Commit Graph

27123 Commits

Author SHA1 Message Date
Pam Selle
26f77564d7
Merge pull request #26459 from hashicorp/pselle/sensitive-vals-map
Add format/diff coverage for maps with sensitivity
2020-10-02 13:00:00 -04:00
James Bardin
95197f0324 use EvalSelfBlock for destroy provisioners
Evaluate destroy provisioner configurations using only the last resource
state value, and the static instance key data.
2020-10-02 12:38:51 -04:00
James Bardin
804449eda1
Merge pull request #26461 from hashicorp/jbardin/refresh-false
always load instance state when -refresh=false
2020-10-02 12:08:10 -04:00
Martin Atkins
6b5ca49578 helper: remove a bunch of unused packages, types and functions
With the SDK moving out into its own repository, a lot of the packages
under "helper/" are no longer needed. We still need to keep around just
enough legacy SDK to support the "test" provider and some little bits and
bobs in the backends and provisioners, but a lot of this is now just dead
code.

One of the test provider tests was depending on some validation functions
only because the schema in there was originally copied from a "real"
provider. The validation rules are not actually important for the test,
so I removed them. Otherwise, this removes only dead code.
2020-10-02 09:01:37 -07:00
James Bardin
64c3a8f550 lang.Scope.EvalSelfBlock
In order to properly evaluate a destroy provisioner, we cannot rely on
the usual evaluation context, because the resource has already been
removed from the state.

EvalSelfBlock evaluates an hcl.Body in the limited scope of a single
object as "self", with the added values of "count.index" and "each.key".
2020-10-02 11:25:21 -04:00
Pam Selle
1817c8ac3c
Merge pull request #26412 from OwenTuz/issue-26411-fix-failing-e2e-test-provider-not-found
Fix bad string match that was causing TestInitProviderNotFound to fail
2020-10-02 10:43:18 -04:00
Pam Selle
5286a1bfb7
Merge pull request #26466 from jerrychong25/patch-2
Modified terraform force-unlock command
2020-10-02 10:33:17 -04:00
James Bardin
43c0525277 fix the test that was supposed to break
The test for this behavior did not work, because the old mock diff
function does not work correctly. Write a PlanResourceChange function to
return a correct plan.
2020-10-02 08:50:24 -04:00
Jerry Chong
90cbc5a123
Modified terraform force-unlock command
-Added code block for terraform force-unlock LOCK_ID
2020-10-02 09:42:55 +08:00
kt
b66364f7aa
AzureRM backend: correctly lookup environment from metadata host 2020-10-01 16:34:51 -07:00
James Bardin
07af1c6225 destroy time eval of resources pending deletion
Allow the evaluation of resource pending deleting only during a full
destroy. With this change we can ensure deposed instances are not
evaluated under normal circumstances, but can be references when needed.
This also allows us to remove the fixup transformer that added
connections so temporary values would evaluate in the correct order when
referencing destroy nodes.

In the majority of cases, we do not want to evaluate resources that are
pending deletion since configuration references only can refer to
resources that is intended to be managed by the configuration. An
exception to that rule is when Terraform is performing a full `destroy`
operation, and providers need to evaluate existing resources for their
configuration.
2020-10-01 17:11:46 -04:00
James Bardin
fa8f8df7b6 add ChangesSync.FullDestroy
In order to handle various edge cases during a full destroy, add
FullDestroy to the synchronized changes so we can attempt to deduce if
the plan was created from `terraform destroy`.

It's possible that the plan was created by removing all resourced from
the configuration, but in that case the end result is the same. Any of
the edge cases with provider or destroy provisioner configurations would
not apply, since there would not be any configuration references to
resolve.
2020-10-01 17:08:25 -04:00
James Bardin
ac526d8d5d always load instance state when -refresh=false
The loading of the initial instance state was inadvertently skipped when
-refresh=false, causing all resources to appear to be missing from the
state during plan.
2020-10-01 16:04:35 -04:00
Pam Selle
52b6f7f53e Move common IsMarked checks above switch statement 2020-10-01 14:34:44 -04:00
Pam Selle
1780351636 If the whole map is marked, have the same sensitivity behavior as a single value 2020-10-01 14:30:33 -04:00
Pam Selle
0520f143a2 Add diff coverage for maps
Considers wholly marked maps as well
as map keys
2020-10-01 14:18:40 -04:00
James Bardin
78322d5843 data depends_on with indexed references
If a data source refers to a indexed managed resource, we need to
re-target that reference to the containing resource for planning.  Since
data sources use the same mechanism as depends_on for managed resource
references, they can only refer to resources as a whole.
2020-10-01 14:10:09 -04:00
Pam Selle
a7e43dfd46
Merge pull request #26431 from hashicorp/pselle/sensitive-vals-docs
docs: Docs for sensitive variables
2020-10-01 13:50:11 -04:00
Pam Selle
3ddbb4b009 Update provider caveat grammar 2020-10-01 13:19:14 -04:00
Pam Selle
93d38ff2d2 Update intro to code blocks 2020-10-01 13:16:15 -04:00
Pam Selle
be50089c7f Rephrase sensitive index description 2020-10-01 13:12:25 -04:00
Pam Selle
09551de078 Rewrite intro to section, rename section, move state info
Move the information about state from the "caveats" to the main
info section, using similar information to sensitive outputs.
Updates the header of the section from similar inspiration.
2020-10-01 13:09:52 -04:00
Pam Selle
5cf61448e7
Update website/docs/configuration/variables.html.md
Co-authored-by: Kristin Laemmert <mildwonkey@users.noreply.github.com>
2020-10-01 12:58:43 -04:00
Pam Selle
9c2556b5ad
Add sensitive variables to changelog 2020-10-01 11:14:41 -04:00
Pam Selle
e0e6f4fd13
Merge pull request #26443 from hashicorp/pselle/sensitive-var-module-merge
Implement module merge for sensitive variable config
2020-10-01 10:40:47 -04:00
Pam Selle
d57cb50fa9
Merge pull request #26437 from hashicorp/pselle/sensitive-var-type-check
Add test file for bad sensitive value
2020-10-01 10:34:06 -04:00
James Bardin
2376b3c5ee
Merge pull request #26444 from hashicorp/jbardin/value-checks
Add some log warnings and remove dead code
2020-10-01 09:37:56 -04:00
James Bardin
82793f8158 update ignore_changes doc
We can remove the caveat about changing map elements.

Add a little more text about the intended use case for ignore_changes,
as the common case of fixing erroneous provider behavior should not be
the primary motivation for the maintenance of this feature.
2020-10-01 09:36:36 -04:00
James Bardin
ad0b81de81 allow ignore_changes to reference any map key
There are situations when a user may want to keep or exclude a map key
using `ignore_changes` which may not be listed directly in the
configuration. This didn't work previously because the transformation
always started off with the configuration, and would never encounter a
key if it was only present in the prior value.
2020-10-01 09:36:36 -04:00
Kristin Laemmert
90588c036b
terraform: minor cleanup from EvalTree() refactor (#26429)
* Split node_resource_abstract.go into two files, putting
NodeAbstractResourceInstance methods in their own file - it was getting
large enough to be tricky for (my) human eyeballs.

* un-exported the functions that were created as part of the EvalTree()
refactor; they did not need to be public.
2020-10-01 08:12:10 -04:00
Kristin Laemmert
d76cfc8c0c
Merge pull request #26440 from hashicorp/mildwonkey/remove-older-state-vs
refactor tests to use modern states.State in favor of terraform.State where possible
2020-10-01 08:11:27 -04:00
James Bardin
98b568ad01 remove unused refresh node
There is no longer a refresh walk, so we no longer use this type.
2020-09-30 18:04:40 -04:00
Pam Selle
2a35240a17
Merge pull request #26314 from hashicorp/remove-template-provider-link
docs: remove link to deprecated provider
2020-09-30 17:57:02 -04:00
Pam Selle
ef95cf482b
Update CHANGELOG.md
Add pg backend PR
2020-09-30 17:56:05 -04:00
Pam Selle
3a99405b8b
Merge pull request #26420 from remilapeyre/postgres-default-backend
Always have the default workspace in the pg backend
2020-09-30 17:54:24 -04:00
James Bardin
c52672cbbe log inconsistencies during refresh
We can't make these errors because there's no way to exempt legacy
providers from the check, but we can at least log them for
troubleshooting.
2020-09-30 17:40:39 -04:00
Pam Selle
f2fe0ceb0a Implement module merge for sensitive config
Implements merging behavior for when sensitive
is set on a variable and adds testing accordingly
2020-09-30 17:25:54 -04:00
Kristin Laemmert
479655ad47 refactor tests to use modern states.State in favor of terraform.State where possible 2020-09-30 16:07:54 -04:00
James Bardin
c51104fb7c
Merge pull request #26435 from hashicorp/jbardin/races
Fix race conditions
2020-09-30 15:19:58 -04:00
James Bardin
59110a2ca5 e2etest server was unsynchronized 2020-09-30 14:28:02 -04:00
Pam Selle
ada6f45871 Add test file for bad sensitive value
Adds a test file for an incorrectly typed
(non-boolean) sensitive value to ensure it errors
2020-09-30 13:58:01 -04:00
James Bardin
a3c9b33b7b output buffer must be synchronized 2020-09-30 13:44:07 -04:00
James Bardin
ab6d6f99ae fix races in remote backend mock 2020-09-30 13:36:04 -04:00
James Bardin
b464bcbc5d copy the refreshed state at the end of plan
Otherwise we may end up with the same state value for the state and
refreshState when re-using the context.
2020-09-30 12:14:37 -04:00
James Bardin
8dc6f518c2 don't use same state in Validate for refreshState 2020-09-30 12:14:37 -04:00
James Bardin
8c699fbe32 Unsynchronized maps in test 2020-09-30 12:14:31 -04:00
Martin Atkins
b0f58479c5
Update CHANGELOG.md 2020-09-30 09:04:00 -07:00
Pam Selle
e369fe0559 Docs for sensitive variables 2020-09-30 11:57:03 -04:00
Pam Selle
b57248533d Re-organize variable page for sensitive argument addition 2020-09-30 11:57:03 -04:00
Martin Atkins
59b116f7bf command/init: Remove support for legacy provider addresses
We no longer need to support 0.12-and-earlier-style provider addresses
because users should've upgraded their existing configurations and states
on Terraform 0.13 already.

For now this is only checked in the "init" command, because various test
shims are still relying on the idea of legacy providers the core layer.
However, rejecting these during init is sufficient grounds to avoid
supporting legacy provider addresses in the new dependency lock file
format, and thus sets the stage for a more severe removal of legacy
provider support in a later commit.
2020-09-30 08:54:57 -07:00