resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
terraform/internal/getproviders/http_mirror_source_test.go

325 lines
10 KiB
Go
Raw Normal View History

internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
package getproviders
import (
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
"context"
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
"fmt"
"net/http"
"net/http/httptest"
"net/url"
"testing"
"github.com/google/go-cmp/cmp"
svchost "github.com/hashicorp/terraform-svchost"
svcauth "github.com/hashicorp/terraform-svchost/auth"
Move addrs/ to internal/addrs/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 21:00:50 +02:00
"github.com/hashicorp/terraform/internal/addrs"
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
)
func TestHTTPMirrorSource(t *testing.T) {
// For mirrors we require a HTTPS server, so we'll use httptest to create
// one. However, that means we need to instantiate the source in an unusual
// way to force it to use the test client that is configured to trust the
// test server.
httpServer := httptest.NewTLSServer(http.HandlerFunc(testHTTPMirrorSourceHandler))
defer httpServer.Close()
httpClient := httpServer.Client()
baseURL, err := url.Parse(httpServer.URL)
if err != nil {
t.Fatalf("httptest.NewTLSServer returned a server with an invalid URL")
}
creds := svcauth.StaticCredentialsSource(map[svchost.Hostname]map[string]interface{}{
svchost.Hostname(baseURL.Host): {
"token": "placeholder-token",
},
})
source := newHTTPMirrorSourceWithHTTPClient(baseURL, creds, httpClient)
existingProvider := addrs.MustParseProviderSourceString("terraform.io/test/exists")
missingProvider := addrs.MustParseProviderSourceString("terraform.io/test/missing")
failingProvider := addrs.MustParseProviderSourceString("terraform.io/test/fails")
redirectingProvider := addrs.MustParseProviderSourceString("terraform.io/test/redirects")
redirectLoopProvider := addrs.MustParseProviderSourceString("terraform.io/test/redirect-loop")
tosPlatform := Platform{OS: "tos", Arch: "m68k"}
t.Run("AvailableVersions for provider that exists", func(t *testing.T) {
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
got, _, err := source.AvailableVersions(context.Background(), existingProvider)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
if err != nil {
t.Fatalf("unexpected error: %s", err)
}
want := VersionList{
MustParseVersion("1.0.0"),
MustParseVersion("1.0.1"),
MustParseVersion("1.0.2-beta.1"),
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("wrong result\n%s", diff)
}
})
t.Run("AvailableVersions for provider that doesn't exist", func(t *testing.T) {
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
_, _, err := source.AvailableVersions(context.Background(), missingProvider)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
switch err := err.(type) {
case ErrProviderNotFound:
if got, want := err.Provider, missingProvider; got != want {
t.Errorf("wrong provider in error\ngot: %s\nwant: %s", got, want)
}
default:
t.Fatalf("wrong error type %T; want ErrProviderNotFound", err)
}
})
t.Run("AvailableVersions without required credentials", func(t *testing.T) {
unauthSource := newHTTPMirrorSourceWithHTTPClient(baseURL, nil, httpClient)
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
_, _, err := unauthSource.AvailableVersions(context.Background(), existingProvider)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
switch err := err.(type) {
case ErrUnauthorized:
if got, want := string(err.Hostname), baseURL.Host; got != want {
t.Errorf("wrong hostname in error\ngot: %s\nwant: %s", got, want)
}
default:
t.Fatalf("wrong error type %T; want ErrUnauthorized", err)
}
})
t.Run("AvailableVersions when the response is a server error", func(t *testing.T) {
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
_, _, err := source.AvailableVersions(context.Background(), failingProvider)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
switch err := err.(type) {
case ErrQueryFailed:
if got, want := err.Provider, failingProvider; got != want {
t.Errorf("wrong provider in error\ngot: %s\nwant: %s", got, want)
}
if err.MirrorURL != source.baseURL {
t.Errorf("error does not refer to the mirror URL")
}
default:
t.Fatalf("wrong error type %T; want ErrQueryFailed", err)
}
})
t.Run("AvailableVersions for provider that redirects", func(t *testing.T) {
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
got, _, err := source.AvailableVersions(context.Background(), redirectingProvider)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
if err != nil {
t.Fatalf("unexpected error: %s", err)
}
want := VersionList{
MustParseVersion("1.0.0"),
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("wrong result\n%s", diff)
}
})
t.Run("AvailableVersions for provider that redirects too much", func(t *testing.T) {
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
_, _, err := source.AvailableVersions(context.Background(), redirectLoopProvider)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
if err == nil {
t.Fatalf("succeeded; expected error")
}
})
t.Run("PackageMeta for a version that exists and has a hash", func(t *testing.T) {
version := MustParseVersion("1.0.0")
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
got, err := source.PackageMeta(context.Background(), existingProvider, version, tosPlatform)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
if err != nil {
t.Fatalf("unexpected error: %s", err)
}
want := PackageMeta{
Provider: existingProvider,
Version: version,
TargetPlatform: tosPlatform,
Filename: "terraform-provider-test_v1.0.0_tos_m68k.zip",
Location: PackageHTTPURL(httpServer.URL + "/terraform.io/test/exists/terraform-provider-test_v1.0.0_tos_m68k.zip"),
Authentication: packageHashAuthentication{
getproviders: Prepare for having multiple valid hashes per package As we continue iterating towards saving valid hashes for a package in a depsfile lock file after installation and verifying them on future installation, this prepares getproviders for the possibility of having multiple valid hashes per package. This will arise in future commits for two reasons: - We will need to support both the legacy "zip hash" hashing scheme and the new-style content-based hashing scheme because currently the registry protocol is only able to produce the legacy scheme, but our other installation sources prefer the content-based scheme. Therefore packages will typically have a mixture of hashes of both types. - Installing from an upstream registry will save the hashes for the packages across all supported platforms, rather than just the current platform, and we'll consider all of those valid for future installation if we see both successful matching of the current platform checksum and a signature verification for the checksums file as a whole. This also includes some more preparation for the second case above in that signatureAuthentication now supports AcceptableHashes and returns all of the zip-based hashes it can find in the checksums file. This is a bit of an abstraction leak because previously that authenticator considered its "document" to just be opaque bytes, but we want to make sure that we can only end up trusting _all_ of the hashes if we've verified that the document is signed. Hopefully we'll make this better in a future commit with some refactoring, but that's deferred for now in order to minimize disruption to existing codepaths while we work towards a provider locking MVP.
2020-09-24 01:23:00 +02:00
RequiredHashes: []Hash{"h1:placeholder-hash"},
AllHashes: []Hash{"h1:placeholder-hash", "h0:unacceptable-hash"},
Platform: Platform{"tos", "m68k"},
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
},
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("wrong result\n%s", diff)
}
internal/getproviders: Allow PackageMeta to carry acceptable hashes The "acceptable hashes" for a package is a set of hashes that the upstream source considers to be good hashes for checking whether future installs of the same provider version are considered to match this one. Because the acceptable hashes are a package authentication concern and they already need to be known (at least in part) to implement the authenticators, here we add AcceptableHashes as an optional extra method that an authenticator can implement. Because these are hashes chosen by the upstream system, the caller must make its own determination about their trustworthiness. The result of authentication is likely to be an input to that, for example by distrusting hashes produced by an authenticator that succeeds but doesn't report having validated anything.
2020-09-09 01:44:55 +02:00
gotHashes := got.AcceptableHashes()
getproviders: Prepare for having multiple valid hashes per package As we continue iterating towards saving valid hashes for a package in a depsfile lock file after installation and verifying them on future installation, this prepares getproviders for the possibility of having multiple valid hashes per package. This will arise in future commits for two reasons: - We will need to support both the legacy "zip hash" hashing scheme and the new-style content-based hashing scheme because currently the registry protocol is only able to produce the legacy scheme, but our other installation sources prefer the content-based scheme. Therefore packages will typically have a mixture of hashes of both types. - Installing from an upstream registry will save the hashes for the packages across all supported platforms, rather than just the current platform, and we'll consider all of those valid for future installation if we see both successful matching of the current platform checksum and a signature verification for the checksums file as a whole. This also includes some more preparation for the second case above in that signatureAuthentication now supports AcceptableHashes and returns all of the zip-based hashes it can find in the checksums file. This is a bit of an abstraction leak because previously that authenticator considered its "document" to just be opaque bytes, but we want to make sure that we can only end up trusting _all_ of the hashes if we've verified that the document is signed. Hopefully we'll make this better in a future commit with some refactoring, but that's deferred for now in order to minimize disruption to existing codepaths while we work towards a provider locking MVP.
2020-09-24 01:23:00 +02:00
wantHashes := []Hash{"h1:placeholder-hash", "h0:unacceptable-hash"}
internal/getproviders: Allow PackageMeta to carry acceptable hashes The "acceptable hashes" for a package is a set of hashes that the upstream source considers to be good hashes for checking whether future installs of the same provider version are considered to match this one. Because the acceptable hashes are a package authentication concern and they already need to be known (at least in part) to implement the authenticators, here we add AcceptableHashes as an optional extra method that an authenticator can implement. Because these are hashes chosen by the upstream system, the caller must make its own determination about their trustworthiness. The result of authentication is likely to be an input to that, for example by distrusting hashes produced by an authenticator that succeeds but doesn't report having validated anything.
2020-09-09 01:44:55 +02:00
if diff := cmp.Diff(wantHashes, gotHashes); diff != "" {
t.Errorf("wrong acceptable hashes\n%s", diff)
}
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
})
t.Run("PackageMeta for a version that exists and has no hash", func(t *testing.T) {
version := MustParseVersion("1.0.1")
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
got, err := source.PackageMeta(context.Background(), existingProvider, version, tosPlatform)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
if err != nil {
t.Fatalf("unexpected error: %s", err)
}
want := PackageMeta{
Provider: existingProvider,
Version: version,
TargetPlatform: tosPlatform,
Filename: "terraform-provider-test_v1.0.1_tos_m68k.zip",
Location: PackageHTTPURL(httpServer.URL + "/terraform.io/test/exists/terraform-provider-test_v1.0.1_tos_m68k.zip"),
Authentication: nil,
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("wrong result\n%s", diff)
}
})
t.Run("PackageMeta for a version that exists but has no archives", func(t *testing.T) {
version := MustParseVersion("1.0.2-beta.1")
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
_, err := source.PackageMeta(context.Background(), existingProvider, version, tosPlatform)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
switch err := err.(type) {
case ErrPlatformNotSupported:
if got, want := err.Provider, existingProvider; got != want {
t.Errorf("wrong provider in error\ngot: %s\nwant: %s", got, want)
}
if got, want := err.Platform, tosPlatform; got != want {
t.Errorf("wrong platform in error\ngot: %s\nwant: %s", got, want)
}
if err.MirrorURL != source.baseURL {
t.Errorf("error does not contain the mirror URL")
}
default:
t.Fatalf("wrong error type %T; want ErrPlatformNotSupported", err)
}
})
t.Run("PackageMeta with redirect to a version that exists", func(t *testing.T) {
version := MustParseVersion("1.0.0")
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
got, err := source.PackageMeta(context.Background(), redirectingProvider, version, tosPlatform)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
if err != nil {
t.Fatalf("unexpected error: %s", err)
}
want := PackageMeta{
Provider: redirectingProvider,
Version: version,
TargetPlatform: tosPlatform,
Filename: "terraform-provider-test.zip",
// NOTE: The final URL is interpreted relative to the redirect
// target, not relative to what we originally requested.
Location: PackageHTTPURL(httpServer.URL + "/redirect-target/terraform-provider-test.zip"),
}
if diff := cmp.Diff(want, got); diff != "" {
t.Errorf("wrong result\n%s", diff)
}
})
t.Run("PackageMeta when the response is a server error", func(t *testing.T) {
version := MustParseVersion("1.0.0")
command: Make provider installation interruptible In earlier commits we started to make the installation codepath context-aware so that it could be canceled in the event of a SIGINT, but we didn't complete wiring that through the API of the getproviders package. Here we make the getproviders.Source interface methods, along with some other functions that can make network requests, take a context.Context argument and act appropriately if that context is cancelled. The main providercache.Installer.EnsureProviderVersions method now also has some context-awareness so that it can abort its work early if its context reports any sort of error. That avoids waiting for the process to wind through all of the remaining iterations of the various loops, logging each request failure separately, and instead returns just a single aggregate "canceled" error. We can then set things up in the "terraform init" and "terraform providers mirror" commands so that the context will be cancelled if we get an interrupt signal, allowing provider installation to abort early while still atomically completing any local-side effects that may have started.
2020-09-29 02:13:32 +02:00
_, err := source.PackageMeta(context.Background(), failingProvider, version, tosPlatform)
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
switch err := err.(type) {
case ErrQueryFailed:
if got, want := err.Provider, failingProvider; got != want {
t.Errorf("wrong provider in error\ngot: %s\nwant: %s", got, want)
}
if err.MirrorURL != source.baseURL {
t.Errorf("error does not contain the mirror URL")
}
default:
t.Fatalf("wrong error type %T; want ErrQueryFailed", err)
}
})
}
func testHTTPMirrorSourceHandler(resp http.ResponseWriter, req *http.Request) {
if auth := req.Header.Get("authorization"); auth != "Bearer placeholder-token" {
resp.WriteHeader(401)
fmt.Fprintln(resp, "incorrect auth token")
}
switch req.URL.Path {
case "/terraform.io/test/exists/index.json":
resp.Header().Add("Content-Type", "application/json; ignored=yes")
resp.WriteHeader(200)
fmt.Fprint(resp, `
{
"versions": {
"1.0.0": {},
"1.0.1": {},
"1.0.2-beta.1": {}
}
}
`)
case "/terraform.io/test/fails/index.json", "/terraform.io/test/fails/1.0.0.json":
resp.WriteHeader(500)
fmt.Fprint(resp, "server error")
case "/terraform.io/test/exists/1.0.0.json":
resp.Header().Add("Content-Type", "application/json; ignored=yes")
resp.WriteHeader(200)
fmt.Fprint(resp, `
{
"archives": {
"tos_m68k": {
"url": "terraform-provider-test_v1.0.0_tos_m68k.zip",
"hashes": [
internal/getproviders: Allow PackageMeta to carry acceptable hashes The "acceptable hashes" for a package is a set of hashes that the upstream source considers to be good hashes for checking whether future installs of the same provider version are considered to match this one. Because the acceptable hashes are a package authentication concern and they already need to be known (at least in part) to implement the authenticators, here we add AcceptableHashes as an optional extra method that an authenticator can implement. Because these are hashes chosen by the upstream system, the caller must make its own determination about their trustworthiness. The result of authentication is likely to be an input to that, for example by distrusting hashes produced by an authenticator that succeeds but doesn't report having validated anything.
2020-09-09 01:44:55 +02:00
"h1:placeholder-hash",
"h0:unacceptable-hash"
internal/getproviders: HTTPMirrorSource implementation We previously had this just stubbed out because it was a stretch goal for the v0.13.0 release and it ultimately didn't make it in. Here we fill out the existing stub -- with a minor change to its interface so it can access credentials -- with a client implementation that is compatible with the directory structure produced by the "terraform providers mirror" subcommand, were the result to be published on a static file server.
2020-08-26 01:26:21 +02:00
]
}
}
}
`)
case "/terraform.io/test/exists/1.0.1.json":
resp.Header().Add("Content-Type", "application/json; ignored=yes")
resp.WriteHeader(200)
fmt.Fprint(resp, `
{
"archives": {
"tos_m68k": {
"url": "terraform-provider-test_v1.0.1_tos_m68k.zip"
}
}
}
`)
case "/terraform.io/test/exists/1.0.2-beta.1.json":
resp.Header().Add("Content-Type", "application/json; ignored=yes")
resp.WriteHeader(200)
fmt.Fprint(resp, `
{
"archives": {}
}
`)
case "/terraform.io/test/redirects/index.json":
resp.Header().Add("location", "/redirect-target/index.json")
resp.WriteHeader(301)
fmt.Fprint(resp, "redirect")
case "/redirect-target/index.json":
resp.Header().Add("Content-Type", "application/json")
resp.WriteHeader(200)
fmt.Fprint(resp, `
{
"versions": {
"1.0.0": {}
}
}
`)
case "/terraform.io/test/redirects/1.0.0.json":
resp.Header().Add("location", "/redirect-target/1.0.0.json")
resp.WriteHeader(301)
fmt.Fprint(resp, "redirect")
case "/redirect-target/1.0.0.json":
resp.Header().Add("Content-Type", "application/json")
resp.WriteHeader(200)
fmt.Fprint(resp, `
{
"archives": {
"tos_m68k": {
"url": "terraform-provider-test.zip"
}
}
}
`)
case "/terraform.io/test/redirect-loop/index.json":
// This is intentionally redirecting to itself, to create a loop.
resp.Header().Add("location", req.URL.Path)
resp.WriteHeader(301)
fmt.Fprint(resp, "redirect loop")
default:
resp.WriteHeader(404)
fmt.Fprintln(resp, "not found")
}
}