terraform: verify import providers only depend on vars

This commit is contained in:
Mitchell Hashimoto 2016-11-02 11:08:16 -07:00
parent ec6e14c4d0
commit ec0ef95c6f
No known key found for this signature in database
GPG Key ID: 744E147AA52F5B0A
5 changed files with 79 additions and 1 deletions

View File

@ -19,8 +19,8 @@ func (c *ImportCommand) Run(args []string) int {
args = c.Meta.process(args, true) args = c.Meta.process(args, true)
cmdFlags := c.Meta.flagSet("import") cmdFlags := c.Meta.flagSet("import")
cmdFlags.StringVar(&c.Meta.statePath, "state", DefaultStateFilename, "path")
cmdFlags.IntVar(&c.Meta.parallelism, "parallelism", 0, "parallelism") cmdFlags.IntVar(&c.Meta.parallelism, "parallelism", 0, "parallelism")
cmdFlags.StringVar(&c.Meta.statePath, "state", DefaultStateFilename, "path")
cmdFlags.StringVar(&c.Meta.stateOutPath, "state-out", "", "path") cmdFlags.StringVar(&c.Meta.stateOutPath, "state-out", "", "path")
cmdFlags.StringVar(&c.Meta.backupPath, "backup", "", "path") cmdFlags.StringVar(&c.Meta.backupPath, "backup", "", "path")
cmdFlags.Usage = func() { c.Ui.Error(c.Help()) } cmdFlags.Usage = func() { c.Ui.Error(c.Help()) }

View File

@ -264,6 +264,36 @@ func TestContextImport_providerVarConfig(t *testing.T) {
} }
} }
// Test that provider configs can't reference resources.
func TestContextImport_providerNonVarConfig(t *testing.T) {
p := testProvider("aws")
ctx := testContext2(t, &ContextOpts{
Module: testModule(t, "import-provider-non-vars"),
Providers: map[string]ResourceProviderFactory{
"aws": testProviderFuncFixed(p),
},
})
p.ImportStateReturn = []*InstanceState{
&InstanceState{
ID: "foo",
Ephemeral: EphemeralState{Type: "aws_instance"},
},
}
_, err := ctx.Import(&ImportOpts{
Targets: []*ImportTarget{
&ImportTarget{
Addr: "aws_instance.foo",
ID: "bar",
},
},
})
if err == nil {
t.Fatal("should error")
}
}
func TestContextImport_refresh(t *testing.T) { func TestContextImport_refresh(t *testing.T) {
p := testProvider("aws") p := testProvider("aws")
ctx := testContext2(t, &ContextOpts{ ctx := testContext2(t, &ContextOpts{

View File

@ -58,6 +58,9 @@ func (b *ImportGraphBuilder) Steps() []GraphTransformer {
&PruneProviderTransformer{}, &PruneProviderTransformer{},
&AttachProviderConfigTransformer{Module: mod}, &AttachProviderConfigTransformer{Module: mod},
// This validates that the providers only depend on variables
&ImportProviderValidateTransformer{},
// Single root // Single root
&RootTransformer{}, &RootTransformer{},

View File

@ -0,0 +1,7 @@
provider "aws" {
foo = "${aws_instance.foo.bar}"
}
resource "aws_instance" "foo" {
bar = "value"
}

View File

@ -0,0 +1,38 @@
package terraform
import (
"fmt"
"strings"
)
// ImportProviderValidateTransformer is a GraphTransformer that goes through
// the providers in the graph and validates that they only depend on variables.
type ImportProviderValidateTransformer struct{}
func (t *ImportProviderValidateTransformer) Transform(g *Graph) error {
for _, v := range g.Vertices() {
// We only care about providers
pv, ok := v.(GraphNodeProvider)
if !ok {
continue
}
// We only care about providers that reference things
rn, ok := pv.(GraphNodeReferencer)
if !ok {
continue
}
for _, ref := range rn.References() {
if !strings.HasPrefix(ref, "var.") {
return fmt.Errorf(
"Provider %q depends on non-var %q. Providers for import can currently\n"+
"only depend on variables or must be hardcoded. You can stop import\n"+
"from loading configurations by specifying `-config=\"\"`.",
pv.ProviderName(), ref)
}
}
}
return nil
}