Commit Graph

25566 Commits

Author SHA1 Message Date
Martin Atkins 9333b19bd7
Update CHANGELOG.md 2020-01-10 15:32:40 -08:00
Martin Atkins ff4ea042c2 config: Allow module authors to specify validation rules for variables
The existing "type" argument allows specifying a type constraint that
allows for some basic validation, but often there are more constraints on
a variable value than just its type.

This new feature (requiring an experiment opt-in for now, while we refine
it) allows specifying arbitrary validation rules for any variable which
can then cause custom error messages to be returned when a caller provides
an inappropriate value.

    variable "example" {
      validation {
        condition = var.example != "nope"
        error_message = "Example value must not be \"nope\"."
      }
    }

The core parts of this are designed to do as little new work as possible
when no validations are specified, and thus the main new checking codepath
here can therefore only run when the experiment is enabled in order to
permit having validations.
2020-01-10 15:23:25 -08:00
Martin Atkins 02576988c1 lang: "try" and "can" functions
These are intended to make it easier to work with arbitrary data
structures whose shape might not be known statically, such as the result
of jsondecode(...) or yamldecode(...) of data from a separate system.

For example, in an object value which has attributes that may or may not
be set we can concisely provide a fallback value to use when the attribute
isn't set:

    try(local.example.foo, "fallback-foo")

Using a "try to evaluate" model rather than explicit testing fits better
with the usual programming model of the Terraform language where values
are normally automatically converted to the necessary type where possible:
the given expression is subject to all of the same normal type conversions,
which avoids inadvertently creating a more restrictive evaluation model
as might happen if this were handled using checks like a hypothetical
isobject(...) function, etc.
2020-01-10 15:23:25 -08:00
Martin Atkins 5771db6696 addrs: Fix infinite recursion in AbsInputVariableInstance.String 2020-01-10 15:23:25 -08:00
Martin Atkins b62e9a7227 vendor: go get github.com/hashicorp/hcl/v2@v2.3.0
This brings in the new HCL extension functions "try", "can", and
"convert", along with the underlying HCL and cty infrastructure that allow
them to work.
2020-01-10 15:23:25 -08:00
James Bardin 7500fa7a39
Merge pull request #23822 from hashicorp/jbardin/destroy-resource-deps
NodeDestroyResource needs to be referencable
2020-01-10 17:15:29 -05:00
James Bardin 4aa8a1cece Add GraphNodeNoProvider to skip adding a providers
While the NodeDestroyResource type should not be a
GraphNodeProviderConsumer, we're going to avoid uncovering more hidden
behavior by explicitly skipping provider creation and connections in the
provider transformers.

This should be removed when more in-depth testing can be done during a
major release cycle.
2020-01-10 16:28:44 -05:00
James Bardin a6cdfad590 NodeDestroyResource needs to be referencable
The change in #23696 removed the NodeAbstractResource methods from the
NodeDestroyResource type, in order to prevent other resource behaviors,
like requesting a provider.

While this node type is not directly referenced, it was implicitly
ordered against the module cleanup by virtue of being a resource node.

Since there's no good entry point to test this ordering at the moment,
2020-01-10 12:52:01 -05:00
Martin Atkins 2aac8cf812 internal/getproviders: Distinguished packed vs. unpacked local packages
Our local filesystem mirror mechanism will allow provider packages to be
given either in packed form as an archive directly downloaded to disk or
in an unpacked form where the archive is extracted.

Distinguishing these two cases in the concrete Location types will allow
callers to reliably select the mode chosen by the selected installation
source and handle it appropriately, rather than resorting to out-of-band
heuristics like checking whether the object is a directory or a file.
2020-01-10 09:41:27 -08:00
Martin Atkins 92a58ec438 internal/getproviders: Stub out the two mirror sources
In a future commit, these implementations of Source will allow finding
and retrieving provider packages via local mirrors, both in the local
filesystem and over the network using an HTTP-based protocol.
2020-01-10 09:41:27 -08:00
Martin Atkins 773e38b49c internal/getproviders: Stub of MultiSource
This is an API stub for a component that will be added in a future commit
to support considering a number of different installation sources for each
provider. These will eventually be configurable in the CLI configuration,
allowing users to e.g. mirror certain providers within their own
infrastructure while still being able to go upstream for those that aren't
mirrored, or permit locally-mirrored providers only, etc.
2020-01-10 09:41:27 -08:00
Martin Atkins d695956061 internal/getproviders: MemoizeSource for local caching of source responses
Some sources make network requests that are likely to be slow, so this
wrapper type can cache previous responses for its lifetime in order to
speed up repeated requests for the same information.
2020-01-10 09:41:27 -08:00
Martin Atkins a77bc59c44 internal/getproviders: Package URL should always be absolute
Registries backed by static files are likely to use relative paths to
their archives for simplicity's sake, but we'll normalize them to be
absolute before returning because the caller wouldn't otherwise know what
to resolve the URLs relative to.
2020-01-10 09:41:27 -08:00
Martin Atkins c8f7223adb internal/getproviders: Source interface for generalization
We intend to support installation both directly from origin registries and
from mirrors in the local filesystem or over the network. This Source
interface will serve as our abstraction over those three options, allowing
calling code to treat them all the same.
2020-01-10 09:41:27 -08:00
Martin Atkins c76260e957 internal/getproviders: Query a provider registry
Our existing provider installer was originally built to work with
releases.hashicorp.com and later retrofitted to talk to the official
Terraform Registry. It also assumes a flat namespace of providers.

We're starting a new one here, copying and adapting code from the old one
as necessary, so that we can build out this new API while retaining all
of the existing functionality and then cut over to this new implementation
in a later step.

Here we're creating a foundational component for the new installer, which
is a mechanism to query for the available versions and download locations
of a particular provider.

Subsequent commits in this package will introduce other Source
implementations for installing from network and filesystem mirrors.
2020-01-10 09:41:27 -08:00
Martin Atkins eda57670ce go get github.com/apparentlymart/go-versions@master 2020-01-10 09:41:27 -08:00
Kristin Laemmert 18dd1bb4d6
Mildwonkey/tfconfig upgrade (#23670)
* deps: bump terraform-config-inspect library
* configs: parse `version` in new required_providers block

With the latest version of `terraform-config-inspect`, the
required_providers attribute can now be a string or an object with
attributes "source" and "version". This change allows parsing the
version constraint from the new object while ignoring any given source attribute.
2020-01-10 11:54:53 -05:00
Pam Selle 94ab6d00ae
Merge pull request #23815 from pselle/docs/module-depth
(docs) Update docs to reflect current behavior for module-depth
2020-01-09 10:10:00 -05:00
tf-release-bot 9df05b4813 Cleanup after v0.12.19 release 2020-01-08 22:55:24 +00:00
tf-release-bot 58dcac4b79
v0.12.19 2020-01-08 22:38:48 +00:00
Martin Atkins 472d958b10
Update CHANGELOG.md 2020-01-08 14:27:39 -08:00
Pam Selle cd6c93774a Update docs to reflect current behavior 2020-01-08 16:51:42 -05:00
kmoe 58ef73814e
Merge pull request #23563 from hashicorp/kmoe/automtls
Allow disabling plugin AutoMTLS with TF_DISABLE_AUTOMTLS env var
2020-01-08 15:03:11 +00:00
Katy Moe dae1efe62a
allow disabling AutoMTLS with env var 2020-01-08 15:02:23 +00:00
James Bardin b6a041af2b update CHANGELOG.md 2020-01-07 17:10:02 -05:00
James Bardin 8b0888798f
Merge pull request #23717 from hashicorp/jbardin/destroy-plan-values
Always prune unused values
2020-01-07 17:06:20 -05:00
James Bardin c5300dc46d
Merge pull request #23792 from hashicorp/jbardin/update-go-getter
update go-getter
2020-01-07 17:05:30 -05:00
Martin Atkins e184b9edb9
Update CHANGELOG.md 2020-01-07 13:52:46 -08:00
Martin Atkins 8ea60ea651
Update CHANGELOG.md 2020-01-07 13:46:33 -08:00
Martin Atkins 7471779fca
Update CHANGELOG.md 2020-01-07 13:44:49 -08:00
Kristin Laemmert d72a192078
Update CHANGELOG.md 2020-01-07 15:11:14 -05:00
James Bardin 82678ed156 udpate CHANGELOG.md 2020-01-07 15:09:07 -05:00
Kristin Laemmert 4d8fde3d6f
command: use backend config from state when backend=false is used. (#23802)
* command: use backend config from state when backend=false is used.

When a user runs `terraform init --backend=false`, terraform should
inspect the state for a previously-configured backend, and use that
backend, ignoring any backend config in the current configuration. If no
backend is configured or there is no state, return a local backend.

Fixes #16593
2020-01-07 15:07:06 -05:00
Kristin Laemmert 5d3ca8aaf1
Update CHANGELOG.md 2020-01-07 15:05:01 -05:00
Kristin Laemmert 4045a6e5d0
initwd: cache registry responses for module versions and download URL (#23727)
* initwd: cache registry responses for module versions and download URL

Closes #23544
2020-01-07 15:03:23 -05:00
Martin Atkins 2a95d98383 docs: terraform state show is not machine-readable
In earlier versions of Terraform the result of terraform state show was
in the pre-0.12 "flatmap" structure that was unable to reflect nested
data structures. That was fixed in Terraform 0.12, but as a consequence
this statement about the output being machine-parseable (which was
debateable even in older versions) is incorrect.

Fortunately, we now have "terraform show -json" to get output that is
intentionally machine-parseable, so we'll recommend to use that instead
here. The JSON output of that command is a superset of what's produced by
"terraform state show", so should be usable to meet any use-case that
might previously have been met by parsing the "terraform state show"
output.
2020-01-07 09:39:20 -08:00
Martin Atkins 2b2ac1f6de configs: use local set of go-getter detectors
In an earlier change we switched to defining our own sets of detectors,
getters, etc for go-getter in order to insulate us from upstream changes
to those sets that might otherwise change the user-visible behavior of
Terraform's module installer.

However, we apparently neglected to actually refer to our local set of
detectors, and continued to refer to the upstream set. Here we catch up
with the latest detectors from upstream (taken from the version of
go-getter we currently have vendored) and start using that fixed set.

Currently we are maintaining these custom go-getter sets in two places
due to the configload vs. initwd distinction. That was already true for
goGetterGetters and goGetterDecompressors, and so I've preserved that for
now just to keep this change relatively simple; in later change it would
be nice to factor these "get with go getter" functions out into a shared
location which we can call from both configload and initwd.
2020-01-07 09:38:46 -08:00
Pam Selle 948d4d0ecf
Merge pull request #23749 from jasonwalsh/master
website: update publishing modules documentation
2020-01-07 16:58:36 +01:00
James Bardin 9e5fca67e8 update go-getter
Update to a go1.12 compatible branch of v1.4.1, which removes the
Header.Clone methods which were added in go1.13.
2020-01-06 20:44:02 -05:00
James Bardin ae407060f0
Merge pull request #23791 from hashicorp/jbardin/state-mv
remove stale dependencies on `state mv`
2020-01-06 16:02:22 -05:00
Pam Selle 4977120764
Merge pull request #23733 from GennadySpb/patch-1
Change Yandex.Cloud provider name in index
2020-01-06 21:37:03 +01:00
James Bardin 98c02ac114 remove stale dependencies on `state mv`
Clear any Dependencies if there is an entry matching a `state mv` from
address. While stale dependencies won't directly effect any current
operations, clearing the list will allow them to be recreated in their
entirety during refresh. This will help future releases that may rely
solely on the pre-calculated dependencies for destruction ordering.
2020-01-06 15:06:41 -05:00
Martin Atkins dc178789b2
Update CHANGELOG.md 2020-01-06 10:25:01 -08:00
Martin Atkins 7f8e087ce3 core: Don't panic if EvalMaybeResourceDeposedObject has no DeposedKey
This is a "should never happen" case, but we have reports of it actually
happening. In order to try to collect a bit more data about what's going
on here, we're changing what was previously a hard panic into a normal
error message that can include the address of the instance we were working
on and the action we were trying to do to it at the time.

The hope is to narrow down what situations can trigger this in order to
find a reliable reproduction case in order to debug further. This also
means that for those who _do_ encounter this problem in the meantime
Terraform will have a chance to shut down cleanly and therefore be more
likely to be able to recover on a subsequent plan/apply cycle.

Further investigation of this will follow once we see a report or two of
this updated error message.
2020-01-06 10:22:51 -08:00
jasonwalsh 62aae82913
website: update publishing modules documentation 2019-12-24 10:22:59 -05:00
Nick Fagerlund 413e423bba website: Use canonical URLs for learn.hashicorp.com links
The .html suffix redirects correctly, but it's not the 'real' path and thus
can throw off analytics.
2019-12-20 16:06:00 -08:00
GennadySpb e4c4c8cab5
Change Yandex.Cloud provider name in index
'Yandex' -> 'Yandex.Cloud'
2019-12-20 11:48:40 +03:00
James Bardin 6bad4e3dc0 add an interp that fails during planned destroy
Chain some values so that we can get an interpolation that fails if a
module input is evaluated during destroy.
2019-12-19 09:09:38 -05:00
James Bardin aa8a0f063c update 2 tests to match the new output
These 2 tests were matching the old-style state strings, and the only
change is to module outputs which are no longer marshaled.
2019-12-19 09:09:38 -05:00
James Bardin fe3edb8e46 more aggressively prune unused values
Since a planned destroy can no longer indicate it is a full destroy,
unused values were being left in the apply graph for evaluation. If
these values contains interpolations that can fail, (for example, a
zipmap with mismatched list sizes), it will cause the apply to abort.

The PrunUnusedValuesTransformer was only previously run during destroy,
more out of conservatism than for any other particular reason. Adapt it
to always remove unused values from the graph, with the exception being
the root module outputs, which must be retained when we don't have a
clear indication that a full destroy is being executed.
2019-12-19 09:09:38 -05:00