Commit Graph

30345 Commits

Author SHA1 Message Date
Martin Atkins
0e4e9f7706 addrs: Be explicit about checkable object address kinds
Previously we were attempting to infer the checkable object address kind
of a given address by whether it included "output" in the position where
a resource type name would otherwise go.

That was already potentially risky because we've historically not
prevented a resource type named "output", and it's also a
forward-compatibility hazard in case we introduce additional object kinds
with entirely-new addressing schemes in future.

Given that, we'll instead always be explicit about what kind of address
we're storing in a wire or file format, so that we can make sure to always
use the intended parser when reading an address back into memory, or
return an error if we encounter a kind we're not familiar with.
2022-08-26 15:47:29 -07:00
Martin Atkins
fe7e6f970e command/jsonplan: Include new-style check results in JSON plan output
This is a new-shaped representation of check results which follows the
two-tiered structure of static objects and dynamic instances of objects,
thereby allowing consumers to see which checkable objects exist in the
configuration even if a dynamic evaluation error prevented actually
expanding them all to determine their declared instances.

Eventually we'll include this in the state too, but this initially adds it
only to the plan in order to replace the now-deprecated experimental
conditions result that was present but undocumented in Terraform v1.2.
2022-08-26 15:47:29 -07:00
Martin Atkins
d63871f70d core: Propagate check results accurately from plan to apply
In an earlier commit we changed the states.CheckResults model to
explicitly model the config object vs. dynamic checkable object hierarchy,
but neglected to update the logic in Terraform Core to take that into
account when propagating the object expansion decisions from the plan
phase to the apply phase. That meant that we were incorrectly classifying
zero-instance resources always as having an unknown number of instances,
rather than possibly being known to have zero instances.

This now follows the two-level heirarchy of the data structure, which has
the nice side-effect that we can remove some of the special-case methods
from checks.State that we were using to bulk-load data: the data is now
shaped in the appropriate way to reload the data using the same method
the plan phase would've used to record the results in the first place.
2022-08-26 15:47:29 -07:00
Martin Atkins
6de3b1bd16 states/statefile: Serialize check results into state snapshots
This allows us to retain check results from one run into the next, so that
we can react to status changes between runs and potentially report e.g.
that a previously-failing check has now been fixed, or that a
previously-failing check is "still failing" so that an operator can get
a hint as to whether a problem is something they've just introduced or if
it was already an active problem before they made a change.
2022-08-26 15:47:29 -07:00
Martin Atkins
9e4861adbb states: Two-level representation of check results
A significant goal of the design changes around checks in earlier commits
(with the introduction of package "checks") was to allow us to
differentiate between a configuration object that we didn't expand at all
due to an upstream error, which has _unknown_ check status, and a
configuration object that expanded to zero dynamic objects, which
therefore has a _passing_ check status.

However, our initial lowering of checks.State into states.CheckResults
stayed with the older model of just recording each leaf check in isolation,
without any tracking of the containers.

This commit therefore lightly reworks our representation of check results
in the state and plan with two main goals:
- The results are grouped by the static configuration object they came
  from, and we capture an aggregate status for each of those so that
  we can differentiate an unknown aggregate result from a passing
  aggregate result which has zero dynamic associated objects.
- The granularity of results is whole checkable objects rather than
  individual checks, because checkable objects have durable addresses
  between runs, but individual checks for an object are more of a
  syntactic convenience to make it easier for module authors to declare
  many independent conditions that each have their own error messages.

Since v1.2 exposed some details of our checks model into the JSON plan
output there are some unanswered questions here about how we can shift to
reporting in the two-level heirarchy described above. For now I've
preserved structural compatibility but not semantic compatibility: any
parser that was written against that format should still function but will
now see fewer results. We'll revisit this in a later commit and consider
other structures and what to do about our compatibility constraint on the
v1.2 structure.

Otherwise though, this is an internal-only change which preserves all of
the existing main behaviors of conditions as before, and just gets us
ready to build user-facing features in terms of this new structure.
2022-08-26 15:47:29 -07:00
Martin Atkins
3785619f93 core: Use the new checks package for condition tracking
The "checks" package is an expansion what we previously called
plans.Conditions to accommodate a new requirement that we be able to track
which checks we're expecting to run even if we don't actually get around
to running them, which will be helpful when we start using checks as part
of our module testing story because test reporting tools appreciate there
being a relatively consistent set of test cases from one run to the next.

So far this should be essentially a no-op change from an external
functionality standpoint, aside from some minor adjustments to how we
report some of the error and warning cases from condition evaluation in
light of the fact that the "checks" package can now track errors as a
different outcome than a failure of a valid check.

As is often the case with anything which changes what we track
in the EvalContext and persist between plan and apply, Terraform Core is
pretty brittle and so this had knock-on effects elsewhere too. Again, the
goal is for these changes to not create any material externally-visible
difference, and just to accommodate the new assumption that there will
always be a "checks" object available for tracking during a graph walk.
2022-08-26 15:47:29 -07:00
Martin Atkins
9dea19807f checks: A new package for modeling custom condition checks
The checks.Checks type aims to encapsulate keeping track of check results
during a run and then reporting on them afterwards even if the run was
aborted early for some reason.

The intended model here is that each new run starts with an entirely fresh
checks.Checks, with all of the statuses therefore initially unknown, and
gradually populates the check results as we walk the graph in Terraform
Core. This means that even if we don't complete the run due to an error
or due to targeting options we'll still report anything we didn't visit
yet as unknown.

This commit only includes the modeling of checks in the checks package.
For now this is just dead code, and we'll wire it in to Terraform Core in
subsequent commits.
2022-08-26 15:47:29 -07:00
Martin Atkins
696b403bf3 addrs: OutputValue.InModule
Similar to other address types, this wraps the receiver up in its
associated "config" type, binding it to a particular not-yet-expanded
module.
2022-08-26 15:47:29 -07:00
Martin Atkins
209b8de7a5 configs: Variable and Output both have Addr methods
We previously added methods like this for some of the other types in this
package, including Local in this same file, but apparently haven't needed
these two yet.
2022-08-26 15:47:29 -07:00
Martin Atkins
d06cbfe6c8 addrs: ConfigCheckable type
Our existing addrs.Checkable represents a particular (possibly-dynamic)
object that can have checks associated with it.

This new addrs.ConfigCheckable represents static configuration objects
that can potentially generate addrs.Checkable objects.

The idea here is to allow us to predict from the configuration a set of
potential checkable object containers and then dynamically associate
the dynamic checkable objects with them as we make progress with planning.

This is intended for our integration of checks into the "terraform test"
testing harness, to be used instead of the weirdo builtin provider we were
using as a placeholder before we had first-class syntax for checks.
Test reporting tools find it helpful for there to be a consistent set of
test cases from one run to the next so that they can report on trends over
multiple runs, and so our ConfigCheckable addresses will serve as the
relatively-static "test case" that we'll then associate the dynamic checks
with, so that we can still talk about objects in the test result report
even if we end up not reaching them due to an upstream conditution failure.
2022-08-26 15:47:29 -07:00
Martin Atkins
746bd49723 build: Exclude .pb.go files from goimports checking
protoc-gen-go generates non-style-compliant import directives, but since
those files are just generated anyway we don't need to worry too much
about what style they are in: the style that protoc-gen-go generates is
the canonical style for these ones.
2022-08-26 11:02:52 -07:00
Martin Atkins
443d470a86 build: FIXME to make goimportscheck.sh work on Bash 3 maybe 2022-08-26 09:47:30 -07:00
Martin Atkins
d735de3656 build: checks.yml GitHub Actions workflow doesn't need goimports installed
The importscheck script now uses "go run" to run this program and so
the Go toolchain will install it automatically using the version number
of golang.org/x/tools specified in our go.mod file.
2022-08-26 09:47:30 -07:00
Martin Atkins
4c7f20853f build: Run scripts directly from makefile, rather than via sh
All four of these scripts have #! lines calling for them to run in bash,
and they are all marked as executable, so there's no harm in running them
directly and it makes it clearer that we're running them in the shell
specified on the #! line, rather than with whatever "sh' happens to be
on the current system.

(Note that this _was_ still correctly using the #! lines before, because
it's `sh -c` rather than just `sh`, but nonetheless that old way seemed
needlessly confusing.)
2022-08-26 09:47:30 -07:00
Martin Atkins
edb1152ae0 build: Enable command echo for various Makefile targets
When we run many of these together e.g. in the checks.yaml GitHub Actions
workflow, it's hard to tell from the output exactly which command is
producing which subset of the output.

To help clarify that, we'll ask make to print out the command line it's
running before it runs it.
2022-08-26 09:47:30 -07:00
Martin Atkins
c2ec25e359 build: goimports check relative to PR base branch
At the risk of a little bit of hidden spooky action at a distance, this
will slightly change the behavior of the "goimports check" to compare
against the base branch of a PR rather than to origin/main if we happen
to find one of the environment variables that GitHub Actions sets
automatically in its runners. This is targeting our "checks.yml" workflow
in particular.

The intention here is to avoid misreporting files that haven't actually
changed when a PR is targeting a branch other than the main branch, such
as directly targeting a historical release branch.

We'll still run against origin/main when we're not running in GitHub
Actions, since that's _typically_ the correct branch to use for new
work, even if it will eventually get backported to a release branch.
2022-08-26 09:47:30 -07:00
Martin Atkins
246686813d build: goimports check supports any number of changed files
The previous implementation of this check tried to accumulate all of the
changed files into a single big string and then run goimports once with
all of them, but that approach ran into problems for changesets of a
certain (platform-specific) size due to limits on maximum command line
length.

This new version instead uses bash arrays and runs goimports separately
for each of the files which appear to have changed relative to the
base branch. This is likely to be slower to complete for changesets that
have many different changed files, but it's better for it to be slow than
to return an error and fail to check some of the files.
2022-08-26 09:47:30 -07:00
Martin Atkins
101d0d91af
Update CHANGELOG.md 2022-08-25 10:22:54 -07:00
Martin Atkins
f8669d2351
Update CHANGELOG.md 2022-08-25 10:16:56 -07:00
Martin Atkins
2ee9589650 lang/funcs: "timecmp" function
This is a complement to "timestamp" and "timeadd" which allows
establishing the ordering of two different timestamps while taking into
account their timezone offsets, which isn't otherwise possible using the
existing primitives in the Terraform language.
2022-08-25 10:15:42 -07:00
Laura Pacilio
03f5085026
Merge pull request #31686 from hashicorp/remove-future-statement-import
Remove future-facing statement from import page
2022-08-25 09:41:21 -04:00
Laura Pacilio
c7b2843539
Update website/docs/cli/import/usage.mdx 2022-08-24 18:41:39 -04:00
Laura Pacilio
46a40cb44a
Update website/docs/cli/import/usage.mdx 2022-08-24 18:40:20 -04:00
Laura Pacilio
89da56b932
Update usage.mdx 2022-08-24 18:35:39 -04:00
Craig Wright
036db86c1f
Merge pull request #31672 from tochev/docs-fix-typo
docs: Fix condition example
2022-08-23 09:41:30 -07:00
kmoe
22db2e09ae
remove incorrect argument (#31666) 2022-08-23 10:33:43 +01:00
Martin Atkins
07225e0a61
Update CHANGELOG.md 2022-08-22 16:37:54 -07:00
Martin Atkins
a6de221a22 go.mod: go get github.com/zclconf/go-cty@v1.11.0
This fixes a possible panic in what Terraform calls the "flatten" function
in situations where a user passes in a null value of a sequence type.
The function will now treat that the same as a null value of any other
type.
2022-08-22 11:10:08 -07:00
Martin Atkins
f6cc907166 build: Disable errors for deprecated functions in staticcheck
Because we maintain multiple versions of Terraform across different
release branches, we aim to avoid creating needless differences between
the branches to maximize the chance of successful automatic backporting.

Part of that policy is that we don't make cross-cutting changes to respond
to deprecation of functions in upstream packages and instead we respond
to them gradually over time when we'd be changing the nearby code anyway,
or when new work requires using the replacement APIs.

In recognition of that, this turns of the staticcheck rule that would
otherwise force us to resolve all deprecations before moving forward with
any other change.
2022-08-22 10:59:12 -07:00
Martin Atkins
783a07d9e8 build: Use Go 1.19
Go 1.19's "fmt" has some awareness of the new doc comment formatting
conventions and adjusts the presentation of the source comments to make
it clearer how godoc would interpret them. Therefore this commit includes
various updates made by "go fmt" to acheve that.

In line with our usual convention that we make stylistic/grammar/spelling
tweaks typically only when we're "in the area" changing something else
anyway, I also took this opportunity to review most of the comments that
this updated to see if there were any other opportunities to improve them.
2022-08-22 10:59:12 -07:00
Tocho Tochev
4e506d5fda docs: Fix condition example 2022-08-21 23:54:37 +03:00
Craig Wright
023ab3207f
Merge pull request #31670 from hashicorp/form-fix
Minor copy fixes for the issue form title reminder text.
2022-08-19 17:12:35 -07:00
Craig Wright
a63a2e3ec8 Minor copy fixes for the issue form title reminder text. 2022-08-19 17:11:13 -07:00
Craig Wright
b10eb84ea1
Merge pull request #31669 from hashicorp/form-fix
Fixing placeholder values, adding usage note to bottom of the form.
2022-08-19 17:08:34 -07:00
Craig Wright
9ca1b18988 Fixing placeholder values, adding usage note to bottom of the form. 2022-08-19 17:07:03 -07:00
Craig Wright
dc0f196cbb
Merge pull request #31651 from hashicorp/issue-forms
Migrating from Markdown to Form style Github issues.
2022-08-19 16:44:43 -07:00
Craig Wright
95c133f2ec Modifying the version input to use shell rendering.
This simplifies entry for the user, no longer requiring markdown
formatting wrappers.
2022-08-19 16:29:42 -07:00
Alvin Huang
c27d068830
Merge pull request #31663 from hashicorp/fix-docker-version-label
set PRODUCT_VERSION for default docker build
2022-08-19 13:22:26 -04:00
Laura Pacilio
d20a1fa3b1
Merge pull request #31637 from szemek/system-parameter
docs: Use more consistent naming in Module Registry Protocol documentation
2022-08-19 11:47:18 -04:00
Alvin Huang
634c875bea set PRODUCT_VERSION for default docker build 2022-08-18 12:50:41 -04:00
Brandon Croft
76d40d281d
Merge pull request #31617 from glennsarti/gs/TF-410-add-prep-plan
Add Pre-Plan Run Tasks to Terraform CLI
2022-08-18 10:14:46 -06:00
James Bardin
9c9af81d00
Merge pull request #31660 from hashicorp/jbardin/module-subdir-globs
Expand module subdirectory globs
2022-08-18 12:04:46 -04:00
Glenn Sarti
8562f8a744 Add Pre-Plan Run Tasks to Terraform CLI
Prevously the cloud backend would only render post-plan run tasks. Now
that pre-plan tasks are in beta, this commit updates the plan phase to
render pre-plan run tasks.  This commit also moves some common code to
the common backend as it will be used by other task stages in the
future.
2022-08-18 10:08:57 +08:00
Glenn Sarti
b6a478b683 Update go-tfe to v1.7.0 2022-08-18 10:08:22 +08:00
James Bardin
553b8c6de5 expand module subdir globs 2022-08-17 16:27:58 -04:00
Przemysław Dąbek
39f0d91530
Apply suggestions from code review
Thanks @laurapacilio!

Co-authored-by: Laura Pacilio <83350965+laurapacilio@users.noreply.github.com>
2022-08-17 18:14:29 +02:00
hc-github-team-tf-core
ec9c67e9ca Cleanup after v1.3.0-alpha20220817 release 2022-08-17 15:37:53 +00:00
hc-github-team-tf-core
61b7f83616
Release v1.3.0-alpha20220817 2022-08-17 15:25:05 +00:00
Alisdair McDiarmid
270406632e
Merge pull request #31212 from hashicorp/update-path-cwd
Update wording for 'path.cwd' to be explicit about implications
2022-08-17 09:17:20 -04:00
Alisdair McDiarmid
81b50892ed
Update references.mdx 2022-08-17 09:02:37 -04:00