Commit Graph

21739 Commits

Author SHA1 Message Date
Martin Atkins 72ad927c4d configs/configload: package for loading configurations
Previously the behavior for loading and installing modules was included in
the same package as the representation of the module tree (in the
config/module package).

In our new world, the model of a module tree (now called a "Config") is
included in "configs" along with the Module and File structs. This new
package replaces the loading and installation functionality previously
in config/module with new equivalents that work with the model objects
in "configs".

As of this commit, only the loading functionality is implemented. The
installation functionality will follow in subsequent commits.
2018-02-15 15:56:38 -08:00
Martin Atkins 9153bb448e configs: include the module call source range in our module tree 2018-02-15 15:56:38 -08:00
Martin Atkins 8929eca405 configs: BuildConfig function
BuildConfig creates a module tree by recursively walking through module
calls in the root module and any descendent modules. This is intended to
be used both for the simple case of loading already-installed modules and
the more complex case of installing modules inside "terraform init", both
of which will be dealt with in a separate package.
2018-02-15 15:56:38 -08:00
Martin Atkins cc38e91612 configs: Implementation of mergeBody
mergeBody is a hcl.Body implementation that deals with our override file
merging behavior for the portions of the configuration that are not
processed until full eval time.

Mimicking the behavior of our old config merge implementation from the
"config" package, the rules here are:

- Attributes in the override body hide attributes of the same name in
  the base body.
- Any block in the override body hides all blocks with the same type name
  that appear in the base body.

This is tested by a new test for the overriding of module arguments, which
asserts the correct behavior of the merged body as part of its work.
2018-02-15 15:56:38 -08:00
Martin Atkins 7c8efe103e configs: allow overrides files to omit args that primary files can't
Some of the fields in our config structs are either mandatory in primary
files or there is a default value that we apply if absent.

Unfortunately override files impose the additional constraint that we
be allowed to omit required fields (which have presumably already been
set in the primary files) and that we are able to distinguish between a
default value and omitting a value entirely.

Since most of our fields were already acceptable for override files, here
we just add some new fields to deal with the few cases where special
handling is required and a helper function to disable the "Required" flag
on attributes in a given schema.
2018-02-15 15:56:38 -08:00
Martin Atkins 4e5efa498a configs: Parser.LoadConfigDir
This method wraps LoadConfigFile to load all of the .tf and .tf.json files
in a given directory and then bundle them together into a Module object.

This function also deals with the distinction between primary and override
files, first appending together the primary files in lexicographic order
by filename, and then merging in override files in the same order.

The merging behavior is not fully implemented as of this commit, and so
will be expanded in future commits.
2018-02-15 15:56:37 -08:00
Martin Atkins 9be399d49c configs: Another simple test for _invalid_ config files
Much like TestParserLoadConfigFileSuccess, this is intended to be an
easy-to-maintain collection of bad examples to test different permutations
of our error handling.

As with TestParserLoadConfigFileSuccess, we should also have more specific
tests alongside this that check that the error outcome is what was
expected, since this test just accepts any error and may thus not be
testing what we think it is.
2018-02-15 15:56:37 -08:00
Martin Atkins e524d1eb95 configs: Simple test of loading valid configuration files
This test is intended to be an easy-to-maintain catalog of good examples
that we can use to catch certain parsing or decoding regressions easily.

It's not a fully-comprehensive test since it doesn't check the result
of decoding, instead just accepting any decode that completes without
errors. However, an easy-to-maintain test like this is a good complement
to some more specialized tests since we can easily collect good examples
over time and just add them in here.
2018-02-15 15:56:37 -08:00
Martin Atkins e15ec486bf configs: Parser.LoadConfigFile
This is a first pass of decoding of the main Terraform configuration file
format. It hasn't yet been tested with any real-world configurations, so
it will need to be revised further as we test it more thoroughly.
2018-02-15 15:56:37 -08:00
Martin Atkins b865d62bb8 govendor fetch github.com/hashicorp/hcl2/...
This just catches us up with the latest fixes and improvements in upstream
HCL2.
2018-02-15 15:56:37 -08:00
Martin Atkins 13fa73c63e configs: stub out main configuration structs
These types represent the individual elements within configuration, the
modules a configuration is made of, and the configuration (static module
tree) itself.
2018-02-15 15:56:37 -08:00
Martin Atkins 05e3b47ba1 configs: Parser.LoadValuesFile
This method loads a "values file" -- also known as a "tfvars file" -- and
returns the values found inside.

A values file is an HCL file (in either native or JSON syntax) whose
top-level body is treated as a set of arbitrary key/value pairs whose
values may not depend on any variables or functions.

We will load values files through a configs.Parser -- even though values
files are not strictly-speaking part of configuration -- because this
causes them to be registered in our source code cache so that we can
generate source code snippets if we need to report any diagnostics.
2018-02-15 15:56:37 -08:00
Martin Atkins a0f4a313ef configs: Parser type
configs.Parser is the entry-point for this package, providing functions to
load and parse HCL-based configuration files.

We use the library "afero" to decouple the parser from the physical OS
filesystem, which here allows us to easily use an in-memory filesystem
for testing and will, in future, allow us to read files from more unusual
places, such as configuration embedded in a plan file.
2018-02-15 15:56:36 -08:00
James Bardin e41b29d096
Merge pull request #17354 from hashicorp/jbardin/known_hosts
Verify host keys in ssh connections
2018-02-15 18:33:41 -05:00
James Bardin 162389b82b
Merge pull request #17362 from hashicorp/jbardin/etcd
update etcd documentation links
2018-02-15 18:11:52 -05:00
Martin Atkins 7987a2fdb2 configs: new package for HCL2-based configuration
There's a lot of complexity in our existing "config" package that results
from our approach to handling configuration with HCL and HIL. A lot of
that functionality is no longer needed -- or must work in a significantly
different way -- for HCL2.

The new package "configs", which is named following the convention of some
Go standard library packages like "strings", is a re-imagination of some
of the functionality from the "config" package for an HCL2-only world.

The scope of this package will be slightly smaller than "config", since
it only deals with config loading and not with expression evaluation.
Another package "lang" (mentioned in the docstring here but not yet added)
will deal with the more dynamic portions of of configuration handling,
including populating an hcl.EvalContext to evaluate expressions.
2018-02-15 15:10:01 -08:00
Martin Atkins 976d85ae92 govendor fetch github.com/spf13/afero/... 2018-02-15 15:10:01 -08:00
James Bardin 1c4f403386
Merge pull request #17359 from hashicorp/jbardin/provisioner-error
Halt on provisioner errors
2018-02-15 18:09:32 -05:00
James Bardin 5458ea9aff update etcd documentation links
Add missing link to ectdv3.

Update etcd v2 link to the current v2 README, which highlights the pending
deprecation.
2018-02-15 17:13:24 -05:00
James Bardin 0345d960b2 simplify remote-exec runScripts
There no reason to retry around the execution of remote scripts. We've
already established a connection, so the only that could happen here is
to continually retry uploading or executing a script that can't succeed.

This also simplifies the streaming output from the command, which
doesn't need such explicit synchronization. Closing the output pipes is
sufficient to stop the copyOutput functions, and they don't close around
any values that are accessed again after the command executes.
2018-02-15 16:14:38 -05:00
James Bardin c1b35ad69b have the ssh communicator return fatal errors
This will let the retry loop abort when there are errors which aren't
going to ever be corrected.
2018-02-15 16:14:33 -05:00
James Bardin e06f76b90f Fix type assertion when loading stored error
Fix a bug where the last error was not retrieved from errVal.Load
due to an incorrect type assertion.
2018-02-15 15:59:34 -05:00
James Bardin e331ae9842 remove retryFunc
it's now in the communicator package
2018-02-14 18:32:29 -05:00
James Bardin d02250c2b9 remove retryFunc
it's now in the communicator package
2018-02-14 18:30:20 -05:00
James Bardin 89a0ac6e89 remove retryFunc
It's now in the communicator package
2018-02-14 18:25:05 -05:00
James Bardin f5b8091e2c remove retryFunc
It's now in the communicator package
2018-02-14 18:21:26 -05:00
James Bardin bc90eca19f add the remote-exec retry function to communicator
Every provisioner that uses communicator implements its own retryFunc.
Take the remote-exec implementation (since it's the most complete) and
put it in the communicator package for each provisioner to use.

Add a public interface `communicator.Fatal`, which can wrap an error to
indicate a fatal error that should not be retried.
2018-02-14 18:18:12 -05:00
Brian Flad b2dae9b06c
Merge pull request #17349 from hashicorp/d-importability
docs/import: Remove out of date listing of importable resources
2018-02-14 17:15:46 -05:00
James Bardin 194a4e88e2 add host_key and bastion_host_key to the docs 2018-02-14 15:35:41 -05:00
James Bardin bdfa97dbdb add tests for signed host certs
This checks that we can verify host certificates signed by a CA
2018-02-14 15:35:41 -05:00
James Bardin 1e7fd1c4ea add test for host key validation
This tests basic known_hosts validation for the ssh communicator.
2018-02-14 15:35:41 -05:00
James Bardin e3e6104007 update x/crypt/ssh and add knownhosts package 2018-02-14 15:35:41 -05:00
James Bardin 1a68fdb4f6 add support for ssh host key checking
Add `host_key` and `bastion_host_key` fields to the ssh communicator
config for strict host key checking.

Both fields expect the contents of an openssh formated public key. This
key can either be the remote host's public key, or the public key of the
CA which signed the remote host certificate.

Support for signed certificates is limited, because the provisioner
usually connects to a remote host by ip address rather than hostname, so
the certificate would need to be signed appropriately. Connecting via
a hostname needs to currently be done through a secondary provisioner,
like one attached to a null_resource.
2018-02-14 15:35:41 -05:00
Brian Flad 5576b889ab docs/import: Remove out of date listing of importable resources and note where to find the information 2018-02-14 12:02:45 -05:00
Clint c2306be0fa
Update CHANGELOG.md 2018-02-13 14:15:24 -06:00
Nolan Davidson f43e592849 [provisioner-habitat] Detect if hab user exists (#17195)
Currently the provisioner will fail if the `hab` user already exists on
the target system.

This adds a check to see if we need to create the user before trying to
add it.

Fixes #17159

Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2018-02-13 14:13:22 -06:00
Nolan Davidson 848375b9a6 [provisioner-habitat] Allow custom service name (#17196)
This change allows the Habitat supervisor service name to be
configurable. Currently it is hard coded to `hab-supervisor`.

Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2018-02-13 14:11:59 -06:00
Joshua Carp 9a3e86104e
Document aws_route53_record importable (#17306)
See https://github.com/hashicorp/terraform-website/issues/20
2018-02-13 14:07:47 -06:00
Joshua Carp 52f6abf47b Document aws_route53_record importable (#17306)
See https://github.com/hashicorp/terraform-website/issues/20
2018-02-13 14:07:05 -06:00
Brian Flad 7475ce669e
Update CHANGELOG for #17216 2018-02-13 11:50:42 -05:00
Brian Flad 69dad6f1cf
Merge pull request #17329 from hashicorp/v-terraform-provider-aws-v1.9.0
deps: Bump terraform-provider-aws@v1.9.0 and aws-sdk-go@v1.12.73
2018-02-13 11:45:19 -05:00
James Bardin a65089fcea
Merge pull request #17323 from hashicorp/jbardin/shutdown
Fix race in writing state during hard cancelation
2018-02-13 10:14:48 -05:00
Brian Flad 74598ff9fe deps: Bump terraform-provider-aws@v1.9.0 and aws-sdk-go@v1.12.73 2018-02-13 06:26:02 -05:00
JeongHoon Byun (aka Outsider) 8566ade0c3 website: fix incorrect anchor links for registry API pagination 2018-02-12 19:36:52 -08:00
Michael Mell 4b598860bb website: document the naming conventions for outputs 2018-02-12 19:33:57 -08:00
James Bardin ef8ed1e275 coalesce the backened interrupt code
Moves the nested select statements for backend operations into a single
function. The only difference in this part was that apply called
PersistState, which should be harmless regardless of the type of
operation being run.
2018-02-12 11:56:54 -05:00
James Bardin ecd9ef0f77 ignore error in plan shutdown test
The error was being silently dropped before.

There is an interpolation error, because the plan is canceled before
some of the resources can be evaluated. There might be a better way to
handle this in the walk cancellation, but the behavior has not changed.

Make the plan and apply shutdown match implementation-wise
2018-02-12 11:56:54 -05:00
James Bardin 67a6152091 move backend operation cancellation into meta
Create a single command method for running and operation with
cancellation.
2018-02-12 11:56:54 -05:00
James Bardin 7cba68326a always wait for a RunningOperation to return
If the user wishes to interrupt the running operation, only the first
interrupt was communicated to the operation by canceling the provided
context. A second interrupt would start the shutdown process, but not
communicate this to the running operation. This order of event could
cause partial writes of state.

What would happen is that once the command returns, the plugin system
would stop the provider processes. Once the provider processes dies, all
pending Eval operations would return return with an error, and quickly
cause the operation to complete. Since the backend code didn't know that
the process was shutting down imminently, it would continue by
attempting to write out the last known state. Under the right
conditions, the process would exit part way through the writing of the
state file.

Add Stop and Cancel CancelFuncs to the RunningOperation, to allow it to
easily differentiate between the two signals. The backend will then be
able to detect a shutdown and abort more gracefully.

In order to ensure that the backend is not in the process of writing the
state out, the command will always attempt to wait for the process to
complete after cancellation.
2018-02-12 11:56:03 -05:00
Alvaro Miranda Aguilera 3821c0b45a
Merge pull request #17321 from hashicorp/kikitux-patch-1
fix CenturyLink typo
2018-02-12 11:29:23 +01:00