Commit Graph

379 Commits

Author SHA1 Message Date
James Bardin
a033598224 update hcl and terraform-config-inspect 2021-02-09 08:37:59 -05:00
Brian Flad
ad8a2e8b91 deps: Bump github.com/aws/aws-sdk-go@v1.37.0
Changes:

```
* backend/s3: Support for AWS Single-Sign On (SSO) cached credentials
```

Updated via:

```
go get github.com/aws/aws-sdk-go@v1.37.0
go mod tidy
```

Please note that Terraform CLI will not initiate or perform the AWS SSO login flow. It is expected that you have already performed the SSO login flow using AWS CLI using the `aws sso login` command, or by some other mechanism before executing Terraform. More precisely, this credential handling must find a valid non-expired access token for the AWS SSO user portal URL in `~/.aws/sso/cache`. If a cached token is not found, is expired, or the file is malformed an error will be returned.

You can use configure AWS SSO credentials from the AWS shared configuration file by specifying the required keys in the profile:

```
sso_account_id
sso_region
sso_role_name
sso_start_url
```

For example, the following defines a profile "devsso" and specifies the AWS SSO parameters that defines the target account, role, sign-on portal, and the region where the user portal is located. Note: all SSO arguments must be provided, or an error will be returned.

```
[profile devsso]
sso_start_url = https:my-sso-portal.awsapps.com/start
sso_role_name = SSOReadOnlyRole
sso_region = us-east-1
sso_account_id = 123456789012
```

Additional Resources

* [Configuring the AWS CLI to use AWS Single Sign-On](https:docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html)
* [AWS Single Sign-On User Guide](https:docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html)
2021-01-28 15:22:01 -05:00
Martin Atkins
d2c3403ab6 command: Use the new terminal.Streams object
Here we propagate in the initialized terminal.Streams from package main,
and then onwards to backends running in CLI mode.

This also replaces our use of helper/wrappedstreams to determine whether
stdin is a terminal or a pipe. helper/wrappedstreams returns incorrect
file descriptors on Windows, causing StdinPiped to always return false on
that platform and thus causing one of the odd behaviors discussed in

Finally, this includes some wrappers around the ability to look up the
number of columns in the terminal in preparation for use elsewhere. These
wrappers deal with the fact that our unit tests typically won't populate
meta.Streams.
2021-01-13 15:37:04 -08:00
Martin Atkins
17728c8fe8 internal/terminal: Interrogate and initialize the terminal, if any
This is a helper package that creates a very thin abstraction over
terminal setup, with the main goal being to deal with all of the extra
setup we need to do in order to get a UTF-8-supporting virtual terminal
on a Windows system.
2021-01-13 15:37:04 -08:00
Alisdair McDiarmid
fd79c61eb5 go get github.com/hashicorp/hcl/v2@v2.8.2 2021-01-06 09:45:38 -05:00
Alisdair McDiarmid
908017fe69 go get github.com/zclconf/go-cty@v1.7.1 2020-12-17 13:04:53 -05:00
Alisdair McDiarmid
409c713591 go get github.com/hashicorp/hcl/v2@v2.8.1 2020-12-17 13:01:54 -05:00
Alisdair McDiarmid
4b9dada877 command: Revert local patch for pkg/browser
The upstream bug with opening a browser on Windows Subsystem for Linux
has been fixed, so this reverts our local patch for this. The approach
upstream adds fallback support for x-www-browser and www-browser if
xdg-open fails, and this fixes the problem on WSL.

This reverts commit 12e090ce48.
2020-12-10 09:27:02 -05:00
Pam Selle
52da8b6074 Update hcl2 dependency 2020-12-07 14:43:31 -05:00
James Bardin
b6980c2fad update proto packages 2020-12-01 14:04:24 -05:00
James Bardin
8a261e2160
Merge pull request #27057 from hashicorp/jbardin/cli
Redirect Warn to Output in the UI
2020-11-30 15:06:22 -05:00
James Bardin
8c1e448b6b update mitchellh/cli 2020-11-30 12:13:49 -05:00
Alisdair McDiarmid
7256738835 go get github.com/hashicorp/hcl/v2@v2.7.2 2020-11-30 11:24:54 -05:00
Alisdair McDiarmid
21d80a26ea command: Fix fmt to preserve blank block labels 2020-11-18 11:59:10 -05:00
Kent 'picat' Gruber
1a30ef103c Update go-getter to v1.5.1 with support for vhost style S3 paths 2020-11-13 11:03:32 -05:00
Rémi Lapeyre
c7be001a00 Update libpq
This is needed to make it possible to use the scram-sha-256
authentication method for the pg backend. It's not easy to write
unit-tests for this since it requires a specific configuration of the
PostgreSQL server, I did test it manually thought and everything seems
to work like it should.

Closes https://github.com/hashicorp/terraform/issues/24016
2020-11-11 22:31:24 +01:00
James Bardin
5a2253e653
Merge pull request #26848 from hashicorp/jbardin/deps
update go-plugin and go-hclog
2020-11-09 08:31:14 -05:00
James Bardin
5f76460294 update go-plugin and go-hclog 2020-11-06 16:38:26 -05:00
Upo
4ccc63d79d
backend: Add service account impersonation to GCS Backend and update the docs (#26700) 2020-11-06 09:06:07 -05:00
Pam Selle
5ed4af0290 Update zclconf/go-cty dependency 2020-11-05 11:46:36 -05:00
Alisdair McDiarmid
90c4f11b61 go get github.com/hashicorp/go-getter@v1.5.0
Includes fix for breaking upstream API change.
2020-11-02 10:46:24 -05:00
tombuildsstuff
4149a7e807 dependencies: updating Azure Dependencies
* github.com/Azure/azure-sdk-for-go to v47.1.0
* github.com/Azure/go-autorest to v0.11.10
* github.com/hashicorp/go-azure-helpers to v0.13.0
* github.com/tombuildsstuff/giovanni to v0.14.0
2020-10-27 19:06:17 +01:00
James Bardin
b4f9c54c4d update hclog
Added an Off level to hclog, so we can individually disable logging at
various levels.

Added IndependentLevels so that sublogger levels are not linked to their
parents.
2020-10-22 15:26:24 -04:00
James Bardin
bc1a841d65
Merge pull request #26665 from hashicorp/jbardin/logging
Restore "crash.log" behavior and remove prefixedio
2020-10-22 10:34:51 -04:00
James Bardin
a2dee91eba update hclog-go
We need some fixes from master.
2020-10-21 17:29:07 -04:00
James Bardin
fd4f7eb0b9 remove prefixed io
The main process is now handling what output to print, so it doesn't do
any good to try and run it through prefixedio, which is only adding
extra coordination to echo the same data.
2020-10-21 17:29:07 -04:00
r0bnet
877399c631 lang/funcs: Functions for encoding text in specific character encodings 2020-10-21 10:39:43 -07:00
James Bardin
776482cc59 update hclog 2020-10-19 14:29:52 -04:00
Alisdair McDiarmid
8bd940d024 go get github.com/mattn/go-colorable@v0.1.8 2020-10-14 13:46:54 -04:00
Alisdair McDiarmid
948ab5ebca go get github.com/zclconf/go-cty@e5225636c8c2 2020-10-14 10:17:22 -04:00
Alisdair McDiarmid
a647b11af8 go get github.com/hashicorp/hcl/v2@v2.7.0 2020-10-14 10:16:42 -04:00
James Bardin
e20a01a292 update go-cmp
Update go-cmp to prevent pointer arithmetic panics when using the race
detector.
2020-10-14 08:37:14 -04:00
Carlos Alexandro Becker
fe31aa854d fix: update go-versions with improved error handling
closes #26516

Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com>
2020-10-10 08:36:23 -03:00
Kristin Laemmert
04be220f5f deprecate helper/copy
helper/copy CopyDir was used heavily in tests. It differes from
internal/copydir in a few ways, the main one being that it creates the
dst directory while the internal version expected the dst to exist
(there are other differences, which is why I did not just switch tests
to using internal's CopyDir).

I moved the CopyDir func from helper/copy into command_test.go; I could
also have moved it into internal/copy and named it something like
CreateDirAndCopy so if that seems like a better option please let me
know.

helper/copy/CopyFile was used in a couple of spots so I moved it into
internal, at which point I thought it made more sense to rename the
package copy (instead of copydir).

There's also a `go mod tidy` included.
2020-10-08 08:42:16 -04:00
Alisdair McDiarmid
3f6b4cc62a go get github.com/hashicorp/hcl/v2@a0de289809fb 2020-09-25 11:30:27 -04:00
Alisdair McDiarmid
196c15a45d go get github.com/zclconf/go-cty@36785d4dc4ac 2020-09-25 10:27:53 -04:00
Alisdair McDiarmid
b5ef33b715
Merge pull request #26239 from jceresini/master
Add support for scopes to terraform login
2020-09-16 11:50:01 -04:00
Kristin Laemmert
acd8230013
vendor: upgrade go-userdirs library to fix openBSD crash (#26249)
Fixes #26175
2020-09-15 14:14:25 -04:00
Joe Ceresini
2acb7fac9f Include scopes in login URL 2020-09-14 12:21:20 -04:00
Pam Selle
6a126df0c6
Merge pull request #26183 from hashicorp/pselle/sensitive-values
Add sensitive attribute to variables
2020-09-11 11:24:18 -04:00
Alisdair McDiarmid
59662c01af vendor: Upgrade mitchellh/cli
Update tests to match the fix in mitchellh/cli#71, which aligns MockUi
with BasicUi and allows newlines in user input.

We are not using the new ErrorWriter, added in mitchellh/cli#81, as it
does not appear to interact correctly with panicwrap. All error output
from CLI parsing will continue to appear on stdout, not stderr.
2020-09-10 15:23:02 -04:00
Pam Selle
3723594b3d Point go module at master go-cty 2020-09-10 11:04:17 -04:00
Kristin Laemmert
e6e35f2077
deps: bump go-cty version (#26079)
go-cty v1.6.1 fixes a panic in the `element` function when called with a negative offset.
2020-09-03 11:01:15 -04:00
Martin Atkins
b0da5b1ce5 core: Remove the last few HIL remnants
We've not been using HIL in the main codepaths since Terraform 0.12, but
some references to it (and some supporting functionality in Terraform)
stuck around due to interactions with types we'd kept around to support
legacy shims.

However, removing the configs.RawConfig field from
terraform.ResourceConfig disconnects that subtree of dependencies from
everything else, allowing us to remove it. This is safe because the only
remaining uses of terraform.ResourceConfig are shims from values that
were already evaluated using the HCL 2 API, and thus they never need
the "just in time" HIL evaluation that ResourceConfig.interpolateForce
used to do.

We also had some HIL references in configs/hcl2shim that were previously
in support of the "terraform 0.12upgrade" command, but the implementation
of that command is now removed.

There was one remaining reference to HIL in a now-unused function in the
helper/schema package, which I removed entirely here.

This then allows us to remove the HIL dependency entirely, and also to
clean up some remaining old remants of the legacy "config" package that
we'd recently moved into the "configs" package pending further pruning.
2020-09-02 15:53:33 -07:00
James Bardin
82dcc93a1e
Merge pull request #25769 from hashicorp/f/azure-backend
dependencies: updating Azure/azure-sdk-for-go, Azure/go-autorest, hashicorp/go-azure-helpers, tombuildsstuff/giovanni
2020-08-19 13:56:54 -04:00
Angie Pinilla
582fb73a7c deps: Update aws-sdk-go-based to 0.6.0 2020-08-18 12:49:31 -04:00
tombuildsstuff
dc886f19c5 dependencies: updating Azure/azure-sdk-for-go, Azure/go-autorest, hashicorp/go-azure-helpers, tombuildsstuff/giovanni
* updating `github.com/Azure/azure-sdk-for-go` to `v45.0.0`
* updating `github.com/Azure/go-autorest` to `v0.11.3`
* updating `github.com/hashicorp/go-azure-helpers` to `v0.12.0`
* updating `github.com/tombuildsstuff/giovanni` to `v0.12.0`
2020-08-07 10:47:08 +02:00
Kristin Laemmert
642e3590a2 upgrade go-cidr to v1.1.0 2020-07-08 10:57:57 -04:00
Alisdair McDiarmid
cc655af72f go get github.com/zclconf/go-cty@v1.5.1 2020-06-25 17:05:19 -04:00
Alisdair McDiarmid
779fe37a1c command/login: Require "yes" to confirm
This is for consistency with other commands which use prompts, all of
which require "yes" rather than "y" to confirm.

We also migrate the login command to use UIInput, which now supports
securely asking for passwords or secrets via the speakeasy library.
2020-06-25 11:46:51 -04:00
Kristin Laemmert
d4ec69cfb3
communicator/winrm: include configured timeout in winrm server
* upgrade windows dependencies
* communicator/winrm: include configured timeout in winrm server
2020-06-25 08:41:09 -04:00
Alisdair McDiarmid
cd2ba6ca46 vendor: go get github.com/zclconf/go-cty-yaml@v1.0.2 2020-06-17 13:05:08 -04:00
Alvin Huang
7a471c0da7 adding gox to tools package 2020-06-17 10:59:28 -04:00
Martin Atkins
17feb2abfc vendor: go get github.com/apparentlymart/go-versions@v1.0.0
This new version permits omitting the space between the operator and the
boundary in a ruby-style version constraint, like ">1.0.0" instead of
"> 1.0.0".
2020-06-12 08:45:14 -07:00
Alisdair McDiarmid
3fe8a7f76a vendor: go get github.com/hashicorp/hcl/v2@v2.6.0 2020-06-11 12:39:35 -04:00
Alisdair McDiarmid
9ef84801a8 vendor: go get github.com/zclconf/go-cty@v1.5.0 2020-06-11 12:39:11 -04:00
James Bardin
7800ef63d4
Merge pull request #19525 from dramich/k8sback
backend/kubernetes: Add Kubernetes as a backend
2020-06-08 15:59:32 -04:00
Brian Flad
ba081aa10a
backend/s3: Updates for Terraform v0.13.0 (#25134)
* deps: Update github.com/hashicorp/aws-sdk-go-base@v0.5.0

Updated via:

```
$ go get github.com/hashicorp/aws-sdk-go-base@v0.5.0
$ go mod tidy
$ go mod vendor
```

* backend/s3: Updates for Terraform v0.13.0

Reference: https://github.com/hashicorp/terraform/issues/13410
Reference: https://github.com/hashicorp/terraform/issues/18774
Reference: https://github.com/hashicorp/terraform/issues/19482
Reference: https://github.com/hashicorp/terraform/issues/20062
Reference: https://github.com/hashicorp/terraform/issues/20599
Reference: https://github.com/hashicorp/terraform/issues/22103
Reference: https://github.com/hashicorp/terraform/issues/22161
Reference: https://github.com/hashicorp/terraform/issues/22601
Reference: https://github.com/hashicorp/terraform/issues/22992
Reference: https://github.com/hashicorp/terraform/issues/24252
Reference: https://github.com/hashicorp/terraform/issues/24253
Reference: https://github.com/hashicorp/terraform/issues/24480
Reference: https://github.com/hashicorp/terraform/issues/25056

Changes:

```
NOTES

* backend/s3: Deprecated `lock_table`, `skip_get_ec2_platforms`, `skip_requesting_account_id` arguments have been removed
* backend/s3: Credential ordering has changed from static, environment, shared credentials, EC2 metadata, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata) to static, environment, shared credentials, default AWS Go SDK (shared configuration, web identity, ECS, EC2 Metadata)
* The `AWS_METADATA_TIMEOUT` environment variable no longer has any effect as we now depend on the default AWS Go SDK EC2 Metadata client timeout of one second with two retries

ENHANCEMENTS

* backend/s3: Always enable shared configuration file support (no longer require `AWS_SDK_LOAD_CONFIG` environment variable)
* backend/s3: Automatically expand `~` prefix for home directories in `shared_credentials_file` argument
* backend/s3: Add `assume_role_duration_seconds`, `assume_role_policy_arns`, `assume_role_tags`, and `assume_role_transitive_tag_keys` arguments

BUG FIXES

* backend/s3: Ensure configured profile is used
* backend/s3: Ensure configured STS endpoint is used during AssumeRole API calls
* backend/s3: Prefer AWS shared configuration over EC2 metadata credentials
* backend/s3: Prefer ECS credentials over EC2 metadata credentials
* backend/s3: Remove hardcoded AWS Provider messaging
```

Output from acceptance testing:

```
--- PASS: TestBackend (16.32s)
--- PASS: TestBackendConfig (0.58s)
--- PASS: TestBackendConfig_AssumeRole (0.02s)
--- PASS: TestBackendConfig_conflictingEncryptionSchema (0.00s)
--- PASS: TestBackendConfig_invalidKey (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyEncoding (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyLength (0.00s)
--- PASS: TestBackendExtraPaths (13.21s)
--- PASS: TestBackendLocked (28.98s)
--- PASS: TestBackendPrefixInWorkspace (5.65s)
--- PASS: TestBackendSSECustomerKey (17.60s)
--- PASS: TestBackend_impl (0.00s)
--- PASS: TestForceUnlock (17.50s)
--- PASS: TestKeyEnv (50.25s)
--- PASS: TestRemoteClient (4.78s)
--- PASS: TestRemoteClientLocks (16.85s)
--- PASS: TestRemoteClient_clientMD5 (12.08s)
--- PASS: TestRemoteClient_impl (0.00s)
--- PASS: TestRemoteClient_stateChecksum (17.92s)
```
2020-06-05 16:41:32 -04:00
John Houston
23fb8f6d21 Add kubernetes backend
Co-authored-by: Dan Ramich <danold215@gmail.com>
2020-06-04 02:29:57 -04:00
Pam Selle
5e8b60ba07 Upgrade go-cty for jsonencode fix, closes #23062 2020-05-29 13:00:12 -04:00
Paddy
5127f1ef8b
command: Unmanaged providers
This adds supports for "unmanaged" providers, or providers with process
lifecycles not controlled by Terraform. These providers are assumed to
be started before Terraform is launched, and are assumed to shut
themselves down after Terraform has finished running.

To do this, we must update the go-plugin dependency to v1.3.0, which
added support for the "test mode" plugin serving that powers all this.

As a side-effect of not needing to manage the process lifecycle anymore,
Terraform also no longer needs to worry about the provider's binary, as
it won't be used for anything anymore. Because of this, we can disable
the init behavior that concerns itself with downloading that provider's
binary, checking its version, and otherwise managing the binary.

This is all managed on a per-provider basis, so managed providers that
Terraform downloads, starts, and stops can be used in the same commands
as unmanaged providers. The TF_REATTACH_PROVIDERS environment variable
is added, and is a JSON encoding of the provider's address to the
information we need to connect to it.

This change enables two benefits: first, delve and other debuggers can
now be attached to provider server processes, and Terraform can connect.
This allows for attaching debuggers to provider processes, which before
was difficult to impossible. Second, it allows the SDK test framework to
host the provider in the same process as the test driver, while running
a production Terraform binary against the provider. This allows for Go's
built-in race detector and test coverage tooling to work as expected in
provider tests.

Unmanaged providers are expected to work in the exact same way as
managed providers, with one caveat: Terraform kills provider processes
and restarts them once per graph walk, meaning multiple times during
most Terraform CLI commands. As unmanaged providers can't be killed by
Terraform, and have no visibility into graph walks, unmanaged providers
are likely to have differences in how their global mutable state behaves
when compared to managed providers. Namely, unmanaged providers are
likely to retain global state when managed providers would have reset
it. Developers relying on global state should be aware of this.
2020-05-26 17:48:57 -07:00
Matthew Frahry
481b03c34a
Update azure backend storage sdk (#24669)
* update vendored azure sdk

* vendor giovanni storage sdk

* Add giovanni clients

* go mod vendor

* Swap to new storage sdk

* workable tests

* update .go-version to 1.14.2

* Tests working minus SAS

* Add SAS Token support

* Update vendor

* Passing tests

* Add date randomizer

* Captalize RG

* Remove random bits

* Update client var name

Co-authored-by: kt <kt@katbyte.me>
2020-05-20 17:29:02 +02:00
CJ Horton
0b2a8a5f64 go get github.com/hashicorp/go-tfe@v0.8.1 + vendor 2020-05-19 11:14:27 -07:00
Martin Atkins
c1f69fba03
backend/remote: Support -target on plan and apply 2020-05-19 09:24:19 -07:00
Kristin Laemmert
a4c3c1d389
vendor: upgrade go-cty dependency to 1.4.1 (#24983)
* vendor: upgrade go-cty dependency to 1.4.1

This upgrade fixes a panic with inconsistent object element types.
2020-05-18 14:10:19 -04:00
Martin Atkins
db4f3f8bc5 vendor: go get github.com/hashicorp/go-tfe@v0.8.0
This includes a new TargetAddrs field on both Run and RunCreateOptions
which we'll use to send resource addresses that were specified using
-target on the CLI command line when using the remote backend.

There were some unrelated upstream breaking changes compared to the last
version we had vendored, so this commit also includes some changes to the
backend/remote package to work with this new API, which now requires the
remote backend to be aware of the remote system's opaque workspace id.
2020-05-15 15:58:01 -07:00
Alisdair McDiarmid
b07368eec3 vendor: go get github.com/hashicorp/hcl/v2@v2.5.1
Upgrade hcl for hclwrite bugfixes, which will make 0.13upgrade more
reliable.
2020-05-14 09:36:28 -04:00
Rafal Potempa
2646e42ac9 Upgrade version 2020-05-13 09:33:27 +02:00
Rafal Potempa
b630543985 Upgrade crypto 2020-05-13 09:31:39 +02:00
Alisdair McDiarmid
5b307a07dc vendor: go get github.com/hashicorp/hcl/v2@v2.5.0 2020-05-07 10:35:08 -04:00
kayrus
533c059378 Update dependencies 2020-04-25 08:41:54 +02:00
Brian Flad
2681ccf87f
deps: github.com/aws/aws-sdk-go@v1.30.12 [master] (#24745)
* update github.com/aws/aws-sdk-go to v1.30.9

* deps: github.com/aws/aws-sdk-go@v1.30.12

Reference: https://github.com/hashicorp/terraform/issues/24710
Reference: https://github.com/hashicorp/terraform/issues/24741

Changes:

```
NOTES:

* backend/s3: Region validation now automatically supports the new `af-south-1` (Africa (Cape Town)) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the [AWS Documentation](https://docs.aws.amazon.com/general/latest/gr/rande-manage.html#rande-manage-enable). When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. `error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid`).

ENHANCEMENTS:

* backend/s3: Support automatic region validation for `af-south-1`
```

Updated via:

```console
$ go get github.com/aws/aws-sdk-go@v1.30.12
$ go mod tidy
$ go mod vendor
```

Output from acceptance testing:

```console
$ TF_ACC=1 go test -v ./backend/remote-state/s3 | grep '^--- '
--- PASS: TestBackend_impl (0.00s)
--- PASS: TestBackendConfig (1.68s)
--- PASS: TestBackendConfig_invalidKey (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyLength (0.00s)
--- PASS: TestBackendConfig_invalidSSECustomerKeyEncoding (0.00s)
--- PASS: TestBackendConfig_conflictingEncryptionSchema (0.00s)
--- PASS: TestBackend (15.07s)
--- PASS: TestBackendLocked (26.40s)
--- PASS: TestBackendSSECustomerKey (16.99s)
--- PASS: TestBackendExtraPaths (12.05s)
--- PASS: TestBackendPrefixInWorkspace (5.55s)
--- PASS: TestKeyEnv (45.07s)
--- PASS: TestRemoteClient_impl (0.00s)
--- PASS: TestRemoteClient (5.39s)
--- PASS: TestRemoteClientLocks (14.30s)
--- PASS: TestForceUnlock (20.08s)
--- PASS: TestRemoteClient_clientMD5 (16.43s)
--- PASS: TestRemoteClient_stateChecksum (24.58s)
```

Co-authored-by: Nicola Senno <nicola.senno@workday.com>
2020-04-24 12:20:04 -04:00
Alisdair McDiarmid
9128ce611a vendor: go get github.com/hashicorp/hcl/v2@v2.4.0 2020-04-13 10:48:29 -04:00
Alisdair McDiarmid
1593b8b8e5 vendor: go get github.com/zclconf/go-cty@v1.4.0
This fixes several bugs:

- `substr("abc", 0, 0)` would previously return `"abc"`, despite the
  length argument being `0`. This has been changed to return an empty
  string when length is zero.

- `ceil(1/0)` and `floor(1/0)` would previously return a large integer
  value, rather than infinity. This has been fixed.
2020-04-09 14:19:05 -04:00
Martin Atkins
c945ef129a vendor: go get github.com/apparentlymart/go-userdirs
This library implements the user-specific directory layout specifications
for various platforms (XDG on Unix, "Known Folders" on Windows, etc).

We'll use this in a subsequent commit to add additional system-specific
search directories for provider plugins, and perhaps later on also
CLI configuration directories.
2020-04-06 09:24:23 -07:00
Martin Atkins
48bf00a7e2 vendor: go get golang.org/x/mod
We'll be using this for its directory hashing algorithm, as used in go.sum
in Go modules, and applying it also to Terraform provider packages.
2020-04-06 09:24:23 -07:00
Martin Atkins
43c1ec69e2 build: Use Go 1.14
This implies some notable changes that will have a visible impact to
end-users of official Terraform releases:

- Terraform is no longer compatible with MacOS 10.10 Yosemite, and
  requires at least 10.11 El Capitan. (Relatedly, Go 1.14 is planned to be
  the last release to support El Capitan, so while that remains supported
  for now, it's notable that Terraform 0.13 is likely to be the last major
  release of Terraform supporting it, with 0.14 likely to further require
  MacOS 10.12 Sierra.)

- Terraform is no longer compatible with FreeBSD 10.x, which has reached
  end-of-life. Terraform now requires FreeBSD 11.2 or later.

- Terraform now supports TLS 1.3 when it makes connections to remote
  services such as backends and module registries. Although TLS 1.3 is
  backward-compatible in principle, some legacy systems reportedly work
  incorrectly when attempting to negotiate it. (This change does not
  affect outgoing requests made by provider plugins, though they will see
  a similar change in behavior once built with Go 1.13 or later.)

- Ed25519 certificates are now supported for TLS 1.2 and 1.3 connections.

- On UNIX systems where "use-vc" is set in resolv.conf, TCP will now be
  used for DNS resolution. This is unlikely to cause issues in practice
  because a system set up in this way can presumably already reach its
  nameservers over TCP (or else other applications would misbehave), but
  could potentially lead to lookup failures in unusual situations where a
  system only runs Terraform, has historically had "use-vc" in its
  configuration, but yet is blocked from reaching its configured
  nameservers over TCP.

- Some parts of Terraform now support Unicode 12.0 when working with
  strings. However, notably the Terraform Language itself continues to
  use the text segmentation tables from Unicode 9.0, which means it lacks
  up-to-date support for recognizing modern emoji combining forms as
  single characters. (We may wish to upgrade the text segmentation tables
  to Unicode 12.0 tables in a later commit, to restore consistency.)

This also includes some changes to the contents of "vendor", and
particularly to the format of vendor/modules.txt, per the changes to
vendoring in the Go 1.14 toolchain. This new syntax is activated by the
specification of "go 1.14" in the go.mod file.

Finally, the exact format of error messages from the net/http library has
changed since Go 1.12, and so a couple of our tests needed updates to
their expected error messages to match that.
2020-03-04 13:26:50 -08:00
James Bardin
7d3fe3b404 update cty 2020-03-03 15:20:11 -05:00
Li Kexian
76e5b446ba
backend/cos: Add TencentCloud backend cos with lock (#22540)
* add TencentCloud COS backend for remote state

* add vendor of dependence

* fixed error not handle and remove default value for prefix argument

* get appid from TF_COS_APPID environment variables
2020-02-13 11:37:11 -05:00
Martin Atkins
b62e9a7227 vendor: go get github.com/hashicorp/hcl/v2@v2.3.0
This brings in the new HCL extension functions "try", "can", and
"convert", along with the underlying HCL and cty infrastructure that allow
them to work.
2020-01-10 15:23:25 -08:00
Martin Atkins
eda57670ce go get github.com/apparentlymart/go-versions@master 2020-01-10 09:41:27 -08:00
Kristin Laemmert
18dd1bb4d6
Mildwonkey/tfconfig upgrade (#23670)
* deps: bump terraform-config-inspect library
* configs: parse `version` in new required_providers block

With the latest version of `terraform-config-inspect`, the
required_providers attribute can now be a string or an object with
attributes "source" and "version". This change allows parsing the
version constraint from the new object while ignoring any given source attribute.
2020-01-10 11:54:53 -05:00
James Bardin
9e5fca67e8 update go-getter
Update to a go1.12 compatible branch of v1.4.1, which removes the
Header.Clone methods which were added in go1.13.
2020-01-06 20:44:02 -05:00
Martin Atkins
9a17497d3f vendor: go get github.com/hashicorp/hcl/v2@v2.2.0
This also includes an upgrade to cty v1.1.1 because HCL calls for it.

The changes in these two libraries are mainly to codepaths that don't
directly affect Terraform, but including this upgrade will cause some
small improvements to Terraform's error messages for type conversion
problems.
2019-12-12 10:36:23 -08:00
Pam Selle
717ed70c21 Run of vendor and tidy 2019-12-09 11:34:12 -05:00
Martin Atkins
30bf83cdeb helper/logging: Bring the LevelFilter into our own codebase
In order to make this work reasonably we can't avoid using some funny
heuristics, which are somewhat reasonable to apply within the context of
Terraform itself but would not be good to add to the general "logutils".

Specifically, this is adding the additional heuristic that lines starting
with spaces are continuation lines and so should inherit the log level
of the most recent non-continuation line.
2019-12-05 15:22:03 -08:00
Martin Atkins
6db3cf8e5b vendor: upgrade Azure SDK and Azure/go-autorest
This involves some minor changes to the "azure" backend code to account
for upstream breaking changes.
2019-12-02 10:04:49 -08:00
Pam Selle
1077f01e08 Point to updated go-tfe 2019-11-15 14:14:17 -05:00
Bastien Penavayre
e7022679b2 vendor: go get github.com/mitchellh/panicwrap@v1.0.0 2019-11-05 16:22:45 -08:00
Martin Atkins
baa49f43c8
go.mod: We only expect Go 1.12
This was erroneously updated by some earlier operation, but
Terraform Core is still targeting only Go 1.12 for the moment.
2019-10-18 16:37:34 -07:00
Radek Simko
7860f55e4f
Version tools per Go convention under tools.go 2019-10-17 22:23:39 +02:00
Pam Selle
210b3aff0a Upgrade go-slug 2019-10-17 11:12:00 -04:00
Pam Selle
57cf6d74ce Point to tfignore branch of go-tfe 2019-10-17 11:12:00 -04:00
Radek Simko
9051591899
go mod tidy & go mod vendor 2019-10-11 22:41:27 +01:00
Stas Alekseev
6656104f8f deps: github.com/hashicorp/aws-sdk-go-base@v0.4.0 (#22994) 2019-10-11 12:50:12 -04:00
Martin Atkins
39e609d5fd vendor: switch to HCL 2.0 in the HCL repository
Previously we were using the experimental HCL 2 repository, but now we'll
shift over to the v2 import path within the main HCL repository as part of
actually releasing HCL 2.0 as stable.

This is a mechanical search/replace to the new import paths. It also
switches to the v2.0.0 release of HCL, which includes some new code that
Terraform didn't previously have but should not change any behavior that
matters for Terraform's purposes.

For the moment the experimental HCL2 repository is still an indirect
dependency via terraform-config-inspect, so it remains in our go.sum and
vendor directories for the moment. Because terraform-config-inspect uses
a much smaller subset of the HCL2 functionality, this does still manage
to prune the vendor directory a little. A subsequent release of
terraform-config-inspect should allow us to completely remove that old
repository in a future commit.
2019-10-02 15:10:21 -07:00
Paul Thrasher
d3fc3dee6e
clean up go mod for go-tfe
Signed-off-by: Paul Thrasher <pthrasher@hashicorp.com>
2019-09-27 14:16:41 -07:00
Paul Thrasher
bc2d888b7b
update to go-tfe 0.3.23
this fixes the attr types

Signed-off-by: Paul Thrasher <pthrasher@hashicorp.com>
2019-09-27 14:16:05 -07:00
Paul Thrasher
29c8ca485e
go-tfe dep update to 0.3.22
Signed-off-by: Paul Thrasher <pthrasher@hashicorp.com>
2019-09-27 14:15:40 -07:00
wata_mac
6f83197856 go get github.com/apparentlymart/go-cidr@v1.0.1
This includes fixes in the handling of IPv6 prefixes that leave a host
portion longer than the size of int on the target platform.
2019-09-09 14:31:21 -07:00
Martin Atkins
6bba3ceb42 command: "terraform login" command 2019-09-09 11:15:23 -07:00
Radek Simko
5fb1e08678
vendor: Bump go-getter to 1.4.0 2019-09-09 14:04:58 +02:00
Radek Simko
b8fd6df225
vendor: Bump github.com/golang/protobuf to 1.3.2 2019-09-05 14:47:27 +02:00
Brian Flad
19cf34114f
lang/funcs: Switch fileset() function glob implementation to github.com/bmatcuk/doublestar to support additional glob patterns
This allows the usage of the glob patterns `**` and `{alternative1,...}` to simplify Terraform configuration logic for more complex file matching.
2019-08-30 20:22:03 -04:00
Martin Atkins
aa6dca4912 vendor: go get github.com/chzyer/readline@master
This new version includes Solaris support, the lack of which previously
caused us to disable readline-using features ("terraform console") on
Solaris builds.
2019-08-30 14:42:19 -07:00
Martin Atkins
f3fe3bfb5f vendor: go get golang.org/x/sys
We'll use this to call the Windows ReplaceFile API for safe file
replacement when updating credentials.tf.json in "terraform login" and
"terraform logout".
2019-08-23 11:57:11 -07:00
Radek Simko
ecdce9d1fb
deps: Bump hashicorp/terraform-config-inspect to latest 2019-08-21 14:37:08 +01:00
Radek Simko
16ba85083f
deps: Bump github.com/go-test/deep to 1.0.3 2019-08-21 11:32:13 +01:00
Radek Simko
f3357aad45
vendor: Downgrade Azure dependencies
This is to allow Terraform providers to upgrade to at least
one more minor version of the plugin SDK without major UX hiccups.

This concludes (unsuccessful) experiments involving upgrades
to SDK with https://github.com/Azure/go-autorest/pull/455

Even with that patch all providers still experience broken UX
as described in https://github.com/hashicorp/terraform/pull/22490

This downgrade reduces the uncomfort to only a handful of providers
from >100s. The affected providers more or less directly depend on
Azure SDK(s), which is ~8.

Affected providers practically cannot consume Terraform Plugin SDK
with this patch (downgraded Azure SDKs) and can just wait for
extracted Terraform Plugin SDK which is planned to be released soon.

This reverts the following PRs:

 - https://github.com/hashicorp/terraform/pull/22247
 - https://github.com/hashicorp/terraform/pull/22248
 - https://github.com/hashicorp/terraform/pull/22524
 - https://github.com/hashicorp/terraform/pull/22525

and it is otherwise result of the following commands

```
go get github.com/Azure/azure-sdk-for-go@v21.3.0
go get github.com/hashicorp/go-azure-helpers@166dfd221bb2
go mod tidy
```
2019-08-20 15:52:11 +01:00
Radek Simko
4d3385b348
go.mod: Remove unnecessary replace directive for autorest 2019-08-20 10:50:03 +01:00
Radek Simko
dee450cf8c
vendor: Bump go-azure-helpers to 0.7.0 2019-08-20 09:32:02 +01:00
wata_mac
f68d94b608 Bump github.com/hashicorp/hcl2 2019-08-11 16:43:12 +09:00
Alex Pilon
e2eb70b737
remove satori/go.uuid in favor of google/uuid 2019-08-09 15:09:41 -04:00
James Bardin
01f4dd4588 update deps to match the aws provider
Update the aws-sdk-go-base and aws-sdk-go packages to ensure the same
client behavior as the aws provider.
2019-08-07 16:33:57 -04:00
Chris Marchesi
d43fc71135
modules: update go-azure-helpers to v0.5.0
To help address the issues posed on #22087 and #22085.
2019-08-01 11:57:34 -07:00
Chris Marchesi
04c5f0ffb2
Merge pull request #22247 from hashicorp/v0.12.5-updated-azure
modules: update Azure deps to latest
2019-08-01 11:57:07 -07:00
Brian Flad
710b01a54f
Merge pull request #22253 from hashicorp/v-aws-sdk-go-v1.21.7
deps: github.com/aws/aws-sdk-go@v1.21.7
2019-07-30 15:27:19 -04:00
Kristin Laemmert
664fb5d51e vendor: upgrade go-cty-yaml dependency
Fixes #22223
2019-07-30 12:27:49 -04:00
Chris Marchesi
92c46c55f4
modules: update Azure deps to latest
The dependencies here are dated and are causing conflicts with the
ACME provider, namely the version of the top-level autorest package.

This explicitly updates the Azure SDK and autorest packages, with the
separately versioned sub-packages being added automatically.
2019-07-30 09:12:14 -07:00
Brian Flad
acf794b07f
deps: github.com/aws/aws-sdk-go@v1.21.7
Notable changes (from Terraform AWS Provider CHANGELOG):

```
NOTES:

* backend/s3: Region validation now automatically supports the new `me-south-1` Middle East (Bahrain) region. For AWS operations to work in the new region, the region must be explicitly enabled as outlined in the [previous new region announcement blog post](https://aws.amazon.com/blogs/aws/now-open-aws-asia-pacific-hong-kong-region/). When the region is not enabled, the Terraform S3 Backend will return errors during credential validation (e.g. `error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid`).
* backend/s3: After this update, the AWS Go SDK will prefer credentials found via the `AWS_PROFILE` environment variable when both the `AWS_PROFILE` environment variable and the `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` environment variables are statically defined. Previously the SDK would ignore the `AWS_PROFILE` environment variable, if static environment credentials were also specified. This is listed as a bug fix in the AWS Go SDK release notes.

ENHANCEMENTS:

* backend/s3: Add support for assuming role via web identity token via the `AWS_WEB_IDENTITY_TOKEN_FILE` and `AWS_ROLE_ARN` environment variables
* backend/s3: Support automatic region validation for `me-south-1`

BUG FIXES:

* backend/s3: Load credentials via the `AWS_PROFILE` environment variable (if available) when `AWS_PROFILE` is defined along with `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY`
```

Updated via:

```
go get github.com/aws/aws-sdk-go@v1.21.7
go mod tidy
go mod vendor
```

Verification with this update:

```hcl
terraform {
  backend "s3" {
    bucket = "me-south-1-testing"
    key    = "test"
    region = "me-south-1"
  }
}

output "test" {
  value = timestamp()
}
```

Outputs:

```
$ terraform apply

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

test = 2019-07-30T12:49:19Z
```

If the new region is not properly enabled for the account, errors like the below will be received:

```
$ terraform init

Initializing the backend...

Error: error validating provider credentials: error calling sts:GetCallerIdentity: InvalidClientTokenId: The security token included in the request is invalid.
```

To use this region before this update:

```hcl
terraform {
  # ... potentially other configuration ...

  backend "s3" {
    # ... other configuration ...

    region                 = "me-south-1"
    skip_region_validation = true
  }
}
```
2019-07-30 08:51:39 -04:00
Pam Selle
d34103696f Upgrade HCL to include fmt fix, involves #21434 2019-07-25 11:27:51 -04:00
James Bardin
f69e4df5c5 update hcl2
Includes fixes for conditionals with unknown values.
2019-07-18 20:26:45 -04:00
James Bardin
bb17734bb6
Merge pull request #22037 from hashicorp/jbardin/ssh-alive
monitor ssh connection live-ness
2019-07-16 14:04:13 -04:00
Brian Flad
fdbabf9e23
Merge pull request #21908 from ajayk/v-aws-sdk-go-v1.20.10
deps: github.com/aws/aws-sdk-go@v1.20.10
2019-07-12 13:46:06 -04:00
ajayk
fd8aca539e update to aws-sdk-go-v1.20.19 2019-07-11 17:52:31 -07:00
James Bardin
2206512e58 update ssh and crypto deps 2019-07-11 09:44:22 -04:00
James Bardin
e4fbc49fb8 udpate cty 2019-07-08 12:42:28 -04:00
James Bardin
8c43bb2b52 update hcl2 2019-07-02 15:10:20 -04:00
James Bardin
284a232ffb update go-getter
The bitbucket 1.0 api was recently disabled. Update go-getter to
support 2.0
2019-07-01 16:12:37 -04:00
ajayk
659e364d65 deps: github.com/aws/aws-sdk-go@v1.20.10 2019-06-26 20:11:49 -07:00
Brian Flad
d780cd0f1b
deps: github.com/aws/aws-sdk-go@v1.20.4
Relevant changes:

* backend/s3: Support for chaining assume IAM role from AWS shared configuration files
* backend/s3: Fix AWS shared configuration file credential source not assuming a role with environment and ECS credentials

References:

* https://github.com/aws/aws-sdk-go/releases/tag/v1.20.0
* https://github.com/aws/aws-sdk-go/pull/2579
* https://github.com/aws/aws-sdk-go/issues/2385

Updated via:

```console
$ go get github.com/aws/aws-sdk-go@v1.20.4
$ go mod tidy
$ go mod vendor
```
2019-06-20 00:04:44 -04:00
Martin Atkins
b1e92b3769 vendor: go get github.com/hashicorp/hcl2@0b64543c968c
This includes a fix to make sure that an expression with a static string
index, like foo["bar"], will be parsed as a traversal rather than as a
dynamic index expression.
2019-06-18 17:37:24 -07:00
James Bardin
2c4e2cc583
Merge pull request #21675 from hashicorp/jbardin/go.mod
udpate lost go.mod entry
2019-06-10 17:34:20 -04:00
James Bardin
48e285d85c
Merge pull request #21674 from hashicorp/jbardin/update-go-plugin
update go-plugin package
2019-06-10 16:24:39 -04:00
James Bardin
99a0cacbc1 udpate lost go.mod entry
go.sum and vendor are OK
2019-06-10 16:22:33 -04:00
James Bardin
0c91d227fa
Merge branch 'master' into master 2019-06-10 15:50:59 -04:00
James Bardin
8039e11e16 update go-plugin package
Fixes a minor issue where the plugin may be closed before the stderr
reader completes, resulting in a warning in the logs.
2019-06-10 15:43:36 -04:00
Lars Eric Scheidler
aa07806bfc lang/funcs: New "uuidv5" function
This generates name-based uuids, rather than pseudorandom uuids as with the
"uuid" function.
2019-06-07 14:38:22 -07:00
Martin Atkins
3eb379f4d4 vendor: go get github.com/zclconf/go-cty-yaml@v0.1.0
This module contains a YAML parser and encoder tailored to cty, though we
are mostly interested in it for its YAMLEncode and YAMLDecode cty
functions, which we can make available in Terraform.
2019-06-04 16:24:09 -07:00
Radek Simko
02437f067e
vendor: github.com/google/go-cmp@v0.3.0 2019-05-27 20:35:42 -05:00
Radek Simko
37f19cb9f5
vendor: github.com/golang/mock@v1.3.1 2019-05-27 12:22:03 +01:00
James Bardin
1c77704a3b
Merge pull request #21341 from hashicorp/jbardin/update-go-cty
Fix inconsistent element types with tuple literals
2019-05-16 17:07:16 -04:00
James Bardin
1d134fea69 update go-cty 2019-05-16 16:43:28 -04:00
Martin Atkins
11cf8fd6be vendor: go get github.com/hashicorp/hcl2@master
This fixes a bug where HCL would flag a parse error if a single-line
comment appeared at the end of a file without a terminating newline.
2019-05-16 07:30:50 -07:00
Martin Atkins
63fa1ac418 vendor: go get github.com/hashicorp/hcl2@master
This includes a small fix to ensure the parser doesn't produce an invalid
body for block parsing syntax errors, and instead produces an incomplete
result that calling applications like Terraform can still analyze.

The problem here was affecting our version-constraint-sniffing code, which
intentionally tried to find a core version constraint even if there's a
syntax error so that it can report that a new version of Terraform is a
likely cause of the syntax error. It was working in most cases, unless
it was the "terraform" block itself that contained the error, because then
we'd try to analyze a broken hcl.Block with a nil body.

This includes a new test for "terraform init" that exercises this
recovery codepath.
2019-05-14 15:37:46 -07:00
Martin Atkins
038621a8ed vendor: go get github.com/hashicorp/go-getter@v1.3.0
This includes a fix for the handling of Git-over-SSH URLs with explicit
port numbers.
2019-05-14 07:38:06 -07:00
Martin Atkins
d06edb1b62 go get github.com/hashicorp/hcl2@master
This corrects a bug in the HCL 2 scanner where a $ or % symbol would cause
incorrect tokenization if appearing immediately before a " .

This also includes some updates to Go extension libraries that the HCL
update brings in. Some of these changes update to support Unicode 11, but
only when compiling with Go 1.13, so we won't see the effect of these
changes until we start building Terraform with Go 1.13.
2019-05-03 15:29:40 -07:00
Martin Atkins
95826d6fdd vendor: github.com/hashicorp/hcl2@master
This contains an adjustment to how the dynamic blocks extension expands
a dynamic block whose for_each expression is unknown: it now produces an
block whose leaf attributes are all unknown, which is what Terraform had
previously been expecting but it wasn't actually true in practice.
2019-05-02 14:08:40 -07:00
Martin Atkins
6adcc7ab73 vendor: go get github.com/zclconf/go-cty@master
cty now guarantees that sets of primitive values will iterate in a
reasonable order. Previously it was the caller's responsibility to deal
with that, but we invariably neglected to do so, causing inconsistent
ordering. Since cty prioritizes consistent behavior over performance, it
now imposes its own sort on set elements as part of iterating over them so
that calling applications don't have to worry so much about it.

This change also causes cty to consistently push unknown and null values
in sets to the end of iteration, where before that was undefined. This
means that our diff output will now consistently list additions before
removals when showing sets, rather than the ordering being undefined as
before.

The ordering of known, non-null, non-primitive values is still not
contractually fixed but remains consistent for a particular version of
cty.
2019-04-30 15:49:28 -07:00
James Bardin
bf0fb89a2a update go-plugin
Includes fix for correct plugin server log levels, preventing everything
from logging to Debug.
2019-04-30 17:20:10 -04:00