Commit Graph

3703 Commits

Author SHA1 Message Date
Lars Wander 0254f95cc9 Merge pull request #5564 from lwander/b-gcp-route-network
provider/google: Mark next_hop_network as read only.
2016-03-10 14:38:08 -05:00
Paul Hinze 4e9e0ec5ca Merge pull request #5563 from hashicorp/phinze/deprecate-template-path
provider/template: warn when template specified as path
2016-03-10 13:30:23 -06:00
Lars Wander f8784df82b provider/google: Mark next_hop_network as read only. 2016-03-10 13:58:09 -05:00
Paul Hinze 0036db8f82 provider/template: warn when template specified as path
Turns out the BC code allowed users to move from `filename` to
`template` to squash the warning without having to switch from template
paths to template contents.

Here we warn when `template` is specified as a path so we can remove the
functionality in the future and remove this source of confusion.

refs #3732
2016-03-10 12:34:56 -06:00
Martin Atkins 2e33f5311c Treat each consul key as having its own lifecycle
Previously this resource managed the set of keys as a whole rather than
the individual keys, and so it was unable to recognize when a particular
managed key is removed and delete just that one key from Consul.

Here this is addressed by recognizing that each key actually has its own
lifecycle, and detecting when individual keys are added and removed
without replacing the entire consul_keys instance.

Additionally this restores the behavior of updating the "value" attribute
on read, but restricts it only to blocks that already had a value so as
to avoid the quirkiness seen previously when we updated blocks that were
intended to be read-only. Updating the value is important now, because we
rely on this to detect and repair discrepancies between values stored in
Consul and values given in the configuration.

This change produces a change in the handling of the "delete" attribute.
Before it was considered only when the entire consul_keys resource was
deleted, but now it is considered also when a particular key block is
removed from within a resource.
2016-03-10 07:52:43 -08:00
Martin Atkins df2ce588bc Specialized client for interacting with Consul keys
This deals with some of the quirks of interacting with the Consul API,
with the goal of making the consul_keys resource implementation, and
later the consul_keys data source, less noisy to read.
2016-03-10 07:51:27 -08:00
Paul Frybarger d8c9e448d4 Fix create/delete statuses in load balancing resources for openstack provider. 2016-03-10 09:35:38 -06:00
Clint 99ddea503d Merge pull request #5495 from nicolai86/bugfix/aws_security_group-protocol-case-sensitivity
provider/aws Always transform aws_security_group protocol to lower case
2016-03-10 09:34:55 -06:00
Clint 239b3e4f5f Merge pull request #5533 from hashicorp/pr-5184
provider/aws: Fix EC2 Classic SG Rule issue
2016-03-10 08:56:29 -06:00
Radek Simko d777141a7b provider/aws: Add tests for Lambda function updates 2016-03-10 12:31:35 +00:00
Radek Simko fdc21aad25 provider/aws: Simplify update logic for Lambda function 2016-03-10 12:31:35 +00:00
Chris Marchesi b5c7521f52 aws_lambda_function: Force code update on SHA sum mismatch 2016-03-10 12:31:35 +00:00
Rob Zienert 4aeb5bb8e9 Adding support for Lambda function updates 2016-03-10 12:31:35 +00:00
Kraig Amador 76b3c74a58 Providing a more informative error message when combining kms_key_id and etag as well as using aws_kms_key to test aws_s3_bucket's kms_key_id. 2016-03-09 19:06:36 -08:00
Paul Hinze 5ece31dc88 Merge pull request #5501 from evandbrown/vpnval
provider/google: Validate VPN tunnel peer_ip
2016-03-09 18:55:10 -06:00
Paul Hinze c1f8dda863 Merge pull request #5497 from evandbrown/flakeygcs
provider/google: Address flaky GCS acceptance tests.
2016-03-09 18:48:44 -06:00
Paul Hinze d12944797a Merge pull request #3928 from TimeIncOSS/aws-kms
provider/aws: Add support for KMS
2016-03-09 18:30:06 -06:00
Paul Hinze 108ccf0007 builtin: Refactor resource.Retry to clarify return
Change the `RetryFunc` from a plain `error` return type to a
specialized `RetryError` which must decide whether it is
retryable or not.

Add `RetryableError` / `NonRetryableError` factory functions that
callers are meant to use to build up these errors.

This makes it eminently clear whether or not a given error is
retryable from inside the client code.

Goal here is to _not_ change any behavior, simply reflect the
existing behavior with the new, clearer, API.
2016-03-09 17:37:56 -06:00
Paul Stack ab075bca60 Merge pull request #5193 from innossh/f-aws-instance-security-groups-updates
provider/aws: Support additional changes to security groups of instance without forcing new
2016-03-10 00:28:32 +01:00
James Nugent 7436cf7f89 Merge pull request #5376 from stack72/b-aws-ELBListner
provider/aws: Fixes the use of Uppercase chars in ELB Listeners
2016-03-09 23:18:56 +00:00
Paul Hinze ffa5db4f52 Merge pull request #5538 from hashicorp/phinze/retryerror-pointers-are-evil
provider/aws: Fix all pointer RetryError returns
2016-03-09 16:53:19 -06:00
Brad Sickles 3f41515d2b Fixing noop differences in aws_route. 2016-03-09 23:27:09 +01:00
Brad Sickles 16f94ed4b7 Added failing aws_route test that shows diff after apply. 2016-03-09 23:27:09 +01:00
clint shryock f96ec46681 update comments 2016-03-09 15:50:01 -06:00
Clint d14920adaf Merge pull request #5515 from hashicorp/b-aws-acc-test-updates
provider/aws: Retry DB Creation on IAM propigation error
2016-03-09 15:08:13 -06:00
clint shryock 23c42cd6cf Add test for flattenSecurityGroups 2016-03-09 15:00:30 -06:00
Paul Hinze de656942ae provider/aws: Fix all pointer RetryError returns
All of these RetryErrors were meant to fail right away, but instead
caused retry looping because the typecheck in the implementation of
`resource.Retry()` only catches the value type, and not the pointer
type.

Refs #5537
2016-03-09 14:59:55 -06:00
Maxime Bury 9e0bac6c9f Terraform should keep track of the publicly accessible attribute 2016-03-09 13:33:00 -05:00
ephemeralsnow 54cb5ffe00 provider/aws: Fix EC2 Classic SG Rule issue
Fixes an issue where security groups would fail to update after applying an
initial security_group, because we were improperly saving the id of the group
and not the name (EC2 Classic only).

This is a PR combining https://github.com/hashicorp/terraform/pull/4983 and
https://github.com/hashicorp/terraform/pull/5184 . It's majority
@ephemeralsnow's work.
2016-03-09 09:51:41 -06:00
Lars Wander b0d53a99c2 Merge pull request #4834 from erobert-c/gce_instance_template_preemptible
Fix Google instance template creation for preemptible VM
2016-03-09 10:34:20 -05:00
Paul Stack 4601d371e1 Merge pull request #5524 from stack72/f-aws-ecr-repository_name
provider/aws: `repository_url` is computed for `aws_ecr_repository`
2016-03-09 09:38:09 +00:00
stack72 7c5ab40b74 provider/aws: Add support for the `repository_url` to be computed for
ECR
2016-03-09 09:29:23 +00:00
Paul Stack b5e6cb5f88 Merge pull request #5520 from bsiegel/aws_rds_cluster_encryption
Add storage_encrypted as an optional parameter to aws_rds_cluster
2016-03-09 00:21:26 +00:00
stack72 cad550e63d provider/aws: Add support for `description` to `aws_network_interface`
resource
2016-03-08 23:28:37 +00:00
Brandon Siegel fc7e9fcd53 Ensure aws_rds_cluster can have storage_encrypted set to true 2016-03-08 17:28:44 -05:00
Brandon Siegel 0085bf6ae8 Ensure aws_rds_cluster has storage_encrypted set to false by default 2016-03-08 17:28:32 -05:00
Brandon Siegel b3864db462 fixup! Add storage_encrypted as an optional parameter to aws_rds_cluster 2016-03-08 17:15:01 -05:00
Jacob Severson c1b373ad5f Add Github Organization provider.
Allows for managing organization membership, teams, team membership, and
team repositories.
2016-03-08 23:06:30 +01:00
Brandon Siegel 8aadf1d56d Add storage_encrypted as an optional parameter to aws_rds_cluster 2016-03-08 16:48:04 -05:00
clint shryock c29e1f24b8 provider/aws: Retry DB Creation on IAM propigation error 2016-03-08 14:09:42 -06:00
Eric Robert 92d535267c Fix Google instance template creation for preemptible VM 2016-03-08 16:18:23 +00:00
clint shryock 5dc387354d provider/aws: Randomize tests more to reduce conflicts
- ASG placement tests
- Randomize DynamoDB names in tests
- tag the sg created in this test to help identify in the console
- randomize policy and role names
2016-03-08 09:56:14 -06:00
Radek Simko d4d20a9f5a kms: Treat keys in PendingDeletion state as deleted 2016-03-08 09:30:47 +00:00
Radek Simko 6f8a9c0f77 aws: kms_key - Add support for is_enabled + enable_key_rotation 2016-03-08 09:30:47 +00:00
Radek Simko 347913a3be aws: kms_key - Iterate over all aliases (not just 50) 2016-03-08 09:30:47 +00:00
Radek Simko ff2d040d28 aws: kms_key + kms_alias - Add acceptance tests 2016-03-08 09:30:47 +00:00
Radek Simko ccedb36a86 aws: kms_key - add forgotten policy read call + normalize 2016-03-08 09:30:47 +00:00
Radek Simko 4c1f8db32d aws: kms_key - Change field name (deletion_window -> deletion_window_in_days) 2016-03-08 09:30:47 +00:00
Radek Simko fccffbcbb1 aws: kms_alias - Remove unnecessary default ForceNew state 2016-03-08 09:30:47 +00:00
Radek Simko 5c9fe668f5 aws: kms resources - Simplify error handling 2016-03-08 09:30:47 +00:00
Radek Simko 2b244e21bc aws: kms validation - Add missing placeholders for Errorf 2016-03-08 09:30:47 +00:00
Radek Simko 5466d69450 aws: kms resources - gofmt all the code 2016-03-08 09:30:47 +00:00
Philip Witty 5e18031367 Update AWS KMS with respect to key deletion features 2016-03-08 09:30:47 +00:00
Philip Witty 6648df7acc Added AWS KMS key & alias support 2016-03-08 09:30:47 +00:00
Evan Brown 23af84ca09 provider/google: Validate VPN tunnel peer_ip 2016-03-07 21:35:08 -08:00
Evan Brown aa5099fe9b provider/google: Address flaky GCS acceptance tests.
Acceptance tests for GCS that do rapid create/delete/create
on GCS buckets using the same name sometimes fail as the
bucket namespace is eventually consistent. This change makes
tests use a random bucket name for each test (adapted from
the existing ACL tests).
2016-03-07 14:26:19 -08:00
Raphael Randschau 2c698d2cb0 Always transform aws_security_group protocol to lower case
fixes #5489
2016-03-07 22:40:29 +01:00
clint shryock f0d3176999 provider/aws: Add Elastic Beanstalk Application, Configuration Template, and Environment
This adds support for Elastic Beanstalk Applications, Configuration Templates,
and Environments.

This is a combined work of @catsby, @dharrisio, @Bowbaq, and @jen20
2016-03-07 14:43:23 -06:00
Paul Stack 46e4717428 Merge pull request #5474 from kjmkznr/skip-normalize-empty-policy
provider/aws: Fix error parsing JSON in S3 bucket policy
2016-03-07 18:53:51 +01:00
Paul Stack 122e9ac42a Merge pull request #5476 from nicolai86/feature/docker-tag-handling
provider/docker fix image test assertions
2016-03-07 18:52:03 +01:00
Michael H. Oshita 00288c36b9 fix indentation 2016-03-07 22:18:58 +09:00
Kazunori Kojima 8d1292d608 Return empty string when input empty S3 bucket policy
Before:

"" -> "Error parsing JSON: unexpected end of JSON input"

After:

"" -> ""
2016-03-07 09:31:33 +09:00
Raphael Randschau f7d4aca965 Fix docker test assertions regarding latest tag 2016-03-06 16:45:06 +01:00
Radek Simko c6c2752211 provider/aws: Sort API Gateway resources alphabetically 2016-03-06 09:29:31 +00:00
Radek Simko fa0d6af524 provider/aws: Remove unnecessary GetChange in Delete funcs 2016-03-06 09:29:31 +00:00
Radek Simko a338eae72a provider/aws: Guard APIGateway resource & REST API against deletion 2016-03-06 09:29:30 +00:00
Radek Simko ce5324b341 Merge pull request #4295 from nicolai86/feature/aws-api-gateway
provider/aws: API Gateway resources
2016-03-06 09:00:02 +00:00
Raphael Randschau 6430fca7f6 Add aws_api_gateway_deployment resource 2016-03-05 23:21:58 +01:00
Raphael Randschau 8c59d0861e Add aws_api_gateway_api_key resource 2016-03-05 23:21:54 +01:00
Raphael Randschau b4c99f1009 Add aws_api_gateway_model resource 2016-03-05 23:21:51 +01:00
Raphael Randschau 4da8b3d03a Add aws_api_gateawy_integration_response resource 2016-03-05 23:21:48 +01:00
Raphael Randschau 1593dbe9c8 Add aws_api_gateway_integration resource 2016-03-05 23:21:44 +01:00
Raphael Randschau 91f5206f8d Add aws_api_gateway_method_response resource 2016-03-05 23:21:41 +01:00
Raphael Randschau 032e6081cb Add aws_api_gateway_method resource 2016-03-05 23:21:38 +01:00
Raphael Randschau 7ead800f6a Add aws_api_gateway_resource resource 2016-03-05 23:21:35 +01:00
Raphael Randschau a73721d248 Add aws_api_gateway_rest_api resource 2016-03-05 23:13:38 +01:00
Raphael Randschau fdf0cfa66d Vendor AWS APIGateway API 2016-03-05 23:12:19 +01:00
Paul Stack b66b9c92a2 Merge pull request #5401 from Originate/mb-fix-kinesis-stream-shard-count
provider/aws: Report the correct number of shards for Kinesis streams
2016-03-05 19:19:16 +01:00
stack72 d63166c025 provider/aws: Adding a test for AWS Kinesis Stream Shard Count 2016-03-05 18:40:47 +01:00
Kraig Amador 74de6531fe Return an error when conflicting etag & kms_key_id parameters are provided and now with ServerSideEncryption we can go back to the higher level PutObject. 2016-03-04 09:22:43 -08:00
Joe Topjian a786d3d4ae Merge pull request #5432 from jtopjian/openstack-instance-tenantnet-403
provider/openstack: Account for a 403 reply from os-tenant-networks
2016-03-03 21:35:40 -07:00
Kraig Amador db91aebd8e Added a kms_key_id parameter which will allow you to encrypt objects that are put into a bucket. 2016-03-03 16:20:01 -08:00
Evan Brown 2e958f7a12 provider/google: Fix Pubsub acceptance tests
Acceptance tests for Pubsub topics and subscriptions failed after
incorrectly determining that resources were not deleted in the
CheckDestroy phase.

Fixes 5437
2016-03-02 15:36:32 -08:00
Joe Topjian 65d96ef58a provider/openstack: Account for a 403 reply from os-tenant-networks 2016-03-02 21:17:59 +00:00
Evan Brown 87006d6a0c provider/google: Fix VPN tunnel creation test
The GCE API for creating VPN tunnels began validating the `peerIp` field
and rejecting RFC5735 addresses. The previous test was using one of
these addresses and failing as a result. This commit uses 8.8.8.8
for the peerIp.
2016-03-02 13:17:38 -08:00
Shane O'Grady b03fc1d2e9 description is now a required field for google_dns_managed_zone
The description field for a managed-zone is now a required field when using the Cloud API.
This commit defaults the field to use the text "Managed by Terraform" to minimize required boilerplate for Terraform users.

Ref: https://cloud.google.com/sdk/gcloud/reference/dns/managed-zones/create
2016-03-02 17:23:11 -03:00
Paul Hinze 834bfcdc7a providder/azure: ASM image names have dates in them :-| 2016-03-02 13:02:48 -06:00
Joe Topjian 986eefcfe2 Merge pull request #5391 from jtopjian/openstack-secgroup-icmp-zero
provider/openstack: Allow ICMP Security Groups with values of zero
2016-03-01 12:48:12 -07:00
Maxime Bury ae8627f92a Report the correct number of shards 2016-03-01 10:46:39 -08:00
Radek Simko dc45f84a8f Allow recovering from failed CW Event Target creation in state 2016-03-01 12:37:36 +00:00
Radek Simko 5a786d52d9 Fix: Do not store ID of CW Event Target if creation fails 2016-03-01 12:35:15 +00:00
Joe Topjian 9332a1ddac provider/openstack: Add test for ICMP SecGroup rules with type zero
This is to just catch possible breakage in the future. The actual
support was done in Gophercloud.

Previously, values of 0 were not allowed since there's no such port
as 0. However, there are ICMP codes of 0.
2016-03-01 03:29:14 +00:00
stack72 d3697fa50b provider/aws: Combine AWS Metrics Collection resource and AWS
Autoscaling Group
2016-02-29 20:58:41 +00:00
stack72 4fc1391303 Scaffold the AWS Autoscaling Group Metrics Collection 2016-02-29 19:24:30 +00:00
stack72 ffbb59a73e provider/aws: Fixes the use of Uppercase chars in ELB Listeners 2016-02-29 18:04:47 +00:00
Paul Stack e6f3fafcd6 Merge pull request #5361 from stack72/b-aws-es-tags
provider/aws: `aws_elastisearch_domain` tags not being set correctly.
2016-02-29 17:38:06 +00:00
Joe Topjian b72cb19606 Merge pull request #5366 from jtopjian/openstack-readd-server-access
provider/openstack: Re-Add server.AccessIPv4 and server.AccessIPv6
2016-02-29 08:44:16 -07:00
Maxime Bury 0290884fdc Lambda S3 object version defaults to '$LATEST' if unspecified 2016-02-29 14:31:47 +00:00
Joe Topjian 7d6116d7c2 provider/openstack: Re-Add server.AccessIPv4 and server.AccessIPv6
GH-4812 removed reading server.AccessIPv4 and server.AccessIPv6
because, AFAICT, they are not set by Nova. After removal, a user
reported that they were no longer able to read IPs from access_ip_v4
and access_ip_v6 on Rackspace. It's possible that Rackspace sets
the AccessIPv* attributes, and if that's true, other cloud providers
might as well through custom extensions.

The priority of how access_ip_v* is set might require some tweaks in
the future.
2016-02-28 21:39:45 +00:00
Joe Topjian d82a4c9259 provider/openstack: Safely typecast network during instance update
This commit protects against unsafe typecasting when an instance is
updating its network configuration.
2016-02-28 19:02:53 +00:00