resilien
/
terraform
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
terraform/internal/getproviders/types.go

559 lines
21 KiB
Go
Raw Normal View History

internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
package getproviders
import (
internal/getproviders: Sorting and filtering for lists of PackageMeta These are utility functions to ease processing of lists of PackageMeta elsewhere, once we have functionality that works with multiple packages at once. The local filesystem mirror source will be the first example of this, so these methods are motivated mainly by its needs.
2020-02-21 02:57:15 +01:00
"fmt"
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
"runtime"
internal/getproviders: Sorting and filtering for lists of PackageMeta These are utility functions to ease processing of lists of PackageMeta elsewhere, once we have functionality that works with multiple packages at once. The local filesystem mirror source will be the first example of this, so these methods are motivated mainly by its needs.
2020-02-21 02:57:15 +01:00
"sort"
"strings"
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
"github.com/apparentlymart/go-versions/versions"
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
"github.com/apparentlymart/go-versions/versions/constraints"
Move addrs/ to internal/addrs/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 21:00:50 +02:00
"github.com/hashicorp/terraform/internal/addrs"
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
)
// Version represents a particular single version of a provider.
type Version = versions.Version
getproviders: move protocol compatibility functions into registry client (#24846) * internal/registry source: return error if requested provider version protocols are not supported * getproviders: move responsibility for protocol compatibility checks into the registry client The original implementation had the providercache checking the provider metadata for protocol compatibility, but this is only relevant for the registry source so it made more sense to move the logic into getproviders. This also addresses an issue where we were pulling the metadata for every provider version until we found one that was supported. I've extended the registry client to unmarshal the protocols in `ProviderVersions` so we can filter through that list, instead of pulling each version's metadata.
2020-05-11 19:49:12 +02:00
// UnspecifiedVersion is the zero value of Version, representing the absense
// of a version number.
var UnspecifiedVersion Version = versions.Unspecified
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
// VersionList represents a list of versions. It is a []Version with some
// extra methods for convenient filtering.
type VersionList = versions.List
internal/providercache: Start to stub Installer type The Installer type will encapsulate the logic for running an entire provider installation request: given a set of providers to install, it will determine a method to obtain each of them (or detect that they are already installed) and then take the necessary actions. So far it doesn't do anything, but this stubs out an interface by which the caller can request ongoing notifications during an installation operation.
2020-03-12 03:11:52 +01:00
// VersionSet represents a set of versions, usually describing the acceptable
// versions that can be selected under a particular version constraint provided
// by the end-user.
type VersionSet = versions.Set
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
// VersionConstraints represents a set of version constraints, which can
// define the membership of a VersionSet by exclusion.
type VersionConstraints = constraints.IntersectionSpec
internal/getproviders: decode and return any registry warnings (#25337) * internal/getproviders: decode and return any registry warnings The public registry may include a list of warnings in the "versions" response for any given provider. This PR adds support for warnings from the registry and an installer event to return those warnings to the user.
2020-06-25 16:49:48 +02:00
// Warnings represents a list of warnings returned by a Registry source.
type Warnings = []string
internal/getproviders: A new shared model for provider requirements We've been using the models from the "moduledeps" package to represent our provider dependencies everywhere since the idea of provider dependencies was introduced in Terraform 0.10, but that model is not convenient to use for any use-case other than the "terraform providers" command that needs individual-module-level detail. To make things easier for new codepaths working with the new-style provider installer, here we introduce a new model type getproviders.Requirements which is based on the type the new installer was already taking as its input. We have new methods in the states, configs, and earlyconfig packages to produce values of this type, and a helper to merge Requirements together so we can combine config-derived and state-derived requirements together during installation. The advantage of this new model over the moduledeps one is that all of recursive module walking is done up front and we produce a simple, flat structure that is more convenient for the main use-cases of selecting providers for installation and then finding providers in the local cache to use them for other operations. This new model is _not_ suitable for implementing "terraform providers" because it does not retain module-specific requirement details. Therefore we will likely keep using moduledeps for "terraform providers" for now, and then possibly at a later time consider specializing the moduledeps logic for only what "terraform providers" needs, because it seems to be the only use-case that needs to retain that level of detail.
2020-03-26 20:04:48 +01:00
// Requirements gathers together requirements for many different providers
// into a single data structure, as a convenient way to represent the full
// set of requirements for a particular configuration or state or both.
//
// If an entry in a Requirements has a zero-length VersionConstraints then
// that indicates that the provider is required but that any version is
// acceptable. That's different than a provider being absent from the map
// altogether, which means that it is not required at all.
type Requirements map[addrs.Provider]VersionConstraints
// Merge takes the requirements in the receiever and the requirements in the
// other given value and produces a new set of requirements that combines
// all of the requirements of both.
//
// The resulting requirements will permit only selections that both of the
// source requirements would've allowed.
func (r Requirements) Merge(other Requirements) Requirements {
ret := make(Requirements)
for addr, constraints := range r {
ret[addr] = constraints
}
for addr, constraints := range other {
ret[addr] = append(ret[addr], constraints...)
}
return ret
}
// Selections gathers together version selections for many different providers.
//
// This is the result of provider installation: a specific version selected
// for each provider given in the requested Requirements, selected based on
// the given version constraints.
type Selections map[addrs.Provider]Version
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
// ParseVersion parses a "semver"-style version string into a Version value,
// which is the version syntax we use for provider versions.
func ParseVersion(str string) (Version, error) {
return versions.ParseVersion(str)
}
internal/getproviders: A new shared model for provider requirements We've been using the models from the "moduledeps" package to represent our provider dependencies everywhere since the idea of provider dependencies was introduced in Terraform 0.10, but that model is not convenient to use for any use-case other than the "terraform providers" command that needs individual-module-level detail. To make things easier for new codepaths working with the new-style provider installer, here we introduce a new model type getproviders.Requirements which is based on the type the new installer was already taking as its input. We have new methods in the states, configs, and earlyconfig packages to produce values of this type, and a helper to merge Requirements together so we can combine config-derived and state-derived requirements together during installation. The advantage of this new model over the moduledeps one is that all of recursive module walking is done up front and we produce a simple, flat structure that is more convenient for the main use-cases of selecting providers for installation and then finding providers in the local cache to use them for other operations. This new model is _not_ suitable for implementing "terraform providers" because it does not retain module-specific requirement details. Therefore we will likely keep using moduledeps for "terraform providers" for now, and then possibly at a later time consider specializing the moduledeps logic for only what "terraform providers" needs, because it seems to be the only use-case that needs to retain that level of detail.
2020-03-26 20:04:48 +01:00
// MustParseVersion is a variant of ParseVersion that panics if it encounters
// an error while parsing.
func MustParseVersion(str string) Version {
ret, err := ParseVersion(str)
if err != nil {
panic(err)
}
return ret
}
command: Expose providercache package objects for use elsewhere These new functions allow command implementations to get hold of the providercache objects and installation source object derived from the current CLI configuration.
2020-03-13 19:22:24 +01:00
// ParseVersionConstraints parses a "Ruby-like" version constraint string
// into a VersionConstraints value.
func ParseVersionConstraints(str string) (VersionConstraints, error) {
return constraints.ParseRubyStyleMulti(str)
}
internal/getproviders: A new shared model for provider requirements We've been using the models from the "moduledeps" package to represent our provider dependencies everywhere since the idea of provider dependencies was introduced in Terraform 0.10, but that model is not convenient to use for any use-case other than the "terraform providers" command that needs individual-module-level detail. To make things easier for new codepaths working with the new-style provider installer, here we introduce a new model type getproviders.Requirements which is based on the type the new installer was already taking as its input. We have new methods in the states, configs, and earlyconfig packages to produce values of this type, and a helper to merge Requirements together so we can combine config-derived and state-derived requirements together during installation. The advantage of this new model over the moduledeps one is that all of recursive module walking is done up front and we produce a simple, flat structure that is more convenient for the main use-cases of selecting providers for installation and then finding providers in the local cache to use them for other operations. This new model is _not_ suitable for implementing "terraform providers" because it does not retain module-specific requirement details. Therefore we will likely keep using moduledeps for "terraform providers" for now, and then possibly at a later time consider specializing the moduledeps logic for only what "terraform providers" needs, because it seems to be the only use-case that needs to retain that level of detail.
2020-03-26 20:04:48 +01:00
// MustParseVersionConstraints is a variant of ParseVersionConstraints that
// panics if it encounters an error while parsing.
func MustParseVersionConstraints(str string) VersionConstraints {
ret, err := ParseVersionConstraints(str)
if err != nil {
panic(err)
}
return ret
}
getproviders: move protocol compatibility functions into registry client (#24846) * internal/registry source: return error if requested provider version protocols are not supported * getproviders: move responsibility for protocol compatibility checks into the registry client The original implementation had the providercache checking the provider metadata for protocol compatibility, but this is only relevant for the registry source so it made more sense to move the logic into getproviders. This also addresses an issue where we were pulling the metadata for every provider version until we found one that was supported. I've extended the registry client to unmarshal the protocols in `ProviderVersions` so we can filter through that list, instead of pulling each version's metadata.
2020-05-11 19:49:12 +02:00
// MeetingConstraints returns a version set that contains all of the versions
// that meet the given constraints, specified using the Spec type from the
// constraints package.
func MeetingConstraints(vc VersionConstraints) VersionSet {
return versions.MeetingConstraints(vc)
}
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
// Platform represents a target platform that a provider is or might be
// available for.
type Platform struct {
OS, Arch string
}
func (p Platform) String() string {
return p.OS + "_" + p.Arch
}
internal/getproviders: Sorting and filtering for lists of PackageMeta These are utility functions to ease processing of lists of PackageMeta elsewhere, once we have functionality that works with multiple packages at once. The local filesystem mirror source will be the first example of this, so these methods are motivated mainly by its needs.
2020-02-21 02:57:15 +01:00
// LessThan returns true if the receiver should sort before the other given
// Platform in an ordered list of platforms.
//
// The ordering is lexical first by OS and then by Architecture.
// This ordering is primarily just to ensure that results of
// functions in this package will be deterministic. The ordering is not
// intended to have any semantic meaning and is subject to change in future.
func (p Platform) LessThan(other Platform) bool {
switch {
case p.OS != other.OS:
return p.OS < other.OS
default:
return p.Arch < other.Arch
}
}
internal/getproviders: ParsePlatform method This is just to have a centralized set of logic for converting from a platform string (like "linux_amd64") to a Platform object, so we can do normalization and validation consistently.
2020-02-21 02:54:35 +01:00
// ParsePlatform parses a string representation of a platform, like
// "linux_amd64", or returns an error if the string is not valid.
func ParsePlatform(str string) (Platform, error) {
providers subcommand tests (#28744) * getproviders ParsePlatform: add check for invalid platform strings with too many parts The existing logic would not catch things like a platform string containing multiple underscores. I've added an explicit check for exactly 2 parts and some basic tests to prove it. * command/providers-lock: add tests This commit adds some simple tests for the providers lock command. While adding this test I noticed that there was a mis-copied error message, so I replaced that with a more specific message. I also added .terraform.lock.hcl to our gitignore for hopefully obvious reasons. getproviders.ParsePlatform: use parts in place of slice range, since it's available * command: Providers mirror tests The providers mirror command is already well tested in e2e tests, so this includes only the most absolutely basic test case.
2021-05-19 18:56:16 +02:00
parts := strings.Split(str, "_")
if len(parts) != 2 {
internal/getproviders: ParsePlatform method This is just to have a centralized set of logic for converting from a platform string (like "linux_amd64") to a Platform object, so we can do normalization and validation consistently.
2020-02-21 02:54:35 +01:00
return Platform{}, fmt.Errorf("must be two words separated by an underscore")
}
providers subcommand tests (#28744) * getproviders ParsePlatform: add check for invalid platform strings with too many parts The existing logic would not catch things like a platform string containing multiple underscores. I've added an explicit check for exactly 2 parts and some basic tests to prove it. * command/providers-lock: add tests This commit adds some simple tests for the providers lock command. While adding this test I noticed that there was a mis-copied error message, so I replaced that with a more specific message. I also added .terraform.lock.hcl to our gitignore for hopefully obvious reasons. getproviders.ParsePlatform: use parts in place of slice range, since it's available * command: Providers mirror tests The providers mirror command is already well tested in e2e tests, so this includes only the most absolutely basic test case.
2021-05-19 18:56:16 +02:00
os, arch := parts[0], parts[1]
internal/getproviders: ParsePlatform method This is just to have a centralized set of logic for converting from a platform string (like "linux_amd64") to a Platform object, so we can do normalization and validation consistently.
2020-02-21 02:54:35 +01:00
if strings.ContainsAny(os, " \t\n\r") {
return Platform{}, fmt.Errorf("OS portion must not contain whitespace")
}
if strings.ContainsAny(arch, " \t\n\r") {
return Platform{}, fmt.Errorf("architecture portion must not contain whitespace")
}
return Platform{
OS: os,
Arch: arch,
}, nil
}
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
// CurrentPlatform is the platform where the current program is running.
//
// If attempting to install providers for use on the same system where the
// installation process is running, this is the right platform to use.
var CurrentPlatform = Platform{
OS: runtime.GOOS,
Arch: runtime.GOARCH,
}
// PackageMeta represents the metadata related to a particular downloadable
// provider package targeting a single platform.
//
// Package findproviders does no signature verification or protocol version
// compatibility checking of its own. A caller receving a PackageMeta must
// verify that it has a correct signature and supports a protocol version
// accepted by the current version of Terraform before trying to use the
// described package.
type PackageMeta struct {
internal/getproviders: Include Provider and Version in PackageMeta Although we tend to return these in contexts where at least one of these values is implied, being explicit means that PackageMeta values are self-contained and less reliant on such external context.
2020-02-21 02:53:11 +01:00
Provider addrs.Provider
Version Version
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
ProtocolVersions VersionList
TargetPlatform Platform
internal/getproviders: Initial implementation of FilesystemMirrorSource This is a basic implementation of FilesystemMirrorSource for now aimed only at the specific use-case of scanning the cache of provider plugins Terraform will keep under the ".terraform" directory, as part of our interim provider installer implementation for Terraform 0.13. The full functionality of this will grow out in later work when we implement explicit local filesystem mirrors, but for now the goal is to use this just to inspect the work done by the automatic installer once we switch it to the new provider-FQN-aware directory structure. The various FIXME comments in this are justified by the limited intended scope of this initial implementation, and they should be resolved by later work to use FilesystemMirrorSource explicitly for user-specified provider package mirrors.
2020-02-21 03:01:29 +01:00
Filename string
Location PackageLocation
internal/getproviders: Tidy up some confusion about package hashes Earlier on in the stubbing of this package we realized that it wasn't going to be possible to populate the authentication-related bits for all packages because the relevant metadata just isn't available for packages that are already local. However, we just moved ahead with that awkward design at the time because we needed to get other work done, and so we've been mostly producing PackageMeta values with all-zeros hashes and just ignoring them entirely as a temporary workaround. This is a first step towards what is hopefully a more intuitive model: authentication is an optional thing in a PackageMeta that is currently populated only for packages coming from a registry. So far this still just models checking a SHA256 hash, which is not a sufficient set of checks for a real release but hopefully the "real" implementation is a natural iteration of this starting point, and if not then at least this interim step is a bit more honest about the fact that Authentication will not be populated on every PackageMeta.
2020-04-03 21:11:57 +02:00
// Authentication, if non-nil, is a request from the source that produced
// this meta for verification of the target package after it has been
// retrieved from the indicated Location.
//
// Different sources will support different authentication strategies --
// or possibly no strategies at all -- depending on what metadata they
// have available to them, such as checksums provided out-of-band by the
// original package author, expected signing keys, etc.
//
// If Authentication is non-nil then no authentication is requested.
// This is likely appropriate only for packages that are already available
// on the local system.
Authentication PackageAuthentication
internal/getproviders: Query a provider registry Our existing provider installer was originally built to work with releases.hashicorp.com and later retrofitted to talk to the official Terraform Registry. It also assumes a flat namespace of providers. We're starting a new one here, copying and adapting code from the old one as necessary, so that we can build out this new API while retaining all of the existing functionality and then cut over to this new implementation in a later step. Here we're creating a foundational component for the new installer, which is a mechanism to query for the available versions and download locations of a particular provider. Subsequent commits in this package will introduce other Source implementations for installing from network and filesystem mirrors.
2019-12-20 02:24:14 +01:00
}
internal/getproviders: Source interface for generalization We intend to support installation both directly from origin registries and from mirrors in the local filesystem or over the network. This Source interface will serve as our abstraction over those three options, allowing calling code to treat them all the same.
2020-01-09 01:24:41 +01:00
internal/getproviders: Sorting and filtering for lists of PackageMeta These are utility functions to ease processing of lists of PackageMeta elsewhere, once we have functionality that works with multiple packages at once. The local filesystem mirror source will be the first example of this, so these methods are motivated mainly by its needs.
2020-02-21 02:57:15 +01:00
// LessThan returns true if the receiver should sort before the given other
// PackageMeta in a sorted list of PackageMeta.
//
// Sorting preference is given first to the provider address, then to the
// taget platform, and the to the version number (using semver precedence).
// Packages that differ only in semver build metadata have no defined
// precedence and so will always return false.
//
// This ordering is primarily just to maximize the chance that results of
// functions in this package will be deterministic. The ordering is not
// intended to have any semantic meaning and is subject to change in future.
func (m PackageMeta) LessThan(other PackageMeta) bool {
switch {
case m.Provider != other.Provider:
return m.Provider.LessThan(other.Provider)
case m.TargetPlatform != other.TargetPlatform:
return m.TargetPlatform.LessThan(other.TargetPlatform)
case m.Version != other.Version:
return m.Version.LessThan(other.Version)
default:
return false
}
}
internal/getproviders: Functions to determine installation directories The existing functionality in this package deals with finding packages that are either available for installation or already installed. In order to support installation we also need to determine the location where a package should be installed. This lives in the getproviders package because that way all of the logic related to the filesystem layout for local provider directories lives together here where they can be maintained together more easily in future.
2020-03-12 01:53:19 +01:00
// UnpackedDirectoryPath determines the path under the given base
// directory where SearchLocalDirectory or the FilesystemMirrorSource would
// expect to find an unpacked copy of the receiving PackageMeta.
//
// The result always uses forward slashes as path separator, even on Windows,
// to produce a consistent result on all platforms. Windows accepts both
// direction of slash as long as each individual path string is self-consistent.
func (m PackageMeta) UnpackedDirectoryPath(baseDir string) string {
return UnpackedDirectoryPathForPackage(baseDir, m.Provider, m.Version, m.TargetPlatform)
}
internal/getproviders: PackageFilePathForPackage This is the equivalent of UnpackedDirectoryPathForPackage when working with the packed directory layout. It returns a path to a .zip file with a name that would be detected by SearchLocalDirectory as a PackageLocalArchive package.
2020-04-24 03:12:01 +02:00
// PackedFilePath determines the path under the given base
// directory where SearchLocalDirectory or the FilesystemMirrorSource would
// expect to find packed copy (a .zip archive) of the receiving PackageMeta.
//
// The result always uses forward slashes as path separator, even on Windows,
// to produce a consistent result on all platforms. Windows accepts both
// direction of slash as long as each individual path string is self-consistent.
func (m PackageMeta) PackedFilePath(baseDir string) string {
return PackedFilePathForPackage(baseDir, m.Provider, m.Version, m.TargetPlatform)
}
getproviders: Prepare for having multiple valid hashes per package As we continue iterating towards saving valid hashes for a package in a depsfile lock file after installation and verifying them on future installation, this prepares getproviders for the possibility of having multiple valid hashes per package. This will arise in future commits for two reasons: - We will need to support both the legacy "zip hash" hashing scheme and the new-style content-based hashing scheme because currently the registry protocol is only able to produce the legacy scheme, but our other installation sources prefer the content-based scheme. Therefore packages will typically have a mixture of hashes of both types. - Installing from an upstream registry will save the hashes for the packages across all supported platforms, rather than just the current platform, and we'll consider all of those valid for future installation if we see both successful matching of the current platform checksum and a signature verification for the checksums file as a whole. This also includes some more preparation for the second case above in that signatureAuthentication now supports AcceptableHashes and returns all of the zip-based hashes it can find in the checksums file. This is a bit of an abstraction leak because previously that authenticator considered its "document" to just be opaque bytes, but we want to make sure that we can only end up trusting _all_ of the hashes if we've verified that the document is signed. Hopefully we'll make this better in a future commit with some refactoring, but that's deferred for now in order to minimize disruption to existing codepaths while we work towards a provider locking MVP.
2020-09-24 01:23:00 +02:00
// AcceptableHashes returns a set of hashes that could be recorded for
// comparison to future results for the same provider version, to implement a
// "trust on first use" scheme.
//
// The AcceptableHashes result is a platform-agnostic set of hashes, with the
// intent that in most cases it will be used as an additional cross-check in
// addition to a platform-specific hash check made during installation. However,
// there are some situations (such as verifying an already-installed package
// that's on local disk) where Terraform would check only against the results
// of this function, meaning that it would in principle accept another
// platform's package as a substitute for the correct platform. That's a
// pragmatic compromise to allow lock files derived from the result of this
// method to be portable across platforms.
internal/getproviders: Allow PackageMeta to carry acceptable hashes The "acceptable hashes" for a package is a set of hashes that the upstream source considers to be good hashes for checking whether future installs of the same provider version are considered to match this one. Because the acceptable hashes are a package authentication concern and they already need to be known (at least in part) to implement the authenticators, here we add AcceptableHashes as an optional extra method that an authenticator can implement. Because these are hashes chosen by the upstream system, the caller must make its own determination about their trustworthiness. The result of authentication is likely to be an input to that, for example by distrusting hashes produced by an authenticator that succeeds but doesn't report having validated anything.
2020-09-09 01:44:55 +02:00
//
// Callers of this method should typically also verify the package using the
// object in the Authentication field, and consider how much trust to give
// the result of this method depending on the authentication result: an
// unauthenticated result or one that only verified a checksum could be
// considered less trustworthy than one that checked the package against
// a signature provided by the origin registry.
//
// The AcceptableHashes result is actually provided by the object in the
// Authentication field. AcceptableHashes therefore returns an empty result
// for a PackageMeta that has no authentication object, or has one that does
// not make use of hashes.
getproviders: Prepare for having multiple valid hashes per package As we continue iterating towards saving valid hashes for a package in a depsfile lock file after installation and verifying them on future installation, this prepares getproviders for the possibility of having multiple valid hashes per package. This will arise in future commits for two reasons: - We will need to support both the legacy "zip hash" hashing scheme and the new-style content-based hashing scheme because currently the registry protocol is only able to produce the legacy scheme, but our other installation sources prefer the content-based scheme. Therefore packages will typically have a mixture of hashes of both types. - Installing from an upstream registry will save the hashes for the packages across all supported platforms, rather than just the current platform, and we'll consider all of those valid for future installation if we see both successful matching of the current platform checksum and a signature verification for the checksums file as a whole. This also includes some more preparation for the second case above in that signatureAuthentication now supports AcceptableHashes and returns all of the zip-based hashes it can find in the checksums file. This is a bit of an abstraction leak because previously that authenticator considered its "document" to just be opaque bytes, but we want to make sure that we can only end up trusting _all_ of the hashes if we've verified that the document is signed. Hopefully we'll make this better in a future commit with some refactoring, but that's deferred for now in order to minimize disruption to existing codepaths while we work towards a provider locking MVP.
2020-09-24 01:23:00 +02:00
func (m PackageMeta) AcceptableHashes() []Hash {
internal/getproviders: Allow PackageMeta to carry acceptable hashes The "acceptable hashes" for a package is a set of hashes that the upstream source considers to be good hashes for checking whether future installs of the same provider version are considered to match this one. Because the acceptable hashes are a package authentication concern and they already need to be known (at least in part) to implement the authenticators, here we add AcceptableHashes as an optional extra method that an authenticator can implement. Because these are hashes chosen by the upstream system, the caller must make its own determination about their trustworthiness. The result of authentication is likely to be an input to that, for example by distrusting hashes produced by an authenticator that succeeds but doesn't report having validated anything.
2020-09-09 01:44:55 +02:00
auth, ok := m.Authentication.(PackageAuthenticationHashes)
if !ok {
return nil
}
return auth.AcceptableHashes()
}
internal/getproviders: Source interface for generalization We intend to support installation both directly from origin registries and from mirrors in the local filesystem or over the network. This Source interface will serve as our abstraction over those three options, allowing calling code to treat them all the same.
2020-01-09 01:24:41 +01:00
// PackageLocation represents a location where a provider distribution package
internal/getproviders: Distinguished packed vs. unpacked local packages Our local filesystem mirror mechanism will allow provider packages to be given either in packed form as an archive directly downloaded to disk or in an unpacked form where the archive is extracted. Distinguishing these two cases in the concrete Location types will allow callers to reliably select the mode chosen by the selected installation source and handle it appropriately, rather than resorting to out-of-band heuristics like checking whether the object is a directory or a file.
2020-01-10 02:54:16 +01:00
// can be obtained. A value of this type contains one of the following
// concrete types: PackageLocalArchive, PackageLocalDir, or PackageHTTPURL.
internal/getproviders: Source interface for generalization We intend to support installation both directly from origin registries and from mirrors in the local filesystem or over the network. This Source interface will serve as our abstraction over those three options, allowing calling code to treat them all the same.
2020-01-09 01:24:41 +01:00
type PackageLocation interface {
packageLocation()
internal: Verify provider signatures on install Providers installed from the registry are accompanied by a list of checksums (the "SHA256SUMS" file), which is cryptographically signed to allow package authentication. The process of verifying this has multiple steps: - First we must verify that the SHA256 hash of the package archive matches the expected hash. This could be done for local installations too, in the future. - Next we ensure that the expected hash returned as part of the registry API response matches an entry in the checksum list. - Finally we verify the cryptographic signature of the checksum list, using the public keys provided by the registry. Each of these steps is implemented as a separate PackageAuthentication type. The local archive installation mechanism uses only the archive checksum authenticator, and the HTTP installation uses all three in the order given. The package authentication system now also returns a result value, which is used by command/init to display the result of the authentication process. There are three tiers of signature, each of which is presented differently to the user: - Signatures from the embedded HashiCorp public key indicate that the provider is officially supported by HashiCorp; - If the signing key is not from HashiCorp, it may have an associated trust signature, which indicates that the provider is from one of HashiCorp's trusted partners; - Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
String() string
internal/getproviders: Source interface for generalization We intend to support installation both directly from origin registries and from mirrors in the local filesystem or over the network. This Source interface will serve as our abstraction over those three options, allowing calling code to treat them all the same.
2020-01-09 01:24:41 +01:00
}
internal/getproviders: Distinguished packed vs. unpacked local packages Our local filesystem mirror mechanism will allow provider packages to be given either in packed form as an archive directly downloaded to disk or in an unpacked form where the archive is extracted. Distinguishing these two cases in the concrete Location types will allow callers to reliably select the mode chosen by the selected installation source and handle it appropriately, rather than resorting to out-of-band heuristics like checking whether the object is a directory or a file.
2020-01-10 02:54:16 +01:00
// PackageLocalArchive is the location of a provider distribution archive file
// in the local filesystem. Its value is a local filesystem path using the
// syntax understood by Go's standard path/filepath package on the operating
// system where Terraform is running.
type PackageLocalArchive string
internal/getproviders: Source interface for generalization We intend to support installation both directly from origin registries and from mirrors in the local filesystem or over the network. This Source interface will serve as our abstraction over those three options, allowing calling code to treat them all the same.
2020-01-09 01:24:41 +01:00
internal/getproviders: Distinguished packed vs. unpacked local packages Our local filesystem mirror mechanism will allow provider packages to be given either in packed form as an archive directly downloaded to disk or in an unpacked form where the archive is extracted. Distinguishing these two cases in the concrete Location types will allow callers to reliably select the mode chosen by the selected installation source and handle it appropriately, rather than resorting to out-of-band heuristics like checking whether the object is a directory or a file.
2020-01-10 02:54:16 +01:00
func (p PackageLocalArchive) packageLocation() {}
internal: Verify provider signatures on install Providers installed from the registry are accompanied by a list of checksums (the "SHA256SUMS" file), which is cryptographically signed to allow package authentication. The process of verifying this has multiple steps: - First we must verify that the SHA256 hash of the package archive matches the expected hash. This could be done for local installations too, in the future. - Next we ensure that the expected hash returned as part of the registry API response matches an entry in the checksum list. - Finally we verify the cryptographic signature of the checksum list, using the public keys provided by the registry. Each of these steps is implemented as a separate PackageAuthentication type. The local archive installation mechanism uses only the archive checksum authenticator, and the HTTP installation uses all three in the order given. The package authentication system now also returns a result value, which is used by command/init to display the result of the authentication process. There are three tiers of signature, each of which is presented differently to the user: - Signatures from the embedded HashiCorp public key indicate that the provider is officially supported by HashiCorp; - If the signing key is not from HashiCorp, it may have an associated trust signature, which indicates that the provider is from one of HashiCorp's trusted partners; - Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
func (p PackageLocalArchive) String() string { return string(p) }
internal/getproviders: Distinguished packed vs. unpacked local packages Our local filesystem mirror mechanism will allow provider packages to be given either in packed form as an archive directly downloaded to disk or in an unpacked form where the archive is extracted. Distinguishing these two cases in the concrete Location types will allow callers to reliably select the mode chosen by the selected installation source and handle it appropriately, rather than resorting to out-of-band heuristics like checking whether the object is a directory or a file.
2020-01-10 02:54:16 +01:00
// PackageLocalDir is the location of a directory containing an unpacked
// provider distribution archive in the local filesystem. Its value is a local
// filesystem path using the syntax understood by Go's standard path/filepath
// package on the operating system where Terraform is running.
type PackageLocalDir string
func (p PackageLocalDir) packageLocation() {}
internal: Verify provider signatures on install Providers installed from the registry are accompanied by a list of checksums (the "SHA256SUMS" file), which is cryptographically signed to allow package authentication. The process of verifying this has multiple steps: - First we must verify that the SHA256 hash of the package archive matches the expected hash. This could be done for local installations too, in the future. - Next we ensure that the expected hash returned as part of the registry API response matches an entry in the checksum list. - Finally we verify the cryptographic signature of the checksum list, using the public keys provided by the registry. Each of these steps is implemented as a separate PackageAuthentication type. The local archive installation mechanism uses only the archive checksum authenticator, and the HTTP installation uses all three in the order given. The package authentication system now also returns a result value, which is used by command/init to display the result of the authentication process. There are three tiers of signature, each of which is presented differently to the user: - Signatures from the embedded HashiCorp public key indicate that the provider is officially supported by HashiCorp; - If the signing key is not from HashiCorp, it may have an associated trust signature, which indicates that the provider is from one of HashiCorp's trusted partners; - Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
func (p PackageLocalDir) String() string { return string(p) }
internal/getproviders: Source interface for generalization We intend to support installation both directly from origin registries and from mirrors in the local filesystem or over the network. This Source interface will serve as our abstraction over those three options, allowing calling code to treat them all the same.
2020-01-09 01:24:41 +01:00
// PackageHTTPURL is a provider package location accessible via HTTP.
// Its value is a URL string using either the http: scheme or the https: scheme.
type PackageHTTPURL string
func (p PackageHTTPURL) packageLocation() {}
internal: Verify provider signatures on install Providers installed from the registry are accompanied by a list of checksums (the "SHA256SUMS" file), which is cryptographically signed to allow package authentication. The process of verifying this has multiple steps: - First we must verify that the SHA256 hash of the package archive matches the expected hash. This could be done for local installations too, in the future. - Next we ensure that the expected hash returned as part of the registry API response matches an entry in the checksum list. - Finally we verify the cryptographic signature of the checksum list, using the public keys provided by the registry. Each of these steps is implemented as a separate PackageAuthentication type. The local archive installation mechanism uses only the archive checksum authenticator, and the HTTP installation uses all three in the order given. The package authentication system now also returns a result value, which is used by command/init to display the result of the authentication process. There are three tiers of signature, each of which is presented differently to the user: - Signatures from the embedded HashiCorp public key indicate that the provider is officially supported by HashiCorp; - If the signing key is not from HashiCorp, it may have an associated trust signature, which indicates that the provider is from one of HashiCorp's trusted partners; - Otherwise, if the signature is valid, this is a community provider.
2020-04-08 22:22:07 +02:00
func (p PackageHTTPURL) String() string { return string(p) }
internal/getproviders: Sorting and filtering for lists of PackageMeta These are utility functions to ease processing of lists of PackageMeta elsewhere, once we have functionality that works with multiple packages at once. The local filesystem mirror source will be the first example of this, so these methods are motivated mainly by its needs.
2020-02-21 02:57:15 +01:00
// PackageMetaList is a list of PackageMeta. It's just []PackageMeta with
// some methods for convenient sorting and filtering.
type PackageMetaList []PackageMeta
func (l PackageMetaList) Len() int {
return len(l)
}
func (l PackageMetaList) Less(i, j int) bool {
return l[i].LessThan(l[j])
}
func (l PackageMetaList) Swap(i, j int) {
l[i], l[j] = l[j], l[i]
}
// Sort performs an in-place, stable sort on the contents of the list, using
// the ordering given by method Less. This ordering is primarily to help
// encourage deterministic results from functions and does not have any
// semantic meaning.
func (l PackageMetaList) Sort() {
sort.Stable(l)
}
// FilterPlatform constructs a new PackageMetaList that contains only the
// elements of the receiver that are for the given target platform.
//
// Pass CurrentPlatform to filter only for packages targeting the platform
// where this code is running.
func (l PackageMetaList) FilterPlatform(target Platform) PackageMetaList {
var ret PackageMetaList
for _, m := range l {
if m.TargetPlatform == target {
ret = append(ret, m)
}
}
return ret
}
// FilterProviderExactVersion constructs a new PackageMetaList that contains
// only the elements of the receiver that relate to the given provider address
// and exact version.
//
// The version matching for this function is exact, including matching on
// semver build metadata, because it's intended for handling a single exact
// version selected by the caller from a set of available versions.
func (l PackageMetaList) FilterProviderExactVersion(provider addrs.Provider, version Version) PackageMetaList {
var ret PackageMetaList
for _, m := range l {
if m.Provider == provider && m.Version == version {
ret = append(ret, m)
}
}
return ret
}
// FilterProviderPlatformExactVersion is a combination of both
// FilterPlatform and FilterProviderExactVersion that filters by all three
// criteria at once.
func (l PackageMetaList) FilterProviderPlatformExactVersion(provider addrs.Provider, platform Platform, version Version) PackageMetaList {
var ret PackageMetaList
for _, m := range l {
if m.Provider == provider && m.Version == version && m.TargetPlatform == platform {
ret = append(ret, m)
}
}
return ret
}
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
internal/depsfile: Loading locks from HCL files on disk This is the initial implementation of the parser/decoder portion of the new dependency lock file handler. It's currently dead code because the caller isn't written yet. We'll continue to build out this functionality here until we have the basic level of both load and save functionality before introducing this into the provider installer codepath.
2020-09-04 03:35:31 +02:00
// VersionConstraintsString returns a canonical string representation of
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
// a VersionConstraints value.
func VersionConstraintsString(spec VersionConstraints) string {
// (we have our own function for this because the upstream versions
// library prefers to use npm/cargo-style constraint syntax, but
// Terraform prefers Ruby-like. Maybe we can upstream a "RubyLikeString")
// function to do this later, but having this in here avoids blocking on
// that and this is the sort of thing that is unlikely to need ongoing
// maintenance because the version constraint syntax is unlikely to change.)
internal/depsfile: Loading locks from HCL files on disk This is the initial implementation of the parser/decoder portion of the new dependency lock file handler. It's currently dead code because the caller isn't written yet. We'll continue to build out this functionality here until we have the basic level of both load and save functionality before introducing this into the provider installer codepath.
2020-09-04 03:35:31 +02:00
//
// ParseVersionConstraints allows some variations for convenience, but the
// return value from this function serves as the normalized form of a
// particular version constraint, which is the form we require in dependency
// lock files. Therefore the canonical forms produced here are a compatibility
// constraint for the dependency lock file parser.
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
getproviders: Consistent ordering of terms in VersionConstraintsString An earlier commit made this remove duplicates, which set the precedent that this function is trying to canonically represent the _meaning_ of the version constraints rather than exactly how they were expressed in the configuration. Continuing in that vein, now we'll also apply a consistent (though perhaps often rather arbitrary) ordering to the terms, so that it doesn't change due to irrelevant details like declarations being written in a different order in the configuration. The ordering here is intended to be reasonably intuitive for simple cases, but constraint strings with many different constraints are hard to interpret no matter how we order them so the main goal is consistency, so those watching how the constraints change over time (e.g. in logs of Terraform output, or in the dependency log file) will see fewer noisy changes that don't actually mean anything.
2020-10-26 19:42:47 +01:00
if len(spec) == 0 {
return ""
}
internal: Suppress duplicate version constraints A set of version constraints can contain duplicates. This can happen if multiple identical constraints are specified throughout a configuration. When rendering the set, it is confusing to display redundant constraints. This commit changes the string renderer to only show the first instance of a given constraint, and adds unit tests for this function to cover this change. This also fixes a bug with the locks file generation: previously, a configuration with redundant constraints would result in this error on second init: Error: Invalid provider version constraints on .terraform.lock.hcl line 6: (source code not available) The recorded version constraints for provider registry.terraform.io/hashicorp/random must be written in normalized form: "3.0.0".
2020-10-22 18:04:16 +02:00
getproviders: Consistent ordering of terms in VersionConstraintsString An earlier commit made this remove duplicates, which set the precedent that this function is trying to canonically represent the _meaning_ of the version constraints rather than exactly how they were expressed in the configuration. Continuing in that vein, now we'll also apply a consistent (though perhaps often rather arbitrary) ordering to the terms, so that it doesn't change due to irrelevant details like declarations being written in a different order in the configuration. The ordering here is intended to be reasonably intuitive for simple cases, but constraint strings with many different constraints are hard to interpret no matter how we order them so the main goal is consistency, so those watching how the constraints change over time (e.g. in logs of Terraform output, or in the dependency log file) will see fewer noisy changes that don't actually mean anything.
2020-10-26 19:42:47 +01:00
// VersionConstraints values are typically assembled by combining together
// the version constraints from many separate declarations throughout
// a configuration, across many modules. As a consequence, they typically
// contain duplicates and the terms inside are in no particular order.
// For our canonical representation we'll both deduplicate the items
// and sort them into a consistent order.
sels := make(map[constraints.SelectionSpec]struct{})
for _, sel := range spec {
getproviders: Normalize versions before dedupe When rendering a set of version constraints to a string, we normalize partially-constrained versions. This means converting a version like 2.68.* to 2.68.0. Prior to this commit, this normalization was done after deduplication. This could result in a version constraints string with duplicate entries, if multiple partially-constrained versions are equivalent. This commit fixes this by normalizing before deduplicating and sorting.
2020-11-02 16:01:08 +01:00
// The parser allows writing abbreviated version (such as 2) which
// end up being represented in memory with trailing unconstrained parts
// (for example 2.*.*). For the purpose of serialization with Ruby
// style syntax, these unconstrained parts can all be represented as 0
// with no loss of meaning, so we make that conversion here. Doing so
// allows us to deduplicate equivalent constraints, such as >= 2.0 and
// >= 2.0.0.
normalizedSel := constraints.SelectionSpec{
Operator: sel.Operator,
Boundary: sel.Boundary.ConstrainToZero(),
}
sels[normalizedSel] = struct{}{}
getproviders: Consistent ordering of terms in VersionConstraintsString An earlier commit made this remove duplicates, which set the precedent that this function is trying to canonically represent the _meaning_ of the version constraints rather than exactly how they were expressed in the configuration. Continuing in that vein, now we'll also apply a consistent (though perhaps often rather arbitrary) ordering to the terms, so that it doesn't change due to irrelevant details like declarations being written in a different order in the configuration. The ordering here is intended to be reasonably intuitive for simple cases, but constraint strings with many different constraints are hard to interpret no matter how we order them so the main goal is consistency, so those watching how the constraints change over time (e.g. in logs of Terraform output, or in the dependency log file) will see fewer noisy changes that don't actually mean anything.
2020-10-26 19:42:47 +01:00
}
selsOrder := make([]constraints.SelectionSpec, 0, len(sels))
for sel := range sels {
selsOrder = append(selsOrder, sel)
}
sort.Slice(selsOrder, func(i, j int) bool {
is, js := selsOrder[i], selsOrder[j]
boundaryCmp := versionSelectionBoundaryCompare(is.Boundary, js.Boundary)
if boundaryCmp == 0 {
// The operator is the decider, then.
return versionSelectionOperatorLess(is.Operator, js.Operator)
internal: Suppress duplicate version constraints A set of version constraints can contain duplicates. This can happen if multiple identical constraints are specified throughout a configuration. When rendering the set, it is confusing to display redundant constraints. This commit changes the string renderer to only show the first instance of a given constraint, and adds unit tests for this function to cover this change. This also fixes a bug with the locks file generation: previously, a configuration with redundant constraints would result in this error on second init: Error: Invalid provider version constraints on .terraform.lock.hcl line 6: (source code not available) The recorded version constraints for provider registry.terraform.io/hashicorp/random must be written in normalized form: "3.0.0".
2020-10-22 18:04:16 +02:00
}
getproviders: Consistent ordering of terms in VersionConstraintsString An earlier commit made this remove duplicates, which set the precedent that this function is trying to canonically represent the _meaning_ of the version constraints rather than exactly how they were expressed in the configuration. Continuing in that vein, now we'll also apply a consistent (though perhaps often rather arbitrary) ordering to the terms, so that it doesn't change due to irrelevant details like declarations being written in a different order in the configuration. The ordering here is intended to be reasonably intuitive for simple cases, but constraint strings with many different constraints are hard to interpret no matter how we order them so the main goal is consistency, so those watching how the constraints change over time (e.g. in logs of Terraform output, or in the dependency log file) will see fewer noisy changes that don't actually mean anything.
2020-10-26 19:42:47 +01:00
return boundaryCmp < 0
})
var b strings.Builder
for i, sel := range selsOrder {
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
if i > 0 {
b.WriteString(", ")
}
switch sel.Operator {
case constraints.OpGreaterThan:
b.WriteString("> ")
case constraints.OpLessThan:
b.WriteString("< ")
case constraints.OpGreaterThanOrEqual:
b.WriteString(">= ")
case constraints.OpGreaterThanOrEqualPatchOnly, constraints.OpGreaterThanOrEqualMinorOnly:
// These two differ in how the version is written, not in the symbol.
b.WriteString("~> ")
case constraints.OpLessThanOrEqual:
b.WriteString("<= ")
case constraints.OpEqual:
b.WriteString("")
case constraints.OpNotEqual:
b.WriteString("!= ")
default:
// The above covers all of the operators we support during
// parsing, so we should not get here.
b.WriteString("??? ")
}
getproviders: Normalize versions before dedupe When rendering a set of version constraints to a string, we normalize partially-constrained versions. This means converting a version like 2.68.* to 2.68.0. Prior to this commit, this normalization was done after deduplication. This could result in a version constraints string with duplicate entries, if multiple partially-constrained versions are equivalent. This commit fixes this by normalizing before deduplicating and sorting.
2020-11-02 16:01:08 +01:00
// We use a different constraint operator to distinguish between the
// two types of pessimistic constraint: minor-only and patch-only. For
// minor-only constraints, we always want to display only the major and
// minor version components, so we special-case that operator below.
internal: Fix lockfile constraint output for 1.2.* If a configuration requires a partial provider version (with some parts unspecified), Terraform considers this as a constrained-to-zero version. For example, a version constraint of 1.2 will result in an attempt to install version 1.2.0, even if 1.2.1 is available. When writing the dependency locks file, we previously would write 1.2.*, as this is the in-memory representation of 1.2. This would then cause an error on re-reading the locks file, as this is not a valid constraint format. Instead, we now explicitly convert the constraint to its zero-filled representation before writing the locks file. This ensures that it correctly round-trips. Because this change is made in getproviders.VersionConstraintsString, it also affects the output of the providers sub-command.
2020-10-19 22:37:00 +02:00
//
// One final edge case is a minor-only constraint specified with only
// the major version, such as ~> 2. We treat this the same as ~> 2.0,
// because a major-only pessimistic constraint does not exist: it is
// logically identical to >= 2.0.0.
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
if sel.Operator == constraints.OpGreaterThanOrEqualMinorOnly {
// The minor-pessimistic syntax uses only two version components.
getproviders: Normalize versions before dedupe When rendering a set of version constraints to a string, we normalize partially-constrained versions. This means converting a version like 2.68.* to 2.68.0. Prior to this commit, this normalization was done after deduplication. This could result in a version constraints string with duplicate entries, if multiple partially-constrained versions are equivalent. This commit fixes this by normalizing before deduplicating and sorting.
2020-11-02 16:01:08 +01:00
fmt.Fprintf(&b, "%s.%s", sel.Boundary.Major, sel.Boundary.Minor)
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
} else {
getproviders: Normalize versions before dedupe When rendering a set of version constraints to a string, we normalize partially-constrained versions. This means converting a version like 2.68.* to 2.68.0. Prior to this commit, this normalization was done after deduplication. This could result in a version constraints string with duplicate entries, if multiple partially-constrained versions are equivalent. This commit fixes this by normalizing before deduplicating and sorting.
2020-11-02 16:01:08 +01:00
fmt.Fprintf(&b, "%s.%s.%s", sel.Boundary.Major, sel.Boundary.Minor, sel.Boundary.Patch)
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
}
if sel.Boundary.Prerelease != "" {
getproviders: Normalize versions before dedupe When rendering a set of version constraints to a string, we normalize partially-constrained versions. This means converting a version like 2.68.* to 2.68.0. Prior to this commit, this normalization was done after deduplication. This could result in a version constraints string with duplicate entries, if multiple partially-constrained versions are equivalent. This commit fixes this by normalizing before deduplicating and sorting.
2020-11-02 16:01:08 +01:00
b.WriteString("-" + sel.Boundary.Prerelease)
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
}
if sel.Boundary.Metadata != "" {
getproviders: Normalize versions before dedupe When rendering a set of version constraints to a string, we normalize partially-constrained versions. This means converting a version like 2.68.* to 2.68.0. Prior to this commit, this normalization was done after deduplication. This could result in a version constraints string with duplicate entries, if multiple partially-constrained versions are equivalent. This commit fixes this by normalizing before deduplicating and sorting.
2020-11-02 16:01:08 +01:00
b.WriteString("+" + sel.Boundary.Metadata)
internal/providercache: First pass of the actual install process This is not tested yet, but it's a compilable strawman implementation of the necessary sequence of events to coordinate all of the moving parts of running a provider installation operation. This will inevitably see more iteration in later commits as we complete the surrounding parts and wire it up to be used by "terraform init". So far, it's just dead code not called by any other package.
2020-03-13 01:48:30 +01:00
}
}
return b.String()
}
getproviders: Consistent ordering of terms in VersionConstraintsString An earlier commit made this remove duplicates, which set the precedent that this function is trying to canonically represent the _meaning_ of the version constraints rather than exactly how they were expressed in the configuration. Continuing in that vein, now we'll also apply a consistent (though perhaps often rather arbitrary) ordering to the terms, so that it doesn't change due to irrelevant details like declarations being written in a different order in the configuration. The ordering here is intended to be reasonably intuitive for simple cases, but constraint strings with many different constraints are hard to interpret no matter how we order them so the main goal is consistency, so those watching how the constraints change over time (e.g. in logs of Terraform output, or in the dependency log file) will see fewer noisy changes that don't actually mean anything.
2020-10-26 19:42:47 +01:00
// Our sort for selection operators is somewhat arbitrary and mainly motivated
// by consistency rather than meaning, but this ordering does at least try
// to make it so "simple" constraint sets will appear how a human might
// typically write them, with the lower bounds first and the upper bounds
// last. Weird mixtures of different sorts of constraints will likely seem
// less intuitive, but they'd be unintuitive no matter the ordering.
var versionSelectionsBoundaryPriority = map[constraints.SelectionOp]int{
// We skip zero here so that if we end up seeing an invalid
// operator (which the string function would render as "???")
// then it will have index zero and thus appear first.
constraints.OpGreaterThan: 1,
constraints.OpGreaterThanOrEqual: 2,
constraints.OpEqual: 3,
constraints.OpGreaterThanOrEqualPatchOnly: 4,
constraints.OpGreaterThanOrEqualMinorOnly: 5,
constraints.OpLessThanOrEqual: 6,
constraints.OpLessThan: 7,
constraints.OpNotEqual: 8,
}
func versionSelectionOperatorLess(i, j constraints.SelectionOp) bool {
iPrio := versionSelectionsBoundaryPriority[i]
jPrio := versionSelectionsBoundaryPriority[j]
return iPrio < jPrio
}
func versionSelectionBoundaryCompare(i, j constraints.VersionSpec) int {
// In the Ruby-style constraint syntax, unconstrained parts appear
// only for omitted portions of a version string, like writing
// "2" instead of "2.0.0". For sorting purposes we'll just
// consider those as zero, which also matches how we serialize them
// to strings.
i, j = i.ConstrainToZero(), j.ConstrainToZero()
// Once we've removed any unconstrained parts, we can safely
// convert to our main Version type so we can use its ordering.
iv := Version{
Major: i.Major.Num,
Minor: i.Minor.Num,
Patch: i.Patch.Num,
Prerelease: versions.VersionExtra(i.Prerelease),
Metadata: versions.VersionExtra(i.Metadata),
}
jv := Version{
Major: j.Major.Num,
Minor: j.Minor.Num,
Patch: j.Patch.Num,
Prerelease: versions.VersionExtra(j.Prerelease),
Metadata: versions.VersionExtra(j.Metadata),
}
if iv.Same(jv) {
// Although build metadata doesn't normally weigh in to
// precedence choices, we'll use it for our visual
// ordering just because we need to pick _some_ order.
switch {
case iv.Metadata.Raw() == jv.Metadata.Raw():
return 0
case iv.Metadata.LessThan(jv.Metadata):
return -1
default:
return 1 // greater, by elimination
}
}
switch {
case iv.LessThan(jv):
return -1
default:
return 1 // greater, by elimination
}
}