Commit Graph

21195 Commits

Author SHA1 Message Date
James Bardin bdfa97dbdb add tests for signed host certs
This checks that we can verify host certificates signed by a CA
2018-02-14 15:35:41 -05:00
James Bardin 1e7fd1c4ea add test for host key validation
This tests basic known_hosts validation for the ssh communicator.
2018-02-14 15:35:41 -05:00
James Bardin e3e6104007 update x/crypt/ssh and add knownhosts package 2018-02-14 15:35:41 -05:00
James Bardin 1a68fdb4f6 add support for ssh host key checking
Add `host_key` and `bastion_host_key` fields to the ssh communicator
config for strict host key checking.

Both fields expect the contents of an openssh formated public key. This
key can either be the remote host's public key, or the public key of the
CA which signed the remote host certificate.

Support for signed certificates is limited, because the provisioner
usually connects to a remote host by ip address rather than hostname, so
the certificate would need to be signed appropriately. Connecting via
a hostname needs to currently be done through a secondary provisioner,
like one attached to a null_resource.
2018-02-14 15:35:41 -05:00
James Bardin a65089fcea
Merge pull request #17323 from hashicorp/jbardin/shutdown
Fix race in writing state during hard cancelation
2018-02-13 10:14:48 -05:00
JeongHoon Byun (aka Outsider) 8566ade0c3 website: fix incorrect anchor links for registry API pagination 2018-02-12 19:36:52 -08:00
Michael Mell 4b598860bb website: document the naming conventions for outputs 2018-02-12 19:33:57 -08:00
James Bardin ef8ed1e275 coalesce the backened interrupt code
Moves the nested select statements for backend operations into a single
function. The only difference in this part was that apply called
PersistState, which should be harmless regardless of the type of
operation being run.
2018-02-12 11:56:54 -05:00
James Bardin ecd9ef0f77 ignore error in plan shutdown test
The error was being silently dropped before.

There is an interpolation error, because the plan is canceled before
some of the resources can be evaluated. There might be a better way to
handle this in the walk cancellation, but the behavior has not changed.

Make the plan and apply shutdown match implementation-wise
2018-02-12 11:56:54 -05:00
James Bardin 67a6152091 move backend operation cancellation into meta
Create a single command method for running and operation with
cancellation.
2018-02-12 11:56:54 -05:00
James Bardin 7cba68326a always wait for a RunningOperation to return
If the user wishes to interrupt the running operation, only the first
interrupt was communicated to the operation by canceling the provided
context. A second interrupt would start the shutdown process, but not
communicate this to the running operation. This order of event could
cause partial writes of state.

What would happen is that once the command returns, the plugin system
would stop the provider processes. Once the provider processes dies, all
pending Eval operations would return return with an error, and quickly
cause the operation to complete. Since the backend code didn't know that
the process was shutting down imminently, it would continue by
attempting to write out the last known state. Under the right
conditions, the process would exit part way through the writing of the
state file.

Add Stop and Cancel CancelFuncs to the RunningOperation, to allow it to
easily differentiate between the two signals. The backend will then be
able to detect a shutdown and abort more gracefully.

In order to ensure that the backend is not in the process of writing the
state out, the command will always attempt to wait for the process to
complete after cancellation.
2018-02-12 11:56:03 -05:00
Alvaro Miranda Aguilera 3821c0b45a
Merge pull request #17321 from hashicorp/kikitux-patch-1
fix CenturyLink typo
2018-02-12 11:29:23 +01:00
Alvaro Miranda Aguilera bf18ad3eb9
Update cloud-index.html.markdown 2018-02-12 11:08:28 +01:00
Ryan Uber a25d98b6d1
Merge pull request #17312 from hashicorp/b-state-uuid
terraform: use hashicorp/go-uuid for lineage generation
2018-02-09 15:21:10 -08:00
Ryan Uber 71ac5034e9 terraform: use hashicorp/go-uuid for lineage generation 2018-02-09 15:02:32 -08:00
Justin Campbell 58840f6588
Merge pull request #17309 from hashicorp/docs-registry-examples
website: Clarify Registry examples behavior
2018-02-09 16:25:48 -05:00
Justin Campbell c3872b42b5 website: Clarify Registry examples behavior 2018-02-09 12:51:19 -05:00
Nick Fagerlund f0a009c573 website: private module registry documentation 2018-02-07 09:15:55 -08:00
Chris Griggs 1e12e49878 Website: Restructure Community providers list (#17286)
* restructure community providers list

* add vRA

* add Gandi provider

* re-organize
2018-02-06 15:35:12 -08:00
Brian Flad ec25a320e1
Merge pull request #17216 from hashicorp/f-aws-cn-northwest-1
deps: Bump AWS provider to support cn-northwest-1 state
2018-02-06 18:01:42 -05:00
Brian Flad b924e8cba5 deps: Bump terraform-provider-aws@v1.8.0 and aws-sdk-go@v1.12.70 2018-02-05 20:06:50 -05:00
Chris Griggs 4f38f4f9eb Website Update provider name (#17270)
* edit prvoider name
2018-02-02 12:17:30 -06:00
Radek Simko bb844504bd
Update CHANGELOG.md 2018-02-01 13:34:08 +00:00
Radek Simko a4388b0ef2
Merge pull request #17261 from hashicorp/b-diff-crash-set
helper/schema: Prevent crash on removal of computed field in CustomizeDiff
2018-02-01 13:33:28 +00:00
Radek Simko 7af1c2b3a4
helper/schema: Prevent crash on removal of computed field in CustomizeDiff 2018-02-01 12:05:22 +00:00
James Bardin 1ba8691f35
Merge pull request #17241 from hashicorp/jbardin/destroy-with-locals
Fix destroy-time handling of outputs and local values
2018-01-31 17:40:19 -05:00
James Bardin 4b617986c8
Merge pull request #17260 from hashicorp/jbardin/plan-shutdown-test
slow down the plan shutdown tests for slow hosts
2018-01-31 17:38:12 -05:00
James Bardin 6f41a80b3a slow down the plan shutdown tests for slow hosts
The plan shutdown test often fail on slow CI hosts, becase the plan
completes befor the main thread can cancel it. Since attempting to make
the MockProvider concurrent proved too invasive for now, just slow the
test down a bit to help ensure Stop gets called.
2018-01-31 17:09:48 -05:00
James Bardin 7217aba5f0 release: clean up after v0.11.3 2018-01-31 21:00:32 +00:00
James Bardin 3802b14260
v0.11.3 2018-01-31 20:48:39 +00:00
Aidan Feldman c9481ab012 website: improve the Module Sources documentation
Better section linking within Module Sources page, and centralize the documentation on Terraform Registry sources.
2018-01-31 11:52:14 -08:00
Blake Stoddard f918fb8583 website: fix ordering of interpolation functions 2018-01-31 11:50:00 -08:00
James Bardin 7fbc35a36c Make sure outputs are removed when targeting
Similar to NodeApplyableOuptut, NodeDestroyableOutputs also need to stay
in the graph if any ancestor nodes

Use the same GraphNodeTargetDownstream method to keep them from being
pruned, since they are dependent on the output node and all its
descendants.
2018-01-31 13:51:40 -05:00
Chris Griggs 3d23a14a7a Website: Provider link (#17246)
* Website: add PANOS links

* fix type

* edit
2018-01-31 10:29:48 -06:00
James Bardin 61fa9a365d
Merge pull request #17252 from jen20/remove-unnecessary-vendor
deps: Remove unnecessary Joyent dependencies
2018-01-31 08:30:53 -05:00
James Nugent 1b97297860 deps: Remove unnecessary Joyent dependencies
github.com/joyent/triton-go replaced a bunch of other dependencies quite
some time ago, but the replaced dependencies were never removed. This
commit removes them from the vendor manifest and the vendor/ directory.
2018-01-30 20:59:10 -06:00
James Bardin ca4178b9ec gofmt bug will be fixed in 1.10 2018-01-30 15:46:24 -05:00
James Bardin a2f8482333 catch missing id attribute during interpolation
The id attribute can be missing during the destroy operation.
While the new destroy-time ordering of outputs and locals should prevent
resources from having their id attributes set to an empty string,
there's no reason to error out if we have the canonical ID field
available.

This still interrogates the attributes map first to retain any previous
behavior, but in the future we should settle on a single ID location.
2018-01-30 15:46:12 -05:00
James Bardin 9a7db39f45
Merge pull request #17245 from cchildress/workspaces_docs
Workspaces are supported locally.
2018-01-30 15:16:16 -05:00
Cameron Childress 5ebb9d818d Workspaces are supported locally. 2018-01-30 10:40:07 -07:00
James Bardin 99867f0082 add PruneUnusedValuesTransformer
Since outputs and local nodes are always evaluated, if the reference a
resource form the configuration that isn't in the state, the
interpolation could fail.

Prune any local or output values that have no references in the graph.
2018-01-30 10:47:17 -05:00
James Bardin 2d138d9917 add a more complex locals test
Using destroy provisioners again for edge cases during destroy.
2018-01-30 10:47:17 -05:00
James Bardin d31fe5ab9d delete outputs during destroy
Now that outputs are always evaluated, we still need a way to remove
them from state when they are destroyed.

Previously, outputs were removed during destroy from the same
"Applyable" node type that evaluates them. Now that we need to possibly
both evaluate and remove output during an apply, we add a new node -
NodeDestroyableOutput.

This new node is added to the graph by the DestroyOutputTransformer,
which make the new destroy node depend on all descendants of the output
node.  This ensures that the output remains in the state as long as
everything which may interpolate the output still exists.
2018-01-29 19:30:04 -05:00
Chris Griggs 61ff3422b7 website: even more community providers 2018-01-29 15:49:21 -08:00
James Bardin 08139557f8 always evaluate outputs too
Always evaluate outputs during destroy, just like we did for locals.
This breaks existing tests, which we will handle separately.

Don't reverse output/local node evaluation order during destroy, as they
are both being evaluated.
2018-01-29 18:10:34 -05:00
James Bardin 7ac0a46981 add destroy provisioner test with locals, outputs
Add a complex destroy provisioner testcase using locals, outputs and
variables.

Add that pesky "id" attribute to the instance states for interpolation.
2018-01-29 18:01:58 -05:00
James Bardin 7da1a39480 always evaluate locals, even during destroy
Destroy-time provisioners require us to re-evaluate during destroy.

Rather than destroying local values, which doesn't do much since they
aren't persisted to state, we always evaluate them regardless of the
type of apply. Since the destroy-time local node is no longer a
"destroy" operation, the order of evaluation need to be reversed. Take
the existing DestroyValueReferenceTransformer and change it to reverse
the outgoing edges, rather than in incoming edges. This makes it so that
any dependencies of a local or output node are destroyed after
evaluation.

Having locals evaluated during destroy failed one other test, but that
was the odd case where we need `id` to exist as an attribute as well as
a field.
2018-01-29 16:16:41 -05:00
Brian Flad 8743edc4c9 deps: Bump AWS provider to support cn-northwest-1 state 2018-01-27 03:53:29 -05:00
James Bardin 5f72c97e70
Merge pull request #17201 from hashicorp/jbardin/disco-timeout
extend disco timeout
2018-01-26 17:14:23 -05:00
James Bardin eca2440c38
Merge pull request #17200 from hashicorp/jbardin/update-go-plugin
update the go-plugin package
2018-01-26 17:12:45 -05:00