Commit Graph

329 Commits

Author SHA1 Message Date
kmoe
765c25d2ed
allow interpolation in import block id (#33618)
The import block id field can now reference variables, attributes, and module outputs, as long as the result is a known non-empty string at plan time. A null or unknown value will result in an error.

This commit slightly modifies the legacy CLI terraform import code path to construct a synthetic hcl.Expression from the import id passed in from the command line, with no intended change of functionality.
2023-08-02 10:20:27 +01:00
Liam Cervante
bf6f32c19a
test framework: fix bug preventing remaining assertions being checked after one has failed (#33601) 2023-08-01 09:56:51 +02:00
Liam Cervante
dff447bc9f
fix crash when nested data blocks are mixed with the import command (#33578) 2023-07-26 09:41:00 +02:00
Liam Cervante
c91f91cc9e
testing framework: change test file extension to .tftest.hcl (#33553) 2023-07-20 16:57:05 +02:00
Liam Cervante
6882dd9530
testing framework: introduce test command optional flags (#33504)
* testing framework: introduce test command optional flags

* address consistency checks
2023-07-19 10:07:46 +02:00
Liam Cervante
837716a703
testing framework: finalise expect_failures functionality (#33506) 2023-07-19 09:44:40 +02:00
James Bardin
f5d94b35a0
Merge pull request #33486 from hashicorp/jbardin/schema-cache-proto
enable schema caching and add `get_provider_schema_optional` server capability
2023-07-18 11:18:11 -04:00
James Bardin
642904204a enable global schema cache 2023-07-10 11:01:19 -04:00
Liam Cervante
c9bc7e8479
Add input validation into the 'checks' outputs and tracking (#33481) 2023-07-10 11:33:45 +01:00
Liam Cervante
f74a8d16cf
[testing framework] implement expect_failures functionality (#33443) 2023-07-10 11:30:44 +01:00
James Bardin
c42d3b4e51
Merge pull request #33462 from hashicorp/jbardin/destroy-output-provider-refs
always evaluate module outputs during destroy
2023-07-07 09:44:27 -04:00
James Bardin
76332db98d fix locking and race in test mocks 2023-07-06 11:46:17 -04:00
James Bardin
b9d8d99b04 remove fixed FIXME 2023-07-06 10:56:03 -04:00
James Bardin
cf5ebaf685 s/Schemas/ProviderSchema/ 2023-07-06 10:37:35 -04:00
James Bardin
ec3a38e5ed update providers.Schemas type
Use the global providers.SchemaCache and update all schema access to the
providers.Schemas, except where the provider.GetProviderSchemaResponse
type name would be expected.

Some tests that reuse provider factories needed a little more careful
handling. Change the fixed func to only reset the provider on the first
call.
2023-07-06 10:37:35 -04:00
James Bardin
b45de53c13 always evaluate module outputs during destroy
A module output is generally not used during destroy, however it must be
evaluated when its value is used by a provider for configuration,
because that configuration is not stored between walks.

There was an oversight in the output expansion node where the output
node was not created because the operation was destroy, and module
outputs have nothing to destroy. This however skipped evaluation when
the output is needed by a provider as mentioned above. Because of the
way an implied plan is stored internally when executing `terraform
destroy`, this went unnoticed by the test.

Allowing the output to be evaluated during destroy fixes the issue, and
should be acceptable because an output is classified as temporary in the
graph, and will be pruned when not actually needed.

Update the existing test to serialize the plan, which triggers the
failure.
2023-06-30 15:24:49 -04:00
James Bardin
bb0bb7af1a remove NodeApplyableResource
Move the logic for NodeApplyableResource into
nodeExpandApplyableResource to remove an unnecessary level of expansion.
2023-06-28 13:32:00 -04:00
James Bardin
5c9d7a810d connect references from config nodes during apply
In order to ensure that transitive dependencies are connected even when
there are no instances for a resource, we need to route the references
through the config ("expand") node. This happens naturally by having the
expand node report its config references, however legacy configs can
contain self-referenced without the "self" identifier, so those need to
be filtered out.
2023-06-28 13:31:58 -04:00
Liam Cervante
212ae6c4ba
Introduce separate testing scope for reference validation (#33339) 2023-06-28 09:47:24 +02:00
Liam Cervante
3732bffe13
[Testing Framework] Adds TestContext for evaluating test assertions (#33326)
* Add test structure to views package for rendering test output

* Add test file HCL configuration and parser functionality

* Adds a TestContext structure for evaluating assertions against the state and plan
2023-06-26 17:42:53 +02:00
Liam Cervante
361d43c820
Ensure nested data blocks execute last of all Terraform resources (#33301)
* Ensure nested data blocks execute last of all Terraform resources

* add test, execute only during apply

* address comments
2023-06-02 17:35:34 +02:00
kmoe
1e31c671c2
terraform: expanded resources cannot genconfig (#33293)
This temporary measure prevents a panic further down the line when there is an unmatched expanded resource instance import target when running in config gen mode.
2023-05-31 20:25:15 +01:00
Liam Cervante
07aa7ee1d5
Propagate generated config filename into the Terraform graph (#33255) 2023-05-24 13:58:26 +02:00
James Bardin
2106b4c05f
Merge pull request #33235 from hashicorp/jbardin/destroy-root-referenced-locals
Remove destroy-plan locals only referenced by root outputs
2023-05-24 06:58:37 -04:00
kmoe
be2ad69eda
plannable import: safer config generation and schema filters (#33232)
* genconfig: fix nil nested block panic

* genconfig: null NestingSingle blocks should be absent

A NestingSingle block that is null in state should be completely absent from config.

* configschema: make FilterOr variadic

* configschema: apply filters to nested types

* configschema: filter helper/schema id attribute

The legacy SDK adds an Optional+Computed "id" attribute to the
resource schema even if not defined in provider code.
During validation, however, the presence of an extraneous "id"
attribute in config will cause an error.
Remove this attribute so we do not generate an "id" attribute
where there is a risk that it is not in the real resource schema.

* configschema: filter test

* terraform: do not pre-validate generated config

Config generated from a resource's import state may fail validation in
the case of schema behaviours such as ExactlyOneOf and ConflictsWith.
We don't want to fail the plan now, because that would give the user no
way to proceed and fix the config to make it valid. We allow the plan to
complete and output the generated config.

* generate config alongside import process

Rather than waiting until we call `plan()`, generate the configuration
at the point of the import call, so we have the necessary data to return
in case planning fails later.

The `plan` and `state` predeclared variables in the plan() method were
obfuscating the actual return of nil throughout, so those identifiers
were removed for clarity.

* move generateHCLStringAttributes closer to caller

* store generated config in plan on error

* test for config gen with error

* add simple warning when generating config

---------

Co-authored-by: James Bardin <j.bardin@gmail.com>
2023-05-24 11:16:05 +01:00
James Bardin
0a921976cd destroy locals referenced by root outputs
When planning a destroy operations, locals only referenced by root
outputs do not need to be kept in the graph, because the root output
does not get evaluated. Rather than try and prune the local based on
this condition, we can prevent the connection from being created by
ensuring that a root output destroy node has no references.

The separate plan+apply destroy fields used for outputs can be
simplified by combining, since they are only ever referenced together.
2023-05-22 13:03:49 -04:00
kmoe
789e30dfc5
error if importing to invalid keyed address (#33191)
Import addresses targeting expanded resource instances must target instances that already exist in configuration.
2023-05-13 00:57:51 +01:00
Liam Cervante
d5fed58fc5
plannable import: write generated config to out flag (#33186)
* plannable import: write generated config to out flag

* Add example command to diagnostic
2023-05-12 23:05:00 +01:00
kmoe
2b71e9edf3
terraform: config-driven import is idempotent (#33188)
If a resource is already in state, do not attempt to import it again. Resources already in state are filtered out of the plan's import targets.

A change is only considered "importing" if it is adding a new resource instance to the state.
2023-05-12 21:31:29 +01:00
CJ Horton
5d7864316e
Merge pull request #33160 from hashicorp/radditude/apply-counts
Populate import counts during applies and clean up output
2023-05-12 09:33:33 -07:00
CJ Horton
e5a6806206 clarify apply hook usage 2023-05-11 19:02:59 -07:00
Liam Cervante
5d6c5a9a33
plannable import: add a provider argument to the import block (#33175)
* command: keep our promises

* remove some nil config checks

Remove some of the safety checks that ensure plan nodes have config attached at the appropriate time.

* add GeneratedConfig to plan changes objects

Add a new GeneratedConfig field alongside Importing in plan changes.

* add config generation package

The genconfig package implements HCL config generation from provider state values.

Thanks to @mildwonkey whose implementation of terraform add is the basis for this package.

* generate config during plan

If a resource is being imported and does not already have config, attempt to generate that config during planning. The config is generated from the state as an HCL string, and then parsed back into an hcl.Body to attach to the plan graph node.

The generated config string is attached to the change emitted by the plan.

* complete config generation prototype, and add tests

* plannable import: add a provider argument to the import block

* Update internal/configs/config.go

Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com>

* Update internal/configs/config.go

Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com>

* Update internal/configs/config.go

Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com>

* fix formatting and tests

---------

Co-authored-by: Katy Moe <katy@katy.moe>
Co-authored-by: kmoe <5575356+kmoe@users.noreply.github.com>
2023-05-11 09:04:39 +02:00
Liam Cervante
79f7f59155
Plannable import: Generate config for imported resources during the plan. (#33153)
* command: keep our promises

* remove some nil config checks

Remove some of the safety checks that ensure plan nodes have config attached at the appropriate time.

* add GeneratedConfig to plan changes objects

Add a new GeneratedConfig field alongside Importing in plan changes.

* add config generation package

The genconfig package implements HCL config generation from provider state values.

Thanks to @mildwonkey whose implementation of terraform add is the basis for this package.

* generate config during plan

If a resource is being imported and does not already have config, attempt to generate that config during planning. The config is generated from the state as an HCL string, and then parsed back into an hcl.Body to attach to the plan graph node.

The generated config string is attached to the change emitted by the plan.

* complete config generation prototype, and add tests

---------

Co-authored-by: Katy Moe <katy@katy.moe>
2023-05-11 08:38:37 +02:00
CJ Horton
bc084858b1 add import hooks for plan and apply
Separate hooks used for the legacy import command for those used by
the new import mechanism; also add apply output for imports.
2023-05-10 20:53:44 -07:00
James Bardin
2e0efe7321
Merge pull request #33047 from hashicorp/jbardin/destroy-provider-pruning
prune unused providers within modules
2023-05-10 11:54:10 -04:00
Rees Pozzi
fed6538dec
core: Correct typo in "Moved resource instances excluded by targeting" error message 2023-05-05 13:36:05 -07:00
James Bardin
be682f1d29 only refresh an import state once
The imported resource was being stored in the wrong state, and only
ended up in the refresh state because ReadResource was being called a
second time in the normal refresh path.

Make sure to only refresh the imported resource once. This is still done
separately within importState so that we can handle the error slightly
differently to let the user know if an imported instance does not exist.
2023-05-04 14:20:45 -04:00
hashicorp-copywrite[bot]
325d18262e [COMPLIANCE] Add Copyright and License Headers 2023-05-02 15:33:06 +00:00
Liam Cervante
4210d905c0
[plannable import] embed the resource id within the changes (#33134)
* [plannable import] embed the resource id within the changes

* make pointers and update docs
2023-05-02 16:04:51 +02:00
James Bardin
2c09ae4f3d prune unused providers within modules
The logic used to prune unused providers was only taking into account
the common case of providers in the root module. The quick check of
looking for up edges doesn't work within a module, because the module
structures will create non-resource nodes connected to the providers.
Use a deeper check of looking for any dependent resources which may
require that provider to be configured.
2023-05-01 10:38:13 -04:00
kmoe
28643516b2
Plannable import 3: Make import plannable (#33085)
During a plan, Terraform now checks for the presence of import blocks.

For each resource in config, if an import block is present with a matching address, planning that node will now trigger an ImportResourceState and ReadResource. The resulting state is treated as the node's "refresh state", and planning proceeds as normal from there.

The walkImport operation is now only used for the legacy "terraform import" CLI command. This is the only case under which the plan should produce graphNodeImportStates.
2023-04-28 23:45:43 +01:00
James Bardin
583350a5c4 skip inter-provider cycle check in destroy plan
Just like in the destroy apply, we can skip the inter-provider cycle
check when creating the destroy plan, which can be expensive when there
are a lot of resource instances with dependencies from another provider.
2023-04-24 12:12:40 -04:00
Liam Cervante
aae6990d38
Add native plantimestamp function to Terraform (#32980)
* add plantimestamp function

* documentation

* add missing links

* fix typo
2023-04-21 09:47:28 +02:00
Liam Cervante
9c87006c34
checks: hide check diagnostics during plans that will not wait for approval (#32938)
* checks: filter out check diagnostics during certain plans

* wrap diagnostics produced by check blocks in a dedicated check block diagnostic

* address comments
2023-04-11 10:54:30 +02:00
James Bardin
c872cd6d96 the destroy plan should use correct type
When we plan to destroy an instance, the change recorded should use the
correct type for the resource rather than `DynamicPseudoType`. Most of
the time this is hidden when the change is encoded in the plan, because
any `null` is always encoded to the same value, and when decoded it will
be converted to the schema type. However when apply requires creating a
second plan for an instance's replacement that value is not going to be
encoded, and remains a dynamic value which is sent to the provider.

Most providers won't see that either, as the grpc request also encodes
and decodes the value to conform with the correct schema. The builtin
terraform provider does get the raw cty value though, and when that
dynamic value is returned validation fails when the type does not match.
2023-04-05 10:19:26 -04:00
Liam Cervante
84dc498b90
checks: always reference the nested data source from the check graph node (#32946)
* checks: always reference the nested data source from the check block graph node

* goimports
2023-04-05 08:48:42 +02:00
James Bardin
81b74cdb22 don't compare plan marks for missing values
If a resource has a change in marks from the prior state, we need to
notify the user that an update is going to be necessary to at least
store that new value in the state. If the provider however returns the
prior state value in lieu of a new config value, we need to be sure to
filter any new marks for comparison as well. The comparison of the prior
marks and new marks must take into account whether those new marks could
even be applied, because if the value is unchanged the new marks may be
completely irrelevant.
2023-03-28 15:55:15 -04:00
James Bardin
a4e92f3fca
Merge pull request #32876 from hashicorp/jbardin/state-serialize-plan-error
Remove planned data source objects from state on error
2023-03-28 15:50:59 -04:00
James Bardin
fdb00b9a46
Merge pull request #32900 from hashicorp/jbardin/target-drift-upgrade
External changes report can fail with schema migrations and `-target`
2023-03-28 15:50:38 -04:00
Liam Cervante
c06db2aadd
checks: don't iterate through all the nodes when there is nothing to search for (#32927) 2023-03-28 18:14:27 +02:00