opentofu/terraform/eval_check_prevent_destroy.go

package terraform

import (
	"fmt"

	"github.com/hashicorp/terraform/config"
)

// EvalPreventDestroy is an EvalNode implementation that returns an
// error if a resource has PreventDestroy configured and the diff
// would destroy the resource.
type EvalCheckPreventDestroy struct {
	Resource   *config.Resource
	ResourceId string
	Diff       **InstanceDiff
}

func (n *EvalCheckPreventDestroy) Eval(ctx EvalContext) (interface{}, error) {
	if n.Diff == nil || *n.Diff == nil || n.Resource == nil {
		return nil, nil
	}

	diff := *n.Diff
	preventDestroy := n.Resource.Lifecycle.PreventDestroy

	if diff.GetDestroy() && preventDestroy {
		resourceId := n.ResourceId
		if resourceId == "" {
			resourceId = n.Resource.Id()
		}

		return nil, fmt.Errorf(preventDestroyErrStr, resourceId)
	}

	return nil, nil
}

const preventDestroyErrStr = `%s: the plan would destroy this resource, but it currently has lifecycle.prevent_destroy set to true. To avoid this error and continue with the plan, either disable lifecycle.prevent_destroy or adjust the scope of the plan using the -target flag.`
core: add prevent_destroy lifecycle flag When the `prevent_destroy` flag is set on a resource, any plan that would destroy that resource instead returns an error. This has the effect of preventing the resource from being unexpectedly destroyed by Terraform until the flag is removed from the config. 2015-04-16 17:57:18 -05:00			`package terraform`

			`import (`
			`"fmt"`

			`"github.com/hashicorp/terraform/config"`
			`)`

			`// EvalPreventDestroy is an EvalNode implementation that returns an`
			`// error if a resource has PreventDestroy configured and the diff`
			`// would destroy the resource.`
			`type EvalCheckPreventDestroy struct {`
terraform: prevent_destroy works for decreasing count Fixes #5826 The `prevent_destroy` lifecycle configuration was not being checked when the count was decreased for a resource with a count. It was only checking when attributes changed on pre-existing resources. This fixes that. 2016-10-28 20:31:47 -05:00			`Resource *config.Resource`
			`ResourceId string`
			`Diff **InstanceDiff`
core: add prevent_destroy lifecycle flag When the `prevent_destroy` flag is set on a resource, any plan that would destroy that resource instead returns an error. This has the effect of preventing the resource from being unexpectedly destroyed by Terraform until the flag is removed from the config. 2015-04-16 17:57:18 -05:00			`}`

			`func (n *EvalCheckPreventDestroy) Eval(ctx EvalContext) (interface{}, error) {`
			`if n.Diff == nil \|\| *n.Diff == nil \|\| n.Resource == nil {`
			`return nil, nil`
			`}`

			`diff := *n.Diff`
			`preventDestroy := n.Resource.Lifecycle.PreventDestroy`

Make all terraform package tests pass under -race This isn't a pretty refactor, but fixes the race issues in this package for now. Fix race on RawConfig.Config() fix command package races 2016-07-29 12:17:48 -05:00			`if diff.GetDestroy() && preventDestroy {`
terraform: prevent_destroy works for decreasing count Fixes #5826 The `prevent_destroy` lifecycle configuration was not being checked when the count was decreased for a resource with a count. It was only checking when attributes changed on pre-existing resources. This fixes that. 2016-10-28 20:31:47 -05:00			`resourceId := n.ResourceId`
			`if resourceId == "" {`
			`resourceId = n.Resource.Id()`
			`}`

			`return nil, fmt.Errorf(preventDestroyErrStr, resourceId)`
core: add prevent_destroy lifecycle flag When the `prevent_destroy` flag is set on a resource, any plan that would destroy that resource instead returns an error. This has the effect of preventing the resource from being unexpectedly destroyed by Terraform until the flag is removed from the config. 2015-04-16 17:57:18 -05:00			`}`

			`return nil, nil`
			`}`

update prevent_destroy error message per recommendations by @nathanielks closes #2473 2015-08-12 18:41:12 -05:00			const preventDestroyErrStr = `%s: the plan would destroy this resource, but it currently has lifecycle.prevent_destroy set to true. To avoid this error and continue with the plan, either disable lifecycle.prevent_destroy or adjust the scope of the plan using the -target flag.`