Commit Graph

4455 Commits

Author SHA1 Message Date
David Tolnay db627798e6 provider/aws: Handle spurious failures in resourceAwsSecurityGroupRuleRead (#7377)
Previously, any old HTTP error would be treated as the security_group_rule being
deleted. In reality there are only a few cases where this is the right
assumption.
2016-07-07 16:06:02 -05:00
James Bardin 4c602d1eb9 Merge pull request #7521 from hashicorp/jbardin/GH-7509
Revert #7464 and allow an empty state
2016-07-07 17:00:08 -04:00
David Tolnay a86d766bd2 provider/aws: internetgateway timing tweaks (again) (#7447)
This workaround is originally from 71b30c633f.
According to the commit message from Mitchell Hashimoto:

    So I think the AWS API is just broken here. In the case that the state
    doesn't update, just assume it did after 5 seconds.

Based on my experience, this AWS API is still broken in the same way.

The timeout was later increased from 5 seconds to 10 seconds in
265cc4fffa.

The timeout (but not the timer) was removed inexplicably in GH-1325.

The symptom is this error from `terraform apply`:

    aws_internet_gateway.test: Error waiting for internet gateway (igw-553b4731) to attach: timeout while waiting for state to become '[available]'

followed by all subsequent `terraform apply` commands failing with this error:

    aws_internet_gateway.test: Resource.AlreadyAssociated: resource igw-553b4731 is already attached to network vpc-61bc7606
2016-07-07 15:45:28 -05:00
David Tolnay 2943a1c978 Retry creation of IAM role depending on new IAM user (#7324) 2016-07-07 15:24:17 -05:00
James Bardin 2c27dd41bf Fix panic when there is no remote state
- Check for an empty state. If nothing is referenced from that state in
  the config, there's nothing to do here.
2016-07-07 16:20:35 -04:00
Clint 17931c7099 Merge pull request #7511 from hashicorp/pr-7319
provider/aws: AWS prefix lists to enable security group egress to a VPC Endpoint (supersedes #7319)
2016-07-07 12:10:10 -05:00
clint shryock 1d488bdbd2 provider/aws: Do an extra lookup for the VPC Endpoint Prefix, to test Prefix 2016-07-06 09:20:39 -05:00
David Tolnay 4ba75bd54e Retry finding route after creating it (#7463)
The symptom is that a route "fails" to create, then every subsequent
`terraform apply` fails with RouteAlreadyExists.

CreateRoute was succeeding but the very next DescribeRouteTables
was not listing the new route.
2016-07-05 15:04:09 -05:00
Paul Stack d60594695f provider/aws: `aws_customer_gateway` refreshing from state on deleted (#7482)
state

Fixes #7136
2016-07-05 16:34:06 +01:00
Paul Stack 58c324676d provider/aws: Add support for `encryption` and `kms_key_id` to `aws_ami` (#7181)
This fixes #7157. It doesn't change the way aws_ami works

```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSAMICopy'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSAMICopy
-timeout 120m
=== RUN   TestAccAWSAMICopy
--- PASS: TestAccAWSAMICopy (479.75s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    479.769s
```
2016-07-05 09:50:48 -05:00
Paul Stack 06ff7bfcfe provider/aws: Remove EFS File System from State when NotFound (#7437)
Fixes #7433

When an EFS File System is created via Terraform, Deleted from the AWS
console, then Terraform would give us as error as:

```
* aws_efs_file_system.file_system: FileSystemNotFound: File system
 'fs-9d739e54' does not exist.
        status code: 404, request id:
        d505a682-3ec7-11e6-81d3-1d41202f0881
```

On a 404, we now remove the EFS File System from state so that Terraform
can recreate it as expected
2016-07-05 13:56:05 +01:00
James Nugent 730d59734f Merge pull request #7338 from hashicorp/import-aws-dbpg
provider/aws: Support Import for `aws_db_parameter_group`
2016-07-05 13:51:51 +01:00
Radek Simko 120d7c4f2e provider/aws: Only allow max. 1 health_check block for ELB 2016-07-05 10:56:17 +01:00
Eric Rutherford 32051156c7 adding states that should be considered as deleted for vpc peering (#7466) 2016-07-03 16:58:19 +01:00
David Harris c744bb6fa8 provider/aws: import Elastic Beanstalk Application and Environment (#7444) 2016-07-03 16:42:12 +01:00
Joe Topjian 480542d2ab provider/openstack: Support Import openstack_compute_keypair_v2 (#7346) 2016-07-03 16:39:20 +01:00
Joe Topjian 713c0daa52 provider/openstack: Support Import openstack_compute_floatingip_v2 (#7348) 2016-07-03 16:38:38 +01:00
Joe Topjian 0466520626 provider/openstack: Support Import openstack_compute_servergroup_v2 (#7349) 2016-07-03 16:38:21 +01:00
Joe Topjian c1e4d297f3 provider/openstack: Support Import openstack_compute_secgroup_v2 (#7350) 2016-07-03 16:37:58 +01:00
Joe Topjian 8d8becdfdb provider/openstack: Support Import of OpenStack FWaaS Resources (#7471) 2016-07-03 16:37:35 +01:00
Paul Stack 421bda23b0 provider/azurerm: `azurerm_virtual_machine` panic at UnattendConfig (#7453)
Guarding against `invalid memory address` in AdditionalUnattendConfig

```
make testacc TEST=./builtin/providers/azurerm TESTARGS='-run=TestAccAzureRMVirtualMachine_windowsUnattendedConfig'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/azurerm -v
-run=TestAccAzureRMVirtualMachine_windowsUnattendedConfig -timeout 120m
=== RUN   TestAccAzureRMVirtualMachine_windowsUnattendedConfig
--- PASS: TestAccAzureRMVirtualMachine_windowsUnattendedConfig (943.28s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/azurerm
943.299s
```
2016-07-03 11:31:35 +01:00
Joe Topjian b5ca75f165 Merge pull request #7468 from jtopjian/openstack-secgroup-eof
provider/openstack: Fix Security Group EOF Error
2016-07-02 11:50:32 -06:00
Joe Topjian bc6be73c1d provider/openstack: Fix Security Group EOF Error
When applying or removing 2+ security groups from an instance, an EOF
error will be triggered even though the action was successful. This
patch accounts for and ignores the EOF error. It also adds a test
case.

Security Group and Port documentation are also updated in this
commit.
2016-07-02 14:18:04 +00:00
Paul Stack c965d9bea4 provider/azurerm: Add `azurerm_virtual_machine` Acceptance Test for (#7456)
`storage_data_disk`

```
make testacc TEST=./builtin/providers/azurerm TESTARGS='-run=TestAccAzureRMVirtualMachine_withDataDisk'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /vendor/)
2016/07/01 15:47:13 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/azurerm -v
-run=TestAccAzureRMVirtualMachine_withDataDisk -timeout 120m
=== RUN   TestAccAzureRMVirtualMachine_withDataDisk
--- PASS: TestAccAzureRMVirtualMachine_withDataDisk (575.39s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/azurerm
```
2016-07-02 07:55:36 +01:00
Joe Topjian de99379a87 Merge pull request #7422 from jtopjian/openstack-lbpoolmember-deprecated
provider/openstack: Deprecate openstack_lb_pool_v1 member attribute
2016-07-01 20:37:23 -06:00
David Tolnay be7162747f Remove unused variables 2016-07-01 13:37:48 -07:00
Paul Hinze 3b732131d2 Merge pull request #7446 from hashicorp/b-jit-resource-validate
core: rerun resource validation before plan and apply
2016-07-01 15:00:40 -05:00
Paul Hinze afccf62e3e Merge pull request #7459 from hashicorp/r-resource-unit-test
helper/resource: Consolidate unit test override
2016-07-01 13:23:13 -05:00
Paul Hinze 4a1b36ac0d
core: rerun resource validation before plan and apply
In #7170 we found two scenarios where the type checking done during the
`context.Validate()` graph walk was circumvented, and the subsequent
assumption of type safety in the provider's `Diff()` implementation
caused panics.

Both scenarios have to do with interpolations that reference Computed
values. The sentinel we use to indicate that a value is Computed does
not carry any type information with it yet.

That means that an incorrect reference to a list or a map in a string
attribute can "sneak through" validation only to crop up...

 1. ...during Plan for Data Source References
 2. ...during Apply for Resource references

In order to address this, we:

 * add high-level tests for each of these two scenarios in `provider/test`
 * add context-level tests for the same two scenarios in `terraform`
   (these tests proved _really_ tricky to write!)
 * place an `EvalValidateResource` just before `EvalDiff` and `EvalApply` to
   catch these errors
 * add some plumbing to `Plan()` and `Apply()` to return validation
   errors, which were previously only generated during `Validate()`
 * wrap unit-tests around `EvalValidateResource`
 * add an `IgnoreWarnings` option to `EvalValidateResource` to prevent
   active warnings from halting execution on the second-pass validation

Eventually, we might be able to attach type information to Computed
values, which would allow for these errors to be caught earlier. For
now, this solution keeps us safe from panics and raises the proper
errors to the user.

Fixes #7170
2016-07-01 13:12:57 -05:00
Paul Hinze 5656d7388c
helper/resource: Consolidate unit test override
I noticed we had two mechanisms for unit test override. One that dropped
a sentinel into the env var, and another with a struct member on
TestCase. This consolidates the two, using the cleaner struct member
internal mechanism and the nicer `resource.UnitTest()` entry point.
2016-07-01 13:08:43 -05:00
Clint 98fd603bdf provider/atlas: Add a Atlas Artifact Data Source (#7419)
* small doc update

* provider/atlas: Add docs for Artifact Data Source

* provider/atlas: Remove a test method that isn't used

* provider/atlas: Add Data Source for Atlas Artifact

* provider/atlas: Show deprecation error on atlas_artifact resource
2016-07-01 10:29:53 -05:00
clint shryock c4fa91b176 Merge branch 'pr-5939'
* pr-5939:
  Update acc tests
  provider/aws: Allow `aws_redshift_security_group` ingress rules to change
2016-07-01 10:15:29 -05:00
clint shryock 1d1cc9b572 Update acc tests 2016-07-01 10:14:18 -05:00
Clint 6367bade03 Merge pull request #6851 from TeaBough/master
provider/aws: Handled case when instanceId is absent in network interfaces
2016-07-01 09:42:35 -05:00
Paul Stack 7f948f0ca7 provider/azurerm: `azurerm_dns_zone` now returns `name_servers` (#7434)
Fixes #7374

The introduction of the AzureRM SDK 3.0.0-beta means that the
`name_servers` for the DNS Zone are returned from the API

This PR has a dependency on #7420 being merged first

```
make testacc TEST=./builtin/providers/azurerm TESTARGS='-run=TestAccAzureRMDnsZone_'
==> Checking that code complies with gofmt requirements...
/Users/stacko/Code/go/bin/stringer
go generate $(go list ./... | grep -v /vendor/)
2016/06/30 15:20:01 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/azurerm -v
-run=TestAccAzureRMDnsZone_ -timeout 120m
=== RUN   TestAccAzureRMDnsZone_basic
--- PASS: TestAccAzureRMDnsZone_basic (92.42s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/azurerm
92.444s
```
2016-07-01 10:26:01 +01:00
Paul Stack 54c0022d38 Revert "provider/aws: Read Elastic Beanstalk stack name" (#7452) 2016-07-01 10:03:31 +01:00
David Harris a347b1795f provider/aws: Read Elastic Beanstalk stack name (#7445) 2016-07-01 09:34:28 +01:00
stevehorsfield 03c2c4408f Add support for 'prefix_list_ids' to AWS VPC security group rules
Prefix list IDs are used when allowing egress to an AWS VPC Endpoint.

See http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/vpc-endpoints.html#vpc-endpoints-routing
2016-06-30 15:48:27 -07:00
stevehorsfield db5f450a3e Add 'prefix_list_id' exported attribute to AWS VPC Endpoint
'prefix_list_id' can be used in egress rules in VPC security groups.
2016-06-30 15:47:53 -07:00
stevehorsfield 29623f871b Split TestAccAWSSecurityGroup_DefaultEgress into VPC/Classic
This test function tests both VPC and Classic EC2 modes, but not
all accounts have support for both. Splitting them makes it
easier to understand why a test fails when an account only
supports the VPC mode.
2016-06-30 15:47:53 -07:00
Clint 14fa3a88fd provider/aws: Added support for redshift destination to firehose delivery streams (supersedes #5304) (#7375)
* Added support for redshift destination to firehose delivery streams

* Small documentation fix

* go fmt after rebase

* small fixes after rebase

* provider/aws: Firehose test cleanups

* provider/aws: Update docs

* Convert Redshift and S3 blocks to TypeList

* provider/aws: Add migration for S3 Configuration in Kinesis firehose

* providers/aws: Safety first when building Redshift config options

* restore commented out log statements in the migration

* provider/aws: use MaxItems in schema
2016-06-30 15:03:31 -05:00
Clint 2ba1b0fb01 provider/aws: Populate self in Security Group Rule imports (#7164)
* provider/aws: Populate self in Security Group Rule imports

* provider/aws: Add regression test for SG Rule import
2016-06-30 15:01:38 -05:00
Paul Stack 079e1f9a56 provider/azurerm: Bump azure-sdk-for-go to 3.0.0-beta (#7420)
provider/azurerm: Bump azure-sdk-for-go to 3.0.0-beta
2016-06-30 15:36:08 +01:00
Radek Simko b54481909b Merge pull request #7428 from TimeIncOSS/f-efs-target-hostname
provider/aws: Add dns_name to aws_efs_mount_target
2016-06-30 12:40:48 +01:00
Radek Simko 32019fa008 provider/aws: Add dns_name to aws_efs_mount_target 2016-06-30 11:24:18 +01:00
Joe Topjian 4ca5c948b6 provider/openstack: Deprecate openstack_lb_pool_v1 member attribute
This commit marks the "member" attribute of the
openstack_lb_pool_v1 resource as being deprecated. Users should begin
migrating to the openstack_lb_member_v1 resource.
2016-06-30 02:12:15 +00:00
Clint dd0850af59 provider/aws: Add inplace edit/update DB Security Group Rule Ingress (#7245) 2016-06-29 15:55:58 -05:00
Eloy Coto ab390359be Vsphere: Added uuid attributes (#4382) 2016-06-29 21:45:59 +01:00
Paul Stack e905aa2840 provider/digitalocean: Support Import `digitalocean_droplet` (#7344)
```
ake testacc TEST=./builtin/providers/digitalocean
TESTARGS='-run=TestAccDigitalOceanDroplet_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/digitalocean -v -run=TestAccDigitalOceanDroplet_ -timeout 120m
=== RUN   TestAccDigitalOceanDroplet_importBasic
--- PASS: TestAccDigitalOceanDroplet_importBasic (39.42s)
=== RUN   TestAccDigitalOceanDroplet_Basic
--- PASS: TestAccDigitalOceanDroplet_Basic (38.46s)
=== RUN   TestAccDigitalOceanDroplet_Update
--- PASS: TestAccDigitalOceanDroplet_Update (244.82s)
=== RUN   TestAccDigitalOceanDroplet_UpdateUserData
--- PASS: TestAccDigitalOceanDroplet_UpdateUserData (73.05s)
=== RUN   TestAccDigitalOceanDroplet_PrivateNetworkingIpv6
--- PASS: TestAccDigitalOceanDroplet_PrivateNetworkingIpv6 (67.24s)
PASS
```
2016-06-29 20:28:47 +01:00
dkalleg ab92fa4dff Refreshing devices list after adding a disk or cdrom controller (#7167)
Also taking out an unnecessary ForceNew on controller_type as well
as correcting a reference to controller_type in Update case.
2016-06-29 19:47:56 +01:00