Commit Graph

5889 Commits

Author SHA1 Message Date
Sean Chittenden db5d7b0438
Style nit 2016-12-10 12:32:21 +11:00
Sean Chittenden bfc2a2d42f
Commit WIP re: updated postgresql_role provider.
*Read() and *Update() still need to be updated.
2016-12-10 12:32:20 +11:00
Sean Chittenden 2e529146a5
Remove unused code. 2016-12-10 12:32:20 +11:00
Sean Chittenden 6b540ecb55
Don't use d.GetOk() when the zero value is a required attribute.
Add "pathological" test.
2016-12-10 12:32:20 +11:00
Sean Chittenden 37fdc958b3
Always remove the IS_TEMPLATE attribute before dropping a database. 2016-12-10 12:32:20 +11:00
Sean Chittenden e9b2b38288
Remove SetId() call from *Read(), this isn't required for import to work. 2016-12-10 12:32:20 +11:00
Sean Chittenden f253fc9eff
Commit miss earlier, fix syntax from unstaged commit. 2016-12-10 12:32:20 +11:00
Sean Chittenden 5280c37bea
`postgresql_database` resource provider should now be feature complete.
* Add support to import databases.  See docs.
* Add support for renaming databases
* Add support for all known PostgreSQL database attributes, including:
  * "allow_connections"
  * "lc_ctype"
  * "lc_collate"
  * "connection_limit"
  * "encoding"
  * "is_template"
  * "owner"
  * "tablespace_name"
  * "template"
2016-12-10 12:32:20 +11:00
Sean Chittenden 59f4ad6fd1
Alpha sort the resources in the PostgreSQL map. 2016-12-10 12:32:19 +11:00
Sean Chittenden 300ef2bc97
Add `connect_timeout` support to the PostgreSQL provider. 2016-12-10 12:32:19 +11:00
Sean Chittenden 3750bf7af2
Depreciate the PostgreSQL provider's `ssl_mode` option in favor of `sslmode`.
Both libpq(3) and github.com/lib/pq both use `sslmode`.  Prefer this vs
the non-standard `ssl_mode`.  `ssl_mode` is supported for compatibility
but should be removed in the future.

Changelog: yes
2016-12-10 12:32:19 +11:00
Sean Chittenden a200899d93
Allow the PostgreSQL provider to talk to a non-default database. 2016-12-10 12:32:19 +11:00
Sean Chittenden 602a908d7b
Add a `fallback_application_name` to the PostgreSQL DSN. 2016-12-10 12:32:19 +11:00
Sean Chittenden 44d907a3de
Revert "Prefer PGHOSTADDR over PGHOST, if set." lib/pq doesn't support PGHOSTADDR.
d8eeeb8bae/conn.go (L1851)

This reverts commit 26a2a974f2b2f2cefd41b426b8469fa3ea72b33e.
2016-12-10 12:32:19 +11:00
Sean Chittenden 55061d190a
Prefer PGHOSTADDR over PGHOST, if set. 2016-12-10 12:32:19 +11:00
Sean Chittenden 3779dfffa9
Use a string instead of the `%t` modifier for printing a bool in SQL 2016-12-10 12:32:19 +11:00
Sean Chittenden 5b66bf0745
ForceNew is required when changing the locale, ctype, and encoding.
This will cause someone some grief.  TODO: Figure out how to prevent
someone from blowing off their foot if they twiddle this after the
fact.
2016-12-10 12:32:18 +11:00
Sean Chittenden 547dcf27e1
Decorate the computed attribute where appropriate 2016-12-10 12:32:18 +11:00
Sean Chittenden 242405bdf1
Factor out the validate function for connection limits 2016-12-10 12:32:18 +11:00
Sean Chittenden 02dea2edd9
Add missing descriptions to owner and name 2016-12-10 12:32:18 +11:00
Sean Chittenden deb91f61ce
Update the descriptions to mostly match the official PostgreSQL docs. 2016-12-10 12:32:18 +11:00
Sean Chittenden 68cadd3c2a
Update the FIXME/TODO style to match Google style guides 2016-12-10 12:32:18 +11:00
Sean Chittenden f3add9e7ef
Flesh out the CREATE DATABASE for PostgreSQL. 2016-12-10 12:32:18 +11:00
Sean Chittenden 2aee081e4b
Eh, specify default values lib/pq zero initializes itself 2016-12-10 12:32:17 +11:00
Sean Chittenden 7e5ccc089b
Spell `ssl_mode` like `sslmode` 2016-12-10 12:32:17 +11:00
Sean Chittenden 655617ed6a
Remove the PGPASSWORD requirement for tests.
If they're required and the value is missing, the test will fail.  There's
no need to enforce that in the test itself.
2016-12-10 12:32:17 +11:00
Sean Chittenden ec130d538c
Add comments requesting that the testing-specific environment variables
can be removed in Terraform 0.8.0
2016-12-10 12:32:17 +11:00
Sean Chittenden b68ef2c40b
Fall through to using the defaults from github.com/lib/pq 2016-12-10 12:32:17 +11:00
Sean Chittenden f31ebff10e
Change the PostgreSQL PGSSLMODE option to sslmode to match PostgreSQL idioms.
Also don't specify the default and rely on github.com/lib/pq (which uses "required"
and is different than what libpq(3) uses, which is "preferred" and unsupported by
github.com/lib/pq).
2016-12-10 12:32:17 +11:00
Paul Stack c69e325a1a provider/aws: Add support for AWS Lightsail Domain (#10637)
```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLightsailDomain_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/12/09 15:19:58 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSLightsailDomain_ -timeout 120m
=== RUN   TestAccAWSLightsailDomain_basic
--- PASS: TestAccAWSLightsailDomain_basic (16.28s)
=== RUN   TestAccAWSLightsailDomain_disappears
--- PASS: TestAccAWSLightsailDomain_disappears (12.71s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws29.015s
```
2016-12-09 17:56:48 +00:00
Clint e705cd9a93 Merge pull request #10635 from dougneal/import_vpc_peerconn_accepter_fix
provider/aws: aws_vpc_peering_connection: import fix
2016-12-09 11:50:55 -06:00
Tom Wilkie dd39296d6c Allow import of aws_security_groups with more than one source_security_group_id rule (#9477)
* Allow import of aws_security_groups with more than one source_security_group_id rule

* Add acceptable test for security group with multiple source rules.
2016-12-09 15:50:51 +00:00
Clint 5f765d9de6 Merge pull request #10624 from hashicorp/pr-9891
provider/aws: Add aws_snapshot_create_volume_permission resource (contd. #9891)
2016-12-09 08:43:18 -06:00
Clint 0766074289 Merge pull request #10583 from hashicorp/f-lightsail-key-pair
provider/aws: Add Lightsail Key Pair resource
2016-12-09 08:26:00 -06:00
Doug Neal 24baa38408 provider/aws: aws_vpc_peering_connection: import fix
When importing an `aws_vpc_peering_connection`, the code assumes that
the account under Terraform control is the initiator (requester) of the
VPC peering request. This holds true when the peering connection is
between two VPCs in the same account, or when the peering connection has
been initiated from the controlled account to another.

However, when the peering connection has been initiated from a foreign
account towards the account under management, importing the peering
connection into the statefile results in values of `peer_vpc_id` and
`vpc_id` being the opposite way round to what they should be, and in the
`peer_owner_id` being set to the managed account's ID rather than the
foreign account's ID.

This patch checks the Accepter and Requester Owner IDs against the AWS
connection's reported owner ID, and reverses the mapping if it is
determined that the VPC peering connection is owned by the foreign
account.
2016-12-09 12:05:06 +00:00
Peter McAtominey 6f21b78710 provider/azurerm: fix virtual_machine reading plan as the wrong type (#10626)
TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMVirtualMachine_plan -timeout 120m
=== RUN   TestAccAzureRMVirtualMachine_plan
--- PASS: TestAccAzureRMVirtualMachine_plan (798.75s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/azurerm	798.835s
2016-12-09 10:41:45 +01:00
Eddy Hernandez 7e737dac62 Add support for AWS CA Central 1 Region (#10618)
* Add support for AWS CA Central 1 Region

* additional metadata for ca-central-1

* add elb metadata for ca-central-1
2016-12-09 10:35:07 +01:00
Dana Hoffman 2ad3042877 fix tests 2016-12-08 19:59:03 -08:00
clint shryock 42057045ff refactor the test to use caller_identity data source, and new ebs_snapshot resource 2016-12-08 16:43:03 -06:00
Jeremy Asher 185ee439da add wait after AWS snapshot attr modification
This adds up to a 5 minute wait after issuing an add or remove request
to adjust a snapshot's createVolumePermission attribute.
2016-12-08 16:12:25 -06:00
Jeremy Asher f20d1c3caa WIP aws_snapshot_create_volume_permission tests 2016-12-08 16:12:24 -06:00
Jeremy Asher 7216185f0d implement aws_snapshot_create_volume_permission
This adds the new resource aws_snapshot_create_volume_permission which
manages the createVolumePermission attribute of snapshots.  This allows
granting an AWS account permissions to create a volume from a particular
snapshot.  This is often required to allow another account to copy a
private AMI.
2016-12-08 16:12:23 -06:00
Dana Hoffman 985b4e2b66 use conflictswith for health check instead of separate type field 2016-12-08 13:35:57 -08:00
clint shryock 97ac4bde16 implement name_prefix 2016-12-08 14:08:45 -06:00
Dana Hoffman 35664ff0e1 log id of health check that still exists on destroy 2016-12-08 10:40:09 -08:00
clint shryock 1e8e83fa6a provider/aws: Encrypt aws_iam_access_key.secret with pgp
optionally encrypt the iam access key secret with a pgp key
2016-12-08 11:08:05 -06:00
Peter McAtominey 56344eb98d provider/azurerm: fix servicebus_topic max_size_in_megabytes for premium namespaces (#10611)
The value is only multiplied by the API for topics in non-premium namespaces

TF_ACC=1 go test ./builtin/providers/azurerm -v -run TestAccAzureRMServiceBusTopic_enablePartitioning -timeout 120m
=== RUN   TestAccAzureRMServiceBusTopic_enablePartitioningStandard
--- PASS: TestAccAzureRMServiceBusTopic_enablePartitioningStandard (378.80s)
=== RUN   TestAccAzureRMServiceBusTopic_enablePartitioningPremium
--- PASS: TestAccAzureRMServiceBusTopic_enablePartitioningPremium (655.00s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/azurerm	1033.874s
2016-12-08 17:06:27 +01:00
Doug Neal 195b041cd5 Validate `effect` in aws_iam_policy_document data source (#10608)
AWS allows only the case-sensitive strings `Allow` and `Deny` to appear
in the `Effect` fields of IAM policy documents. Catch deviations from
this, including mis-casing, before hitting the API and generating an
error (the error is a generic 400 and doesn't indicate what part of the
policy doc is invalid).
2016-12-08 16:16:40 +01:00
Ninir 29f8af16a1 provider/aws: Added S3 Bucket replication (#10552) 2016-12-08 11:59:13 +01:00
Otto Jongerius 10d68d90dd provider/datadog 9869: Validate credentials when initialising client. (#10567)
* provider/datadog 9869: Validate credentials when initialising client.

* provider/datadog Pull in new version of go-datadog-api.

* provider/datadog Update testAccCheckDatadogMonitorConfigNoThresholds test config.
2016-12-08 11:17:42 +01:00
Timon Wong 80afc6759b provider/aws: Add "no_device" support to ephemeral block devices (#10547)
Fixes #8455, #5390

This add a new `no_device` attribute to `ephemeral_block_device` block,
which allows users omit ephemeral devices from AMI's predefined block
device mappings, which is useful for EBS-only instance types.
2016-12-08 11:03:51 +01:00
Ninir 5e3477664d provider/aws: Forces the api gateway domain name certificates to recreate the resource (#10588) 2016-12-07 22:51:44 +01:00
Ninir 4b25837dd0 provider/aws: FIxed the api_gw_domain_name replace operation (#10179) 2016-12-07 21:47:20 +01:00
clint shryock 86bb969087 provider/aws: add aws_lightsail_key_pair 2016-12-07 11:13:47 -06:00
Andras Ferencz-Szabo 53ebbed8df Service role is not updated on AWS for a CodeDeploy deployment group (#9866)
Service role is not updated on AWS for a CodeDeploy deployment group
2016-12-07 13:34:58 +01:00
Otto Jongerius d06138d052 provider/datadog #9375: Refactor tags to a list instead of a map. (#10570)
* provider/datadog #9375: Refactor tags to a list instead of a map.
Tags are allowed to be but not restricted to, key value pairs (ie: foo:bar)
but are esssentially strings. This changes allows using, and mixing of tags with
form "foo" and "foo:bar". It also allows using duplicate keys like "foo:bar" and "foo:baz".

* provider/datadog update import test.
2016-12-07 12:05:57 +01:00
Raphael Randschau 2b711f77c8 feat/aws: add iam_server_certificate data source (#10558)
useful if you have an automatic process creating certs for you, e.g. let's
lambda
2016-12-07 11:40:53 +01:00
stack72 8bd20c004b
provider/azurerm: arm_virtual_machine panic fix 2016-12-07 11:22:39 +01:00
James Nugent 48d2ac8c35 Merge pull request #10560 from hashicorp/extract-encryption
provider/aws: Extract helper/encryption library
2016-12-06 17:51:57 -06:00
Paul Stack 30240ff836 provider/azurerm: Do not pass an empty string of license_type to AMR VMs (#10564) 2016-12-07 00:43:18 +01:00
Mitchell Hashimoto 544d008f88 Merge pull request #10549 from hashicorp/b-ssh-race
communicator/ssh: don't share rand object to guarantee unique values
2016-12-06 12:43:01 -08:00
Paddy 8a7f43c82e Merge pull request #10537 from hashicorp/paddy_10227_metadata
provider/google: Fix instance/template metadata support
2016-12-06 12:26:22 -08:00
James Nugent 3177fc0765 provider/aws: Extract helper/encryption library
This commit extracts the GPG code used for aws_iam_user_login_profile
into a library that can be reused for other resources, and updates the
call sites appropriately.
2016-12-06 14:24:21 -06:00
Paul Stack 54459900c5 [WIP] provider/azurerm: Bump sdk version to 7.0.1 (#10458)
* provider/azurerm: Bump sdk version to 7.0.1

* Fixing the build (#10489)

* Fixing the broken tests (#10499)

* Updating the method signatures to match (#10533)
2016-12-06 08:39:47 +00:00
Tom Straub 20003b2744 provider/azurerm support `license_type` virtual_machine property for Windows machines. (#10539)
* Added license_type to Azure VirtualMachineProperties call.

* Updated websit documentation.

* Added validation for license_type

* Added acceptance test

* Clarified documentation.
2016-12-06 08:38:10 +00:00
Cameron Childress c5e63106b5 Force a recreate if the numbers for the AS are changed. (#10545) 2016-12-06 08:34:25 +00:00
zimbatm 01876ef415
provider/fastly: add ssl_hostname option
Fastly will fail if the user sets the port to 443, ssl_check_cert is set
to true and the ssl_hostname is not provided.
2016-12-06 08:28:37 +00:00
Mitchell Hashimoto 4b1d9cfd7d
communicator/ssh: don't share rand object to guarantee unique values
Fixes #10463

I'm really surprised this flew under the radar for years...

By having unique PRNGs, the SSH communicator could and would
generate identical ScriptPaths and two provisioners running in parallel
could overwrite each other and execute the same script. This would
happen because they're both seeded by the current time which could
potentially be identical if done in parallel...

Instead, we share the rand now so that the sequence is guaranteed
unique. As an extra measure of robustness, we also multiple by the PID
so that we're also protected against two processes at the same time.
2016-12-06 00:21:49 -08:00
Paul Tyng 15cde73000 Add pagerduty_user data source (#10541) 2016-12-05 22:42:58 +00:00
Clint f8f4634858 Merge pull request #10492 from Ninir/lambda_env_removal
provider/aws: Fixed Lambda environment removal
2016-12-05 14:33:11 -06:00
Martin Atkins e772b45970 "external" data source, for integrating with external programs (#8768)
* "external" provider for gluing in external logic

This provider will become a bit of glue to help people interface external
programs with Terraform without writing a full Terraform provider.

It will be nowhere near as capable as a first-class provider, but is
intended as a light-touch way to integrate some pre-existing or custom
system into Terraform.

* Unit test for the "resourceProvider" utility function

This small function determines the dependable name of a provider for
a given resource name and optional provider alias. It's simple but it's
a key part of how resource nodes get connected to provider nodes so
worth specifying the intended behavior in the form of a test.

* Allow a provider to export a resource with the provider's name

If a provider only implements one resource of each type (managed vs. data)
then it can be reasonable for the resource names to exactly match the
provider name, if the provider name is descriptive enough for the
purpose of the each resource to be obvious.

* provider/external: data source

A data source that executes a child process, expecting it to support a
particular gateway protocol, and exports its result. This can be used as
a straightforward way to retrieve data from sources that Terraform
doesn't natively support..

* website: documentation for the "external" provider
2016-12-05 17:24:57 +00:00
Jan Schumann 9e293def6a provider/aws: Add opsworks rds db resource (#10294)
* add rds db for opsworks

* switched to stack in vpc

* implement update method

* add docs

* implement and document force new resource behavior

* implement retry for update and delete

* add test that forces new resource
2016-12-05 16:14:15 +00:00
Joe Topjian 1c9853ec1b provider/openstack: Fix Ordering of Port Allowed Address Pairs (#10250)
This commit changes allowed_address_pairs from a TypeList to a TypeSet
allowing for arbitrary ordering. This solves the issue where a user
specifies an address pair one way and OpenStack returns a different
order.
2016-12-05 15:36:37 +00:00
John Engelman 243ecf3b4f [Provider] Rancher (#9173)
* Vendor Rancher Go library.

* Implement Rancher Provider.

Starting implementation taken from
https://github.com/platanus/terraform-provider-rancher

Commits from jidonoso@gmail.com and raphael.pinson@camptocamp.com
2016-12-05 15:29:41 +00:00
stack72 9ffb39b44e
Merge branch 'master' of github.com:hashicorp/terraform 2016-12-05 15:07:13 +00:00
stack72 63aa6a1fcd
provider/azurerm: removing azurerm_virtual_machine data_disk disk_size_in_gb 2016-12-05 15:05:21 +00:00
Clint e477658832 Merge pull request #10473 from hashicorp/f-aws-lightsail-instance
provider/aws: Add Lightsail Instance
2016-12-05 08:39:17 -06:00
stack72 f7aea2f447
Merge branch 'master' of https://github.com/ckarlsen84/terraform into ckarlsen84-master 2016-12-05 14:23:26 +00:00
Daniel del Castillo 08da905374 aws-emr-cluster: Assign correct number of core instances (n-1) on update (#10529) 2016-12-05 14:17:29 +00:00
Evgeny Chuvpilo 8586e323dc
provider/aws: Add support for termination protection and autotermination to EMR. 2016-12-05 13:54:00 +00:00
Mitchell Hashimoto e014cf3d83 providers/aws: cloudfront distribution 404 should mark as gone (#10281) 2016-12-05 13:31:05 +00:00
Brendan Shaklovitz 122e2f8170 provider/datadog: Improve datadog timeboard support (#10027)
* Update to latest version of go-datadog-api

* Updates to  latest go-datadog-api version, which adds more complete
timeboard support.

* Add more complete timeboard support

* Adds in support for missing timeboard fields, so now we can have nice
things like conditional formats and more.

* Document new fields in datadog_timeboard resource

* Add acceptance test for datadog timeboard changes
2016-12-05 13:16:47 +00:00
Kit Ewbank 26d0525e82 Add new aws_vpc_endpoint_route_table_association resource (#10137)
* Add new aws_vpc_endpoint_route_table_association resource.

This commit adds a new resource which allows to a list of route tables to be
either added and/or removed from an existing VPC Endpoint. This resource would
also be complimentary to the existing `aws_vpc_endpoint` resource where the
route tables might not be specified (not a requirement for a VPC Endpoint to
be created successfully) during creation, especially where the workflow is
such where the route tables are not immediately known.

Signed-off-by: Krzysztof Wilczynski <krzysztof.wilczynski@linux.com>

Additions by Kit Ewbank <Kit_Ewbank@hotmail.com>:

* Add functionality
* Add documentation
* Add acceptance tests
* Set VPC endpoint route_table_ids attribute to "Computed"

* Changes after review - Set resource ID in create function.

* Changes after code review by @kwilczynski:
* Removed error types and simplified the error handling in 'resourceAwsVPCEndpointRouteTableAssociationRead'
* Simplified logging in 'resourceAwsVPCEndpointRouteTableAssociationDelete'
2016-12-05 12:55:37 +00:00
Michael Kuzmin 05145dba19 provider/docker: Upload files into container before first start (#9520)
* Create uploads section for docker containers

* Upload a single file, load its content from state
2016-12-05 11:06:34 +00:00
Paddy e1a5805833 Fix instance/template metadata support
Update our instance template to include metadata_startup_script, to
match our instance resource. Also, we've resolved the diff errors around
metadata.startup-script, and people want to use that to create startup
scripts that don't force a restart when they're changed, so let's stop
disallowing it.

Also, we had a bunch of calls to `schema.ResourceData.Set` that ignored
the errors, so I added error handling for those calls. It's mostly
bundled with this code because I couldn't be sure whether it was the
root of bugs or not, so I took care of it while addressing the startup
script issue.
2016-12-05 02:45:28 -08:00
Otto Jongerius 5a4578edf6 provider/datadog #9026: Make thresholds optional. (#10526) 2016-12-05 09:52:59 +00:00
Joe Topjian b2f9a3a6fd provider/openstack: Detect Region for Importing Resources (#10509)
* provider/openstack: Detect Region for Importing Resources

This commit changes the way the OpenStack region is detected and set.
Any time a region is required, the region attribute will first be
checked. Next, the OS_REGION_NAME environment variable will be checked.
While schema.EnvDefaultFunc handles this same situation, it is not
applicable when importing resources.

* provider/openstack: No longer ignore region in importing tests

* provider/openstack: Network and Subnet Import Fixes

This commit fixes the OpenStack Network and Subnet resources so that
importing of those resources is successful.
2016-12-04 14:24:07 +00:00
clint shryock 44ffe71695 provider/aws: Add Lightsail Instance
Adds initial support for AWS Lightsail Instances
2016-12-02 16:35:57 -06:00
Ninir 615da28b6e provider/aws: Fixed Lambda environment removal 2016-12-02 14:36:55 +01:00
Ninir 1d090eb1ab provider/aws: Added s3 bucket region attribute management (#10482) 2016-12-02 14:22:47 +02:00
Jan Schumann 2e83eb1cfe fix #9104 (#10394) 2016-12-02 13:53:06 +02:00
Jan Schumann b8caddda21 provider/aws resource_aws_opsworks_application does not accept document_root parameter (#10477)
* switched to stack in vpc

* validate also on update

* validate attributes based on app type
2016-12-02 13:45:10 +02:00
Dana Hoffman 0e03f59e4a remove loadBalancingScheme as an option in RegionBackendService since it can only be INTERNAL 2016-12-01 12:27:36 -08:00
Dana Hoffman fd2b1fcbd6 add one more test for updating a health check 2016-12-01 12:27:35 -08:00
Dana Hoffman 77f0ef4fc1 fix bugs in health check and its tests 2016-12-01 12:27:35 -08:00
Dana Hoffman 20ee56be07 Add the other HealthCheck types 2016-12-01 12:27:34 -08:00
Dana Hoffman adafa722e7 clean up RegionBackendService and tests 2016-12-01 12:27:34 -08:00
Dana Hoffman 39809fca76 use v1 apis instead of beta 2016-12-01 12:27:33 -08:00
Dana Hoffman a04ed894d1 First set of changes to enable internal load balancing using beta apis 2016-12-01 11:14:21 -08:00
Paddy 7054fdfa13 providers/google: make projects importable.
This change doesn't make much sense now, as projects are read-only
anyways, so there's not a lot that importing really does for you--you
can already reference pre-existing projects just by defining them in
your config.

But as we discussed #10425, this change made more and more sense. In a
world where projects can be created, we can no longer reference
pre-existing projects just by defining them in config. We get that
ability back by making projects importable.
2016-12-01 10:38:27 -08:00