* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* Add support for object attributes in the structured renderer
* goimports
* Add support for the replace paths data in the structured renderer
* Add support for maps in the structured renderer
* Add support for lists in the structured renderer
* goimports
* Add support for sets in the structured renderer
* goimports
* Add support for blocks in the structured renderer
* goimports
* Add support for outputs in the structured renderer
* fix ordering of blocks
* remove unused test stub
* fix typo
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* Add support for object attributes in the structured renderer
* goimports
* Add support for the replace paths data in the structured renderer
* Add support for maps in the structured renderer
* Add support for lists in the structured renderer
* goimports
* Add support for sets in the structured renderer
* goimports
* Add support for blocks in the structured renderer
* goimports
* fix ordering of blocks
* remove unused test stub
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* Add support for object attributes in the structured renderer
* goimports
* Add support for the replace paths data in the structured renderer
* Add support for maps in the structured renderer
* Add support for lists in the structured renderer
* goimports
* Add support for sets in the structured renderer
* goimports
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* Add support for object attributes in the structured renderer
* goimports
* Add support for the replace paths data in the structured renderer
* Add support for maps in the structured renderer
* Add support for lists in the structured renderer
* goimports
* add additional comments explaining
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* Add support for object attributes in the structured renderer
* goimports
* Add support for the replace paths data in the structured renderer
* Add support for maps in the structured renderer
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* Add support for object attributes in the structured renderer
* goimports
* Add support for the replace paths data in the structured renderer
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* Add support for object attributes in the structured renderer
* goimports
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* Add support for unknown/computed values in the structured renderer
* delete missing unit tests
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* Add support for parsing and rendering sensitive values in the renderer
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add rendering functionality for primitives to the structured renderer
* add test case for override
* goimports
* prep for processing the structured run output
* undo unwanted change to a json key
* Add skeleton functions and API for refactored renderer
* goimports
* Fix documentation of the RenderOpts struct
* Add README explaining implementation details for renderer and plans for future expansion
* Update internal/command/jsonformat/README.md
Co-authored-by: Alisdair McDiarmid <alisdair@users.noreply.github.com>
* address comments
Co-authored-by: Alisdair McDiarmid <alisdair@users.noreply.github.com>
Make writing a plan file the default. We already create plans which have
no changes so the plan result would need to be checked in automation, so
having plans with errors should not pose a problem.
If we find workflows which cannot handle a plan that can't be applied,
we can reevaluate the need for a specialized flag. In the meantime, it
feels more logical that the plan output would always describe the result
of the plan, even if that included errors.
This is a prototype of how the CLI layer might make use of Terraform
Core's ability to produce a partial plan if it encounters an error during
planning, with two new situations:
- When using local CLI workflow, Terraform will show the partial plan
before showing any errors.
- "terraform plan" has a new option -always-out=..., which is similar to
the existing -out=... but additionally instructs Terraform to produce
a plan file even if the plan is incomplete due to errors. This means
that the plan can still be inspected by external UI implementations.
This is just a prototype to explore how these parts might fit together.
It's not a complete implementation and so should not be shipped. In
particular, it doesn't include any mention of a plan being incomplete in
the "terraform show -json" output or in the "terraform plan -json" output,
both of which would be required for a complete solution.
When we originally introduced the trust-on-first-use checksum locking
mechanism in v0.14, we had to make some tricky decisions about how it
should interact with the pre-existing optional read-through global cache
of provider packages:
The global cache essentially conflicts with the checksum locking because
if the needed provider is already in the cache then Terraform skips
installing the provider from upstream and therefore misses the opportunity
to capture the signed checksums published by the provider developer. We
can't use the signed checksums to verify a cache entry because the origin
registry protocol is still using the legacy ziphash scheme and that is
only usable for the original zipped provider packages and not for the
unpacked-layout cache directory. Therefore we decided to prioritize the
existing cache directory behavior at the expense of the lock file behavior,
making Terraform produce an incomplete lock file in that case.
Now that we've had some real-world experience with the lock file mechanism,
we can see that the chosen compromise was not ideal because it causes
"terraform init" to behave significantly differently in its lock file
update behavior depending on whether or not a particular provider is
already cached. By robbing Terraform of its opportunity to fetch the
official checksums, Terraform must generate a lock file that is inherently
non-portable, which is problematic for any team which works with the same
Terraform configuration on multiple different platforms.
This change addresses that problem by essentially flipping the decision so
that we'll prioritize the lock file behavior over the provider cache
behavior. Now a global cache entry is eligible for use if and only if the
lock file already contains a checksum that matches the cache entry. This
means that the first time a particular configuration sees a new provider
it will always be fetched from the configured installation source
(typically the origin registry) and record the checksums from that source.
On subsequent installs of the same provider version already locked,
Terraform will then consider the cache entry to be eligible and skip
re-downloading the same package.
This intentionally makes the global cache mechanism subordinate to the
lock file mechanism: the lock file must be populated in order for the
global cache to be effective. For those who have many separate
configurations which all refer to the same provider version, they will
need to re-download the provider once for each configuration in order to
gather the information needed to populate the lock file, whereas before
they would have only downloaded it for the _first_ configuration using
that provider.
This should therefore remove the most significant cause of folks ending
up with incomplete lock files that don't work for colleagues using other
platforms, and the expense of bypassing the cache for the first use of
each new package with each new configuration. This tradeoff seems
reasonable because otherwise such users would inevitably need to run
"terraform providers lock" separately anyway, and that command _always_
bypasses the cache. Although this change does decrease the hit rate of the
cache, if we subtract the never-cached downloads caused by
"terraform providers lock" then this is a net benefit overall, and does
the right thing by default without the need to run a separate command.
Previously, there was mixed usage of "(sensitive)" and "(sensitive value)" and even though it was more common to see "(sensitive)", the thought is that it's a value we are hiding rather than describing something already shown.
Add a new ChangeReason, ReasonDeleteBecauseNoMoveTarget, to provide better
information in cases where a planned deletion is due to moving a resource to
a target not in configuration.
Consider a case in which a resource instance exists in state at address A, and
the user adds a moved block to move A to address B. Whether by the user's
intention or not, address B does not exist in configuration.
Terraform combines the move from A to B, and the lack of configuration for B,
into a single delete action for the (previously nonexistent) entity B.
Prior to this commit, the Terraform plan will report that resource B will be
destroyed because it does not exist in configuration, without explicitly
connecting this to the move.
This commit provides the user an additional clue as to what has happened, in a
case in which Terraform has elided a user's action and inaction into one
potentially destructive change.
