Commit Graph

10603 Commits

Author SHA1 Message Date
Joe Topjian b53c74a9ae Merge pull request #6279 from ZZelle/support-client-cert
provider/openstack: Support client certificates
2016-05-14 20:44:57 -05:00
Martin Atkins 453fc505f4 core: Tolerate missing resource variables during input walk
Provider nodes interpolate their config during the input walk, but this
is very early and so it's pretty likely that any resources referenced are
entirely absent from the state.

As a special case then, we tolerate the normally-fatal case of having
an entirely missing resource variable so that the input walk can complete,
albeit skipping the providers that have such interpolations.

If these interpolations end up still being unresolved during refresh
(e.g. because the config references a resource that hasn't been created
yet) then we will catch that error on the refresh pass, or indeed on the
plan pass if -refresh=false is used.
2016-05-14 09:25:03 -07:00
Martin Atkins f95dccf1b3 provider/null: null_data_source data source
A companion to the null_resource resource, this is here primarily to
enable manual quick testing of data sources workflows without depending
on any external services.

The "inputs" map gets copied to the computed "outputs" map on read,
"rand" gives a random number to exercise cases with constantly-changing
values (an anti-pattern!), and "has_computed_default" is settable in
config but computed if not set.
2016-05-14 08:26:37 -07:00
Martin Atkins 2ca10ad962 command: Show data source reads differently in plans
Internally a data source read is represented as a creation diff for the
resource, but in the UI we'll show it as a distinct icon and color so that
the user can more easily understand that these operations won't affect
any real infrastructure.

Unfortunately by the time we get to formatting the plan in the UI we
only have the resource names to work with, and can't get at the original
resource mode. Thus we're forced to infer the resource mode by exploiting
knowledge of the naming scheme.
2016-05-14 08:26:37 -07:00
Martin Atkins bfee4b0295 command: don't show old values for create diffs in plan
New resources logically don't have "old values" for their attributes, so
showing them as updates from the empty string is misleading and confusing.

Instead, we'll skip showing the old value in a creation diff.
2016-05-14 08:26:37 -07:00
Martin Atkins 5d27a5b3e2 command: Show id only when refreshing managed resources
Data resources don't have ids when they refresh, so we'll skip showing the
"(ID: ...)"  indicator for these. Showing it with no id makes it look
like something is broken.
2016-05-14 08:26:37 -07:00
Martin Atkins 60c24e3319 command: Prevent data resources from being tainted
Since the data resource lifecycle contains no steps to deal with tainted
instances, we must make sure that they never get created.

Doing this out in the command layer is not the best, but this is currently
the only layer that has enough information to make this decision and so
this simple solution was preferred over a more disruptive refactoring,
under the assumption that this taint functionality eventually gets
reworked in terms of StateFilter anyway.
2016-05-14 08:26:37 -07:00
Martin Atkins 61ab8bf39a core: ResourceAddress supports data resources
The ResourceAddress struct grows a new "Mode" field to match with
Resource, and its parser learns to recognize the "data." prefix so it
can set that field.

Allows -target to be applied to data sources, although that is arguably
not a very useful thing to do. Other future uses of resource addressing,
like the state plumbing commands, may be better uses of this.
2016-05-14 08:26:36 -07:00
Martin Atkins afc7ec5ac0 core: Destroy data resources with "terraform destroy"
Previously they would get left behind in the state because we had no
support for planning their destruction. Now we'll create a "destroy" plan
and act on it by just producing an empty state on apply, thus ensuring
that the data resources don't get left behind in the state after
everything else is gone.
2016-05-14 08:26:36 -07:00
Martin Atkins 4d50f22a23 core: separate lifecycle for data resource "orphans"
The handling of data "orphans" is simpler than for managed resources
because the only thing we need to deal with is our own state, and the
validation pass guarantees that by the time we get to refresh or apply
the instance state is no longer needed by any other resources and so
we can safely drop it with no fanfare.
2016-05-14 08:26:36 -07:00
Martin Atkins 36054470e4 core: lifecycle for data resources
This implements the main behavior of data resources, including both the
early read in cases where the configuration is non-computed and the split
plan/apply read for cases where full configuration can't be known until
apply time.
2016-05-14 08:26:36 -07:00
Martin Atkins 1da560b653 core: Separate resource lifecycle for data vs. managed resources
The key difference between data and managed resources is in their
respective lifecycles. Now the expanded resource EvalTree switches on
the resource mode, generating a different lifecycle for each mode.

For this initial change only managed resources are implemented, using the
same implementation as before; data resources are no-ops. The data
resource implementation will follow in a subsequent change.
2016-05-14 08:26:36 -07:00
Martin Atkins c1315b3f09 core: EvalValidate calls appropriate validator for resource mode
data resources are a separate namespace of resources than managed
resources, so we need to call a different provider method depending on
what mode of resource we're visiting.

Managed resources use ValidateResource, while data resources use
ValidateDataSource, since at the provider level of abstraction each
provider has separate sets of resources and data sources respectively.
2016-05-14 08:26:36 -07:00
Martin Atkins 844e1abdd3 core: ResourceStateKey understands resource modes
Once a data resource gets into the state, the state system needs to be
able to parse its id to match it with resources in the configuration.
Since data resources live in a separate namespace than managed resources,
the extra "mode" discriminator is required to specify which namespace
we're talking about, just like we do in the resource configuration.
2016-05-14 08:26:36 -07:00
Martin Atkins 64f2651204 website: Initial documentation about data sources
This will undoubtedly evolve as implementation continues, but this is some
initial documentation based on the design doc.
2016-05-14 08:26:36 -07:00
Martin Atkins 6cd22a4c9a helper/schema: emit warning when using data source resource shim
For backward compatibility we will continue to support using the data
sources that were formerly logical resources as resources for the moment,
but we want to warn the user about it since this support is likely to
be removed in future.

This is done by adding a new "deprecation message" feature to
schema.Resource, but for the moment this is done as an internal feature
(not usable directly by plugins) so that we can collect additional
use-cases and design a more general interface before creating a
compatibility constraint.
2016-05-14 08:26:36 -07:00
Martin Atkins 3eb4a89104 provider/terraform: remote state resource becomes a data source
As a first example of a real-world data source, the pre-existing
terraform_remote_state resource is adapted to be a data source. The
original resource is shimmed to wrap the data source for backward
compatibility.
2016-05-14 08:26:36 -07:00
Martin Atkins fb262d0dbe helper/schema: shim for making data sources act like resources
Historically we've had some "read-only" and "logical" resources. With the
addition of the data source concept these will gradually become data
sources, but we need to retain backward compatibility with existing
configurations that use the now-deprecated resources.

This shim is intended to allow us to easily create a resource from a
data source implementation. It adjusts the schema as needed and adds
stub Create and Delete implementations.

This would ideally also produce a deprecation warning whenever such a
shimmed resource is used, but the schema system doesn't currently have
a mechanism for resource-specific validation, so that remains just a TODO
for the moment.
2016-05-14 08:26:36 -07:00
Martin Atkins 6a468dcd83 helper/schema: Resource can be writable or not
In the "schema" layer a Resource is just any "thing" that has a schema
and supports some or all of the CRUD operations. Data sources introduce
a new use of Resource to represent read-only resources, which require
some different InternalValidate logic.
2016-05-14 08:26:36 -07:00
Martin Atkins 0e0e3d73af core: New ResourceProvider methods for data resources
This is a breaking change to the ResourceProvider interface that adds the
new operations relating to data sources.

DataSources, ValidateDataSource, ReadDataDiff and ReadDataApply are the
data source equivalents of Resources, Validate, Diff and Apply (respectively)
for managed resources.

The diff/apply model seems at first glance a rather strange workflow for
read-only resources, but implementing data resources in this way allows them
to fit cleanly into the standard plan/apply lifecycle in cases where the
configuration contains computed arguments and thus the read must be deferred
until apply time.

Along with breaking the interface, we also fix up the plugin client/server
and helper/schema implementations of it, which are all of the callers
used when provider plugins use helper/schema. This would be a breaking
change for any provider plugin that directly implements the provider
interface, but no known plugins do this and it is not recommended.

At the helper/schema layer the implementer sees ReadDataApply as a "Read",
as opposed to "Create" or "Update" as in the managed resource Apply
implementation. The planning mechanics are handled entirely within
helper/schema, so that complexity is hidden from the provider implementation
itself.
2016-05-14 08:26:36 -07:00
Martin Atkins 718cdda77b config: Parsing of data.TYPE.NAME.FIELD variables
This allows ${data.TYPE.NAME.FIELD} interpolation syntax at the
configuration level, though since there is no special handling of them
in the core package this currently just acts as an alias for
${TYPE.NAME.FIELD}.
2016-05-14 08:26:35 -07:00
Martin Atkins 860140074f config: Data source loading
This allows the config loader to read "data" blocks from the config and
turn them into DataSource objects.

This just reads the data from the config file. It doesn't validate the
data nor do anything useful with it.
2016-05-14 08:26:35 -07:00
Martin Atkins fc4fa10981 config: "ResourceMode" concept for resources
Previously resources were assumed to always support the full set of
create, read, update and delete operations, and Terraform's resource
management lifecycle.

Data sources introduce a new kind of resource that only supports the
"read" operation. To support this, a new "Mode" field is added to
the Resource concept within the config layer, which can be set to
ManagedResourceMode (to indicate the only mode previously possible) or
DataResourceMode (to indicate that only "read" is supported).

To support both managed and data resources in the tests, the
stringification of resources in config_string.go is adjusted slightly
to use the Id() method rather than the unusual type[name] serialization
from before, causing a simple mechanical adjustment to the loader tests'
expected result strings.
2016-05-14 08:26:35 -07:00
James Nugent f331240601 Merge pull request #6574 from uber/b-gcp-acc-test-env
provider/google: correct error messages in acceptance tests
2016-05-13 17:29:56 -04:00
James Nugent 80d3c5bb63 Merge pull request #6666 from markpeek/markpeek-govmomi-0.6.2
vendor: Update dependency vmware/govmomi to v0.6.2
2016-05-13 17:23:52 -04:00
Mark Peek bc9d53e5f9 vendor: Update dependency vmware/govmomi to v0.6.2 2016-05-13 10:07:09 -07:00
Clint 48722f6a5e Update CHANGELOG.md 2016-05-13 11:20:48 -05:00
Paul Stack cf37c3adaa provider/aws: Add support for `kms_key_id` to `aws_db_instance` (#6651)
As requested in #4822, add support for a KMS Key ID (ARN) for Db
Instance

```
make testacc TEST=./builtin/providers/aws
TESTARGS='-run=TestAccAWSDBInstance_kmsKey' 2>~/tf.log
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /vendor/)
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDBInstance_kmsKey -timeout 120m
=== RUN   TestAccAWSDBInstance_basic
--- PASS: TestAccAWSDBInstance_basic (587.37s)
=== RUN   TestAccAWSDBInstance_kmsKey
--- PASS: TestAccAWSDBInstance_kmsKey (625.31s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    1212.684s
```
2016-05-13 11:20:29 -05:00
clint shryock 2047da21d5 provider/aws: Update hash in Redshift Security Group test 2016-05-13 10:52:21 -05:00
thetuxkeeper 279eead08e disable unsupported customization parameters (#6656) 2016-05-13 15:56:15 +01:00
thetuxkeeper 390b0d5ab9 provider/vsphere: govmomi v0.6.1 update and fixes (#6479)
* vendor: Update dependency vmware/govmomi

* fixed data types

* fixed RemoveDevice

* fixed CreateDisk usage
2016-05-13 15:27:45 +01:00
Paul Stack c07f1ff0c6 Update CHANGELOG.md 2016-05-13 11:31:22 +01:00
David Harris 0cb7496b3a provider/aws: fix Elastic Beanstalk `cname_prefix` (#6653)
Fixes an issue where the `cname_prefix` attribute isn't correctly read
in some regions.
2016-05-13 11:27:56 +01:00
Joseph Anthony Pasquale Holsten 2bca697a12 Merge pull request #6650 from josephholsten/atlas-timeout-errmsg
master: atlas: update test err msg to reflect real timeout
2016-05-12 20:18:57 -05:00
Martin Atkins fecacb5e10 website: fix navbar typo on azurerm_sql_firewall_rule 2016-05-12 18:08:18 -07:00
Martin Atkins e414a7c444 Update CHANGELOG.md 2016-05-12 16:54:11 -07:00
Martin Atkins 44deec3097 Merge #6649: OpsWorks app_source SSH key is write-only 2016-05-12 16:52:34 -07:00
Dave Cunningham 758c8f1e22 Fix address docs in gce instance (#6639)
@evandbrown @lwander
2016-05-13 00:51:20 +01:00
Anton Koldaev 266e98eb30 Make the OpsWorks app_source SSH key write only
Similarly to https://github.com/hashicorp/terraform/pull/4241 prevent ssh_key in OpsWorks application app_source key from re-applying every time.
2016-05-12 16:35:25 -07:00
Joseph Anthony Pasquale Holsten 546fb94265 atlas: update test err msg to reflect real timeout 2016-05-12 15:30:17 -07:00
stack72 fdf1962905 Merge branch 'aws-rds-cluster-param-group' of https://github.com/wowgroup/terraform into wowgroup-aws-rds-cluster-param-group 2016-05-12 23:27:20 +01:00
clint shryock f70f778a5a provider/aws: Randomize DB Option Group Name to avoid name conflicts in Travis CI 2016-05-12 11:15:36 -05:00
clint shryock baed5dda36 provider/aws: Remove empty config in test 2016-05-12 09:34:16 -05:00
Paul Stack 5a2f106043 Update CHANGELOG.md 2016-05-12 13:57:05 +01:00
thetuxkeeper 510b2934f0 fix gateway for dhcp (#6635) 2016-05-12 13:54:29 +01:00
Paul Stack 6eb75cc0e4 Update CHANGELOG.md 2016-05-12 13:51:50 +01:00
Paul Stack 61b5176fbe provider/aws: Updating state when `aws_sns_topic_subscription` is (#6629)
missing

Fixes #6625

When an SNS topic subscription was created with TF and then removed via
the AWS Console, Terraform threw an error:

```
* aws_sns_topic_subscription.testme: NotFound: Subscription does not
* exist
    status code: 404, request id: a22e7ed7-3630-5a8a-b767-317ac1440e24
```

This PR will remove the topic subscription from state on a NotFound and
will then readd the subscripton
2016-05-12 13:46:22 +01:00
Paul Stack 8229cdbc71 Update CHANGELOG.md 2016-05-11 23:29:50 +01:00
clint shryock 5a06b603bd provider/fastly: Add support for Service Request Settings 2016-05-11 16:56:18 -05:00
Evan Brown 55742acf12 providers/google: support optionial uuid naming for Instance Template (#6604)
Auto-generating an Instance Template name (or just its suffix) allows the
create_before_destroy lifecycle option to function correctly on the
Instance Template resource. This in turn allows Instance Group Managers
to be updated without being destroyed.
2016-05-11 22:54:47 +01:00