2023-05-02 10:33:06 -05:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2016-03-25 12:17:25 -05:00
|
|
|
package command
|
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
2018-10-26 12:08:46 -05:00
|
|
|
"os"
|
2016-03-25 12:17:25 -05:00
|
|
|
"strings"
|
|
|
|
|
2021-05-17 14:00:50 -05:00
|
|
|
"github.com/hashicorp/terraform/internal/addrs"
|
2021-05-17 10:42:17 -05:00
|
|
|
"github.com/hashicorp/terraform/internal/backend"
|
2023-02-07 02:06:12 -06:00
|
|
|
"github.com/hashicorp/terraform/internal/command/arguments"
|
2023-05-02 08:27:59 -05:00
|
|
|
"github.com/hashicorp/terraform/internal/command/jsonformat"
|
|
|
|
"github.com/hashicorp/terraform/internal/command/jsonprovider"
|
|
|
|
"github.com/hashicorp/terraform/internal/command/jsonstate"
|
2021-05-17 14:43:35 -05:00
|
|
|
"github.com/hashicorp/terraform/internal/states"
|
2023-05-02 08:27:59 -05:00
|
|
|
"github.com/hashicorp/terraform/internal/states/statefile"
|
2016-03-25 12:17:25 -05:00
|
|
|
"github.com/mitchellh/cli"
|
|
|
|
)
|
|
|
|
|
|
|
|
// StateShowCommand is a Command implementation that shows a single resource.
|
|
|
|
type StateShowCommand struct {
|
2017-03-01 09:10:47 -06:00
|
|
|
Meta
|
2016-03-25 12:17:25 -05:00
|
|
|
StateMeta
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *StateShowCommand) Run(args []string) int {
|
2020-04-01 14:01:08 -05:00
|
|
|
args = c.Meta.process(args)
|
2018-11-21 08:35:27 -06:00
|
|
|
cmdFlags := c.Meta.defaultFlagSet("state show")
|
2018-10-26 12:08:46 -05:00
|
|
|
cmdFlags.StringVar(&c.Meta.statePath, "state", "", "path")
|
2016-03-25 12:17:25 -05:00
|
|
|
if err := cmdFlags.Parse(args); err != nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintf("Error parsing command-line flags: %s\n", err.Error())
|
2019-08-16 07:31:21 -05:00
|
|
|
return 1
|
2016-03-25 12:17:25 -05:00
|
|
|
}
|
|
|
|
args = cmdFlags.Args()
|
2018-10-26 12:08:46 -05:00
|
|
|
if len(args) != 1 {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprint("Exactly one argument expected.\n")
|
2018-10-26 12:08:46 -05:00
|
|
|
return cli.RunResultHelp
|
|
|
|
}
|
2016-03-25 12:17:25 -05:00
|
|
|
|
2019-03-05 10:32:11 -06:00
|
|
|
// Check for user-supplied plugin path
|
2020-04-01 14:01:08 -05:00
|
|
|
var err error
|
2019-03-05 10:32:11 -06:00
|
|
|
if c.pluginPath, err = c.loadPluginPath(); err != nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintf("Error loading plugin path: %\n", err)
|
2019-03-05 10:32:11 -06:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
2017-01-18 22:50:45 -06:00
|
|
|
// Load the backend
|
2018-03-27 17:31:05 -05:00
|
|
|
b, backendDiags := c.Backend(nil)
|
|
|
|
if backendDiags.HasErrors() {
|
|
|
|
c.showDiagnostics(backendDiags)
|
2017-01-18 22:50:45 -06:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
2018-10-26 12:08:46 -05:00
|
|
|
// We require a local backend
|
|
|
|
local, ok := b.(backend.Local)
|
|
|
|
if !ok {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprint(ErrUnsupportedLocalOp)
|
2018-10-26 12:08:46 -05:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
backend: Validate remote backend Terraform version
When using the enhanced remote backend, a subset of all Terraform
operations are supported. Of these, only plan and apply can be executed
on the remote infrastructure (e.g. Terraform Cloud). Other operations
run locally and use the remote backend for state storage.
This causes problems when the local version of Terraform does not match
the configured version from the remote workspace. If the two versions
are incompatible, an `import` or `state mv` operation can cause the
remote workspace to be unusable until a manual fix is applied.
To prevent this from happening accidentally, this commit introduces a
check that the local Terraform version and the configured remote
workspace Terraform version are compatible. This check is skipped for
commands which do not write state, and can also be disabled by the use
of a new command-line flag, `-ignore-remote-version`.
Terraform version compatibility is defined as:
- For all releases before 0.14.0, local must exactly equal remote, as
two different versions cannot share state;
- 0.14.0 to 1.0.x are compatible, as we will not change the state
version number until at least Terraform 1.1.0;
- Versions after 1.1.0 must have the same major and minor versions, as
we will not change the state version number in a patch release.
If the two versions are incompatible, a diagnostic is displayed,
advising that the error can be suppressed with `-ignore-remote-version`.
When this flag is used, the diagnostic is still displayed, but as a
warning instead of an error.
Commands which will not write state can assert this fact by calling the
helper `meta.ignoreRemoteBackendVersionConflict`, which will disable the
checks. Those which can write state should instead call the helper
`meta.remoteBackendVersionCheck`, which will return diagnostics for
display.
In addition to these explicit paths for managing the version check, we
have an implicit check in the remote backend's state manager
initialization method. Both of the above helpers will disable this
check. This fallback is in place to ensure that future code paths which
access state cannot accidentally skip the remote version check.
2020-11-13 15:43:56 -06:00
|
|
|
// This is a read-only command
|
2021-08-24 14:28:12 -05:00
|
|
|
c.ignoreRemoteVersionConflict(b)
|
backend: Validate remote backend Terraform version
When using the enhanced remote backend, a subset of all Terraform
operations are supported. Of these, only plan and apply can be executed
on the remote infrastructure (e.g. Terraform Cloud). Other operations
run locally and use the remote backend for state storage.
This causes problems when the local version of Terraform does not match
the configured version from the remote workspace. If the two versions
are incompatible, an `import` or `state mv` operation can cause the
remote workspace to be unusable until a manual fix is applied.
To prevent this from happening accidentally, this commit introduces a
check that the local Terraform version and the configured remote
workspace Terraform version are compatible. This check is skipped for
commands which do not write state, and can also be disabled by the use
of a new command-line flag, `-ignore-remote-version`.
Terraform version compatibility is defined as:
- For all releases before 0.14.0, local must exactly equal remote, as
two different versions cannot share state;
- 0.14.0 to 1.0.x are compatible, as we will not change the state
version number until at least Terraform 1.1.0;
- Versions after 1.1.0 must have the same major and minor versions, as
we will not change the state version number in a patch release.
If the two versions are incompatible, a diagnostic is displayed,
advising that the error can be suppressed with `-ignore-remote-version`.
When this flag is used, the diagnostic is still displayed, but as a
warning instead of an error.
Commands which will not write state can assert this fact by calling the
helper `meta.ignoreRemoteBackendVersionConflict`, which will disable the
checks. Those which can write state should instead call the helper
`meta.remoteBackendVersionCheck`, which will return diagnostics for
display.
In addition to these explicit paths for managing the version check, we
have an implicit check in the remote backend's state manager
initialization method. Both of the above helpers will disable this
check. This fallback is in place to ensure that future code paths which
access state cannot accidentally skip the remote version check.
2020-11-13 15:43:56 -06:00
|
|
|
|
2018-10-26 12:08:46 -05:00
|
|
|
// Check if the address can be parsed
|
|
|
|
addr, addrDiags := addrs.ParseAbsResourceInstanceStr(args[0])
|
|
|
|
if addrDiags.HasErrors() {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintln(fmt.Sprintf(errParsingAddress, args[0]))
|
2018-10-26 12:08:46 -05:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
// We expect the config dir to always be the cwd
|
|
|
|
cwd, err := os.Getwd()
|
|
|
|
if err != nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintf("Error getting cwd: %s\n", err)
|
2018-10-26 12:08:46 -05:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
// Build the operation (required to get the schemas)
|
2023-02-07 02:06:12 -06:00
|
|
|
opReq := c.Operation(b, arguments.ViewHuman)
|
2019-10-09 16:29:40 -05:00
|
|
|
opReq.AllowUnsetVariables = true
|
2018-10-26 12:08:46 -05:00
|
|
|
opReq.ConfigDir = cwd
|
2018-11-21 08:35:27 -06:00
|
|
|
|
2018-10-26 12:08:46 -05:00
|
|
|
opReq.ConfigLoader, err = c.initConfigLoader()
|
|
|
|
if err != nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintf("Error initializing config loader: %s\n", err)
|
2018-10-26 12:08:46 -05:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the context (required to get the schemas)
|
core: Functional-style API for terraform.Context
Previously terraform.Context was built in an unfortunate way where all of
the data was provided up front in terraform.NewContext and then mutated
directly by subsequent operations. That made the data flow hard to follow,
commonly leading to bugs, and also meant that we were forced to take
various actions too early in terraform.NewContext, rather than waiting
until a more appropriate time during an operation.
This (enormous) commit changes terraform.Context so that its fields are
broadly just unchanging data about the execution context (current
workspace name, available plugins, etc) whereas the main data Terraform
works with arrives via individual method arguments and is returned in
return values.
Specifically, this means that terraform.Context no longer "has-a" config,
state, and "planned changes", instead holding on to those only temporarily
during an operation. The caller is responsible for propagating the outcome
of one step into the next step so that the data flow between operations is
actually visible.
However, since that's a change to the main entry points in the "terraform"
package, this commit also touches every file in the codebase which
interacted with those APIs. Most of the noise here is in updating tests
to take the same actions using the new API style, but this also affects
the main-code callers in the backends and in the command package.
My goal here was to refactor without changing observable behavior, but in
practice there are a couple externally-visible behavior variations here
that seemed okay in service of the broader goal:
- The "terraform graph" command is no longer hooked directly into the
core graph builders, because that's no longer part of the public API.
However, I did include a couple new Context functions whose contract
is to produce a UI-oriented graph, and _for now_ those continue to
return the physical graph we use for those operations. There's no
exported API for generating the "validate" and "eval" graphs, because
neither is particularly interesting in its own right, and so
"terraform graph" no longer supports those graph types.
- terraform.NewContext no longer has the responsibility for collecting
all of the provider schemas up front. Instead, we wait until we need
them. However, that means that some of our error messages now have a
slightly different shape due to unwinding through a differently-shaped
call stack. As of this commit we also end up reloading the schemas
multiple times in some cases, which is functionally acceptable but
likely represents a performance regression. I intend to rework this to
use caching, but I'm saving that for a later commit because this one is
big enough already.
The proximal reason for this change is to resolve the chicken/egg problem
whereby there was previously no single point where we could apply "moved"
statements to the previous run state before creating a plan. With this
change in place, we can now do that as part of Context.Plan, prior to
forking the input state into the three separate state artifacts we use
during planning.
However, this is at least the third project in a row where the previous
API design led to piling more functionality into terraform.NewContext and
then working around the incorrect order of operations that produces, so
I intend that by paying the cost/risk of this large diff now we can in
turn reduce the cost/risk of future projects that relate to our main
workflow actions.
2021-08-24 14:06:38 -05:00
|
|
|
lr, _, ctxDiags := local.LocalRun(opReq)
|
2018-10-26 12:08:46 -05:00
|
|
|
if ctxDiags.HasErrors() {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.View.Diagnostics(ctxDiags)
|
2018-10-26 12:08:46 -05:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the schemas from the context
|
core: Functional-style API for terraform.Context
Previously terraform.Context was built in an unfortunate way where all of
the data was provided up front in terraform.NewContext and then mutated
directly by subsequent operations. That made the data flow hard to follow,
commonly leading to bugs, and also meant that we were forced to take
various actions too early in terraform.NewContext, rather than waiting
until a more appropriate time during an operation.
This (enormous) commit changes terraform.Context so that its fields are
broadly just unchanging data about the execution context (current
workspace name, available plugins, etc) whereas the main data Terraform
works with arrives via individual method arguments and is returned in
return values.
Specifically, this means that terraform.Context no longer "has-a" config,
state, and "planned changes", instead holding on to those only temporarily
during an operation. The caller is responsible for propagating the outcome
of one step into the next step so that the data flow between operations is
actually visible.
However, since that's a change to the main entry points in the "terraform"
package, this commit also touches every file in the codebase which
interacted with those APIs. Most of the noise here is in updating tests
to take the same actions using the new API style, but this also affects
the main-code callers in the backends and in the command package.
My goal here was to refactor without changing observable behavior, but in
practice there are a couple externally-visible behavior variations here
that seemed okay in service of the broader goal:
- The "terraform graph" command is no longer hooked directly into the
core graph builders, because that's no longer part of the public API.
However, I did include a couple new Context functions whose contract
is to produce a UI-oriented graph, and _for now_ those continue to
return the physical graph we use for those operations. There's no
exported API for generating the "validate" and "eval" graphs, because
neither is particularly interesting in its own right, and so
"terraform graph" no longer supports those graph types.
- terraform.NewContext no longer has the responsibility for collecting
all of the provider schemas up front. Instead, we wait until we need
them. However, that means that some of our error messages now have a
slightly different shape due to unwinding through a differently-shaped
call stack. As of this commit we also end up reloading the schemas
multiple times in some cases, which is functionally acceptable but
likely represents a performance regression. I intend to rework this to
use caching, but I'm saving that for a later commit because this one is
big enough already.
The proximal reason for this change is to resolve the chicken/egg problem
whereby there was previously no single point where we could apply "moved"
statements to the previous run state before creating a plan. With this
change in place, we can now do that as part of Context.Plan, prior to
forking the input state into the three separate state artifacts we use
during planning.
However, this is at least the third project in a row where the previous
API design led to piling more functionality into terraform.NewContext and
then working around the incorrect order of operations that produces, so
I intend that by paying the cost/risk of this large diff now we can in
turn reduce the cost/risk of future projects that relate to our main
workflow actions.
2021-08-24 14:06:38 -05:00
|
|
|
schemas, diags := lr.Core.Schemas(lr.Config, lr.InputState)
|
|
|
|
if diags.HasErrors() {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.View.Diagnostics(diags)
|
core: Functional-style API for terraform.Context
Previously terraform.Context was built in an unfortunate way where all of
the data was provided up front in terraform.NewContext and then mutated
directly by subsequent operations. That made the data flow hard to follow,
commonly leading to bugs, and also meant that we were forced to take
various actions too early in terraform.NewContext, rather than waiting
until a more appropriate time during an operation.
This (enormous) commit changes terraform.Context so that its fields are
broadly just unchanging data about the execution context (current
workspace name, available plugins, etc) whereas the main data Terraform
works with arrives via individual method arguments and is returned in
return values.
Specifically, this means that terraform.Context no longer "has-a" config,
state, and "planned changes", instead holding on to those only temporarily
during an operation. The caller is responsible for propagating the outcome
of one step into the next step so that the data flow between operations is
actually visible.
However, since that's a change to the main entry points in the "terraform"
package, this commit also touches every file in the codebase which
interacted with those APIs. Most of the noise here is in updating tests
to take the same actions using the new API style, but this also affects
the main-code callers in the backends and in the command package.
My goal here was to refactor without changing observable behavior, but in
practice there are a couple externally-visible behavior variations here
that seemed okay in service of the broader goal:
- The "terraform graph" command is no longer hooked directly into the
core graph builders, because that's no longer part of the public API.
However, I did include a couple new Context functions whose contract
is to produce a UI-oriented graph, and _for now_ those continue to
return the physical graph we use for those operations. There's no
exported API for generating the "validate" and "eval" graphs, because
neither is particularly interesting in its own right, and so
"terraform graph" no longer supports those graph types.
- terraform.NewContext no longer has the responsibility for collecting
all of the provider schemas up front. Instead, we wait until we need
them. However, that means that some of our error messages now have a
slightly different shape due to unwinding through a differently-shaped
call stack. As of this commit we also end up reloading the schemas
multiple times in some cases, which is functionally acceptable but
likely represents a performance regression. I intend to rework this to
use caching, but I'm saving that for a later commit because this one is
big enough already.
The proximal reason for this change is to resolve the chicken/egg problem
whereby there was previously no single point where we could apply "moved"
statements to the previous run state before creating a plan. With this
change in place, we can now do that as part of Context.Plan, prior to
forking the input state into the three separate state artifacts we use
during planning.
However, this is at least the third project in a row where the previous
API design led to piling more functionality into terraform.NewContext and
then working around the incorrect order of operations that produces, so
I intend that by paying the cost/risk of this large diff now we can in
turn reduce the cost/risk of future projects that relate to our main
workflow actions.
2021-08-24 14:06:38 -05:00
|
|
|
return 1
|
|
|
|
}
|
2018-10-26 12:08:46 -05:00
|
|
|
|
2017-01-18 22:50:45 -06:00
|
|
|
// Get the state
|
2020-06-16 11:23:15 -05:00
|
|
|
env, err := c.Workspace()
|
|
|
|
if err != nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintf("Error selecting workspace: %s\n", err)
|
2020-06-16 11:23:15 -05:00
|
|
|
return 1
|
|
|
|
}
|
2018-10-26 12:08:46 -05:00
|
|
|
stateMgr, err := b.StateMgr(env)
|
2017-01-18 22:50:45 -06:00
|
|
|
if err != nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintln(fmt.Sprintf(errStateLoadingState, err))
|
2017-01-18 22:50:45 -06:00
|
|
|
return 1
|
2016-03-25 12:17:25 -05:00
|
|
|
}
|
2018-10-26 12:08:46 -05:00
|
|
|
if err := stateMgr.RefreshState(); err != nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintf("Failed to refresh state: %s\n", err)
|
2017-02-21 22:35:43 -06:00
|
|
|
return 1
|
|
|
|
}
|
2016-03-25 12:17:25 -05:00
|
|
|
|
2018-10-26 12:08:46 -05:00
|
|
|
state := stateMgr.State()
|
|
|
|
if state == nil {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintln(errStateNotFound)
|
2016-03-25 12:17:25 -05:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
2018-10-26 12:08:46 -05:00
|
|
|
is := state.ResourceInstance(addr)
|
|
|
|
if !is.HasCurrent() {
|
2023-05-02 08:27:59 -05:00
|
|
|
c.Streams.Eprintln(errNoInstanceFound)
|
2018-10-26 12:08:46 -05:00
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
2020-02-04 11:07:59 -06:00
|
|
|
// check if the resource has a configured provider, otherwise this will use the default provider
|
|
|
|
rs := state.Resource(addr.ContainingResource())
|
2020-02-13 14:32:58 -06:00
|
|
|
absPc := addrs.AbsProviderConfig{
|
|
|
|
Provider: rs.ProviderConfig.Provider,
|
|
|
|
Alias: rs.ProviderConfig.Alias,
|
2020-03-11 13:19:52 -05:00
|
|
|
Module: addrs.RootModule,
|
2020-02-13 14:32:58 -06:00
|
|
|
}
|
2018-10-26 12:08:46 -05:00
|
|
|
singleInstance := states.NewState()
|
|
|
|
singleInstance.EnsureModule(addr.Module).SetResourceInstanceCurrent(
|
|
|
|
addr.Resource,
|
|
|
|
is.Current,
|
2020-02-04 11:07:59 -06:00
|
|
|
absPc,
|
2018-10-26 12:08:46 -05:00
|
|
|
)
|
|
|
|
|
2023-05-02 08:27:59 -05:00
|
|
|
root, outputs, err := jsonstate.MarshalForRenderer(statefile.New(singleInstance, "", 0), schemas)
|
|
|
|
if err != nil {
|
|
|
|
c.Streams.Eprintf("Failed to marshal state to json: %s", err)
|
|
|
|
}
|
|
|
|
|
|
|
|
jstate := jsonformat.State{
|
|
|
|
StateFormatVersion: jsonstate.FormatVersion,
|
|
|
|
ProviderFormatVersion: jsonprovider.FormatVersion,
|
|
|
|
RootModule: root,
|
|
|
|
RootModuleOutputs: outputs,
|
|
|
|
ProviderSchemas: jsonprovider.MarshalForRenderer(schemas),
|
|
|
|
}
|
|
|
|
|
|
|
|
renderer := jsonformat.Renderer{
|
|
|
|
Streams: c.Streams,
|
|
|
|
Colorize: c.Colorize(),
|
|
|
|
RunningInAutomation: c.RunningInAutomation,
|
|
|
|
}
|
2018-10-26 12:08:46 -05:00
|
|
|
|
2023-05-02 08:27:59 -05:00
|
|
|
renderer.RenderHumanState(jstate)
|
2018-10-26 12:08:46 -05:00
|
|
|
return 0
|
2016-03-25 12:17:25 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func (c *StateShowCommand) Help() string {
|
|
|
|
helpText := `
|
2021-02-22 08:25:56 -06:00
|
|
|
Usage: terraform [global options] state show [options] ADDRESS
|
2016-03-25 12:17:25 -05:00
|
|
|
|
|
|
|
Shows the attributes of a resource in the Terraform state.
|
|
|
|
|
|
|
|
This command shows the attributes of a single resource in the Terraform
|
2016-03-25 16:33:31 -05:00
|
|
|
state. The address argument must be used to specify a single resource.
|
2016-03-25 12:17:25 -05:00
|
|
|
You can view the list of available resources with "terraform state list".
|
|
|
|
|
|
|
|
Options:
|
|
|
|
|
|
|
|
-state=statefile Path to a Terraform state file to use to look
|
|
|
|
up Terraform-managed resources. By default it will
|
|
|
|
use the state "terraform.tfstate" if it exists.
|
|
|
|
|
|
|
|
`
|
|
|
|
return strings.TrimSpace(helpText)
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *StateShowCommand) Synopsis() string {
|
|
|
|
return "Show a resource in the state"
|
|
|
|
}
|
2018-10-26 12:08:46 -05:00
|
|
|
|
|
|
|
const errNoInstanceFound = `No instance found for the given address!
|
|
|
|
|
|
|
|
This command requires that the address references one specific instance.
|
|
|
|
To view the available instances, use "terraform state list". Please modify
|
|
|
|
the address to reference a specific instance.`
|
|
|
|
|
|
|
|
const errParsingAddress = `Error parsing instance address: %s
|
|
|
|
|
|
|
|
This command requires that the address references one specific instance.
|
|
|
|
To view the available instances, use "terraform state list". Please modify
|
|
|
|
the address to reference a specific instance.`
|