Commit Graph

19956 Commits

Author SHA1 Message Date
Martin Atkins
29b2368fa0 Update CHANGELOG.md 2017-07-05 16:30:08 -07:00
Martin Atkins
39c4d6ab1f Merge #15424: Improve robustness of state persistence handling
Previously the APIs for state persistence and management had some problematic cases where we depended on hidden mutations of the state structure as side-effects of otherwise-innocent-looking operations, which was a frequent cause of accidental regressions due to faulty assumptions.

This new model attempts to isolate certain state mutations to just within the state managers, and makes the state managers work on separated snapshots of the state rather than on the "live" object to reduce the risk of race conditions.
2017-07-05 16:27:08 -07:00
Martin Atkins
dfbbc89c66 Update CHANGELOG.md 2017-07-05 16:22:17 -07:00
Martin Atkins
fee1197cf9 command: terraform state rm to require at least one argument
Due to how the state filter machinery works, passing no arguments is valid
and matches _all_ resources.

It is very unlikely that someone wants to remove everything from state, so
this ends up being a very dangerous default for the "terraform state rm"
command, and surprising for someone who perhaps runs it looking for the
usage information.

So we'll be pragmatic here and reject the no-arguments case for this
command, accepting that it makes the unlikely case of intentionally
deleting all resources harder in order to make it less likely that it
will happen _unintentionally_.

If someone does really want to remove all resources from the state, they
can provide an explicit empty string argument, but this isn't documented
because it's a weird case that doesn't seem worth mentioning.

This fixes #15283.
2017-07-05 16:19:32 -07:00
James Bardin
fb397060eb add some Serial checks to apply and refresh tests 2017-07-05 18:18:28 -04:00
James Bardin
054716c397 use testStateRead helper in apply tests
We have a helper function that we hardly ever use.
TODO: convert the rest of the manual ReadState calls eventually.
2017-07-05 18:18:16 -04:00
James Bardin
501cbeaffe testState shouldn't rely on mods from WriteState
The state returned from the testState helper shouldn't rely on any
mutations caused by WriteState. The Init function (which is analogous to
NewState) shoudl set any required fields.
2017-07-05 17:47:05 -04:00
Martin Atkins
d5ebad33a4 Update CHANGELOG.md 2017-07-05 14:37:04 -07:00
Mike Helmick
9d7fce2f69 command: "terraform workspace show" to print current workspace name
This command serves as an alternative to the human-oriented list of workspaces for scripting use-cases where it's useful to know the _current_ workspace name.
2017-07-05 14:35:46 -07:00
James Bardin
fba5decae5 update TestState helper
In practice, States must all implement the full interface, so checking
for each method set only leaves gaps where tests could be skipped.
Change the helper to only accept a full state.State implementation.

Add some Lineage, Version, and TFVersion checks to TestState to avoid
regressions.

Compare the copy test against the immediate State returnedm rather than
our previous "current" state.

Check that the states round-trip and still marhsal identically via
MarshalEqual.
2017-07-05 17:18:12 -04:00
Martin Atkins
4d53eaa6df state: more robust handling of state Serial
Previously we relied on a constellation of coincidences for everything to
work out correctly with state serials. In particular, callers needed to
be very careful about mutating states (or not) because many different bits
of code shared pointers to the same objects.

Here we move to a model where all of the state managers always use
distinct instances of state, copied when WriteState is called. This means
that they are truly a snapshot of the state as it was at that call, even
if the caller goes on mutating the state that was passed.

We also adjust the handling of serials so that the state managers ignore
any serials in incoming states and instead just treat each Persist as
the next version after what was most recently Refreshed.

(An exception exists for when nothing has been refreshed, e.g. because
we are writing a state to a location for the first time. In that case
we _do_ trust the caller, since the given state is either a new state
or it's a copy of something we're migrating from elsewhere with its
state and lineage intact.)

The intent here is to allow the rest of Terraform to not worry about
serials and state identity, and instead just treat the state as a mutable
structure. We'll just snapshot it occasionally, when WriteState is called,
and deal with serials _only_ at persist time.

This is intended as a more robust version of #15423, which was a quick
hotfix to an issue that resulted from our previous slopping handling
of state serials but arguably makes the problem worse by depending on
an additional coincidental behavior of the local backend's apply
implementation.
2017-07-05 12:34:30 -07:00
Martin Atkins
909989acfa terraform-bundle tool for bundling Terraform with providers
Normally "terraform init" will download and install the plugins necessary
to work with a particular configuration, but sometimes Terraform is
deployed in a network that, for one reason or another, cannot access the
official plugin repository for automatic download.

terraform-bundle provides an alternative method, allowing the
auto-download process to be run out-of-band on a separate machine that
_does_ have access to the repository. The result is a zip file that can
be extracted onto the target system to install both the desired
Terraform version and a selection of providers, thus avoiding the need
for on-the-fly plugin installation.

This is provided as a separate tool from Terraform because it is not
something that most users will need. In the rare case where this is
needed, we will for the moment assume that users are able to build this
tool themselves. We may later release it in a pre-built form, if it proves
to be generally useful.

It uses the same API from the plugin/discovery package is is used by the
auto-install behavior in "terraform init", so plugin versions are resolved
in the same way. However, it's expected that several different Terraform
configurations will run from the same bundle, so this tool allows the
bundle to include potentially many versions of the same provider and thus
allows each Terraform configuration to select from the available versions
in the bundle, avoiding the need to upgrade all configurations to new
provider versions in lockstep.
2017-07-05 10:02:05 -07:00
Martin Atkins
610fcb605e plugin/discovery: allow customizing the OS/arch for auto-install
Previously we forced only installing for the current GOOS and GOARCH. Now
we allow this to be optionally overridden, which allows building tools
that can, for example, populate a directory with plugins to run on a Linux
server while working on a Mac.
2017-07-05 10:02:05 -07:00
Radek Simko
9ee2fbaa2b Update CHANGELOG.md 2017-07-05 17:34:41 +01:00
Radek Simko
14614a5423 command/validate: Add flag to check that all variables are specified (#13872)
* command/validate: Add flag to check that all variables are specified

* Rename config-only to check-variables
2017-07-05 17:32:29 +01:00
Paul Stack
86a73701e9 Update CHANGELOG.md 2017-07-04 22:41:01 +03:00
Jake Champlin
41fc408ed0 Merge pull request #15462 from hashicorp/f-add-skip-verify-env-var
core: Skip provider checksum validation based on env var
2017-07-03 17:44:14 -04:00
Martin Atkins
6369d669a9 Update CHANGELOG.md 2017-07-03 11:09:54 -07:00
Martin Atkins
194bfe292b vendor: govendor fetch github.com/hashicorp/hil/...
This includes a fix to the scanner to correctly parse quoted strings that
end with escaped backslashes.
2017-07-03 11:08:09 -07:00
Jake Champlin
9944ea6886
core: Skip provider checksum validation based on env var
Skips checksum validation if the `TF_SKIP_PROVIDER_VERIFY` environment variable is set. Undocumented variable, as the primary goal is to significantly improve the local provider development workflow.
2017-07-03 13:59:13 -04:00
Tom Fitzherbert
e6ddd62583 Ensures that subnets are created in the desired AZ (#15443) 2017-06-30 16:00:47 +03:00
Martin Atkins
45eb050b31 Update CHANGELOG.md 2017-06-29 09:33:08 -07:00
Sander van Harmelen
31b8c3c6ad Update README.md 2017-06-29 08:27:13 +02:00
James Bardin
da1c45b566 Merge pull request #15412 from hashicorp/jbardin/windows-delete-workspace
Unlock state before workspace deletion
2017-06-27 17:47:34 -04:00
Martin Atkins
4a160d7fa0 website: A note about where the root parts of the website live now 2017-06-27 14:40:13 -07:00
James Bardin
ed20444f63 update CHANGELOG 2017-06-27 16:40:57 -04:00
James Bardin
5066fa2151 Merge pull request #13871 from fatmcgav/swift_move_to_backend
Move Swift remote state to backend
2017-06-27 16:23:46 -04:00
Gavin Williams
96e6bf89ec remote/swift: Remove un-used code 2017-06-27 21:18:43 +01:00
James Bardin
1c78dfb286 Unlock state before workspace deletion
We need to release the lock just before deleting the state, in case the backend
can't remove the resource while holding the lock. This is currently true for
Windows local files.

TODO: While there is little safety in locking while deleting the state, it
might be nice to be able to coordinate processes around state deletion, i.e. in
a CI environment. Adding Delete() as a required method of States would allow
the removal of the resource to be delegated from the Backend to the State
itself.
2017-06-27 14:31:08 -04:00
Martin Atkins
59e106fbd9 Update CHANGELOG.md 2017-06-27 11:30:07 -07:00
Martin Atkins
c487c0bd0e Merge #7251: terraform apply -auto-approve=false 2017-06-27 11:23:47 -07:00
Martin Atkins
6afa72f6ca command: minor adjustments to the -auto-approve=false UX
Some tweaks to the messaging and presentation.
2017-06-27 11:22:35 -07:00
David Glasser
14af879fe0 command: also print plan for destroy 2017-06-27 11:22:31 -07:00
David Glasser
039d36bf91 command: add "apply -auto-approve=false" flag
A common reason to want to use `terraform plan` is to have a chance to
review and confirm a plan before running it.  If in fact that is the
only reason you are running plan, this new `terraform apply -auto-approve=false`
flag provides an easier alternative to

    P=$(mktemp -t plan)
    terraform refresh
    terraform plan -refresh=false -out=$P
    terraform apply $P
    rm $P

The flag defaults to true for now, but in a future version of Terraform it will
default to false.
2017-06-27 11:22:26 -07:00
Martin Atkins
e7f7395e9e Update CHANGELOG.md 2017-06-27 10:51:27 -07:00
Martin Atkins
45a4ba1ea7 Merge #15344: Avoid double-counting resources to create 2017-06-27 10:48:45 -07:00
James Bardin
22074f1029 Merge pull request #15408 from hashicorp/jbardin/import-plugin-dir
Make sure import uses complete plugin path
2017-06-27 13:07:47 -04:00
Paul Stack
e7f09ea336 Update CHANGELOG.md 2017-06-27 19:07:40 +03:00
Patrick Aikens
7775ef809b Display correct to and from backends in copy message when migrating to new remote state (#15318) 2017-06-27 19:05:45 +03:00
Thomas Schaaf
4b85e91ac5 Update s3.html.md (#15299) 2017-06-27 18:57:38 +03:00
James Bardin
42cbb716b7 Merge pull request #15370 from rowleyaj/s3_backend_workspaces
Add configurable workspace prefix for S3 Backend
2017-06-27 11:44:12 -04:00
Alex Rowley
2dd464cf8f
Clarify field description 2017-06-27 16:32:00 +01:00
James Bardin
beebd5cee3 improve discovery logging
Display whether we're looking for a provider or provisioner in the log
messages.
2017-06-27 11:09:54 -04:00
James Bardin
85b9069eb7 test import with -plugin-dir
The import command wasn't loading the full plugin path for discovery.
Run a basic plugin init sequence, and verify we can find a plugin (even
though the plugin is invalid and will fail).
2017-06-27 11:07:45 -04:00
Riley Karson
8cf04f8e4e Added IntAtLeast and IntAtMost validation functions. (#15403) 2017-06-27 17:25:51 +03:00
Jake Champlin
4e175cc351 Update CHANGELOG.md 2017-06-27 09:55:06 -04:00
Paul Stack
13a2500755 Update CHANGELOG.md 2017-06-27 16:52:15 +03:00
James Bardin
0cbd51c365 find -plugin-dir during import
The import command wasn't loading the plugin path at all, relying on the
local directory for binaries.

Load the plugin dir into Meta, and pass in ForceLocal for consistency.
The Backend returned was going to be a Local anyway, so the added check
wasn't ensuring anything.
2017-06-26 18:28:45 -04:00
Martin Atkins
8e25830554 Update CHANGELOG.md 2017-06-26 11:23:46 -07:00
Martin Atkins
3df164502a command: don't prompt for state migration if TF_INPUT is set
The "confirm" method was directly checking the meta struct's input field,
but that only represents the -input command line flag, and doesn't
respect the TF_INPUT environment variable.

By calling the Input method instead, we check both.

This fixes #15338.
2017-06-26 11:22:29 -07:00