Commit Graph

7808 Commits

Author SHA1 Message Date
PaulAtkins d3eed78d95 provider/aws: Add support for aws_ssm_patch_baseline (#14954)
* Add support for aws_ssm_patch_baseline and aws_ssm_patch_group

* Fix failing test

* Cleanup commented out code
2017-05-31 20:16:35 +03:00
Sean Chittenden 2ebac5226c PostgreSQL: leaked pg privs (#14817)
* Fix doc bug. Spell `collation` like `lc_collate`.

* Whitespace nit in error message

* Use %q as the format verb for error messages in postgresql_database resource messages.

* REVOKE the `GRANT` given to the connection user when creating a database.

For `ROLE`s who have been delegated `CREATEDB` privileges and are not a
superuser, in order for them to `CREATE DATABASE` they need to be a member
of the `ROLE` who will be `OWNER` for the new database.  Once the
`CREATE DATABASE` is complete, `REVOKE` the `GRANT` that was given to role
so that the user who ran the `CREATE DATABASE` looses all privileges to the
target database (unless of course they're a superuser).

Fixes a regression introduced in #11452

* Delegated DBA ROLEs can now fix OWNER drift for PostgreSQL databases.

Uses the helper functions introduced in #11452
2017-05-31 20:03:32 +03:00
Jake Champlin 6b72e08b72
provider/aws: Fix panic on nil dead_letter_config
Fixes a panic where specifying a nil `target_arn` for a `dead_letter_config` inside the `aws_lambda_function` resource would throw a panic.
Now, we return a nice error to the user instead of throwing a panic and stacktrace.

```
$ make testacc TEST=./builtin/providers/aws TESTARGS="-run=TestAccAWSLambdaFunction_nilDeadLetterConfig"
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/31 10:22:26 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSLambdaFunction_nilDeadLetterConfig -timeout 120m
=== RUN   TestAccAWSLambdaFunction_nilDeadLetterConfig
--- PASS: TestAccAWSLambdaFunction_nilDeadLetterConfig (20.86s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    20.884s
```
2017-05-31 10:26:13 -04:00
Jake Champlin 647a3940ea Merge pull request #13702 from bryanburgers/aws-instance-ipv6
provider/aws: Allow IPv6/IPv4 addresses to coexist
2017-05-31 10:11:39 -04:00
Paul Stack e28f9c11bf provider/aws: aws_elasticache_cluster data source (#14895)
* provider/aws: Add data source for aws_elasticache_cluster

Fixes: #11445

* provider/aws: Add acceptance tests for aws_elasticache_cluster data source

* provider/aws: Add documentation for the aws_elasticache_cluster datasource
2017-05-31 16:25:27 +03:00
Bobby DeVeaux 5c3227b532 adding read methods 2017-05-31 13:27:54 +01:00
Gavin Williams 029ff9801b provider/openstack: Sort request/response headers whilst debugging 2017-05-31 11:16:55 +01:00
Bobby DeVeaux 9f0394f30c Merge remote-tracking branch 'upstream/master' 2017-05-31 09:26:27 +01:00
Bobby DeVeaux 991ddf1743 goimports ordered correctly 2017-05-31 09:24:14 +01:00
Radek Simko b17bcd3852 Merge pull request #14923 from hashicorp/f-k8s-upgrade-1.6.1
provider/kubernetes: Upgrade K8S to 1.6.1
2017-05-31 07:30:11 +01:00
Radek Simko b802897cea provider/aws: Avoid crash when EgressOnly IGW disappears (#14929) 2017-05-30 20:40:54 +01:00
Joe Topjian ff1c2b10e0 Merge pull request #14917 from jtopjian/openstack-secgroup-numeric-protocol
provider/openstack: Allow numerical protocols in security group rules
2017-05-30 12:55:17 -06:00
Jake Champlin 7894478c8c Merge pull request #14681 from svanharmelen/f-review
Use `helpers.shema.Provisoner` in Chef provisioner V2
2017-05-30 14:26:51 -04:00
Andrew Starr-Bochicchio 2a3d752834 Add support for changing TTL on DigitalOcean domain records. Fixes #12631 (#14805) 2017-05-30 19:29:56 +03:00
Paul Stack f7996e36ea provider/digitalocean: Refresh DO loadbalancer from state if 404 (#14897)
Fixes: #14852
2017-05-30 19:21:53 +03:00
Radek Simko 832b7bd456 provider/aws: Randomize IAM role names in flow log tests (#14928) 2017-05-30 16:23:21 +01:00
Radek Simko efd1e1ffb3 provider/aws: Run Configure as part of testAccPreCheck (#14925) 2017-05-30 16:22:56 +01:00
Sam Bashton 56fbe027c3 Add ability to import Google Compute persistent disks (#14573)
* Add ability to import Google Compute persistent disks

* Fix additional URL names
2017-05-30 14:16:12 +01:00
Radek Simko 2a16352463
provider/kubernetes: Change imports and references after upgrade 2017-05-30 08:25:38 +01:00
Joe Topjian d311417122 provider/openstack: Allow numerical protocols in security group rules
This commit enables a user to specify protocols in numerical form
when creating security group rules.
2017-05-29 22:03:40 -06:00
Joe Topjian 19008e28af provider/openstack: Re-add missing create option logging 2017-05-29 21:34:25 -06:00
Ryo Takaishi c501cb1063 provider/openstack: Add support provider network (#10265)
* provider:openstack Add support provider network

* revert vendor file changes

* vendor: Updating Gophercloud for OpenStack Provider

* create provider network if parameter has segments

* segments is not computed resource

* extract to generate []provider.Segment

* change segmentstion id type
2017-05-29 21:30:41 -06:00
Joe Topjian 6d0f507175 Merge pull request #14907 from fatmcgav/openstack_fix_provider_test_os_image
provider/openstack: Fix issue with providing OS_IMAGE_ID or OS_IMAGE_…
2017-05-29 21:17:50 -06:00
Paul Stack 0f7de130b1 provider/aws: ForceNew aws_launch_config on ebs_block_device change (#14899)
Fixes: #14826

aws_launch_configuration ebs_block_device only had selected properties in the set hash. I removed these to allow any changes to the block device config to force a new resource

```
% make testacc TEST=./builtin/providers/aws/ TESTARGS='-run=TestAccAWSLaunchConfiguration_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/29 01:08:55 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws/ -v -run=TestAccAWSLaunchConfiguration_ -timeout 120m
=== RUN   TestAccAWSLaunchConfiguration_importBasic
--- PASS: TestAccAWSLaunchConfiguration_importBasic (32.89s)
=== RUN   TestAccAWSLaunchConfiguration_basic
--- PASS: TestAccAWSLaunchConfiguration_basic (44.34s)
=== RUN   TestAccAWSLaunchConfiguration_withBlockDevices
--- PASS: TestAccAWSLaunchConfiguration_withBlockDevices (28.98s)
=== RUN   TestAccAWSLaunchConfiguration_updateRootBlockDevice
--- PASS: TestAccAWSLaunchConfiguration_updateRootBlockDevice (52.23s)
=== RUN   TestAccAWSLaunchConfiguration_withSpotPrice
--- PASS: TestAccAWSLaunchConfiguration_withSpotPrice (23.04s)
=== RUN   TestAccAWSLaunchConfiguration_withVpcClassicLink
--- PASS: TestAccAWSLaunchConfiguration_withVpcClassicLink (62.30s)
=== RUN   TestAccAWSLaunchConfiguration_withIAMProfile
--- PASS: TestAccAWSLaunchConfiguration_withIAMProfile (51.62s)
=== RUN   TestAccAWSLaunchConfiguration_withEncryption
--- PASS: TestAccAWSLaunchConfiguration_withEncryption (27.91s)
=== RUN   TestAccAWSLaunchConfiguration_updateEbsBlockDevices
--- PASS: TestAccAWSLaunchConfiguration_updateEbsBlockDevices (62.98s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	386.308s
```
2017-05-30 01:16:43 +03:00
Raphaël Pinson 396dbac72f github_team data source: fix wrong set (#14859)
Do not set members_count and repos_count, which are not declared.
2017-05-29 17:01:53 +03:00
Gavin Williams 3c3c08a0cd provider/openstack: Fix issue with providing OS_IMAGE_ID or OS_IMAGE_NAME when running acceptance tests. 2017-05-29 13:04:50 +01:00
Nick Johnstone ab7cbb1cf9 Fix typo in validators.go (#14900)
s/conatains/contains
2017-05-29 06:07:44 +01:00
Jeff Theriault 07f89e2728 Export RDS instance and cluster resource id (#14882) 2017-05-28 06:47:55 +01:00
Paul Thrasher be9ca35f79 Merge pull request #14845 from hashicorp/thrashr888/tfe-doc-snippets
Docs: Update atlas_artifact resource to use data
2017-05-26 14:00:09 -07:00
Jake Champlin 24202fb3c1 Merge pull request #14578 from caiofilipini/digitalocean-certs
provider/digitalocean: Add support for certificates
2017-05-26 13:07:15 -04:00
Sander van Harmelen 12c2e3222d Update provider docs and add validation (#14863) 2017-05-26 17:58:10 +02:00
Caio Filipini c4bbb6e8a5 provider/digitalocean: Remove Optional and ForceNew for computed attr 2017-05-26 17:36:51 +02:00
Caio Filipini 2b12ddffd0 provider/digitalocean: Mark not_after and sha1_fingerprint as computed 2017-05-26 16:21:08 +02:00
Caio Filipini 32d724ee0d provider/digitalocean: Remove unnecessary SetId("") on cert destroy 2017-05-26 15:44:33 +02:00
Paul Thrasher dc3ed9bb50 Docs: Update atlas_artifact resource to use data
A while back `atlas_artifact` was switched from being a `resource` to a `data` provider. When you use the examples suggested in the Terraform Enterprise docs, the Terraform cli shows a deprecation warning and provides an old url to the new data provider docs.

There are some complimentary doc updates in the Terraform Enterprise/Atlas repo.
2017-05-25 14:24:24 -07:00
Chris Johnson 527d79aa3c removed unused constants 2017-05-25 14:26:55 -04:00
Chris Johnson e6b4dc9b42 reduce sleep time 2017-05-25 14:22:51 -04:00
Chris Johnson 1c76194197 Respond to review feedback 2017-05-25 14:09:46 -04:00
Chris Johnson 6a0dca93af Restore previous version for now 2017-05-25 14:09:46 -04:00
Chris Johnson 78b61ad5f8 Cleanup and slight refactors 2017-05-25 14:09:46 -04:00
Chris Johnson 45c93cfb07 Separate metric test by type 2017-05-25 14:09:46 -04:00
Chris Johnson 52040c69a4 Fixup bad rebase 2017-05-25 14:09:46 -04:00
Chris Johnson 002c9985d3 Enable CRUD of metrics 2017-05-25 14:09:46 -04:00
Joe Topjian db47721e15 provider/openstack: Enable Security Group Updates (#14815)
* vendor: Updating Gophercloud for OpenStack Provider

* provider/openstack: Enable Security Group Updates

This commit enables security group names and descriptions to
be updated without causing a recreate.
2017-05-25 07:53:26 +01:00
jrperritt e1c8d760d3 provider/openstack: Add DNS V2 RecordSet resource (#14813)
* vendor gophercloud dns v2 recordset deps

* openstack dns v2 recordset resource

* fix type assertion panic condition

* address pr review feedback
2017-05-24 22:58:44 -06:00
Paddy 63ce0dae98 Merge pull request #12411 from drebes/cloud_router
provider/google: Cloud router resource
2017-05-24 21:36:17 -07:00
Paddy c675b9e3f8 Merge pull request #14643 from hashicorp/pr-8180
provider/google: New Datasource: Google Storage Object Signed URL (supersedes #8180)
2017-05-24 16:46:14 -07:00
Riley Karson 0ea0d86de4 Change google_compute_target_pool's session_affinity field default to NONE. (#14807) 2017-05-24 16:24:45 -07:00
Paddy d59d0a0673 Fix some style things, handle errors.
Fix a typo, follow our acceptance test naming guidelines, simplify some
logic, and handle an unhandled error.
2017-05-24 15:55:01 -07:00
cmorent e676813eaa providers/heroku: import heroku_addon resource (#14508) 2017-05-24 14:19:46 -05:00
Radek Simko 2c3e8e3cfb provider/kubernetes: Add support for Horizontal Pod Autoscaler (#14763) 2017-05-24 17:18:02 +01:00
Sandeep Sidhu 4c6404d012 provider/vsphere: Exposing moid value from vm resource (#14793)
* Exposing moid value from vm resource

moid value is needed by NSX resources, like security tag, when we attached security tags to a VMs, so needed before we commit NSX provider.

* fixing gofmt issue

* Updating docs regarding new exported moid attribute.
2017-05-24 17:08:40 +01:00
Mickaël Canévet e4bd7e2430 Load Cloudstack configuration from file (#13926)
* Load Cloudstack configuration from file

* Add ConflictsWith
2017-05-24 15:23:32 +02:00
Łukasz Jan Niemier 18f2edf729 Add namespcace ID attribute (#14483)
* Add namespcace ID attribute

This commit also introduce `id` comouted value which is numeric value
used by GitLab to iteract with repository. This should simplify use of
`gitlab_project_hook` usage and would allow to introduce other resources
as described in #14471

* Fixes requested by @richardc

* Handle optional `namespace_id`
2017-05-24 13:05:27 +01:00
Richard Clamp 9e90e77be4 provider/gitlab: Add `gitlab_group` resource (#14490)
* vendor: Update go-gitlab to master@e6c11e

Update go-gitlab to master@e6c11e.  This brings in UpdateGroup in
addition to fuller management of other attributes.

* provider/gitlab:  Add `gitlab_group` resource

This adds a gitlab_group resource.

This combined with #14483 will allow you to create projects in a
group.
2017-05-24 13:01:24 +01:00
cmorent c08253e8d5 providers/heroku: upgrade vendored cyberdelia/heroku-go client (#14672)
* Update vendored github.com/cyberdelia/heroku-go/v3

* Update heroku provider code to work with the newly generated heroku-go API
2017-05-24 12:04:17 +01:00
Richard Clamp 395f1d5bbf provider/gitlab: add `gitlab_deploy_key` (#14734)
* provider/gitlab: add `gitlab_deploy_key`

Here we extend the gitlab provider further by adding a `gitlab_deploy_key`
resource.  This resource allows management of a projects deploy
keys.

* provider/gitlab: Do not test `gitlab_deploy_key` `can_push`

Here we remove the testing of the `can_push` attribute.  This makes the
tests less comprehensive, but will allow them to work with the current
release of gitlab-ce.

This change is staged as a distinct commit so it can be easily
dropped/reverted once gitlab MR !11607 has reached a released state.

https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11607

* provider/gitlab: Update docs for gitlab_deploy_key/can_push

Note that the can_push attribute of gitlab_deploy_key doesn't currently
work.  This note can be removed once
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/11607 is merged
and in general circulation.
2017-05-24 11:41:40 +01:00
Joe Topjian da8f71d4c2 provider/openstack: Add support for updating Subnet Allocation Pools (#14782)
* vendor: Updating Gophercloud for OpenStack Provider

* provider/openstack: Add support for updating Subnet Allocation Pools

This commit adds the ability to update a subnet's allocation pool.
2017-05-24 11:38:05 +01:00
Paul Stack be58c809b6 provider/aws: Add support for X-Ray tracing to aws_lambda_function (#14728)
Fixes: #13801
2017-05-24 11:37:04 +01:00
Paddy 1f2dff6a50 Fix fmt. 2017-05-23 14:47:46 -07:00
Paddy 7976a03a2d Merge branch 'master' into paddy_gcp_detach_deleted_disks 2017-05-23 14:45:27 -07:00
Paddy be17d7ac12 Remove required env var, fix test names.
We no longer need to set an env var (yaaay!) and our test names use
camelCase not snake_case, though that confusion is understandable.
2017-05-23 14:28:06 -07:00
Paddy f5ff3b987d Merge commit '96a67766bf94fdba15f607a9f620cc7df3675a9b' into paddy_fix_12278_rebase 2017-05-23 14:11:38 -07:00
Paul Stack 88d9254661 provider/aws: Add ability to define timeouts for DMS replication instance (#14729)
Fixes: #13996
2017-05-23 19:31:26 +01:00
Paul Stack cb5b5c034e provider/aws: Provider ability to enable snapshotting on ElastiCache RG (#14757)
Fixes: #10581

When a cluster was originally created, you could not enable snapshotting
on it. An error message like this was found:

```
* aws_elasticache_replication_group.bar: Error updating Elasticache replication group: InvalidParameterCombination: Must specify both SnapshotRetentionLimit and SnapshottingClusterId to turn on snapshots
    status code: 400, request id: 98d2ea4e-3fb1-11e7-b077-5967719aeab4
```

There is no guidance from AWS on which is the preferred Cluster in the RG to use for snapshotting. Therefore, I decided to set it to be the first cluster. We can now enable snapshotting

```
% make testacc TEST=./builtin/providers/aws/ TESTARGS='-run=TestAccAWSElasticacheReplicationGroup_enableSnapshotting'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/23 15:02:21 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws/ -v -run=TestAccAWSElasticacheReplicationGroup_enableSnapshotting -timeout 120m
=== RUN   TestAccAWSElasticacheReplicationGroup_enableSnapshotting
--- PASS: TestAccAWSElasticacheReplicationGroup_enableSnapshotting (1261.47s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	1261.496s
```
2017-05-23 19:30:34 +01:00
Martin Atkins 410b60cb7f Stop requiring multi-vars (splats) to be in array brackets
Prior to Terraform 0.7, lists in Terraform were just a shallow abstraction
on top of strings with a magic delimiter between items. Wrapping a single
string in brackets in the configuration was Terraform's prompt that it
needed to split the string on that delimiter during interpolation.

In 0.7, when first-class lists were added, this convention was preserved
by flattening lists-of-lists by one level when they were encountered in
configuration. However, there was an oversight in that change where it
did not correctly handle the case where the inner list was unknown.

In #14135 we removed some code that was flattening partially-unknown lists
into fully-unknown (untyped) values. This inadvertently exposed the missed
case from the previous paragraph, causing issues for list-wrapped splat
expressions with unknown members. While this worked fine for resources,
due to some fixup done inside helper/schema, this did not work for other
interpolation contexts such as module blocks.

Various attempts to fix this up and restore the flattening behavior
selectively were unsuccessful, due to a proliferation of assumptions all
over the core code that would be too risky to change just to fix this bug.

This change, then, takes the different approach of removing the
requirement that splats be presented inside list brackets. This
requirement didn't make much sense anymore anyway, since no other
list-returning expression had this constraint and so the rest of Terraform
was already successfully dealing with both cases.

This leaves us with two different scenarios:

- For resource arguments, existing normalization code in helper/schema
  does its own flattening that preserves compatibility with the common
  practice of using bracketed splats. This change proves this with a test
  within the "test" provider that exercises the whole Terraform core and
  helper/schema stack that assigns bracketed splats to list and set
  attributes.

- For arguments in other blocks, such as in module callsites, the
  interpolator's own flattening behavior applies to known lists,
  preserving compatibility with configurations from before
  partially-computed splats were possible, but those wishing to use
  partially-computed splats are required to drop the surrounding brackets.
  This is less concerning because this scenario was introduced only in
  0.9.5, so the scope for breakage is limited to those who adopted this
  new feature quickly after upgrading.

As of this commit, the recommendation is to stop using brackets around
splats but the old form continues to be supported for backward
compatibility. In a future _major_ version of Terraform we will probably
phase out this legacy form to improve consistency, but for now both
forms are acceptable at the expense of some (pre-existing) weird behavior
when _actual_ lists-of-lists are used.

This addresses #14521 by officially adopting the suggested workaround of
dropping the brackets around the splat. However, it doesn't yet allow
passing of a partially-unknown list between modules: that still violates
assumptions in Terraform's core, so for the moment partially-unknown lists
work only within a _single_ interpolation expression, and cannot be
passed around between expressions. Until more holistic work is done to
improve Terraform's type handling, passing a partially-unknown splat
through to a module will result in a fully-unknown list emerging on
the other side, just as was the case before #14135; this change just
addresses the fact that this was failing with an error in 0.9.5.
2017-05-23 11:22:37 -07:00
Techbrunch 170533c026 Fixes #14765 Handle migration when restoring db cluster from snapshot (#14766)
Add `migrating` to the list of pending statuses when creating a cluster from a snapshot using a different engine.
2017-05-23 18:48:15 +01:00
Bobby DeVeaux ac105b5b18 Merge branch 'master' of github.com:UKCloud/terraform 2017-05-23 12:25:18 +01:00
Bobby DeVeaux fee66882f0 removing unecessary config for initial implementation 2017-05-23 12:24:53 +01:00
Thomas Poindessous 96a67766bf Corrected test for generating disk from a snapshot URI from another project 2017-05-22 23:36:53 +02:00
Riley Karson dbeb7fde98 Updated debug message in compute_firewall_migrate. (#14743) 2017-05-22 14:05:31 -07:00
Dana Hoffman 5d05b0b7fe provider/google: stop trying to set mysqlReplicaConfiguration on read (#14373) 2017-05-22 14:04:28 -07:00
Thomas Poindessous 4df07f2ed9 Added a test acceptance for the new functionality.
GOOGLE_COMPUTE_DISK_SNAPSHOT_URI must be set to a valid snapshot's uri like one of the output of
gcloud compute snapshots list --uri

GOOGLE_COMPUTE_DISK_SNAPSHOT_URI should be replaced by a proper snapshot made by TF (#11690)
2017-05-22 22:51:31 +02:00
Thomas Poindessous 674d635926 Golint from Atom 2017-05-22 22:51:31 +02:00
Thomas Poindessous deb9dae35c Be more specific on the regexp used to detect URI 2017-05-22 22:51:31 +02:00
Thomas Poindessous e510289d2b Enable use of URI for snapshot name 2017-05-22 22:51:30 +02:00
Dana Hoffman 3df593315f provider/google: add failover parameter to sql database instance (#14336)
* provider/google: add failover parameter to sql database instance

* provider/google: update sql database instance docs
2017-05-22 13:44:25 -07:00
Riley Karson 56f89e20d7 provider/google: Add import support to google_sql_user (#14457)
* Support importing google_sql_user

* Updated documentation to reflect that passwords are not retrieved.

* Added additional documentation detailing use.

* Removed unneeded d.setId() line from GoogleSqlUser Read method.

* Changed an errors.New() call to fmt.Errorf().

* Migrate schemas of existing GoogleSqlUser resources.

* Remove explicitly setting 'id' property

* Added google_sql_user to importability page.

* Changed separator to '/' from '.' and updated tests + debug messages.
2017-05-22 13:43:10 -07:00
Riley Karson 6ac78404e0 provider/google: Refactor google_storage_bucket tests (#14694) 2017-05-22 12:38:21 -07:00
Jake Champlin 9a7a243c5c Merge pull request #14733 from hashicorp/f-env-var-prerelease-string
core: Use environment variables to set VersionPrerelease at compile time
2017-05-22 14:55:00 -04:00
smasue bc3075c48b Missing short name in the service scope (Google compute instance) (#14633)
* Missing short name in the service scope (Google compute instance ). The missing short name is for Stackdriver Trace append.

* Missing short name in the service scope (Google compute instance ). The missing short name is for Stackdriver Trace readonly.
2017-05-22 12:21:59 -05:00
Joe Topjian cfb83f9d87 Merge pull request #14704 from jtopjian/openstack-instance-tenantnet-fix
provider/openstack: Catch error during instance network parsing
2017-05-22 09:29:11 -06:00
Joe Topjian a8bf3d8ab0 Merge pull request #14721 from jtopjian/os-dns
provider/openstack: Add openstack_dns_zone_v2 resource
2017-05-22 09:27:28 -06:00
Jake Champlin bd68789006
core: Use environment variables to set VersionPrerelease at compile time
Instead of using a hardcoded version prerelease string, which makes release automation difficult, set the version prerelease string from an environment variable via the go linker tool during compile time.

The environment variable `TF_RELEASE` should only be set via the `make bin` target, and thus leaves the version prerelease string unset. Otherwise, when running a local compile of terraform via the `make dev` makefile target, the version prerelease string is set to `"dev"`, as usual.

This also requires some changes to both the circonus and postgresql providers, as they directly used the `VersionPrerelease` constant. We now simply call the `VersionString()` function, which returns the proper interpolated version string with the prerelease string populated correctly.

`TF_RELEASE` is unset:

```sh
$ make dev
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/22 10:38:19 Generated command/internal_plugin_list.go
==> Removing old directory...
==> Building...
Number of parallel builds: 3

-->     linux/amd64: github.com/hashicorp/terraform

==> Results:
total 209M
-rwxr-xr-x 1 jake jake 209M May 22 10:39 terraform

$ terraform version
Terraform v0.9.6-dev (fd472e4a86500606b03c314f70d11f2bc4bc84e5+CHANGES)
```

`TF_RELEASE` is set (mimicking the `make bin` target):

```sh
$ TF_RELEASE=1 make dev
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/22 10:40:39 Generated command/internal_plugin_list.go
==> Removing old directory...
==> Building...
Number of parallel builds: 3

-->     linux/amd64: github.com/hashicorp/terraform

==> Results:
total 121M
-rwxr-xr-x 1 jake jake 121M May 22 10:42 terraform

$ terraform version
Terraform v0.9.6
```
2017-05-22 10:49:15 -04:00
Jake Champlin 722436a880 Merge pull request #14727 from hashicorp/b-fix-instance-panic
provider/aws: Fix panic on instance shutdown
2017-05-22 09:53:04 -04:00
Kit Ewbank 8e130b15e4 Add 'aws_kms_ciphertext' data source. (#14691) 2017-05-22 16:46:18 +03:00
Máximo Cuadros b8fb1b5ed9 ignition: tests as unit test (#14703) 2017-05-22 16:40:41 +03:00
Raphaël Pinson e7bfdea274 Add github_team data source (#14614)
* Add github_team data source

* github_team: add doc

* github_team data source: fix acceptance test
2017-05-22 16:29:18 +03:00
Januar cf8568fe55 provider/docker network alias (#14710)
* Add Network Alias configuration with network options

* Handle case where there's no network option

* Handle use case where network option is not available

* Handle use case where network option is not available

* Network alias only on user defined network

* Update documentation for docker provider on network aliases

* Remove unused variable

* Update documentation

* add unit test for docker container network

* fix unit test for docker container network
2017-05-22 09:20:32 -04:00
Radek Simko b90ad412d5 provider/aws: Increase timeout for creating security group (#14724) 2017-05-22 15:12:39 +02:00
Jake Champlin c1f4a6e9f8
provider/aws: Fix panic on instance shutdown
During an instance shut-down network interfaces may be detached during the `READ` method of a Terraform run.

This protects the case where a network interface was detached, and is now `nil` at the time of the Terraform run, fixing nil pointer dereferences.
2017-05-22 09:02:35 -04:00
Jake Champlin d85b8f0613 Merge pull request #14669 from hashicorp/b-add-validation-iam-role-policy
provider/aws: validation: Add validation function for IAM Policies
2017-05-22 08:26:24 -04:00
Paul Stack 542640c953 provider/aws: Do not dereference source_Dest_check in aws_instance (#14723)
Fixes: #14718

source_dest_check may not be set so we should pass the pointer to d.Set
func and allow it to dereference it safely
2017-05-22 10:44:30 +03:00
Radek Simko 600e587430 provider/aws: Configurable timeouts for EC2 instance + spot instance (#14711) 2017-05-22 09:27:06 +02:00
Radek Simko a6617c598a provider/aws: Increase timeout for retrying creation of CW log subs (#14722) 2017-05-22 09:26:24 +02:00
Radek Simko 9cb33d863d provider/aws: Increase timeout for deleting IGW (#14705) 2017-05-22 09:25:26 +02:00
Joe Topjian e0b5f4f833 provider/openstack: dns zone v2 updates and docs 2017-05-22 01:44:11 +00:00
jrperritt 5792b9fe76 provider/openstack: Add openstack_dns_zone_v2 resource 2017-05-22 01:44:11 +00:00
Radek Simko 4a671fc92e provider/aws: Retry IAM Role deletion on DeleteConflict (#14707)
* provider/aws: Retry IAM Role deletion on DeleteConflict

* provider/aws: Add 'IAM' to relevant test names
2017-05-22 00:35:09 +03:00
Radek Simko 3a41e45180 provider/aws: Retry ECS service update on InvalidParameterException (#14708) 2017-05-21 22:19:41 +03:00
Joe Topjian 6fe0471008 provider/openstack: Catch error during instance network parsing
This commit catches an error when the instance is parsing and building
its network list. This can happen when a cloud provider responds with
a non-JSON response for the list of networks.
2017-05-21 02:34:57 +00:00
Radek Simko 60bae99a94 provider/aws: Retry ElastiCache cluster deletion when it's snapshotting (#14700) 2017-05-21 00:42:33 +03:00
Radek Simko 66ed50866d provider/aws: Increase timeout for creation of route_table (#14701) 2017-05-21 00:40:33 +03:00
Radek Simko c0a2aa3b49 provider/aws: Allow updating tuples in WAF XssMatchSet + no tuples (#14671)
* provider/aws: Allow updating tuples in WAF XssMatchSet

* provider/aws: Allow WAF XssMatchSet with no tuples
2017-05-20 02:55:58 +02:00
Jake Champlin 6772360c2d Merge pull request #14688 from harijayms/manageddisk4TB
[MS] Adding support for 4TB disks
2017-05-19 17:57:54 -04:00
Jake Champlin 90b5d81933 Merge pull request #14685 from hashicorp/f-open-lightsail-regions
provider/aws: Allow lightsail resources to work in other regions
2017-05-19 17:16:13 -04:00
Eugene Chuvyrov 662373e12e Adding support for 4TB disks 2017-05-19 14:10:19 -07:00
Roberto Jung Drebes 6ab9d82cc5 wip: review changes:
- test arguments
 - set region, project in state
 - fix import error messages
 - get rid of peerFound
 - linkDiffSuppress
2017-05-19 23:05:54 +02:00
Jake Champlin 85895cecc7
provider/aws: rename usEast1Sess to r53Sess and document 2017-05-19 17:03:34 -04:00
Jake Champlin 22a82c0dfb Merge pull request #14683 from ewbankkit/github-provider-handle-nil-response
provider/github Check for potentially nil response from GitHub API client
2017-05-19 16:46:38 -04:00
Jake Champlin 0abfda4d8b
provider/aws: Allow lightsail resources to work in other regions
Previously lightsail was limited to `us-east-1` only. This restriction has now been lifted to new regions.

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLightsailInstance_euRegion'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/19 16:40:48 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSLightsailInstance_euRegion -timeout 120m
=== RUN   TestAccAWSLightsailInstance_euRegion
--- PASS: TestAccAWSLightsailInstance_euRegion (45.31s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    45.319s
```

Fixes: #14668
2017-05-19 16:44:07 -04:00
Kit Ewbank 7795904f78 Check for potentially nil response from GitHub API client. 2017-05-19 15:19:54 -04:00
Sander van Harmelen 0e422737ba Fix and refactor the Chef provisioner
The tests did pass, but that was because they only tested part of the changes. By using the `schema.TestResourceDataRaw` function the schema and config are better tested and so they pointed out a problem with the schema of the Chef provisioner.

The `Elem` fields did not have a `*schema.Schema` but a `schema.Schema` and in an `Elem` schema only the `Type` field may (and must) be set. Any other fields like `Optional` are not allowed here.

Next to fixing that problem I also did a little refactoring and cleaning up. Mainly making the `ProvisionerS` private (`provisioner`) and removing the deprecated fields.
2017-05-19 21:05:21 +02:00
Vladislav Rassokhin f5449a62e0 Various built-in provisioners improvements:
1. Migrate `chef` provisioner to `schema.Provisioner`:

 * `chef.Provisioner` structure was renamed to `ProvisionerS`and  now it's decoded from `schema.ResourceData` instead of `terraform.ResourceConfig` using simple copy-paste-based solution;
 * Added simple schema without any validation yet.

 2. Support `ValidateFunc` validate function : implemented in `file` and `chef` provisioners.
2017-05-19 20:43:51 +02:00
Jake Champlin dffa575591
add docstring on ignored error 2017-05-19 14:36:39 -04:00
Kit Ewbank ca898d8d19 Add ability to 'terraform import' aws_kms_alias resources. 2017-05-19 14:35:54 -04:00
Radek Simko 79903cd7ea provider/aws: Allow updating tuples in WAF SQLInjectionMatchSet + no tuples (#14667)
* provider/aws: Allow updating tuples in WAF SQL Injection Match Set

* provider/aws: Allow WAF SQL Injection match set with no tuples
2017-05-19 17:59:15 +02:00
Jake Champlin 96e83817ef
provider/aws: validation: Add validation function for IAM Policies
The previous JSON validator that we were using for IAM policy documents wouldn't catch AWS IAM Policy errors.
The supplied policy document would pass our validator, then fail with the following API error:

```
 * aws_iam_role_policy.foo: Error putting IAM role policy tf_test_policy_ymw7hbil9w: MalformedPolicyDocument: The policy failed legacy parsing
                        status code: 400, request id: e7615d90-3c99-11e7-babc-c14e741605bf
```

This happens if the Policy Document doesn't start with the opening JSON bracket, and often happens in the following case:

```
policy = <<EOF
  {
      "Version": "2012-10-17",
      "Statement": [
          {
            ...
          }
      ]
  }
  EOF
```

Where, when using a HEREDOC, the policy document is indented incorrectly.

The new validation function for the IAM policies verifies that the first character of the supplied policy document is the leading JSON bracket, prior to validating the JSON string.

Test Output:

```
$ make test TEST=./builtin/providers/aws/ TESTARGS="-v -run=TestValidateIAMPolicyJsonString"
==> Checking that code complies with gofmt requirements...
==> Checking AWS provider for unchecked errors...
==> NOTE: at this time we only look for uncheck errors in the AWS package
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/19 10:56:32 Generated command/internal_plugin_list.go
go test -i ./builtin/providers/aws/ || exit 1
echo ./builtin/providers/aws/ | \
        xargs -t -n4 go test -v -run=TestValidateIAMPolicyJsonString -timeout=60s -parallel=4
go test -v -run=TestValidateIAMPolicyJsonString -timeout=60s -parallel=4 ./builtin/providers/aws/
=== RUN   TestValidateIAMPolicyJsonString
--- PASS: TestValidateIAMPolicyJsonString (0.00s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    0.009s
```

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAWSPolicy_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/19 10:38:43 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAWSPolicy_ -timeout 120m
=== RUN   TestAWSPolicy_namePrefix
--- PASS: TestAWSPolicy_namePrefix (20.01s)
=== RUN   TestAWSPolicy_invalidJson
--- PASS: TestAWSPolicy_invalidJson (0.00s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    20.027s
```

```
$ make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSIAMRolePolicy_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/19 11:02:56 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSIAMRolePolicy_ -timeout 120m
=== RUN   TestAccAWSIAMRolePolicy_importBasic
--- PASS: TestAccAWSIAMRolePolicy_importBasic (18.45s)
=== RUN   TestAccAWSIAMRolePolicy_basic
--- PASS: TestAccAWSIAMRolePolicy_basic (35.92s)
=== RUN   TestAccAWSIAMRolePolicy_namePrefix
--- PASS: TestAccAWSIAMRolePolicy_namePrefix (14.78s)
=== RUN   TestAccAWSIAMRolePolicy_generatedName
--- PASS: TestAccAWSIAMRolePolicy_generatedName (20.20s)
=== RUN   TestAccAWSIAMRolePolicy_invalidJSON
--- PASS: TestAccAWSIAMRolePolicy_invalidJSON (0.00s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    89.363s
```
2017-05-19 11:11:44 -04:00
Paul Stack 65283fb47c provider/aws: Change AWS ssm_maintenance_window Read func (#14665)
Fixes: #14653

I was originally calling the wrong API method and only some of the
values were being persisted to state. By changing the API method, we can
now get all of the values and therefore can detech manual drift

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSSMMaintenanceWindow_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/19 16:56:27 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSSMMaintenanceWindow_ -timeout 120m
=== RUN   TestAccAWSSSMMaintenanceWindow_basic
--- PASS: TestAccAWSSSMMaintenanceWindow_basic (41.39s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	41.419s
```
2017-05-19 17:23:40 +03:00
Radek Simko a567cf00ce Merge pull request #14661 from hashicorp/b-aws-waf-size-constraint
provider/aws: Allow updating constraints in WAF SizeConstraintSet + no constraints
2017-05-19 16:00:36 +02:00
Radek Simko cacaf91ff2 provider/aws: Increase timeout for retrying deletion IAM server cert (#14655) 2017-05-19 16:37:07 +03:00
Radek Simko bf99b53d17
provider/aws: Allow WAF SizeConstraint with no tuples 2017-05-19 09:20:33 +02:00
Radek Simko 3fb671be1f
provider/aws: Allow updating constraints in WAF SizeConstraintSet 2017-05-19 09:20:26 +02:00
Radek Simko afe45b62df provider/aws: Allow updating tuples in WAF ByteMatchSet + no tuples (#14071)
* provider/aws: Allow updating tuples in WAF ByteMatchSet

* provider/aws: Allow WAF ByteMatchSet with no tuples
2017-05-19 09:13:58 +02:00
Paddy 2c94b46b14 provider/google: detach disks before deleting them.
When a `google_compute_disk` is attached to a `google_compute_instance`,
deleting can be tricky. GCP doesn't allow disks that are attached to
instances to be deleted. Normally, this is fine; the instance depends on
the disk, so by the time the disk is deleted, the instance should
already be gone.

However, some reports have cropped up (#8667) that deleting disks is
failing because they're still attached to instances. Though this
shouldn't happen, it appears it can happen under some unknown
conditions.

This PR adds logic that will attempt to detach disks from any instances
they're attached to before deleting the disks, adding another safeguard
that should prevent this behaviour.
2017-05-18 17:28:16 -07:00
Matt Robenolt 27927ddc2c provider/google: Add support for privateIpGoogleAccess on subnetworks (#14234) 2017-05-18 13:35:02 -07:00
Mike Tougeron 0e29b744df Mark the aws & gcs secrets as sensitive (#14634) 2017-05-18 15:29:13 -05:00
Clint c3d2f6bbe4 Fix issue with GCP Cloud SQL Instance `disk_autoresize` (#14582)
* provider/google: Fix server/state diff with disk_autoresize

* provider/google: Default true for disk.auto_resize

For sql_database_instance , to match the new API default.

Also adds diff suppression func for autoresize on 1st gen instances

* fix typos
2017-05-18 15:09:01 -05:00
clint shryock aae44290cd merge master 2017-05-18 13:56:55 -05:00
Radek Simko 740c92fc67 provider/aws: Support filtering in ASG data source (#14501) 2017-05-18 17:40:49 +02:00
Paul Stack 62347ea833 provider/aws: Fall back to old tagging mechanism for AWS gov and aws China (#14627)
Fixes: #14535

When in a `restricted` cloud, we should fall back to the old method of
tagging. Before this change we saw the following:

```
% terraform apply                                                                                                                                                                                         ✭
aws_instance.foo: Creating...
  ami:                          "" => "ami-0fa3c42c"
  associate_public_ip_address:  "" => "<computed>"
  availability_zone:            "" => "<computed>"
  ebs_block_device.#:           "" => "<computed>"
  ephemeral_block_device.#:     "" => "<computed>"
  instance_state:               "" => "<computed>"
  instance_type:                "" => "m1.small"
  ipv6_address_count:           "" => "<computed>"
  ipv6_addresses.#:             "" => "<computed>"
  key_name:                     "" => "<computed>"
  network_interface.#:          "" => "<computed>"
  network_interface_id:         "" => "<computed>"
  placement_group:              "" => "<computed>"
  primary_network_interface_id: "" => "<computed>"
  private_dns:                  "" => "<computed>"
  private_ip:                   "" => "<computed>"
  public_dns:                   "" => "<computed>"
  public_ip:                    "" => "<computed>"
  root_block_device.#:          "" => "<computed>"
  security_groups.#:            "" => "<computed>"
  source_dest_check:            "" => "true"
  subnet_id:                    "" => "<computed>"
  tags.%:                       "" => "1"
  tags.foo:                     "" => "bar"
  tenancy:                      "" => "<computed>"
  volume_tags.%:                "" => "<computed>"
  vpc_security_group_ids.#:     "" => "<computed>"
aws_instance.foo: Creation complete (ID: i-0009f227ae24791b9)

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

% terraform plan                                                                                                                                                                                          ✭
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

aws_instance.foo: Refreshing state... (ID: i-0009f227ae24791b9)
The Terraform execution plan has been generated and is shown below.
Resources are shown in alphabetical order for quick scanning. Green resources
will be created (or destroyed and then created if an existing resource
exists), yellow resources are being changed in-place, and red resources
will be destroyed. Cyan entries are data sources to be read.

Note: You didn't specify an "-out" parameter to save this plan, so when
"apply" is called, Terraform can't guarantee this is what will execute.

~ aws_instance.foo
    tags.%:   "0" => "1"
    tags.foo: "" => "bar"

Plan: 0 to add, 1 to change, 0 to destroy.
```

After this patch, we see the following:

```
% terraform apply                                                                                                                                                                                       ✹ ✭
[WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider.
  If you did not expect to see this message you will need to remove the old plugin.
  See https://www.terraform.io/docs/internals/internal-plugins.html
aws_instance.foo: Creating...
  ami:                          "" => "ami-0fa3c42c"
  associate_public_ip_address:  "" => "<computed>"
  availability_zone:            "" => "<computed>"
  ebs_block_device.#:           "" => "<computed>"
  ephemeral_block_device.#:     "" => "<computed>"
  instance_state:               "" => "<computed>"
  instance_type:                "" => "m1.small"
  ipv6_address_count:           "" => "<computed>"
  ipv6_addresses.#:             "" => "<computed>"
  key_name:                     "" => "<computed>"
  network_interface.#:          "" => "<computed>"
  network_interface_id:         "" => "<computed>"
  placement_group:              "" => "<computed>"
  primary_network_interface_id: "" => "<computed>"
  private_dns:                  "" => "<computed>"
  private_ip:                   "" => "<computed>"
  public_dns:                   "" => "<computed>"
  public_ip:                    "" => "<computed>"
  root_block_device.#:          "" => "<computed>"
  security_groups.#:            "" => "<computed>"
  source_dest_check:            "" => "true"
  subnet_id:                    "" => "<computed>"
  tags.%:                       "" => "1"
  tags.foo:                     "" => "bar"
  tenancy:                      "" => "<computed>"
  volume_tags.%:                "" => "<computed>"
  vpc_security_group_ids.#:     "" => "<computed>"
aws_instance.foo: Creation complete (ID: i-04cd122e28f167a14)

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

% terraform plan                                                                                                                                                                                        ✹ ✭
[WARN] /Users/stacko/Code/go/bin/terraform-provider-aws overrides an internal plugin for aws-provider.
  If you did not expect to see this message you will need to remove the old plugin.
  See https://www.terraform.io/docs/internals/internal-plugins.html
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

aws_instance.foo: Refreshing state... (ID: i-04cd122e28f167a14)
No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, Terraform
doesn't need to do anything.
```
2017-05-18 17:28:37 +03:00
Jake Champlin 3f10116c6b Merge pull request #14563 from raphink/rancher_member
rancher_environment: add member support
2017-05-18 09:54:40 -04:00
Vladislav Rassokhin 5e8306d02a Ensure schemas of `default_cache_behavior` and `cache_behavior` are same except `path_pattern` (#12628) 2017-05-18 16:42:04 +03:00
Radek Simko cf67a689db provider/aws: Randomize CloudFormation acceptance tests (#14623) 2017-05-18 15:39:51 +02:00
Raphaël Pinson 87b502d5cf
rancher_environment: fix typo 2017-05-18 15:20:42 +02:00
Paul Stack 4bb16ad7f8 provider/aws: Fix the aws_codebuild_project acceptance tests (#14626) 2017-05-18 16:19:56 +03:00
Radek Simko 506eaaa247 provider/aws: Raise timeout for attaching/detaching VPN GW (#14624) 2017-05-18 15:02:34 +02:00
Jake Champlin 9e4b62556a Merge pull request #14571 from hashicorp/b-handle-limit-exceeded
provider/aws: Handle LimitExceededException for subscriber limits
2017-05-18 08:34:30 -04:00
Radek Simko 02cacceee4 provider/aws: Fix RDS DB snapshot data source acc test (#14610) 2017-05-18 13:52:33 +02:00
Eugene Chuvyrov 5884d518e7 [MS] Adding support for VMSS Data Disks using Managed Disk feature (#14608)
* Added support for data disks with managed disks feature

* Updated docs with VMSS Data Disks changes
2017-05-18 14:30:19 +03:00
Techbrunch 71e5602d79 Fixes #14620 Handle migration of data when restoring db cluster from snapshot (#14622)
Add `preparing-data-migration` to the list of pending statuses when creating a cluster from a snapshot using a different engine.
2017-05-18 14:23:55 +03:00
Radek Simko f77ccc0520 provider/aws: Randomize SNS topic names in acceptance tests (#14618) 2017-05-18 11:45:19 +02:00
Radek Simko 1b532b519f provider/aws: Increase timeout for retrying creation of IAM server cert (#14609) 2017-05-18 11:43:50 +02:00
Raphaël Pinson 1392670a69
rancher_environment: initialize envClient only when members are set 2017-05-18 09:35:13 +02:00
Raphaël Pinson 4f521c74b0
rancher_environment: do not use a custom set function for members 2017-05-18 09:21:27 +02:00
Clint 2a36e75b9e provider/aws: Tag VPCs created in our tests to help track down leaks (#14596) 2017-05-17 16:26:40 -05:00
James Bardin 6254bb6387 don't rename imports except to avoid collisions 2017-05-17 15:35:04 -04:00
James Bardin 490ee8c17d convert dns tests with external deps tyo ACC tests
External network calls can fail, and shouldn't stop unit tests from
running.
2017-05-17 15:33:30 -04:00
Raphaël Pinson b6c9b2dc7a
Test members 2017-05-17 18:20:47 +02:00
Raphaël Pinson d75ff93165
rancher_environment: do not crash on empty members 2017-05-17 18:20:33 +02:00
Jake Champlin c56cccab48 Merge pull request #14570 from raphink/github_user
GitHub user
2017-05-17 11:33:48 -04:00
Caio Filipini 45ad54c816 provider/digitalocean: Add support for certificates
Besides the support for DO certificates themselves, this commit also
includes:

1) A new `RandTLSCert` function that generates a valid, self-signed TLS
certificate to be used in the test
2) A fix for the PEM encoding of the private key generated in
`RandSSHKeyPair`: the PEM was always empty
2017-05-17 17:20:40 +02:00
Caio Filipini 6681a86211 provider/digitalocean: Update godo for Certificates support
There are three "deeper" changes included with this update:

1) The `Detach` function got removed from the `StorageActionsService` in
favor of `DetachByDropletID` (which is now used in
`resource_digitalocean_volume.go`).

2) The `Update` function got removed from `TagsService` (renaming a tag
has been deprecated in the API).

3) Every function in godo now takes a `context.Context` as first
argument, so I've changed all calls to send in a `context.Background()`.
2017-05-17 17:20:40 +02:00
Raphaël Pinson 96a1622b03
github_user: add acceptance tests 2017-05-17 17:07:15 +02:00
Raphaël Pinson 5833ffe0d1
Use username instead of Id in log 2017-05-17 16:53:32 +02:00
cmorent 0c260d1341 providers/heroku: import heroku_pipeline_coupling resource (#14495) 2017-05-17 09:53:08 -05:00
Raphaël Pinson fc0d197be8
Add github_user data source 2017-05-17 15:04:25 +02:00
Jake Champlin d05fc51aa0
provider/aws: Handle LimitExceededException for subscriber limits
- Updates aws-sdk-go/request for retryer fix
 - Fixes dynamoDB exception handling to catch subscriber limit error

When the `aws-sdk-go` dep releases the next release, we can tag the vendor with the new
release version, and merge this. Until then, soft-updated the vendor solely for the `request` package to post fix.

DynamoDB Fix:
```
aws_dynamodb_table.bar: Creating...
  arn:                       "" => "<computed>"
  attribute.#:               "" => "1"
  attribute.4228504427.name: "" => "id"
  attribute.4228504427.type: "" => "S"
  hash_key:                  "" => "id"
  name:                      "" => "over-cap-test"
  read_capacity:             "" => "5"
  stream_arn:                "" => "<computed>"
  stream_enabled:            "" => "<computed>"
  stream_view_type:          "" => "<computed>"
  write_capacity:            "" => "5"
Error applying plan:

1 error(s) occurred:

* aws_dynamodb_table.bar: 1 error(s) occurred:

* aws_dynamodb_table.bar: AWS Error creating DynamoDB table: LimitExceededException: Subscriber limit exceeded: There is a limit of 256 tables per subscriber
        status code: 400, request id: J2MC7MR060VKBPHP9P6JG5B6Q3VV4KQNSO5AEMVJF66Q9ASUAAJG
```
2017-05-17 08:59:47 -04:00
Radek Simko 65d47774f2 provider/kubernetes: Add support for Service (#14554) 2017-05-17 14:43:53 +02:00
Jake Champlin da2659b8e9 Merge pull request #11710 from ewbankkit/aws_default_vpc-resource
resource/aws: Add 'aws_default_vpc' resource
2017-05-17 08:37:14 -04:00
Jake Champlin a53c8825a8 Merge pull request #14463 from ewbankkit/issue-5653
Nothing to update in cloudformation should not result in errors
2017-05-17 08:08:11 -04:00
Raphaël Pinson 03cabb7b7e
rancher_environment: add member support 2017-05-17 10:03:26 +02:00
Kit Ewbank 2ed7297fa3 Add 'aws_default_vpc' resource. 2017-05-16 20:15:40 -04:00
Paul Stack 8b7f17c039 provider/aws: Change of aws_subnet ipv6 causing update failure (#14545)
Fixes: #14530

When we found an update of IPv6 cidr block, we first tried to
disassociate the old cidr block association. This caused errors if there
was none, it threw an error, as we passed an empty associationId:

```
* aws_subnet.public_subnet.0: InvalidSubnetCidrBlockAssociationId.Malformed: The subnet CIDR block with association ID  is malformed
    status code: 400, request id: f438f468-9ca4-4000-ba78-63a0f25d390a
* aws_subnet.public_subnet[1]: 1 error(s) occurred:
```

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSubnet_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/16 18:28:45 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSubnet_ -timeout 120m
=== RUN   TestAccAWSSubnet_importBasic
--- PASS: TestAccAWSSubnet_importBasic (55.40s)
=== RUN   TestAccAWSSubnet_basic
--- PASS: TestAccAWSSubnet_basic (53.62s)
=== RUN   TestAccAWSSubnet_ipv6
--- PASS: TestAccAWSSubnet_ipv6 (125.87s)
=== RUN   TestAccAWSSubnet_enableIpv6
--- PASS: TestAccAWSSubnet_enableIpv6 (88.88s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	323.787s
```
2017-05-16 23:06:28 +03:00
Bobby DeVeaux 9d79fdd789 Merge branch 'master' into master 2017-05-16 18:27:26 +01:00
Paul Stack 055c18e302 core/provider-split: Split out the Oracle OPC provider to new structure (#14362)
* core/providersplit: Split OPC Provider to separate repo

As we march towards Terraform 0.10.0, we are going to start building the
terraform providers as separate binaries - this will allow us to
continually release them. Before we go to 0.10.0, we need to be able to
continue building providers in the same manner, therefore, we have
hardcoded the path of the provider in the generate-plugins.go file

The interim solution will require us to vendor the opc provider and any
child dependencies, but when we get to 0.10.0, we will no longer have to
do this - the core will auto download the plugin binary. The plugin
package will have it's own dependencies vendored as well.

* core/providersplit: Removing the builtin version of OPC provider

* core/providersplit: Vendoring the OPC plugin

* core/providersplit: update internal plugin list

* core/providersplit: remove unused govendor item
2017-05-16 19:53:25 +03:00
Jake Champlin e4a50f2bae Merge pull request #14543 from hashicorp/b-opc-ip-addr-res
provider/opc: Correctly export `ip_address` in IP Addr Reservation
2017-05-16 10:43:13 -04:00
Paul Stack f351de9758 provider/aws: Set aws_subnet ipv6_cidr_block to computed (#14542)
Fixes: #14361

An IPv6 CIDR block is option and can be added *after* a subnet has been
created. Therefore, we should set it to `Computed: true`

Otherwise, a manually created IPv6 association will be removed on the
next terraform run
2017-05-16 17:34:16 +03:00
yanndegat 21d8125d5c provider/ovh: new provider (#12669)
* vendor: add go-ovh

* provider/ovh: new provider

* provider/ovh: Adding PublicCloud User Resource

* provider/ovh: Adding VRack Attachment Resource

* provider/ovh: Adding PublicCloud Network Resource

* provider/ovh: Adding PublicCloud Subnet Resource

* provider/ovh: Adding PublicCloud Regions Datasource

* provider/ovh: Adding PublicCloud Region Datasource

* provider/ovh: Fix Acctests using project's regions
2017-05-16 17:26:43 +03:00
Jake Champlin bc1a6b0261
provider/opc: Correctly export `ip_address` in IP Addr Reservation
Correctly sets the attribute `ip_address` in the `opc_compute_ip_address_reservation` resource.
Also updates documentation for the `ip_address_pool` attribute.

```
$ make testacc TEST=./builtin/providers/opc TESTARGS="-run=TestAccOPCIPAddressReservation_Basic"
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/16 10:15:53 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/opc -v -run=TestAccOPCIPAddressReservation_Basic -timeout 120m
=== RUN   TestAccOPCIPAddressReservation_Basic
--- PASS: TestAccOPCIPAddressReservation_Basic (22.60s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/opc    22.604s
```
2017-05-16 10:19:29 -04:00
Jake Champlin b9e188c5e0 Merge pull request #14528 from ewbankkit/issue-14527
Create rule(s) for prefix-list-only AWS security group ingress/egress permissions on 'terraform import'
2017-05-16 08:38:22 -04:00
mjsteger 9c0888ca88 Fix parsing of digitalocean dns records (#14215)
This changeset fixes how some digitalocean dns records were getting
parsed. In particular, it allows for understanding "@" as shorthand for
the domain itself, preventing terraform from suggesting changes that
wouldn't have any actual effect. This changeset also adds a trailing "."
to certain record types which are required to be submitted with a
trailing dot, but which digitalocean does not return with a trailing
dot, again preventing changes that wouldn't have an effect.

Tests have been added for the above, and with just adding the tests, the
current code is failing, as it is handling some records(e.g. MX)
incorrectly
2017-05-16 12:10:34 +03:00
Raphael Randschau 2c3d54b671 provider/scaleway: allow public_ip to be set (#14515)
this allows the IP <-> server relationship to be inverted as requested by #14175.
2017-05-16 11:59:39 +03:00
Christopher Elkins e1c4194dea Propagate AWS CodePipeline action roles (#14263)
* Propagate AWS CodePipeline action roles

* Add acceptance test for AWS CodePipeline action roles

* Isolate AWS CodePipeline service role acceptance test
2017-05-16 11:55:42 +03:00
Stephen Weatherford b65df9b5ac [MS] 14058 single placement group tf (#14510)
* Add single_placement_group to VMSS

* Add test, plus fixes

* Fix tests
2017-05-16 11:46:07 +03:00
Kit Ewbank 36888278b5 Add 'aws_default_vpc_dhcp_options' resource. (#14475) 2017-05-16 11:44:23 +03:00
Kit Ewbank 534dca00b2 Add 'aws_default_subnet' resource. (#14476) 2017-05-16 11:40:56 +03:00
Sergiusz Urbaniak 399830f1b7 providers/aws: add tags for resource_aws_autoscaling_group (#13574)
The existing "tag" field on autoscaling groups is very limited in that it
cannot be used in conjunction with interpolation preventing from adding
dynamic tag entries.

Other AWS resources don't have this restriction on tags because they work
directly on the map type.

AWS autoscaling groups on the other hand have an additional field
"propagate_at_launch" which is not usable with a pure map type.

This fixes it by introducing an additional field called "tags" which
allows specifying a list of maps. This preserves the possibility to
declare tags as with the "tag" field but additionally allows to
construct lists of maps using interpolation syntax.
2017-05-16 10:39:41 +02:00
Joe Topjian 5842642643 provider/openstack: Handle Deleted Resources in Floating IP Association (#14533)
This commit modifies the openstack_compute_floatingip_associate_v2 resource
to handle cases where the floating IP or instance were deleted outside of
Terraform.
2017-05-16 11:36:50 +03:00
Radek Simko ba7f1aec1e provider/aws: Avoid IP space overlap in EIP acc test (#14519) 2017-05-16 07:06:53 +02:00
Radek Simko 30ea3aee12 provider/aws: Only catch 'terminated' if we're not terminating instance (#14517) 2017-05-16 07:04:56 +02:00
Kit Ewbank f81dfbcf8b Create rule(s) for prefix-list-only AWS security group ingress/egress permissions on 'terraform import'. 2017-05-15 19:21:28 -04:00
Riley Karson 229b926d63 provider/google: Fix the health check default values for http and https so they match the expected value in the documentation and specific health check instances. (#14441) 2017-05-15 12:59:44 -07:00
Paul Stack 0a645294a0 provider/aws: ForceNew aws_launch_config when root_block_device changes (#14507)
Fixes: #14503

Changes to root_block_device were not picked up as we had a hash func to
return 0. We changed from set -> list as we only allow 1 value and
immediately we can get changes propagating

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSLaunchConfiguration_updateRootBlockDevice'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/15 19:27:39 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSLaunchConfiguration_updateRootBlockDevice -timeout 120m
=== RUN   TestAccAWSLaunchConfiguration_updateRootBlockDevice
--- PASS: TestAccAWSLaunchConfiguration_updateRootBlockDevice (51.12s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	51.140s
```
2017-05-15 20:18:40 +03:00
Paul Stack 2276e981ee provider/aws: Add new aws_db_snapshot data source (#10291)
* provider/aws: Add ability to create AWS DB Snapshots

* provider/aws: Add AWS DB Snapshot resource acceptance tests

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSDBSnapshot_
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/22 18:24:05 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSDBSnapshot_ -timeout 120m
=== RUN   TestAccAWSDBSnapshot_basic
--- PASS: TestAccAWSDBSnapshot_basic (892.75s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	892.773s
```

* provider/aws: Add new aws_db_snapshot data source

* docs/aws: Add documentation for aws_db_snapshot resource

* provider/aws: Add datasource for aws_db_snapshot acceptance tests

```
% make testacc TEST=./builtin/providers/aws
% TESTARGS='-run=TestAccAWSDbSnapshotDataSource_'     2 ↵ ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/11/22 18:55:08 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v
-run=TestAccAWSDbSnapshotDataSource_ -timeout 120m
=== RUN   TestAccAWSDbSnapshotDataSource_basic
--- PASS: TestAccAWSDbSnapshotDataSource_basic (966.68s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws966.699s
```

* docs/aws: Adding documentation for aws_db_snapshot datasource
2017-05-15 20:17:26 +03:00
emily 2ad2af0c09 Make google resource storage bucket importable (#14455) 2017-05-15 19:38:32 +03:00
clint shryock 6d0786cccb provider/aws: Improve Checkdestroy to not fail if the ami is not found (it's deleted afterall) and improve tagging 2017-05-15 10:24:43 -05:00
cmorent 589febdc26 providers/heroku: import heroku_pipeline resource (#14486) 2017-05-15 09:12:29 -05:00
Radek Simko 65af35fb25 Merge pull request #14460 from hashicorp/b-github-test-repo
provider/github: Randomize acceptance tests
2017-05-15 14:54:49 +02:00
Paul Stack d5bb844684 provider/aws: Allow Internet Gateway IPv6 routes (#14484)
Fixes: #14006
Fixes: #14464

IPv6 wasn't supported for adding routes to the internet gateway.
Resulted in a message as follows:

```
Error creating route: MissingParameter: The request must contain the parameter destinationCidrBlock or destinationIpv6CidrBlock
```

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSRoute_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/15 11:50:43 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSRoute_ -timeout 120m
=== RUN   TestAccAWSRoute_basic
--- PASS: TestAccAWSRoute_basic (67.27s)
=== RUN   TestAccAWSRoute_ipv6Support
--- PASS: TestAccAWSRoute_ipv6Support (59.35s)
=== RUN   TestAccAWSRoute_ipv6ToInternetGateway
--- PASS: TestAccAWSRoute_ipv6ToInternetGateway (67.39s)
=== RUN   TestAccAWSRoute_changeCidr
--- PASS: TestAccAWSRoute_changeCidr (103.68s)
=== RUN   TestAccAWSRoute_noopdiff
--- PASS: TestAccAWSRoute_noopdiff (194.32s)
=== RUN   TestAccAWSRoute_doesNotCrashWithVPCEndpoint
--- PASS: TestAccAWSRoute_doesNotCrashWithVPCEndpoint (71.36s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	563.397s
```
2017-05-15 15:48:38 +03:00
Malte Brodersen 994284f535 Allow Windows Docker containers to map volumes (#13584)
* fix regex for windows path

* Fix escaping

* move validate function out and create test
2017-05-15 13:09:50 +03:00
Paul Stack 59955a7523 provider/aws: Override spot_instance_requests volume_tags schema (#14481)
The acceptance tests for spot_instance_requests were showing falures as
follows:

```
------- Stdout: -------
=== RUN   TestAccAWSSpotInstanceRequest_basic
--- FAIL: TestAccAWSSpotInstanceRequest_basic (100.40s)
    testing.go:280: Step 0 error: After applying this step, the plan was not empty:

        DIFF:

        UPDATE: aws_spot_instance_request.foo
          volume_tags.%: "" => "<computed>"
```

This was because we were setting volume_tags as computed and thus the
diff. We needed to override the schema to make sure that it was not
being computed - it's only aws_instance that needs computed tags because
of EBS volumes

```
% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSSpotInstanceRequest_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2017/05/15 10:41:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSSpotInstanceRequest_ -timeout 120m
=== RUN   TestAccAWSSpotInstanceRequest_basic
--- PASS: TestAccAWSSpotInstanceRequest_basic (86.93s)
=== RUN   TestAccAWSSpotInstanceRequest_withBlockDuration
--- PASS: TestAccAWSSpotInstanceRequest_withBlockDuration (97.47s)
=== RUN   TestAccAWSSpotInstanceRequest_vpc
--- PASS: TestAccAWSSpotInstanceRequest_vpc (234.56s)
=== RUN   TestAccAWSSpotInstanceRequest_SubnetAndSG
--- PASS: TestAccAWSSpotInstanceRequest_SubnetAndSG (146.16s)
PASS
ok  	github.com/hashicorp/terraform/builtin/providers/aws	565.131s
```
2017-05-15 11:55:56 +03:00
Radek Simko 2964f7bc78 provider/aws: Show state reason when EC2 instance fails to launch (#14479) 2017-05-15 10:31:12 +02:00
Radek Simko 9c2a3d6248 provider/aws: Show last scaling activity when ASG creation/update fails (#14480) 2017-05-15 10:30:10 +02:00
Joe Topjian 0d930618ad Merge pull request #14307 from takaishi/support-to-create-seccgorup-rule-with-protocol-name
provider/openstack: Add to support protocols for resourceNetworkingSecGroupRuleV2
2017-05-14 22:33:30 -06:00
Jay Wang 6ca50dd81d [MS] provider/azurerm: New resource - Express Route Circuit (#14265)
* Adds ExpressRoute circuit documentation

* Adds tests and doc improvements

* Code for basic Express Route Circuit support

* Use the built-in validation helper

* Added ignoreCaseDiffSuppressFunc to a few fields

* Added more information to docs

* Touchup

* Moving SKU properties into a set.

* Updates doc

* A bit more tweaks

* Switch to Sprintf for test string

* Updating the acceptance test name for consistency
2017-05-14 19:30:14 +01:00
r_takaishi 773d7bf4f0 fix test and const name 2017-05-14 21:00:36 +09:00
r_takaishi 848176588c add test 2017-05-14 20:59:18 +09:00
r_takaishi 7ec662b243 provider/openstack: Add to support protocols for resourceNetworkingSecGroupRuleV2 2017-05-14 20:59:18 +09:00
Kit Ewbank f7b8fe82bc Nothing to update in cloudformation should not result in errors. 2017-05-13 17:08:08 -04:00