Commit Graph

114 Commits

Author SHA1 Message Date
Martin Atkins 60c24e3319 command: Prevent data resources from being tainted
Since the data resource lifecycle contains no steps to deal with tainted
instances, we must make sure that they never get created.

Doing this out in the command layer is not the best, but this is currently
the only layer that has enough information to make this decision and so
this simple solution was preferred over a more disruptive refactoring,
under the assumption that this taint functionality eventually gets
reworked in terms of StateFilter anyway.
2016-05-14 08:26:37 -07:00
Martin Atkins 718cdda77b config: Parsing of data.TYPE.NAME.FIELD variables
This allows ${data.TYPE.NAME.FIELD} interpolation syntax at the
configuration level, though since there is no special handling of them
in the core package this currently just acts as an alias for
${TYPE.NAME.FIELD}.
2016-05-14 08:26:35 -07:00
Martin Atkins fc4fa10981 config: "ResourceMode" concept for resources
Previously resources were assumed to always support the full set of
create, read, update and delete operations, and Terraform's resource
management lifecycle.

Data sources introduce a new kind of resource that only supports the
"read" operation. To support this, a new "Mode" field is added to
the Resource concept within the config layer, which can be set to
ManagedResourceMode (to indicate the only mode previously possible) or
DataResourceMode (to indicate that only "read" is supported).

To support both managed and data resources in the tests, the
stringification of resources in config_string.go is adjusted slightly
to use the Id() method rather than the unusual type[name] serialization
from before, causing a simple mechanical adjustment to the loader tests'
expected result strings.
2016-05-14 08:26:35 -07:00
James Nugent f49583d25a core: support native list variables in config
This commit adds support for native list variables and outputs, building
up on the previous change to state. Interpolation functions now return
native lists in preference to StringList.

List variables are defined like this:

variable "test" {
    # This can also be inferred
    type = "list"
    default = ["Hello", "World"]
}

output "test_out" {
    value = "${var.a_list}"
}
This results in the following state:

```
...
            "outputs": {
                "test_out": [
                    "hello",
                    "world"
                ]
            },
...
```

And the result of terraform output is as follows:

```
$ terraform output
test_out = [
  hello
  world
]
```

Using the output name, an xargs-friendly representation is output:

```
$ terraform output test_out
hello
world
```

The output command also supports indexing into the list (with
appropriate range checking and no wrapping):

```
$ terraform output test_out 1
world
```

Along with maps, list outputs from one module may be passed as variables
into another, removing the need for the `join(",", var.list_as_string)`
and `split(",", var.list_as_string)` which was previously necessary in
Terraform configuration.

This commit also updates the tests and implementations of built-in
interpolation functions to take and return native lists where
appropriate.

A backwards compatibility note: previously the concat interpolation
function was capable of concatenating either strings or lists. The
strings use case was deprectated a long time ago but still remained.
Because we cannot return `ast.TypeAny` from an interpolation function,
this use case is no longer supported for strings - `concat` is only
capable of concatenating lists. This should not be a huge issue - the
type checker picks up incorrect parameters, and the native HIL string
concatenation - or the `join` function - can be used to replicate the
missing behaviour.
2016-05-10 14:49:14 -04:00
James Nugent e57a399d71 core: Use native HIL maps instead of flatmaps
This changes the representation of maps in the interpolator from the
dotted flatmap form of a string variable named "var.variablename.key"
per map element to use native HIL maps instead.

This involves porting some of the interpolation functions in order to
keep the tests green, and adding support for map outputs.

There is one backwards incompatibility: as a result of an implementation
detail of maps, one could access an indexed map variable using the
syntax "${var.variablename.key}".

This is no longer possible - instead HIL native syntax -
"${var.variablename["key"]}" must be used. This was previously
documented, (though not heavily used) so it must be noted as a backward
compatibility issue for Terraform 0.7.
2016-05-10 14:49:13 -04:00
James Nugent b62f6af158 core: Add support for marking outputs as sensitive (#6559)
* core: Add support for marking outputs as sensitive

This commit allows an output to be marked "sensitive", in which case the
value is redacted in the post-refresh and post-apply list of outputs.

For example, the configuration:

```
variable "input" {
    default = "Hello world"
}

output "notsensitive" {
    value = "${var.input}"
}

output "sensitive" {
    sensitive = true
    value = "${var.input}"
}
```

Would result in the output:

```
terraform apply

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

  notsensitive = Hello world
  sensitive    = <sensitive>
```

The `terraform output` command continues to display the value as before.

Limitations: Note that sensitivity is not tracked internally, so if the
output is interpolated in another module into a resource, the value will
be displayed. The value is still present in the state.
2016-05-09 15:46:07 -04:00
James Nugent a0cc7115b3 deps: Update call sites of hil.Eval from update
hil.Eval() now returns (hil.EvaluationResult, error) instead of (value,
type, error). This commit updates the call sites, but retains all
previous behaviour. Tests are also updated.
2016-04-18 16:37:12 -07:00
James Nugent d7d39702c0 Type check variables between modules (#6185)
These tests demonstrates a problem where the types to a module input are 
not checked. For example, if a module - inner - defines a variable
"should_be_a_map" as a map, or with a default variable of map, we do not
fail if the user sets the variable value in the outer module to a string
value. This is also a problem in nested modules.

The implementation changes add a type checking step into the graph
evaluation process to ensure invalid types are not passed.
2016-04-15 12:07:54 -07:00
Paul Hinze 3f72837f4b core: Make copies when creating destroy nodes
Fixes an interpolation race that was occurring when a tainted destroy
node and a primary destroy node both tried to interpolate a computed
count in their config. Since they were sharing a pointer to the _same_
config, depending on how the race played out one of them could catch the
config uninterpolated and would then throw a syntax error.

The `Copy()` tree implemented for this fix can probably be used
elsewhere - basically we should copy the config whenever we drop nodes
into the graph - but for now I'm just applying it to the place that
fixes this bug.

Fixes #4982 - Includes a test covering that race condition.
2016-02-09 09:25:16 -06:00
Mitchell Hashimoto 5f3de02fa9 remove config/lang, use hashicorp/hil 2016-02-03 13:24:04 -05:00
James Nugent 3bdd1ac8b3 core: Display invalid type in error message
If a variable type which is invalid (e.g. "stringg") is declared, we now
include the invalid type description in the error message to make it
easier to track down the source of the error in the source file.
2016-01-25 10:21:12 -06:00
James Nugent cb6cb8b96a core: Support explicit variable type declaration
This commit adds support for declaring variable types in Terraform
configuration. Historically, the type has been inferred from the default
value, defaulting to string if no default was supplied. This has caused
users to devise workarounds if they wanted to declare a map but provide
values from a .tfvars file (for example).

The new syntax adds the "type" key to variable blocks:

```
variable "i_am_a_string" {
    type = "string"
}

variable "i_am_a_map" {
    type = "map"
}
```

This commit does _not_ extend the type system to include bools, integers
or floats - the only two types available are maps and strings.

Validation is performed if a default value is provided in order to
ensure that the default value type matches the declared type.

In the case that a type is not declared, the old logic is used for
determining the type. This allows backwards compatiblity with previous
Terraform configuration.
2016-01-24 11:40:02 -06:00
Paul Hinze 87a9701f91 config: validation error when output is missing value field
Also lists out invalid keys in errmsg when they are present

Closes #4398
2016-01-20 14:00:36 -06:00
Rob Zienert a1939e70f7 Adding ignore_changes lifecycle meta property 2015-10-14 16:34:27 -05:00
Sander van Harmelen 2ba8dc38fa Switch to go-multierror
It seems there are 4 locations left that use the `helper/multierror`
package, where the rest is TF settled on the `hashicorp/go-multierror`
package.

Functionally this doesn’t change anything, so I suggest to delete the
builtin version as it can only cause confusion (both packages have the
same name, but are still different types according to Go’s type system.
2015-09-27 18:58:48 -07:00
Mitchell Hashimoto 29eadb8194 terraform: missing provider should add missing aliases [GH-2023] 2015-06-24 20:58:52 -07:00
Mitchell Hashimoto aa1e66c16c config: parse lifecycle block with mapstructure for weak decode 2015-06-07 22:04:23 -07:00
Mitchell Hashimoto 1099e3f59f config: add module raw configs to InterpolatedConfigs [GH-1448] 2015-04-29 17:12:28 -07:00
Mitchell Hashimoto cca4964552 config: error in validation if module has self variable 2015-04-22 10:39:07 +02:00
Mitchell Hashimoto d0a6d78b97 config: test that resources reference good providers 2015-04-20 14:47:31 -07:00
Mitchell Hashimoto a599d5f224 config: validate that a multi provider is only configured once each 2015-04-20 14:25:33 -07:00
Matt Good 21b0a03d70 Support for multiple providers of the same type
Adds an "alias" field to the provider which allows creating multiple instances
of a provider under different names. This provides support for configurations
such as multiple AWS providers for different regions. In each resource, the
provider can be set with the "provider" field.

(thanks to Cisco Cloud for their support)
2015-04-20 14:14:34 -07:00
Paul Hinze afe4abb637 core: add prevent_destroy lifecycle flag
When the `prevent_destroy` flag is set on a resource, any plan that
would destroy that resource instead returns an error. This has the
effect of preventing the resource from being unexpectedly destroyed by
Terraform until the flag is removed from the config.
2015-04-17 10:40:04 -05:00
Paul Hinze 975a96f271 core: protect against count.index in modules
Modules should get a validation error just like outputs do.

refs #1528
2015-04-15 10:41:56 -05:00
Paul Hinze 347690a73e core: don't crash when count.index is used in the wrong context
It's bad manners! :)

Also adds a validation error up at the configuration layer so the user
sees the case from #1528 as an error message.

fixes #1528
2015-04-15 10:23:53 -05:00
Mitchell Hashimoto 6514bf5f25 config: clarify unknown variable error [GH-1480] 2015-04-10 16:45:15 -07:00
Mitchell Hashimoto fdded8ca14 config: allow atlas block 2015-03-24 13:30:22 -07:00
Mitchell Hashimoto 965fe45b9e config: self var validation 2015-02-23 14:43:14 -08:00
Mitchell Hashimoto a31f2a276b Merge pull request #1015 from hashicorp/b-depends-on-var
config: depends on cannot contain interpolations [GH-985]
2015-02-23 13:49:34 -08:00
Mitchell Hashimoto c14e84a657 config: validate provisioner splats can only reference others 2015-02-20 09:21:29 -08:00
Mitchell Hashimoto 90a6a627ed config: validate configuration doens't contain splats to ourselves 2015-02-20 09:18:08 -08:00
Mitchell Hashimoto 0e7b150c5b config: depends on cannot contain interpolations [GH-985] 2015-02-20 09:07:41 -08:00
Mitchell Hashimoto 4bcf6cf6b2 config: bare splat variables should not be allowed in provisioners
[GH-636]
2015-02-17 13:32:45 -08:00
Mitchell Hashimoto a2e40ad731 config: multi-variable access in slice validation fixed [GH-798] 2015-01-15 09:40:13 -08:00
Mitchell Hashimoto 2abeb2d9ac config: use new API 2015-01-14 22:03:15 -08:00
Mitchell Hashimoto 740c25d4ea config: convert to config/lang 2015-01-13 10:27:57 -08:00
Mitchell Hashimoto 6b7dfb4c8f config: some extra comments 2014-12-26 09:05:24 +05:30
Mitchell Hashimoto d24082da1e config: validate that module variables can go to ints, convert [GH-624] 2014-12-15 22:10:16 -08:00
Mitchell Hashimoto 4cb1ea6ae1 config: allow exact multi-resource references outside slices 2014-10-11 17:20:39 -07:00
Mitchell Hashimoto 7b48924532 config: validate that multi-variables are only used in slices 2014-10-09 21:15:08 -07:00
Mitchell Hashimoto 9dd7618fce config: fix messaging for name symbols 2014-10-08 16:12:53 -07:00
Mitchell Hashimoto 67d9188a29 config: validate module names are valid 2014-10-08 16:03:22 -07:00
Mitchell Hashimoto 50e5eacc15 config: add NameRegexp 2014-10-08 15:06:04 -07:00
Mitchell Hashimoto e922b16dba Merge pull request #377 from hashicorp/f-path-var
Add ${path.X} variables for path referencing
2014-10-07 21:26:24 -07:00
Mitchell Hashimoto c1fa4c2e4b config: validate that module source can't contain interpolations 2014-10-07 20:19:32 -07:00
Mitchell Hashimoto 679ab1d515 config: parse ${path.module} 2014-10-07 18:03:11 -07:00
Mitchell Hashimoto b484ec19b6 config: validate that count vars are valid types 2014-10-02 18:24:37 -07:00
Mitchell Hashimoto bc26777963 config: count can't interpolate count variables 2014-10-02 18:22:32 -07:00
Mitchell Hashimoto dd14303022 config: validate that count is an int 2014-10-02 16:51:20 -07:00
Mitchell Hashimoto 5090678168 config: validate that only proper variables can be in the count 2014-10-02 16:30:46 -07:00