IntenseWebs/opentofu
3
0
Fork 0
mirror of https://github.com/opentofu/opentofu.git synced 2025-02-25 18:45:20 -06:00
Code Issues Packages Projects Releases Wiki Activity
2581bc93cb
opentofu/internal/terraform/context_test.go

982 lines
25 KiB
Go
Raw Normal View History

terraform: validate almost done
2015-02-04 17:44:23 -06:00
package terraform
import (
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
"bufio"
"bytes"
terraform: validation in progress
2015-02-04 19:02:18 -06:00
"fmt"
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
"path/filepath"
"sort"
terraform: validation in progress
2015-02-04 19:02:18 -06:00
"strings"
terraform: validate almost done
2015-02-04 17:44:23 -06:00
"testing"
tests: extract deadlock checking test helper
2015-08-10 15:03:02 -05:00
"time"
Allow the HCL input when prompted We already accept HCL encoded input for -vars, and this expands that to accept HCL when prompted for a value on the command line as well.
2016-08-09 15:14:40 -05:00
updates to the context refresh tests Add comparers for go-cmp to compare deep cty.Values. Fix a number of Context2Refresh fixtures.
2018-09-06 18:36:35 -05:00
"github.com/google/go-cmp/cmp"
"github.com/google/go-cmp/cmp/cmpopts"
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
"github.com/hashicorp/go-version"
Move configs/ to internal/configs/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 14:17:09 -05:00
"github.com/hashicorp/terraform/internal/configs"
"github.com/hashicorp/terraform/internal/configs/configload"
"github.com/hashicorp/terraform/internal/configs/configschema"
"github.com/hashicorp/terraform/internal/configs/hcl2shim"
Move plans/ to internal/plans/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 14:33:17 -05:00
"github.com/hashicorp/terraform/internal/plans"
"github.com/hashicorp/terraform/internal/plans/planfile"
Move providers/ to internal/providers/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 12:40:40 -05:00
"github.com/hashicorp/terraform/internal/providers"
Move provisioners/ to internal/provisioners/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 12:51:48 -05:00
"github.com/hashicorp/terraform/internal/provisioners"
Move states/ to internal/states/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 14:43:35 -05:00
"github.com/hashicorp/terraform/internal/states"
"github.com/hashicorp/terraform/internal/states/statefile"
Move tfdiags/ to internal/tfdiags/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 12:11:06 -05:00
"github.com/hashicorp/terraform/internal/tfdiags"
use the new version package Update all references to the version values to use the new package. The VersionString function was left in the terraform package specifically for the aws provider, which is vendored. We can remove that last call once the provider is updated.
2017-10-19 20:48:08 -05:00
tfversion "github.com/hashicorp/terraform/version"
prune references to config/module delete config/module prune references to config except in terraform/resource.go move, cleanup, and delete inert code
2019-08-07 16:50:59 -05:00
"github.com/zclconf/go-cty/cty"
terraform: validate almost done
2015-02-04 17:44:23 -06:00
)
updates to the context refresh tests Add comparers for go-cmp to compare deep cty.Values. Fix a number of Context2Refresh fixtures.
2018-09-06 18:36:35 -05:00
var (
equateEmpty = cmpopts.EquateEmpty()
typeComparer = cmp.Comparer(cty.Type.Equals)
valueComparer = cmp.Comparer(cty.Value.RawEquals)
updating context plan test
2018-09-14 17:40:09 -05:00
valueTrans = cmp.Transformer("hcl2shim", hcl2shim.ConfigValueFromHCL2)
updates to the context refresh tests Add comparers for go-cmp to compare deep cty.Values. Fix a number of Context2Refresh fixtures.
2018-09-06 18:36:35 -05:00
)
terraform: verify version requirements from configuration
2016-11-12 18:50:26 -06:00
func TestNewContextRequiredVersion(t *testing.T) {
cases := []struct {
Name string
Module string
Version string
Value string
Err bool
}{
{
"no requirement",
"",
"0.1.0",
"",
false,
},
{
"doesn't match",
"",
"0.1.0",
"> 0.6.0",
true,
},
{
"matches",
"",
"0.7.0",
"> 0.6.0",
false,
},
{
"module matches",
"context-required-version-module",
"0.5.0",
"",
false,
},
{
"module doesn't match",
"context-required-version-module",
"0.4.0",
"",
true,
},
}
for i, tc := range cases {
t.Run(fmt.Sprintf("%d-%s", i, tc.Name), func(t *testing.T) {
// Reset the version for the tests
use the new version package Update all references to the version values to use the new package. The VersionString function was left in the terraform package specifically for the aws provider, which is vendored. We can remove that last call once the provider is updated.
2017-10-19 20:48:08 -05:00
old := tfversion.SemVer
tfversion.SemVer = version.Must(version.NewVersion(tc.Version))
defer func() { tfversion.SemVer = old }()
terraform: verify version requirements from configuration
2016-11-12 18:50:26 -06:00
name := "context-required-version"
if tc.Module != "" {
name = tc.Module
}
mod := testModule(t, name)
if tc.Value != "" {
core: Get tests compiling again After the refactoring to integrate HCL2 many of the tests were no longer using correct types, attribute names, etc. This is a bulk update of all of the tests to make them compile again, with minimal changes otherwise. Although the tests now compile, many of them do not yet pass. The tests will be gradually repaired in subsequent commits, as we continue to complete the refactoring and retrofit work.
2018-05-04 21:24:06 -05:00
constraint, err := version.NewConstraint(tc.Value)
if err != nil {
t.Fatalf("can't parse %q as version constraint", tc.Value)
}
mod.Module.CoreVersionConstraints = append(mod.Module.CoreVersionConstraints, configs.VersionConstraint{
Required: constraint,
})
terraform: verify version requirements from configuration
2016-11-12 18:50:26 -06:00
}
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 14:06:38 -05:00
c, diags := NewContext(&ContextOpts{})
if diags.HasErrors() {
t.Fatalf("unexpected NewContext errors: %s", diags.Err())
}
diags = c.Validate(mod)
core: Get tests compiling again After the refactoring to integrate HCL2 many of the tests were no longer using correct types, attribute names, etc. This is a bulk update of all of the tests to make them compile again, with minimal changes otherwise. Although the tests now compile, many of them do not yet pass. The tests will be gradually repaired in subsequent commits, as we continue to complete the refactoring and retrofit work.
2018-05-04 21:24:06 -05:00
if diags.HasErrors() != tc.Err {
t.Fatalf("err: %s", diags.Err())
terraform: verify version requirements from configuration
2016-11-12 18:50:26 -06:00
}
})
}
}
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
func TestContext_missingPlugins(t *testing.T) {
ctx, diags := NewContext(&ContextOpts{})
assertNoDiagnostics(t, diags)
core: Graph walk loads plugin schemas opportunistically Previously our graph walker expected to recieve a data structure containing schemas for all of the provider and provisioner plugins used in the configuration and state. That made sense back when terraform.NewContext was responsible for loading all of the schemas before taking any other action, but it no longer has that responsiblity. Instead, we'll now make sure that the "contextPlugins" object reaches all of the locations where we need schema -- many of which already had access to that object anyway -- and then load the needed schemas just in time. The contextPlugins object memoizes schema lookups, so we can safely call it many times with the same provider address or provisioner type name and know that it'll still only load each distinct plugin once per Context object. As of this commit, the Context.Schemas method is now a public interface only and not used by logic in the "terraform" package at all. However, that does leave us in a rather tenuous situation of relying on the fact that all practical users of terraform.Context end up calling "Schemas" at some point in order to verify that we have all of the expected versions of plugins. That's a non-obvious implicit dependency, and so in subsequent commits we'll gradually move all responsibility for verifying plugin versions into the caller of terraform.NewContext, which'll heal a long-standing architectural wart whereby the caller is responsible for installing and locating the plugin executables but not for verifying that what's installed is conforming to the current configuration and dependency lock file.
2021-08-31 19:53:03 -05:00
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
configSrc := `
terraform: Compare locks and provider requirements When building a context, we read the dependency locks and ensure that the provider requirements from the configuration can be satisfied. If the configured requirements change such that the locks need to be updated, we explain this and recommend running "terraform init". This check is ignored for any providers which are locally marked as in development. This includes unmanaged providers and those listed in the provider installation `dev_overrides` block.
2020-10-29 15:39:38 -05:00
terraform {
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
required_providers {
explicit = {
source = "example.com/foo/beep"
}
builtin = {
source = "terraform.io/builtin/nonexist"
}
terraform: Compare locks and provider requirements When building a context, we read the dependency locks and ensure that the provider requirements from the configuration can be satisfied. If the configured requirements change such that the locks need to be updated, we explain this and recommend running "terraform init". This check is ignored for any providers which are locally marked as in development. This includes unmanaged providers and those listed in the provider installation `dev_overrides` block.
2020-10-29 15:39:38 -05:00
}
}
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
resource "implicit_thing" "a" {
provisioner "nonexist" {
terraform: Compare locks and provider requirements When building a context, we read the dependency locks and ensure that the provider requirements from the configuration can be satisfied. If the configured requirements change such that the locks need to be updated, we explain this and recommend running "terraform init". This check is ignored for any providers which are locally marked as in development. This includes unmanaged providers and those listed in the provider installation `dev_overrides` block.
2020-10-29 15:39:38 -05:00
}
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
}
terraform: Compare locks and provider requirements When building a context, we read the dependency locks and ensure that the provider requirements from the configuration can be satisfied. If the configured requirements change such that the locks need to be updated, we explain this and recommend running "terraform init". This check is ignored for any providers which are locally marked as in development. This includes unmanaged providers and those listed in the provider installation `dev_overrides` block.
2020-10-29 15:39:38 -05:00
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
resource "implicit_thing" "b" {
provider = implicit2
}
`
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 14:06:38 -05:00
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
cfg := testModuleInline(t, map[string]string{
"main.tf": configSrc,
})
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 14:06:38 -05:00
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
// Validate and Plan are the two entry points where we explicitly verify
// the available plugins match what the configuration needs. For other
// operations we typically fail more deeply in Terraform Core, with
// potentially-less-helpful error messages, because getting there would
// require doing some pretty weird things that aren't common enough to
// be worth the complexity to check for them.
validateDiags := ctx.Validate(cfg)
_, planDiags := ctx.Plan(cfg, nil, DefaultPlanOpts)
tests := map[string]tfdiags.Diagnostics{
"validate": validateDiags,
"plan": planDiags,
}
for testName, gotDiags := range tests {
t.Run(testName, func(t *testing.T) {
var wantDiags tfdiags.Diagnostics
wantDiags = wantDiags.Append(
tfdiags.Sourceless(
tfdiags.Error,
"Missing required provider",
"This configuration requires built-in provider terraform.io/builtin/nonexist, but that provider isn't available in this Terraform version.",
),
tfdiags.Sourceless(
tfdiags.Error,
"Missing required provider",
"This configuration requires provider example.com/foo/beep, but that provider isn't available. You may be able to install it automatically by running:\n terraform init",
),
tfdiags.Sourceless(
tfdiags.Error,
"Missing required provider",
"This configuration requires provider registry.terraform.io/hashicorp/implicit, but that provider isn't available. You may be able to install it automatically by running:\n terraform init",
),
tfdiags.Sourceless(
tfdiags.Error,
"Missing required provider",
"This configuration requires provider registry.terraform.io/hashicorp/implicit2, but that provider isn't available. You may be able to install it automatically by running:\n terraform init",
),
tfdiags.Sourceless(
tfdiags.Error,
"Missing required provisioner plugin",
`This configuration requires provisioner plugin "nonexist", which isn't available. If you're intending to use an external provisioner plugin, you must install it manually into one of the plugin search directories before running Terraform.`,
),
)
assertDiagnosticsMatch(t, gotDiags, wantDiags)
terraform: Compare locks and provider requirements When building a context, we read the dependency locks and ensure that the provider requirements from the configuration can be satisfied. If the configured requirements change such that the locks need to be updated, we explain this and recommend running "terraform init". This check is ignored for any providers which are locally marked as in development. This includes unmanaged providers and those listed in the provider installation `dev_overrides` block.
2020-10-29 15:39:38 -05:00
})
}
}
terraform: gofmt -w -r 'Context2 -> Context' terraform/
2015-02-13 20:15:36 -06:00
func testContext2(t *testing.T, opts *ContextOpts) *Context {
save resolved providers for resources to state Use the ResourceState.Provider field to store the full name of the provider used during apply. This field is only used when a resource is removed from the config, and will allow that resource to be removed by the exact same provider with which it was created. Modify the locations which might accept the alue of the ResourceState.Provider field to detect that the name is resolved.
2017-11-07 12:09:36 -06:00
t.Helper()
command/meta: add -shadow flag to disable shadow graph Since it is still very much possible for this to cause problems, this can be used to disable the shadow graph. We'll purposely not document this since the goal is to remove this flag as we become more confident with it.
2016-10-21 16:25:05 -05:00
fixing context apply tests
2018-05-17 19:52:01 -05:00
ctx, diags := NewContext(opts)
if diags.HasErrors() {
t.Fatalf("failed to create test context\n\n%s\n", diags.Err())
core: Add terraform_version to state This adds a field terraform_version to the state that represents the Terraform version that wrote that state. If Terraform encounters a state written by a future version, it will error. You must use at least the version that wrote that state. Internally we have fields to override this behavior (StateFutureAllowed), but I chose not to expose them as CLI flags, since the user can just modify the state directly. This is tricky, but should be tricky to represent the horrible disaster that can happen by enabling it. We didn't have to bump the state format version since the absense of the field means it was written by version "0.0.0" which will always be older. In effect though this change will always apply to version 2 of the state since it appears in 0.7 which bumped the version for other purposes.
2016-03-11 13:07:54 -06:00
}
return ctx
terraform: validate almost done
2015-02-04 17:44:23 -06:00
}
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
func testApplyFn(req providers.ApplyResourceChangeRequest) (resp providers.ApplyResourceChangeResponse) {
resp.NewState = req.PlannedState
if req.PlannedState.IsNull() {
resp.NewState = cty.NullVal(req.PriorState.Type())
return
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
planned := req.PlannedState.AsValueMap()
if planned == nil {
planned = map[string]cty.Value{}
prefer the existing instance ID in tests The old testApplyFn would overwrite ID with "foo" in all cases there wasn't a diff, which made the test fixtures harder to reason about. If there's an ID, keep it the same.
2018-05-30 10:25:28 -05:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
id, ok := planned["id"]
if !ok || id.IsNull() || !id.IsKnown() {
planned["id"] = cty.StringVal("foo")
terraform: test for various taint cases
2015-02-26 11:50:18 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
// our default schema has a computed "type" attr
if ty, ok := planned["type"]; ok && !ty.IsNull() {
planned["type"] = cty.StringVal(req.TypeName)
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
if cmp, ok := planned["compute"]; ok && !cmp.IsNull() {
computed := cmp.AsString()
if val, ok := planned[computed]; ok && !val.IsKnown() {
planned[computed] = cty.StringVal("computed_value")
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
}
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
for k, v := range planned {
if k == "unknown" {
// "unknown" should cause an error
updating context plan test
2018-09-14 17:40:09 -05:00
continue
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
if !v.IsKnown() {
switch k {
case "type":
planned[k] = cty.StringVal(req.TypeName)
default:
planned[k] = cty.NullVal(v.Type())
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
}
Add a failing test for missing keys in diff ignore_changes is causing changes in other flatmapped sets to be filtered out incorrectly. This required fixing the testDiffFn to create diffs which include the old value, breaking one other test.
2017-03-20 16:17:14 -05:00
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
resp.NewState = cty.ObjectVal(planned)
return
}
Add a failing test for missing keys in diff ignore_changes is causing changes in other flatmapped sets to be filtered out incorrectly. This required fixing the testDiffFn to create diffs which include the old value, breaking one other test.
2017-03-20 16:17:14 -05:00
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
func testDiffFn(req providers.PlanResourceChangeRequest) (resp providers.PlanResourceChangeResponse) {
var planned map[string]cty.Value
if !req.ProposedNewState.IsNull() {
planned = req.ProposedNewState.AsValueMap()
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
if planned == nil {
planned = map[string]cty.Value{}
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
// id is always computed for the tests
if id, ok := planned["id"]; ok && id.IsNull() {
planned["id"] = cty.UnknownVal(cty.String)
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
// the old tests have require_new replace on every plan
if _, ok := planned["require_new"]; ok {
resp.RequiresReplace = append(resp.RequiresReplace, cty.Path{cty.GetAttrStep{Name: "require_new"}})
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
for k := range planned {
requiresNewKey := "__" + k + "_requires_new"
_, ok := planned[requiresNewKey]
if ok {
resp.RequiresReplace = append(resp.RequiresReplace, cty.Path{cty.GetAttrStep{Name: requiresNewKey}})
unify some of the test code Have all the values in the testDiffFn go through the same code path
2016-08-10 10:37:55 -05:00
}
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
if v, ok := planned["compute"]; ok && !v.IsNull() {
k := v.AsString()
unknown := cty.UnknownVal(cty.String)
if strings.HasSuffix(k, ".#") {
k = k[:len(k)-2]
unknown = cty.UnknownVal(cty.List(cty.String))
Allow the HCL input when prompted We already accept HCL encoded input for -vars, and this expands that to accept HCL when prompted for a value on the command line as well.
2016-08-09 15:14:40 -05:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
planned[k] = unknown
Allow the HCL input when prompted We already accept HCL encoded input for -vars, and this expands that to accept HCL when prompted for a value on the command line as well.
2016-08-09 15:14:40 -05:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
if t, ok := planned["type"]; ok && t.IsNull() {
planned["type"] = cty.UnknownVal(cty.String)
core: Improve realism of map representation in testDiffFn The diffs created by testDiffFn use the flatmap package directly, rather than running the diff-generation logic in helper/schema. It turns out that flatmap itself can generate the k+".#" keys used to indicate the length of a list, but only helper/schema itself knew how to generate the corresponding k+".%" keys used for maps. Rather than modifying the now-deprecated flatmap code directly (and risk breaking assumptions in shims elsewhere), here we just synthesize the extra required map element within the testDiffFn implementation, which then in turn allows the MockProvider diffFn shim to correctly recognize it as a map and convert it into a real cty.Map value to return.
2018-09-13 19:10:07 -05:00
}
replace testDiffFn and testApplyFn Replace the old mock provider test functions with modern equivalents. There were a lot of inconsistencies in how they were used, so we needed to update a lot of tests to match the correct behavior.
2020-10-08 07:56:03 -05:00
resp.PlannedState = cty.ObjectVal(planned)
return
Allow the HCL input when prompted We already accept HCL encoded input for -vars, and this expands that to accept HCL when prompted for a value on the command line as well.
2016-08-09 15:14:40 -05:00
}
replace provider and provisioner types in tests The field assignments and methods are incorrect still, but the type definitions and returns are now updated.
2018-08-17 14:32:35 -05:00
func testProvider(prefix string) *MockProvider {
p := new(MockProvider)
Mildwonkey/providers interface renaming (#27805) * providers.Interface: huge renamification This commit renames a handful of functions in the providers.Interface to match changes made in protocol v6. The following commit implements this change across the rest of the codebase; I put this in a separate commit for ease of reviewing and will squash these together when merging. One noteworthy detail: protocol v6 removes the config from the ValidateProviderConfigResponse, since it's never been used. I chose to leave that in place in the interface until we deprecate support for protocol v5 entirely. Note that none of these changes impact current providers using protocol v5; the protocol is unchanged. Only the translation layer between the proto and terraform have changed.
2021-02-18 09:13:43 -06:00
p.GetProviderSchemaResponse = testProviderSchema(prefix)
fixing context apply tests
2018-05-17 19:52:01 -05:00
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
return p
}
replace provider and provisioner types in tests The field assignments and methods are incorrect still, but the type definitions and returns are now updated.
2018-08-17 14:32:35 -05:00
func testProvisioner() *MockProvisioner {
p := new(MockProvisioner)
p.GetSchemaResponse = provisioners.GetSchemaResponse{
Provisioner: &configschema.Block{
Attributes: map[string]*configschema.Attribute{
"command": {
Type: cty.String,
Optional: true,
},
"order": {
Type: cty.String,
Optional: true,
},
"when": {
Type: cty.String,
Optional: true,
},
update test fixtures Update test fixtures to work in our new world. This is mostly changing out attribute names for those in the schema, adding Providers to states, and updating the test-fixture configurations.
2018-05-23 12:39:36 -05:00
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
}
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
return p
}
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
func checkStateString(t *testing.T, state *states.State, expected string) {
rewrite all of the test state string for providers Now that the resolved provider is always stored in state, we need to udpate all the test data to match. There will probably be some more breakage once the provider field is properly diffed.
2017-11-07 12:49:10 -06:00
t.Helper()
core: [refactor] store Deposed resource instances as a list Deposed instances need to be stored as a list for certain pathological cases where destroys fail for some reason (e.g. upstream API failure, Terraform interrupted mid-run). Terraform needs to be able to remember all Deposed nodes so that it can clean them up properly in subsequent runs. Deposed instances will now never touch the Tainted list - they're fully managed from within their own list. Added a "multiDepose" test case that walks through a scenario to exercise this.
2015-03-04 12:15:53 -06:00
actual := strings.TrimSpace(state.String())
expected = strings.TrimSpace(expected)
if actual != expected {
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
t.Fatalf("incorrect state\ngot:\n%s\n\nwant:\n%s", actual, expected)
core: [refactor] store Deposed resource instances as a list Deposed instances need to be stored as a list for certain pathological cases where destroys fail for some reason (e.g. upstream API failure, Terraform interrupted mid-run). Terraform needs to be able to remember all Deposed nodes so that it can clean them up properly in subsequent runs. Deposed instances will now never touch the Tainted list - they're fully managed from within their own list. Added a "multiDepose" test case that walks through a scenario to exercise this.
2015-03-04 12:15:53 -06:00
}
}
tests: extract deadlock checking test helper
2015-08-10 15:03:02 -05:00
// Test helper that gives a function 3 seconds to finish, assumes deadlock and
// fails test if it does not.
func testCheckDeadlock(t *testing.T, f func()) {
rewrite all of the test state string for providers Now that the resolved provider is always stored in state, we need to udpate all the test data to match. There will probably be some more breakage once the provider field is properly diffed.
2017-11-07 12:49:10 -06:00
t.Helper()
tests: extract deadlock checking test helper
2015-08-10 15:03:02 -05:00
timeout := make(chan bool, 1)
done := make(chan bool, 1)
go func() {
time.Sleep(3 * time.Second)
timeout <- true
}()
go func(f func(), done chan bool) {
defer func() { done <- true }()
f()
}(f, done)
select {
case <-timeout:
t.Fatalf("timed out! probably deadlock")
case <-done:
// ok
}
}
Mildwonkey/providers interface renaming (#27805) * providers.Interface: huge renamification This commit renames a handful of functions in the providers.Interface to match changes made in protocol v6. The following commit implements this change across the rest of the codebase; I put this in a separate commit for ease of reviewing and will squash these together when merging. One noteworthy detail: protocol v6 removes the config from the ValidateProviderConfigResponse, since it's never been used. I chose to leave that in place in the interface until we deprecate support for protocol v5 entirely. Note that none of these changes impact current providers using protocol v5; the protocol is unchanged. Only the translation layer between the proto and terraform have changed.
2021-02-18 09:13:43 -06:00
func testProviderSchema(name string) *providers.GetProviderSchemaResponse {
return getProviderSchemaResponseFromProviderSchema(&ProviderSchema{
fixing context apply tests
2018-05-17 19:52:01 -05:00
Provider: &configschema.Block{
Attributes: map[string]*configschema.Attribute{
"region": {
Type: cty.String,
Optional: true,
},
"foo": {
Type: cty.String,
Optional: true,
},
update test fixtures Update test fixtures to work in our new world. This is mostly changing out attribute names for those in the schema, adding Providers to states, and updating the test-fixture configurations.
2018-05-23 12:39:36 -05:00
"value": {
Type: cty.String,
Optional: true,
},
"root": {
Type: cty.Number,
Optional: true,
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
ResourceTypes: map[string]*configschema.Block{
name + "_instance": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Computed: true,
},
"ami": {
Type: cty.String,
Optional: true,
},
"dep": {
Type: cty.String,
Optional: true,
},
"num": {
Type: cty.Number,
Optional: true,
},
"require_new": {
Type: cty.String,
Optional: true,
},
"var": {
Type: cty.String,
Optional: true,
},
"foo": {
Type: cty.String,
Optional: true,
core: Ensure context tests comply with plan/apply safety checks Prior to Terraform 0.12 there were certain behaviors we expected from providers that were actually just details of the SDK and not part of the enforced contract. For 0.12 we're now codifying some of these behaviors explicitly via safety checks in core, thus ensuring that all future providers will behave in a consistent way that users can rely on. Unfortunately, due to the hand-written nature of the mock provider implementations we use in tests, they have been getting away with some unusual behaviors that don't match our usual expectations, and our safety checks now detect those as incorrect behaviors. To address this, we make the minimal changes to each test to ensure that its mock provider behaves in a consistent way, which requires that values set in config be represented correctly in the plan and ultimately saved in the new state, without any changes along the way. In particular, the common testDiffFn implementation has historically used a number of special hidden attributes to trigger special behaviors, and our new rules require that these special settings propagate properly through the plan and into the state.
2019-02-11 19:05:24 -06:00
Computed: true,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
"bar": {
Type: cty.String,
Optional: true,
},
"compute": {
Type: cty.String,
Optional: true,
updating context plan test
2018-09-14 17:40:09 -05:00
Computed: false,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
"compute_value": {
Type: cty.String,
Optional: true,
Computed: true,
},
"value": {
Type: cty.String,
Optional: true,
core: Ensure context tests comply with plan/apply safety checks Prior to Terraform 0.12 there were certain behaviors we expected from providers that were actually just details of the SDK and not part of the enforced contract. For 0.12 we're now codifying some of these behaviors explicitly via safety checks in core, thus ensuring that all future providers will behave in a consistent way that users can rely on. Unfortunately, due to the hand-written nature of the mock provider implementations we use in tests, they have been getting away with some unusual behaviors that don't match our usual expectations, and our safety checks now detect those as incorrect behaviors. To address this, we make the minimal changes to each test to ensure that its mock provider behaves in a consistent way, which requires that values set in config be represented correctly in the plan and ultimately saved in the new state, without any changes along the way. In particular, the common testDiffFn implementation has historically used a number of special hidden attributes to trigger special behaviors, and our new rules require that these special settings propagate properly through the plan and into the state.
2019-02-11 19:05:24 -06:00
Computed: true,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
"output": {
Type: cty.String,
Optional: true,
},
"write": {
Type: cty.String,
Optional: true,
},
"instance": {
Type: cty.String,
Optional: true,
},
"vpc_id": {
Type: cty.String,
Optional: true,
},
core: Include "type" attribute in the mock _instance type schema This is a computed attribute populated by our testDiffFn which a number of tests depend on for correct operation.
2018-09-07 19:25:58 -05:00
"type": {
Type: cty.String,
Computed: true,
},
core: testProviderSchema aws_instance must include "unknown" attribute This is computed in the special case where compute = "unknown" in order to force inclusion of an unknown value into the ultimate result, which is invalid. This fixes TestContext2Apply_unknownAttribute, which is intending to test this error handling behavior.
2018-09-12 14:00:50 -05:00
// Generated by testDiffFn if compute = "unknown" is set in the test config
"unknown": {
Type: cty.String,
Computed: true,
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
name + "_eip": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Computed: true,
},
"instance": {
Type: cty.String,
Optional: true,
},
},
},
name + "_resource": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Computed: true,
},
"value": {
Type: cty.String,
Optional: true,
},
Mark attributes providers mark as sensitive This updates GetResource so that the value returned has marks where the provider's schema has marked an attribute as sensitive
2020-10-12 13:39:09 -05:00
"sensitive_value": {
Type: cty.String,
Sensitive: true,
Optional: true,
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
"random": {
Type: cty.String,
Optional: true,
},
},
Update compatibility checks for blocks to not use marks Remove marks for object compatibility tests to allow apply to continue. Adds a block to the test provider to use in testing, and extends the sensitivity apply test to include a block
2020-09-29 12:48:22 -05:00
BlockTypes: map[string]*configschema.NestedBlock{
Mark sensitive attributes in blocks This implements marking sensitive attributes within blocks when referenced by adding recursive calls to get more paths from blocks' attributes
2020-10-14 16:37:06 -05:00
"nesting_single": {
Block: configschema.Block{
Attributes: map[string]*configschema.Attribute{
"value": {Type: cty.String, Optional: true},
"sensitive_value": {Type: cty.String, Optional: true, Sensitive: true},
},
},
Nesting: configschema.NestingSingle,
},
Update compatibility checks for blocks to not use marks Remove marks for object compatibility tests to allow apply to continue. Adds a block to the test provider to use in testing, and extends the sensitivity apply test to include a block
2020-09-29 12:48:22 -05:00
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
name + "_ami_list": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Optional: true,
core: Ensure context tests comply with plan/apply safety checks Prior to Terraform 0.12 there were certain behaviors we expected from providers that were actually just details of the SDK and not part of the enforced contract. For 0.12 we're now codifying some of these behaviors explicitly via safety checks in core, thus ensuring that all future providers will behave in a consistent way that users can rely on. Unfortunately, due to the hand-written nature of the mock provider implementations we use in tests, they have been getting away with some unusual behaviors that don't match our usual expectations, and our safety checks now detect those as incorrect behaviors. To address this, we make the minimal changes to each test to ensure that its mock provider behaves in a consistent way, which requires that values set in config be represented correctly in the plan and ultimately saved in the new state, without any changes along the way. In particular, the common testDiffFn implementation has historically used a number of special hidden attributes to trigger special behaviors, and our new rules require that these special settings propagate properly through the plan and into the state.
2019-02-11 19:05:24 -06:00
Computed: true,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
"ids": {
Type: cty.List(cty.String),
Optional: true,
core: Ensure context tests comply with plan/apply safety checks Prior to Terraform 0.12 there were certain behaviors we expected from providers that were actually just details of the SDK and not part of the enforced contract. For 0.12 we're now codifying some of these behaviors explicitly via safety checks in core, thus ensuring that all future providers will behave in a consistent way that users can rely on. Unfortunately, due to the hand-written nature of the mock provider implementations we use in tests, they have been getting away with some unusual behaviors that don't match our usual expectations, and our safety checks now detect those as incorrect behaviors. To address this, we make the minimal changes to each test to ensure that its mock provider behaves in a consistent way, which requires that values set in config be represented correctly in the plan and ultimately saved in the new state, without any changes along the way. In particular, the common testDiffFn implementation has historically used a number of special hidden attributes to trigger special behaviors, and our new rules require that these special settings propagate properly through the plan and into the state.
2019-02-11 19:05:24 -06:00
Computed: true,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
},
name + "_remote_state": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Optional: true,
},
"foo": {
Type: cty.String,
Optional: true,
},
"output": {
update test fixtures Update test fixtures to work in our new world. This is mostly changing out attribute names for those in the schema, adding Providers to states, and updating the test-fixture configurations.
2018-05-23 12:39:36 -05:00
Type: cty.Map(cty.String),
Computed: true,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
},
name + "_file": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Optional: true,
},
"template": {
Type: cty.String,
Optional: true,
},
core: TestContext2Validate_interpolateMap
2018-06-01 13:06:25 -05:00
"rendered": {
Type: cty.String,
Computed: true,
},
handle unset computed values in tests The old testDiffFn used th raw config to dynamically set computed values in the diff. Since the schema now defines what values should be there, all test diffs end up with unkown computed values. Filter these out by looking for a value set to "compute"
2018-05-22 18:02:22 -05:00
"__template_requires_new": {
Type: cty.String,
Optional: true,
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
},
DataSources: map[string]*configschema.Block{
name + "_data_source": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
check for data source changed during plan Rather than re-read the data source during every plan cycle, apply the config to the prior state, and skip reading if there is no change. Remove the TODOs, as we're going to accept that data-only changes will still not be plan-able for the time being. Fix the null data source test resource, as it had no computed fields at all, even the id.
2020-05-08 17:46:32 -05:00
Computed: true,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
"foo": {
Type: cty.String,
Optional: true,
check for data source changed during plan Rather than re-read the data source during every plan cycle, apply the config to the prior state, and skip reading if there is no change. Remove the TODOs, as we're going to accept that data-only changes will still not be plan-able for the time being. Fix the null data source test resource, as it had no computed fields at all, even the id.
2020-05-08 17:46:32 -05:00
Computed: true,
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
},
name + "_remote_state": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Optional: true,
},
"foo": {
Type: cty.String,
Optional: true,
},
update test fixtures Update test fixtures to work in our new world. This is mostly changing out attribute names for those in the schema, adding Providers to states, and updating the test-fixture configurations.
2018-05-23 12:39:36 -05:00
"output": {
Type: cty.Map(cty.String),
Optional: true,
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
name + "_file": {
Attributes: map[string]*configschema.Attribute{
"id": {
Type: cty.String,
Optional: true,
},
"template": {
Type: cty.String,
Optional: true,
},
core: TestContext2Validate_interpolateMap
2018-06-01 13:06:25 -05:00
"rendered": {
Type: cty.String,
Computed: true,
},
fixing context apply tests
2018-05-17 19:52:01 -05:00
},
},
},
change mock provider to use GetSchemaResponse This ensures that test providers are using the same types as actual providers.
2021-01-11 14:45:50 -06:00
})
fixing context apply tests
2018-05-17 19:52:01 -05:00
}
test: use `T.TempDir` to create temporary test directory (#30803) This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The directory created by `t.TempDir` is automatically removed when the test and all its subtests complete. Prior to this commit, temporary directory created using `ioutil.TempDir` needs to be removed manually by calling `os.RemoveAll`, which is omitted in some tests. The error handling boilerplate e.g. defer func() { if err := os.RemoveAll(dir); err != nil { t.Fatal(err) } } is also tedious, but `t.TempDir` handles this for us nicely. Reference: https://pkg.go.dev/testing#T.TempDir Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-04-08 11:34:16 -05:00
// contextOptsForPlanViaFile is a helper that creates a temporary plan file,
// then reads it back in again and produces a ContextOpts object containing the
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
// planned changes, prior state and config from the plan file.
//
// This is intended for testing the separated plan/apply workflow in a more
// convenient way than spelling out all of these steps every time. Normally
// only the command and backend packages need to deal with such things, but
// our context tests try to exercise lots of stuff at once and so having them
// round-trip things through on-disk files is often an important part of
// fully representing an old bug in a regression test.
test: use `T.TempDir` to create temporary test directory (#30803) This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The directory created by `t.TempDir` is automatically removed when the test and all its subtests complete. Prior to this commit, temporary directory created using `ioutil.TempDir` needs to be removed manually by calling `os.RemoveAll`, which is omitted in some tests. The error handling boilerplate e.g. defer func() { if err := os.RemoveAll(dir); err != nil { t.Fatal(err) } } is also tedious, but `t.TempDir` handles this for us nicely. Reference: https://pkg.go.dev/testing#T.TempDir Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-04-08 11:34:16 -05:00
func contextOptsForPlanViaFile(t *testing.T, configSnap *configload.Snapshot, plan *plans.Plan) (*ContextOpts, *configs.Config, *plans.Plan, error) {
dir := t.TempDir()
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
// We'll just create a dummy statefile.File here because we're not going
// to run through any of the codepaths that care about Lineage/Serial/etc
// here anyway.
stateFile := &statefile.File{
plans: Track both the previous run and prior states in the plan Until now we've not really cared much about the state snapshot produced by the previous Terraform operation, except to use it as a jumping-off point for our refresh step. However, we'd like to be able to report to an end-user whenever Terraform detects a change that occurred outside of Terraform, because that's often helpful context for understanding why a plan contains changes that don't seem to have corresponding changes in the configuration. As part of reporting that we'll need to keep track of the state as it was before we did any refreshing work, so we can then compare that against the state after refreshing. To retain enough data to achieve that, the existing Plan field State is now two fields: PrevRunState and PriorState. This also includes a very shallow change in the core package to make it populate something somewhat-reasonable into this field so that integration tests can function reasonably. However, this shallow implementation isn't really sufficient for real-world use of PrevRunState because we'll actually need to update PrevRunState as part of planning in order to incorporate the results of any provider-specific state upgrades to make the PrevRunState objects compatible with the current provider schema, or else our diffs won't be valid. This deeper awareness of PrevRunState in Terraform Core will follow in a subsequent commit, prior to anything else making use of Plan.PrevRunState.
2021-05-04 17:59:58 -05:00
State: plan.PriorState,
}
prevStateFile := &statefile.File{
State: plan.PrevRunState,
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
core: test helper contextOptsForPlanViaFile to set default backend A plan file without a backend set is not valid, but at the level we're testing in this package we don't really care about backends so we'll just set a default one if the caller doesn't set something more specific, and then we'll just ignore it completely when reading back.
2018-09-26 11:51:40 -05:00
// To make life a little easier for test authors, we'll populate a simple
// backend configuration if they didn't set one, since the backend is
// usually dealt with in a calling package and so tests in this package
// don't really care about it.
if plan.Backend.Config == nil {
cfg, err := plans.NewDynamicValue(cty.EmptyObjectVal, cty.EmptyObject)
if err != nil {
panic(fmt.Sprintf("NewDynamicValue failed: %s", err)) // shouldn't happen because we control the inputs
}
plan.Backend.Type = "local"
plan.Backend.Config = cfg
plan.Backend.Workspace = "default"
}
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
filename := filepath.Join(dir, "tfplan")
test: use `T.TempDir` to create temporary test directory (#30803) This commit replaces `ioutil.TempDir` with `t.TempDir` in tests. The directory created by `t.TempDir` is automatically removed when the test and all its subtests complete. Prior to this commit, temporary directory created using `ioutil.TempDir` needs to be removed manually by calling `os.RemoveAll`, which is omitted in some tests. The error handling boilerplate e.g. defer func() { if err := os.RemoveAll(dir); err != nil { t.Fatal(err) } } is also tedious, but `t.TempDir` handles this for us nicely. Reference: https://pkg.go.dev/testing#T.TempDir Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-04-08 11:34:16 -05:00
err := planfile.Create(filename, planfile.CreateArgs{
plans/planfile: Create takes most arguments via a struct type Previously the planfile.Create function had accumulated probably already too many positional arguments, and I'm intending to add another one in a subsequent commit and so this is preparation to make the callsites more readable (subjectively) and make it clearer how we can extend this function's arguments to include further components in a plan file. There's no difference in observable functionality here. This is just passing the same set of arguments in a slightly different way.
2021-09-29 18:03:10 -05:00
ConfigSnapshot: configSnap,
PreviousRunStateFile: prevStateFile,
StateFile: stateFile,
Plan: plan,
})
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
if err != nil {
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 14:06:38 -05:00
return nil, nil, nil, err
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
pr, err := planfile.Open(filename)
if err != nil {
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 14:06:38 -05:00
return nil, nil, nil, err
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
config, diags := pr.ReadConfig()
if diags.HasErrors() {
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 14:06:38 -05:00
return nil, nil, nil, diags.Err()
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
plan, err = pr.ReadPlan()
if err != nil {
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 14:06:38 -05:00
return nil, nil, nil, err
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
// Note: This has grown rather silly over the course of ongoing refactoring,
// because ContextOpts is no longer actually responsible for carrying
// any information from a plan file and instead all of the information
// lives inside the config and plan objects. We continue to return a
// silly empty ContextOpts here just to keep all of the calling tests
// working.
return &ContextOpts{}, config, plan, nil
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
// legacyPlanComparisonString produces a string representation of the changes
// from a plan and a given state togther, as was formerly produced by the
// String method of terraform.Plan.
//
// This is here only for compatibility with existing tests that predate our
// new plan and state types, and should not be used in new tests. Instead, use
// a library like "cmp" to do a deep equality check and diff on the two
// data structures.
func legacyPlanComparisonString(state *states.State, changes *plans.Changes) string {
return fmt.Sprintf(
"DIFF:\n\n%s\n\nSTATE:\n\n%s",
legacyDiffComparisonString(changes),
state.String(),
)
}
// legacyDiffComparisonString produces a string representation of the changes
// from a planned changes object, as was formerly produced by the String method
// of terraform.Diff.
//
// This is here only for compatibility with existing tests that predate our
// new plan types, and should not be used in new tests. Instead, use a library
// like "cmp" to do a deep equality check and diff on the two data structures.
func legacyDiffComparisonString(changes *plans.Changes) string {
// The old string representation of a plan was grouped by module, but
// our new plan structure is not grouped in that way and so we'll need
// to preprocess it in order to produce that grouping.
type ResourceChanges struct {
Current *plans.ResourceInstanceChangeSrc
Deposed map[states.DeposedKey]*plans.ResourceInstanceChangeSrc
}
byModule := map[string]map[string]*ResourceChanges{}
resourceKeys := map[string][]string{}
var moduleKeys []string
for _, rc := range changes.Resources {
core: Skip NoOp changes in legacyDiffComparisonString This (along with some other minor adjustments) fixes TestContext2Apply_countDecreaseToOneCorrupted.
2018-09-18 17:37:04 -05:00
if rc.Action == plans.NoOp {
// We won't mention no-op changes here at all, since the old plan
// model we are emulating here didn't have such a concept.
continue
}
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
moduleKey := rc.Addr.Module.String()
if _, exists := byModule[moduleKey]; !exists {
moduleKeys = append(moduleKeys, moduleKey)
byModule[moduleKey] = make(map[string]*ResourceChanges)
}
resourceKey := rc.Addr.Resource.String()
if _, exists := byModule[moduleKey][resourceKey]; !exists {
resourceKeys[moduleKey] = append(resourceKeys[moduleKey], resourceKey)
byModule[moduleKey][resourceKey] = &ResourceChanges{
Deposed: make(map[states.DeposedKey]*plans.ResourceInstanceChangeSrc),
}
}
if rc.DeposedKey == states.NotDeposed {
byModule[moduleKey][resourceKey].Current = rc
} else {
byModule[moduleKey][resourceKey].Deposed[rc.DeposedKey] = rc
}
}
sort.Strings(moduleKeys)
for _, ks := range resourceKeys {
sort.Strings(ks)
}
var buf bytes.Buffer
for _, moduleKey := range moduleKeys {
rcs := byModule[moduleKey]
var mBuf bytes.Buffer
for _, resourceKey := range resourceKeys[moduleKey] {
rc := rcs[resourceKey]
crud := "UPDATE"
if rc.Current != nil {
switch rc.Current.Action {
core: Handle forced-create_before_destroy during the plan walk Previously we used a single plan action "Replace" to represent both the destroy-before-create and the create-before-destroy variants of replacing. However, this forces the apply graph builder to jump through a lot of hoops to figure out which nodes need it forced on and rebuild parts of the graph to represent that. If we instead decide between these two cases at plan time, the actual determination of it is more straightforward because each resource is represented by only one node in the plan graph, and then we can ensure we put the right nodes in the graph during DiffTransformer and thus avoid the logic for dealing with deposed instances being spread across various different transformers and node types. As a nice side-effect, this also allows us to show the difference between destroy-then-create and create-then-destroy in the rendered diff in the CLI, although this change doesn't fully implement that yet.
2018-09-21 19:08:52 -05:00
case plans.DeleteThenCreate:
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
crud = "DESTROY/CREATE"
core: Handle forced-create_before_destroy during the plan walk Previously we used a single plan action "Replace" to represent both the destroy-before-create and the create-before-destroy variants of replacing. However, this forces the apply graph builder to jump through a lot of hoops to figure out which nodes need it forced on and rebuild parts of the graph to represent that. If we instead decide between these two cases at plan time, the actual determination of it is more straightforward because each resource is represented by only one node in the plan graph, and then we can ensure we put the right nodes in the graph during DiffTransformer and thus avoid the logic for dealing with deposed instances being spread across various different transformers and node types. As a nice side-effect, this also allows us to show the difference between destroy-then-create and create-then-destroy in the rendered diff in the CLI, although this change doesn't fully implement that yet.
2018-09-21 19:08:52 -05:00
case plans.CreateThenDelete:
crud = "CREATE/DESTROY"
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
case plans.Delete:
crud = "DESTROY"
case plans.Create:
crud = "CREATE"
}
} else {
// We must be working on a deposed object then, in which
// case destroying is the only possible action.
crud = "DESTROY"
}
extra := ""
if rc.Current == nil && len(rc.Deposed) > 0 {
extra = " (deposed only)"
}
fmt.Fprintf(
&mBuf, "%s: %s%s\n",
crud, resourceKey, extra,
)
attrNames := map[string]bool{}
var oldAttrs map[string]string
var newAttrs map[string]string
core: legacyDiffComparisonString don't panic if only deposed objects This shim for the benefit of our old tests was not handling the situation where an InstanceState only contains deposed instances and no current instance. This is a strange, rare situation but one that does come up in practice in some odd cases.
2018-09-20 17:15:44 -05:00
if rc.Current != nil {
if before := rc.Current.Before; before != nil {
ty, err := before.ImpliedType()
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
if err == nil {
core: legacyDiffComparisonString don't panic if only deposed objects This shim for the benefit of our old tests was not handling the situation where an InstanceState only contains deposed instances and no current instance. This is a strange, rare situation but one that does come up in practice in some odd cases.
2018-09-20 17:15:44 -05:00
val, err := before.Decode(ty)
if err == nil {
oldAttrs = hcl2shim.FlatmapValueFromHCL2(val)
for k := range oldAttrs {
attrNames[k] = true
}
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
}
}
core: legacyDiffComparisonString don't panic if only deposed objects This shim for the benefit of our old tests was not handling the situation where an InstanceState only contains deposed instances and no current instance. This is a strange, rare situation but one that does come up in practice in some odd cases.
2018-09-20 17:15:44 -05:00
if after := rc.Current.After; after != nil {
ty, err := after.ImpliedType()
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
if err == nil {
core: legacyDiffComparisonString don't panic if only deposed objects This shim for the benefit of our old tests was not handling the situation where an InstanceState only contains deposed instances and no current instance. This is a strange, rare situation but one that does come up in practice in some odd cases.
2018-09-20 17:15:44 -05:00
val, err := after.Decode(ty)
if err == nil {
newAttrs = hcl2shim.FlatmapValueFromHCL2(val)
for k := range newAttrs {
attrNames[k] = true
}
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
}
}
}
}
if oldAttrs == nil {
oldAttrs = make(map[string]string)
}
if newAttrs == nil {
newAttrs = make(map[string]string)
}
attrNamesOrder := make([]string, 0, len(attrNames))
keyLen := 0
for n := range attrNames {
attrNamesOrder = append(attrNamesOrder, n)
if len(n) > keyLen {
keyLen = len(n)
}
}
core: Fix TestContext2Apply_countDecreaseToOneCorrupted We now include attribute changes in destroy diffs, so the expected output of this test includes these changes. Also includes a fix to legacyDiffComparisonString to actually sort the attribute changes by name in the rendered diff.
2018-09-25 18:15:49 -05:00
sort.Strings(attrNamesOrder)
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
for _, attrK := range attrNamesOrder {
v := newAttrs[attrK]
u := oldAttrs[attrK]
remove UnknownVariabeValue from config and update references to shim
2019-07-17 21:41:24 -05:00
if v == hcl2shim.UnknownVariableValue {
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 16:24:45 -05:00
v = "<computed>"
}
// NOTE: we don't support <sensitive> here because we would
// need schema to do that. Excluding sensitive values
// is now done at the UI layer, and so should not be tested
// at the core layer.
updateMsg := ""
// TODO: Mark " (forces new resource)" in updateMsg when appropriate.
fmt.Fprintf(
&mBuf, " %s:%s %#v => %#v%s\n",
attrK,
strings.Repeat(" ", keyLen-len(attrK)),
u, v,
updateMsg,
)
}
}
if moduleKey == "" { // root module
buf.Write(mBuf.Bytes())
buf.WriteByte('\n')
continue
}
fmt.Fprintf(&buf, "%s:\n", moduleKey)
s := bufio.NewScanner(&mBuf)
for s.Scan() {
buf.WriteString(fmt.Sprintf(" %s\n", s.Text()))
}
}
return buf.String()
}
terraform: test helpers for printing diagnostics in a useful way We often want to bail out of a test if diagnostics are present, and it's easiest to debug that when the diagnostics are printed in a compact but complete manner that is non-trivial to produce. Rather than duplicating that diagnostic formatting in every test, these helpers allow us to succinctly print diagnostics and bail out when they are present.
2018-09-10 15:37:35 -05:00
// assertNoDiagnostics fails the test in progress (using t.Fatal) if the given
// diagnostics is non-empty.
func assertNoDiagnostics(t *testing.T, diags tfdiags.Diagnostics) {
t.Helper()
if len(diags) == 0 {
return
}
logDiagnostics(t, diags)
t.FailNow()
}
// assertNoDiagnostics fails the test in progress (using t.Fatal) if the given
// diagnostics has any errors.
func assertNoErrors(t *testing.T, diags tfdiags.Diagnostics) {
t.Helper()
if !diags.HasErrors() {
return
}
logDiagnostics(t, diags)
t.FailNow()
}
core: Simplify and centralize plugin availability checks Historically the responsibility for making sure that all of the available providers are of suitable versions and match the appropriate checksums has been split rather inexplicably over multiple different layers, with some of the checks happening as late as creating a terraform.Context. We're gradually iterating towards making that all be handled in one place, but in this step we're just cleaning up some old remnants from the main "terraform" package, which is now no longer responsible for any version or checksum verification and instead just assumes it's been provided with suitable factory functions by its caller. We do still have a pre-check here to make sure that we at least have a factory function for each plugin the configuration seems to depend on, because if we don't do that up front then it ends up getting caught instead deep inside the Terraform runtime, often inside a concurrent graph walk and thus it's not deterministic which codepath will happen to catch it on a particular run. As of this commit, this actually does leave some holes in our checks: the command package is using the dependency lock file to make sure we have exactly the provider packages we expect (exact versions and checksums), which is the most crucial part, but we don't yet have any spot where we make sure that the lock file is consistent with the current configuration, and we are no longer preserving the provider checksums as part of a saved plan. Both of those will come in subsequent commits. While it's unusual to have a series of commits that briefly subtracts functionality and then adds back in equivalent functionality later, the lock file checking is the only part that's crucial for security reasons, with everything else mainly just being to give better feedback when folks seem to be using Terraform incorrectly. The other bits are therefore mostly cosmetic and okay to be absent briefly as we work towards a better design that is clearer about where that responsibility belongs.
2021-09-29 17:51:09 -05:00
// assertDiagnosticsMatch fails the test in progress (using t.Fatal) if the
// two sets of diagnostics don't match after being normalized using the
// "ForRPC" processing step, which eliminates the specific type information
// and HCL expression information of each diagnostic.
//
// assertDiagnosticsMatch sorts the two sets of diagnostics in the usual way
// before comparing them, though diagnostics only have a partial order so that
// will not totally normalize the ordering of all diagnostics sets.
func assertDiagnosticsMatch(t *testing.T, got, want tfdiags.Diagnostics) {
got = got.ForRPC()
want = want.ForRPC()
got.Sort()
want.Sort()
if diff := cmp.Diff(want, got); diff != "" {
t.Fatalf("wrong diagnostics\n%s", diff)
}
}
terraform: test helpers for printing diagnostics in a useful way We often want to bail out of a test if diagnostics are present, and it's easiest to debug that when the diagnostics are printed in a compact but complete manner that is non-trivial to produce. Rather than duplicating that diagnostic formatting in every test, these helpers allow us to succinctly print diagnostics and bail out when they are present.
2018-09-10 15:37:35 -05:00
// logDiagnostics is a test helper that logs the given diagnostics to to the
// given testing.T using t.Log, in a way that is hopefully useful in debugging
// a test. It does not generate any errors or fail the test. See
// assertNoDiagnostics and assertNoErrors for more specific helpers that can
// also fail the test.
func logDiagnostics(t *testing.T, diags tfdiags.Diagnostics) {
core: logDiagnostics test helper must call t.Helper()
2018-09-11 18:27:13 -05:00
t.Helper()
terraform: test helpers for printing diagnostics in a useful way We often want to bail out of a test if diagnostics are present, and it's easiest to debug that when the diagnostics are printed in a compact but complete manner that is non-trivial to produce. Rather than duplicating that diagnostic formatting in every test, these helpers allow us to succinctly print diagnostics and bail out when they are present.
2018-09-10 15:37:35 -05:00
for _, diag := range diags {
desc := diag.Description()
rng := diag.Source()
var severity string
switch diag.Severity() {
case tfdiags.Error:
severity = "ERROR"
case tfdiags.Warning:
severity = "WARN"
default:
severity = "???" // should never happen
}
if subj := rng.Subject; subj != nil {
if desc.Detail == "" {
t.Logf("[%s@%s] %s", severity, subj.StartString(), desc.Summary)
} else {
t.Logf("[%s@%s] %s: %s", severity, subj.StartString(), desc.Summary, desc.Detail)
}
} else {
if desc.Detail == "" {
t.Logf("[%s] %s", severity, desc.Summary)
} else {
t.Logf("[%s] %s: %s", severity, desc.Summary, desc.Detail)
}
}
}
}
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
const testContextRefreshModuleStr = `
Add tests and fix last issues
2016-04-21 14:59:10 -05:00
aws_instance.web: (tainted)
ID = bar
Mildwonkey/tests (#24522) * terraform: add helper functions for creating test state testSetResourceInstanceCurrent and testSetResourceInstanceTainted are wrapper functions around states.Module.SetResourceInstanceCurrent() used to set a resource in state. They work with current, non-deposed resources with no dependencies. testSetResourceInstanceDeposed can be used to set a desosed resource in state. * terraform: update all tests to use modern providers and state
2020-04-01 12:13:40 -05:00
provider = provider["registry.terraform.io/hashicorp/aws"]
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
module.child:
aws_instance.web:
ID = new
Mildwonkey/tests (#24522) * terraform: add helper functions for creating test state testSetResourceInstanceCurrent and testSetResourceInstanceTainted are wrapper functions around states.Module.SetResourceInstanceCurrent() used to set a resource in state. They work with current, non-deposed resources with no dependencies. testSetResourceInstanceDeposed can be used to set a desosed resource in state. * terraform: update all tests to use modern providers and state
2020-04-01 12:13:40 -05:00
provider = provider["registry.terraform.io/hashicorp/aws"]
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
`
terraform: return value for resource interpolation on refresh Instead of returning UnknownVariableValue every time, attempt to return the real value. If we don't find it, return unknown value. This fixes removing outputs from state on refresh.
2015-04-10 15:51:22 -05:00
const testContextRefreshOutputStr = `
aws_instance.web:
ID = foo
Mildwonkey/tests (#24522) * terraform: add helper functions for creating test state testSetResourceInstanceCurrent and testSetResourceInstanceTainted are wrapper functions around states.Module.SetResourceInstanceCurrent() used to set a resource in state. They work with current, non-deposed resources with no dependencies. testSetResourceInstanceDeposed can be used to set a desosed resource in state. * terraform: update all tests to use modern providers and state
2020-04-01 12:13:40 -05:00
provider = provider["registry.terraform.io/hashicorp/aws"]
terraform: return value for resource interpolation on refresh Instead of returning UnknownVariableValue every time, attempt to return the real value. If we don't find it, return unknown value. This fixes removing outputs from state on refresh.
2015-04-10 15:51:22 -05:00
foo = bar
Outputs:
foo = bar
`
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
const testContextRefreshOutputPartialStr = `
<no state>
`
const testContextRefreshTaintedStr = `
Add tests and fix last issues
2016-04-21 14:59:10 -05:00
aws_instance.web: (tainted)
ID = foo
Mildwonkey/tests (#24522) * terraform: add helper functions for creating test state testSetResourceInstanceCurrent and testSetResourceInstanceTainted are wrapper functions around states.Module.SetResourceInstanceCurrent() used to set a resource in state. They work with current, non-deposed resources with no dependencies. testSetResourceInstanceDeposed can be used to set a desosed resource in state. * terraform: update all tests to use modern providers and state
2020-04-01 12:13:40 -05:00
provider = provider["registry.terraform.io/hashicorp/aws"]
terraform: goodbye context.go (old)
2015-02-13 20:09:45 -06:00
`
Reference in New Issue Copy Permalink