME environment variable is unset would result in a panic on macOS.
2020-06-03 09:46:53 -04:00
Kristin Laemmert 6fbd3942ea configs: fix panic with provider aliases
addProviderRequirements() was incorrectly using the map keys from the module
provider configs when looking up the provider FQN. The map keys include
alias, so this resulted in a panic. Update addProviderRequirements() to
use the provider's name (only) when looking up the FQN.
2020-06-02 10:55:31 -04:00
Kristin Laemmert daa57ba9f6
terraform: fix panic with the combination of non extant resource and dynamics (#25097) 2020-06-02 09:01:12 -04:00
Martin Atkins 7f91090c5c
Update CHANGELOG.md 2020-06-01 14:52:43 -07:00
Martin Atkins cdad6e5860
Update CHANGELOG.md 2020-06-01 14:51:11 -07:00
Martin Atkins 49e2e00231 command: terraform providers mirror
This new command is intended to make it easy to create or update a mirror
directory containing suitable providers for the current configuration,
producing a layout that is appropriate both for a filesystem mirror or,
if copied into the document root of an HTTP server, a network mirror.

This initial version is not customizable aside from being able to select
multiple platforms to install packages for.

Future iterations of this could include commands to turn the JSON index
generation on and off, or to instruct it to produce the unpacked directory
layout instead of the packed directory layout as it currently does. Both
of those options would make the generated directory unsuitable to be
a network mirror, but it would still work as a filesystem mirror.

In the long run this will hopefully form part of a replacement workflow to
terraform-bundle as a way to put copies of providers somewhere so we don't
need to re-download them every time, but some other changes will be needed
outside of just this command before that'd be true, such as adding support
for network and/or filesystem mirrors in Terraform Enterprise.
2020-06-01 14:49:43 -07:00
Martin Atkins 85af77386c internal/getproviders: PackageFilePathForPackage
This is the equivalent of UnpackedDirectoryPathForPackage when working
with the packed directory layout. It returns a path to a .zip file with
a name that would be detected by SearchLocalDirectory as a
PackageLocalArchive package.
2020-06-01 14:49:43 -07:00
Martin Atkins 9489672d54 internal/getproviders: Package hashing for local filesystem packages
We previously had this functionality available for cached packages in the
providercache package. This moves the main implementation of this over
to the getproviders package and then implements it also for PackageMeta,
allowing us to compute hashes in a consistent way across both of our
representations of a provider package.

The new methods on PackageMeta will only be effective for packages in the
local filesystem because we need direct access to the contents in order
to produce the hash. Hopefully in future the registry protocol will be
able to also provide hashes using this content-based (rather than
archive-based) algorithm and then we'll be able to make this work for
PackageMeta referring to a package obtained from a registry too, but
hashes for local packages only are still useful for some cases right now,
such as generating mirror directories in the "terraform providers mirror"
command.
2020-06-01 14:49:43 -07:00
Martin Atkins 67311f73fd website: Draw better attention to for and for_each patterns
When helping folks in the community forum, I commonly see questions around
more complex patterns in transforming deep data structures into different
shapes to work with for_each. We have examples of these patterns in the
docs for the functions that they rely on, but they were not previously
very discoverable in the main configuration language documentation
sections.

Here I've moved the "Using Expressions in for_each" subsection on the
Resources page above some of the other sub-sections to hopefully make it
easier to see, and written out in more detail the two specific patterns
that answer a significant number of for_each-related user questions in
the hope that readers will be more likely to realize that the links are
relevant to what their goals.

I also added some more elaboration about the behavior of converting from
list to set in the "Using Sets" subsection, because this feature is often
a user's first encounter with the set data type and I've inferred from
some of the questions I've answered that a number of Terraform users don't
have prior experience with set data types in other languages to draw
assumptions from.

Finally, I added some similar links to the for_each patterns within the
for expression documentation itself, to try to make those examples more
visible to those who might be discovering the documentation in a different
sequence, e.g. by following a deep link shared in an answer to a question
in the community forum.
2020-06-01 14:17:47 -07:00
Alisdair McDiarmid ded30b6836
Merge pull request #25103 from hashicorp/alisdair/fix-012upgrade-stub
command: Fix 0.12upgrade stub
2020-06-01 16:18:12 -04:00
Alisdair McDiarmid 5e2b11657e command: Fix 0.12upgrade stub 2020-06-01 16:12:30 -04:00