From a92455198a6dd420630a1253c23b91f77fe647b7 Mon Sep 17 00:00:00 2001 From: Marcin Wyszynski Date: Wed, 23 Aug 2023 16:42:50 +0200 Subject: [PATCH] Remove checkpoint code - less is more (#151) --- checkpoint.go | 94 -------------------- commands.go | 1 - go.mod | 1 - go.sum | 2 - internal/command/cliconfig/cliconfig.go | 5 -- internal/command/cliconfig/cliconfig_test.go | 38 -------- internal/command/version.go | 22 ----- internal/command/version_test.go | 64 +------------ internal/e2e/e2e.go | 5 -- main.go | 3 - website/docs/cli/commands/index.mdx | 35 -------- website/docs/cli/config/config-file.mdx | 9 -- 12 files changed, 2 insertions(+), 277 deletions(-) delete mode 100644 checkpoint.go diff --git a/checkpoint.go b/checkpoint.go deleted file mode 100644 index 1b7db42689..0000000000 --- a/checkpoint.go +++ /dev/null @@ -1,94 +0,0 @@ -// Copyright (c) HashiCorp, Inc. -// SPDX-License-Identifier: MPL-2.0 - -package main - -import ( - "context" - "fmt" - "log" - "path/filepath" - - "github.com/hashicorp/go-checkpoint" - "github.com/placeholderplaceholderplaceholder/opentf/internal/command" - "github.com/placeholderplaceholderplaceholder/opentf/internal/command/cliconfig" - "go.opentelemetry.io/otel/codes" -) - -func init() { - checkpointResult = make(chan *checkpoint.CheckResponse, 1) -} - -var checkpointResult chan *checkpoint.CheckResponse - -// runCheckpoint runs a HashiCorp Checkpoint request. You can read about -// Checkpoint here: https://github.com/hashicorp/go-checkpoint. -func runCheckpoint(ctx context.Context, c *cliconfig.Config) { - // If the user doesn't want checkpoint at all, then return. - if c.DisableCheckpoint { - log.Printf("[INFO] Checkpoint disabled. Not running.") - checkpointResult <- nil - return - } - - ctx, span := tracer.Start(ctx, "HashiCorp Checkpoint") - _ = ctx // prevent staticcheck from complaining to avoid a maintenence hazard of having the wrong ctx in scope here - defer span.End() - - configDir, err := cliconfig.ConfigDir() - if err != nil { - log.Printf("[ERR] Checkpoint setup error: %s", err) - checkpointResult <- nil - return - } - - version := Version - if VersionPrerelease != "" { - version += fmt.Sprintf("-%s", VersionPrerelease) - } - - signaturePath := filepath.Join(configDir, "checkpoint_signature") - if c.DisableCheckpointSignature { - log.Printf("[INFO] Checkpoint signature disabled") - signaturePath = "" - } - - resp, err := checkpoint.Check(&checkpoint.CheckParams{ - Product: "terraform", - Version: version, - SignatureFile: signaturePath, - CacheFile: filepath.Join(configDir, "checkpoint_cache"), - }) - if err != nil { - log.Printf("[ERR] Checkpoint error: %s", err) - span.SetStatus(codes.Error, err.Error()) - resp = nil - } else { - span.SetStatus(codes.Ok, "checkpoint request succeeded") - } - - checkpointResult <- resp -} - -// commandVersionCheck implements command.VersionCheckFunc and is used -// as the version checker. -func commandVersionCheck() (command.VersionCheckInfo, error) { - // Wait for the result to come through - info := <-checkpointResult - if info == nil { - var zero command.VersionCheckInfo - return zero, nil - } - - // Build the alerts that we may have received about our version - alerts := make([]string, len(info.Alerts)) - for i, a := range info.Alerts { - alerts[i] = a.Message - } - - return command.VersionCheckInfo{ - Outdated: info.Outdated, - Latest: info.CurrentVersion, - Alerts: alerts, - }, nil -} diff --git a/commands.go b/commands.go index b105f8683b..62a773f743 100644 --- a/commands.go +++ b/commands.go @@ -305,7 +305,6 @@ func initCommands( Version: Version, VersionPrerelease: VersionPrerelease, Platform: getproviders.CurrentPlatform, - CheckFunc: commandVersionCheck, }, nil }, diff --git a/go.mod b/go.mod index ace181dcf2..6b08984347 100644 --- a/go.mod +++ b/go.mod @@ -34,7 +34,6 @@ require ( github.com/hashicorp/copywrite v0.16.3 github.com/hashicorp/errwrap v1.1.0 github.com/hashicorp/go-azure-helpers v0.43.0 - github.com/hashicorp/go-checkpoint v0.5.0 github.com/hashicorp/go-cleanhttp v0.5.2 github.com/hashicorp/go-getter v1.7.2 github.com/hashicorp/go-hclog v1.4.0 diff --git a/go.sum b/go.sum index b6c1ddf49d..19a398cd9f 100644 --- a/go.sum +++ b/go.sum @@ -591,8 +591,6 @@ github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brv github.com/hashicorp/go-azure-helpers v0.12.0/go.mod h1:Zc3v4DNeX6PDdy7NljlYpnrdac1++qNW0I4U+ofGwpg= github.com/hashicorp/go-azure-helpers v0.43.0 h1:larj4ZgwO3hKzA9xIOTXRW4NBpI6F3K8wpig8eikNOw= github.com/hashicorp/go-azure-helpers v0.43.0/go.mod h1:ofh+59GPB8g/lWI08711STfrIPSPOlXQkuMc8rovpBk= -github.com/hashicorp/go-checkpoint v0.5.0 h1:MFYpPZCnQqQTE18jFwSII6eUQrD/oxMFp3mlgcqk5mU= -github.com/hashicorp/go-checkpoint v0.5.0/go.mod h1:7nfLNL10NsxqO4iWuW6tWW0HjZuDrwkBuEQsVcpCOgg= github.com/hashicorp/go-cleanhttp v0.5.0/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80= github.com/hashicorp/go-cleanhttp v0.5.2 h1:035FKYIWjmULyFRBKPs8TBQoi0x6d9G4xc9neXJWAZQ= diff --git a/internal/command/cliconfig/cliconfig.go b/internal/command/cliconfig/cliconfig.go index a076820e57..ae728e76d0 100644 --- a/internal/command/cliconfig/cliconfig.go +++ b/internal/command/cliconfig/cliconfig.go @@ -39,9 +39,6 @@ type Config struct { Providers map[string]string Provisioners map[string]string - DisableCheckpoint bool `hcl:"disable_checkpoint"` - DisableCheckpointSignature bool `hcl:"disable_checkpoint_signature"` - // If set, enables local caching of plugins in this directory to // avoid repeatedly re-downloading over the Internet. PluginCacheDir string `hcl:"plugin_cache_dir"` @@ -360,8 +357,6 @@ func (c *Config) Merge(c2 *Config) *Config { } result.Provisioners[k] = v } - result.DisableCheckpoint = c.DisableCheckpoint || c2.DisableCheckpoint - result.DisableCheckpointSignature = c.DisableCheckpointSignature || c2.DisableCheckpointSignature result.PluginCacheDir = c.PluginCacheDir if result.PluginCacheDir == "" { diff --git a/internal/command/cliconfig/cliconfig_test.go b/internal/command/cliconfig/cliconfig_test.go index 17e5f48a80..0ca53adbee 100644 --- a/internal/command/cliconfig/cliconfig_test.go +++ b/internal/command/cliconfig/cliconfig_test.go @@ -511,41 +511,3 @@ func TestConfig_Merge(t *testing.T) { t.Fatalf("wrong result\n%s", diff) } } - -func TestConfig_Merge_disableCheckpoint(t *testing.T) { - c1 := &Config{ - DisableCheckpoint: true, - } - - c2 := &Config{} - - expected := &Config{ - Providers: map[string]string{}, - Provisioners: map[string]string{}, - DisableCheckpoint: true, - } - - actual := c1.Merge(c2) - if !reflect.DeepEqual(actual, expected) { - t.Fatalf("bad: %#v", actual) - } -} - -func TestConfig_Merge_disableCheckpointSignature(t *testing.T) { - c1 := &Config{ - DisableCheckpointSignature: true, - } - - c2 := &Config{} - - expected := &Config{ - Providers: map[string]string{}, - Provisioners: map[string]string{}, - DisableCheckpointSignature: true, - } - - actual := c1.Merge(c2) - if !reflect.DeepEqual(actual, expected) { - t.Fatalf("bad: %#v", actual) - } -} diff --git a/internal/command/version.go b/internal/command/version.go index 93766077a7..237fb026f1 100644 --- a/internal/command/version.go +++ b/internal/command/version.go @@ -21,7 +21,6 @@ type VersionCommand struct { Version string VersionPrerelease string - CheckFunc VersionCheckFunc Platform getproviders.Platform } @@ -29,13 +28,8 @@ type VersionOutput struct { Version string `json:"terraform_version"` Platform string `json:"platform"` ProviderSelections map[string]string `json:"provider_selections"` - Outdated bool `json:"terraform_outdated"` } -// VersionCheckFunc is the callback called by the Version command to -// check if there is a new version of Terraform. -type VersionCheckFunc func() (VersionCheckInfo, error) - // VersionCheckInfo is the return value for the VersionCheckFunc callback // and tells the Version command information about the latest version // of Terraform. @@ -105,21 +99,6 @@ func (c *VersionCommand) Run(args []string) int { } } - // If we have a version check function, then let's check for - // the latest version as well. - if c.CheckFunc != nil { - // Check the latest version - info, err := c.CheckFunc() - if err != nil && !jsonOutput { - c.Ui.Error(fmt.Sprintf( - "\nError checking latest version: %s", err)) - } - if info.Outdated { - outdated = true - latest = info.Latest - } - } - if jsonOutput { selectionsOutput := make(map[string]string) for providerAddr, lock := range providerLocks { @@ -138,7 +117,6 @@ func (c *VersionCommand) Run(args []string) int { Version: versionOutput, Platform: c.Platform.String(), ProviderSelections: selectionsOutput, - Outdated: outdated, } jsonOutput, err := json.MarshalIndent(output, "", " ") diff --git a/internal/command/version_test.go b/internal/command/version_test.go index 619e36668d..bde6a7ce25 100644 --- a/internal/command/version_test.go +++ b/internal/command/version_test.go @@ -88,30 +88,6 @@ func TestVersion_flags(t *testing.T) { } } -func TestVersion_outdated(t *testing.T) { - ui := new(cli.MockUi) - m := Meta{ - Ui: ui, - } - - c := &VersionCommand{ - Meta: m, - Version: "4.5.6", - CheckFunc: mockVersionCheckFunc(true, "4.5.7"), - Platform: getproviders.Platform{OS: "aros", Arch: "riscv64"}, - } - - if code := c.Run([]string{}); code != 0 { - t.Fatalf("bad: \n%s", ui.ErrorWriter.String()) - } - - actual := strings.TrimSpace(ui.OutputWriter.String()) - expected := "Terraform v4.5.6\non aros_riscv64\n\nYour version of Terraform is out of date! The latest version\nis 4.5.7. You can update by downloading from https://www.terraform.io/downloads.html" - if actual != expected { - t.Fatalf("wrong output\ngot: %#v\nwant: %#v", actual, expected) - } -} - func TestVersion_json(t *testing.T) { td := t.TempDir() defer testChdir(t, td)() @@ -136,8 +112,7 @@ func TestVersion_json(t *testing.T) { { "terraform_version": "4.5.6", "platform": "aros_riscv64", - "provider_selections": {}, - "terraform_outdated": false + "provider_selections": {} } `) if diff := cmp.Diff(expected, actual); diff != "" { @@ -186,8 +161,7 @@ func TestVersion_json(t *testing.T) { "provider_selections": { "registry.terraform.io/hashicorp/test1": "7.8.9-beta.2", "registry.terraform.io/hashicorp/test2": "1.2.3" - }, - "terraform_outdated": false + } } `) if diff := cmp.Diff(expected, actual); diff != "" { @@ -195,37 +169,3 @@ func TestVersion_json(t *testing.T) { } } - -func TestVersion_jsonoutdated(t *testing.T) { - ui := new(cli.MockUi) - m := Meta{ - Ui: ui, - } - - c := &VersionCommand{ - Meta: m, - Version: "4.5.6", - CheckFunc: mockVersionCheckFunc(true, "4.5.7"), - Platform: getproviders.Platform{OS: "aros", Arch: "riscv64"}, - } - - if code := c.Run([]string{"-json"}); code != 0 { - t.Fatalf("bad: \n%s", ui.ErrorWriter.String()) - } - - actual := strings.TrimSpace(ui.OutputWriter.String()) - expected := "{\n \"terraform_version\": \"4.5.6\",\n \"platform\": \"aros_riscv64\",\n \"provider_selections\": {},\n \"terraform_outdated\": true\n}" - if actual != expected { - t.Fatalf("wrong output\ngot: %#v\nwant: %#v", actual, expected) - } -} - -func mockVersionCheckFunc(outdated bool, latest string) VersionCheckFunc { - return func() (VersionCheckInfo, error) { - return VersionCheckInfo{ - Outdated: outdated, - Latest: latest, - // Alerts is not used by version command - }, nil - } -} diff --git a/internal/e2e/e2e.go b/internal/e2e/e2e.go index 8a840ef168..584bbb2bab 100644 --- a/internal/e2e/e2e.go +++ b/internal/e2e/e2e.go @@ -123,11 +123,6 @@ func (b *binary) Cmd(args ...string) *exec.Cmd { cmd.Dir = b.workDir cmd.Env = os.Environ() - // Disable checkpoint since we don't want to harass that service when - // our tests run. (This does, of course, mean we can't actually do - // end-to-end testing of our Checkpoint interactions.) - cmd.Env = append(cmd.Env, "CHECKPOINT_DISABLE=1") - cmd.Env = append(cmd.Env, b.env...) return cmd diff --git a/main.go b/main.go index c3bd9a4a51..f63fd72aa9 100644 --- a/main.go +++ b/main.go @@ -249,9 +249,6 @@ func realMain() int { initCommands(ctx, originalWd, streams, config, services, providerSrc, providerDevOverrides, unmanagedProviders) } - // Run checkpoint - go runCheckpoint(ctx, config) - // Make sure we clean up any managed plugins at the end of this defer plugin.CleanupClients() diff --git a/website/docs/cli/commands/index.mdx b/website/docs/cli/commands/index.mdx index 5d6126c6c8..a8a3838ffa 100644 --- a/website/docs/cli/commands/index.mdx +++ b/website/docs/cli/commands/index.mdx @@ -125,38 +125,3 @@ manually in the shell profile, run the following command: ```bash terraform -uninstall-autocomplete ``` - -## Upgrade and Security Bulletin Checks - -The Terraform CLI commands interact with the HashiCorp service -[Checkpoint](https://checkpoint.hashicorp.com/) to check for the availability -of new versions and for critical security bulletins about the current version. - -One place where the effect of this can be seen is in `terraform version`, where -it is used by default to indicate in the output when a newer version is -available. - -Only anonymous information, which cannot be used to identify the user or host, -is sent to Checkpoint. An anonymous ID is sent which helps de-duplicate warning -messages. Both the anonymous id and the use of checkpoint itself are completely -optional and can be disabled. - -Checkpoint itself can be entirely disabled for all HashiCorp products by -setting the environment variable `CHECKPOINT_DISABLE` to any non-empty value. - -Alternatively, settings in -[the CLI configuration file](/terraform/cli/config/config-file) can be used to -disable checkpoint features. The following checkpoint-related settings are -supported in this file: - -* `disable_checkpoint` - set to `true` to disable checkpoint calls - entirely. This is similar to the `CHECKPOINT_DISABLE` environment variable - described above. - -* `disable_checkpoint_signature` - set to `true` to disable the use of an - anonymous signature in checkpoint requests. This allows Terraform to check - for security bulletins but does not send the anonymous signature in these - requests. - -[The Checkpoint client code](https://github.com/hashicorp/go-checkpoint) used -by Terraform is available for review by any interested party. diff --git a/website/docs/cli/config/config-file.mdx b/website/docs/cli/config/config-file.mdx index d0bee85865..da9d4be2a6 100644 --- a/website/docs/cli/config/config-file.mdx +++ b/website/docs/cli/config/config-file.mdx @@ -47,7 +47,6 @@ of each of these settings: ```hcl plugin_cache_dir = "$HOME/.terraform.d/plugin-cache" -disable_checkpoint = true ``` ## Available Settings @@ -62,14 +61,6 @@ The following settings can be set in the CLI configuration file: and retrieval of credentials for Terraform Cloud or Terraform Enterprise. See [Credentials Helpers](#credentials-helpers) below for more information. -* `disable_checkpoint` — when set to `true`, disables - [upgrade and security bulletin checks](/terraform/cli/commands#upgrade-and-security-bulletin-checks) - that require reaching out to HashiCorp-provided network services. - -* `disable_checkpoint_signature` — when set to `true`, allows the upgrade and - security bulletin checks described above but disables the use of an anonymous - id used to de-duplicate warning messages. - * `plugin_cache_dir` — enables [plugin caching](#provider-plugin-cache) and specifies, as a string, the location of the plugin cache directory.