upstream/terraform
1
0
Fork 0
mirror of https://github.com/hashicorp/terraform.git synced 2026-03-21 18:10:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
terraform/internal/command/graph.go

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

338 lines
11 KiB
Go
Raw Permalink Normal View History

[COMPLIANCE] Add Copyright and License Headers
2023-05-02 11:33:06 -04:00
// Copyright IBM Corp. 2014, 2026
Update copyright file headers to BUSL-1.1
2023-08-10 18:43:27 -04:00
// SPDX-License-Identifier: BUSL-1.1
[COMPLIANCE] Add Copyright and License Headers
2023-05-02 11:33:06 -04:00
command/graph
2014-07-01 13:02:13 -04:00
package command
import (
"fmt"
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
"sort"
command/graph
2014-07-01 13:02:13 -04:00
"strings"
terraform: re-enable dot-graphs
2015-02-20 01:58:42 -05:00
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
"github.com/hashicorp/terraform/internal/addrs"
backendrun: Separate the types/etc for backends that support operations We previously had all of the types and helpers for all kinds of backends together in package backend. That kept things relatively simple, but it also meant that the majority of backends that only deal with remote state storage ended up still indirectly depending on the entire Terraform modules runtime, configuration loader, etc, etc, which brings into scope a bunch of external dependencies that the remote state backends don't really need. Since backends that support operations are a rare exception, we'll move the types and helpers for those into a separate package "backendrun", and then the main package backend can have a much more modest set of types and, more importantly, a modest set of dependencies on other packages in this codebase. This is part of an ongoing effort to reduce the exposure of Terraform Core and CLI code to the remote backends and vice-versa, so that in the long run we can more often treat them as separate for dependency maintenance purposes.
2024-03-11 19:27:44 -04:00
"github.com/hashicorp/terraform/internal/backend/backendrun"
Fix for no json output of state locking actions for --json flag (#32451) * Add viewType to Meta object and use it at the call sites * Assign viewType passed from flags to state-locking cli commands * Remove temp files * Set correct mode for statelocker depending on json flag passed to commands * Add StateLocker interface conformation check for StateLockerJSON * Remove empty line at end of comment * Pass correct ViewType to StateLocker from Backend call chain * Pass viewType to backend migration and initialization functions * Remove json processing info in process comment * Restore documentation style of backendMigrateOpts
2023-02-07 03:06:12 -05:00
"github.com/hashicorp/terraform/internal/command/arguments"
Move dag/ to internal/dag/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 12:30:37 -04:00
"github.com/hashicorp/terraform/internal/dag"
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
"github.com/hashicorp/terraform/internal/plans"
"github.com/hashicorp/terraform/internal/plans/planfile"
Move terraform/ to internal/terraform/ This is part of a general effort to move all of Terraform's non-library package surface under internal in order to reinforce that these are for internal use within Terraform only. If you were previously importing packages under this prefix into an external codebase, you could pin to an earlier release tag as an interim solution until you've make a plan to achieve the same functionality some other way.
2021-05-17 15:46:19 -04:00
"github.com/hashicorp/terraform/internal/terraform"
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
"github.com/hashicorp/terraform/internal/tfdiags"
command/graph
2014-07-01 13:02:13 -04:00
)
// GraphCommand is a Command implementation that takes a Terraform
// configuration and outputs the dependency tree in graphical form.
type GraphCommand struct {
command: convert all to use the new Meta thing
2014-07-12 23:37:30 -04:00
Meta
command/graph
2014-07-01 13:02:13 -04:00
}
func (c *GraphCommand) Run(args []string) int {
core: graph command gets -verbose and -draw-cycles When you specify `-verbose` you'll get the whole graph of operations, which gives a better idea of the operations terraform performs and in what order. The DOT graph is now generated with a small internal library instead of simple string building. This allows us to ensure the graph generation is as consistent as possible, among other benefits. We set `newrank = true` in the graph, which I've found does just as good a job organizing things visually as manually attempting to rank the nodes based on depth. This also fixes `-module-depth`, which was broken post-AST refector. Modules are now expanded into subgraphs with labels and borders. We have yet to regain the plan graphing functionality, so I removed that from the docs for now. Finally, if `-draw-cycles` is added, extra colored edges will be drawn to indicate the path of any cycles detected in the graph. A notable implementation change included here is that {Reverse,}DepthFirstWalk has been made deterministic. (Before it was dependent on `map` ordering.) This turned out to be unnecessary to gain determinism in the final DOT-level implementation, but it seemed a desirable enough of a property that I left it in.
2015-04-23 14:24:26 -04:00
var drawCycles bool
command/graph: update for new graphs
2016-12-03 18:00:34 -05:00
var graphTypeStr string
commands: make sure the correct flagset is used A lot of commands used `c.Meta.flagSet()` to create the initial flagset for the command, while quite a few of them didn’t actually use or support the flags that are then added. So I updated a few commands to use `flag.NewFlagSet()` instead to only add the flags that are actually needed/supported. Additionally this prevents a few commands from using locking while they actually don’t need locking (as locking is enabled as a default in `c.Meta.flagSet()`.
2018-11-21 09:35:27 -05:00
var moduleDepth int
var verbose bool
cli: Remove positional plan argument from graph To make the command arguments easier to understand and extend, we are moving away from positional arguments. This commit changes the graph command to take a `-plan` flag instead of an optional trailing path.
2021-02-02 13:09:30 -05:00
var planPath string
terraform: support graphing modules
2014-09-24 20:36:27 -04:00
command: Simplify Meta.process helper method After some refactoring, this helper method had an unused argument (vars) and an always-nil error return value. This commit cleans this up.
2020-04-01 15:01:08 -04:00
args = c.Meta.process(args)
commands: make sure the correct flagset is used A lot of commands used `c.Meta.flagSet()` to create the initial flagset for the command, while quite a few of them didn’t actually use or support the flags that are then added. So I updated a few commands to use `flag.NewFlagSet()` instead to only add the flags that are actually needed/supported. Additionally this prevents a few commands from using locking while they actually don’t need locking (as locking is enabled as a default in `c.Meta.flagSet()`.
2018-11-21 09:35:27 -05:00
cmdFlags := c.Meta.defaultFlagSet("graph")
core: graph command gets -verbose and -draw-cycles When you specify `-verbose` you'll get the whole graph of operations, which gives a better idea of the operations terraform performs and in what order. The DOT graph is now generated with a small internal library instead of simple string building. This allows us to ensure the graph generation is as consistent as possible, among other benefits. We set `newrank = true` in the graph, which I've found does just as good a job organizing things visually as manually attempting to rank the nodes based on depth. This also fixes `-module-depth`, which was broken post-AST refector. Modules are now expanded into subgraphs with labels and borders. We have yet to regain the plan graphing functionality, so I removed that from the docs for now. Finally, if `-draw-cycles` is added, extra colored edges will be drawn to indicate the path of any cycles detected in the graph. A notable implementation change included here is that {Reverse,}DepthFirstWalk has been made deterministic. (Before it was dependent on `map` ordering.) This turned out to be unnecessary to gain determinism in the final DOT-level implementation, but it seemed a desirable enough of a property that I left it in.
2015-04-23 14:24:26 -04:00
cmdFlags.BoolVar(&drawCycles, "draw-cycles", false, "draw-cycles")
command/graph: update for new graphs
2016-12-03 18:00:34 -05:00
cmdFlags.StringVar(&graphTypeStr, "type", "", "type")
commands: make sure the correct flagset is used A lot of commands used `c.Meta.flagSet()` to create the initial flagset for the command, while quite a few of them didn’t actually use or support the flags that are then added. So I updated a few commands to use `flag.NewFlagSet()` instead to only add the flags that are actually needed/supported. Additionally this prevents a few commands from using locking while they actually don’t need locking (as locking is enabled as a default in `c.Meta.flagSet()`.
2018-11-21 09:35:27 -05:00
cmdFlags.IntVar(&moduleDepth, "module-depth", -1, "module-depth")
cmdFlags.BoolVar(&verbose, "verbose", false, "verbose")
cli: Remove positional plan argument from graph To make the command arguments easier to understand and extend, we are moving away from positional arguments. This commit changes the graph command to take a `-plan` flag instead of an optional trailing path.
2021-02-02 13:09:30 -05:00
cmdFlags.StringVar(&planPath, "plan", "", "plan")
command/graph
2014-07-01 13:02:13 -04:00
cmdFlags.Usage = func() { c.Ui.Error(c.Help()) }
if err := cmdFlags.Parse(args); err != nil {
command: discard output from flags package and return errs directly (#22373) Any command using meta.defaultFlagSet *might* occasionally exit before the flag package's output got written. This caused flag error messages to get lost. This PR discards the flag package output in favor of directly returning the error to the end user.
2019-08-16 08:31:21 -04:00
c.Ui.Error(fmt.Sprintf("Error parsing command-line flags: %s\n", err.Error()))
command/graph
2014-07-01 13:02:13 -04:00
return 1
}
cli: Remove positional plan argument from graph To make the command arguments easier to understand and extend, we are moving away from positional arguments. This commit changes the graph command to take a `-plan` flag instead of an optional trailing path.
2021-02-02 13:09:30 -05:00
configPath, err := ModulePath(cmdFlags.Args())
command: convert to use backends
2017-01-18 23:50:45 -05:00
if err != nil {
c.Ui.Error(err.Error())
return 1
}
command/graph: use user-supplied plugin path when running graph command (#18083)
2019-04-17 13:48:11 -04:00
// Check for user-supplied plugin path
if c.pluginPath, err = c.loadPluginPath(); err != nil {
c.Ui.Error(fmt.Sprintf("Error loading plugin path: %s", err))
return 1
}
cli: Remove legacy positional path arguments Several commands continued to support the legacy positional path argument to specify a working directory. This functionality has been replaced with the global -chdir flag, which is specified before any other arguments, including the sub-command name. This commit removes support for the trailing path parameter from most commands. The only command which still supports a path argument is fmt, which also supports "-" to indicate receiving configuration from standard input. Any invocation of a command with an invalid trailing path parameter will result in a short error message, pointing at the -chdir alternative. There are many test updates in this commit, almost all of which are migrations from using positional arguments to specify a working directory. Because of the layer at which these tests run, we are unable to use the -chdir argument, so the churn in test files is larger than ideal. Sorry!
2021-02-02 10:35:45 -05:00
// Try to load plan if path is specified
Apply a confirmable run when given a saved cloud plan (#33270) It displays a run header with link to web UI, like starting a new plan does, then confirms the run and streams the apply logs. If you can't apply the run (it's from a different workspace, is in an unconfirmable state, etc. etc.), it displays an error instead. Notable points along the way: * Implement `WrappedPlanFile` sum type, and update planfile consumers to use it instead of a plain `planfile.Reader`. * Enable applying a saved cloud plan * Update TFC mocks — add org name to workspace, and minimal support for includes on MockRuns.ReadWithOptions.
2023-06-20 22:06:18 -04:00
var planFile *planfile.WrappedPlanFile
cli: Remove legacy positional path arguments Several commands continued to support the legacy positional path argument to specify a working directory. This functionality has been replaced with the global -chdir flag, which is specified before any other arguments, including the sub-command name. This commit removes support for the trailing path parameter from most commands. The only command which still supports a path argument is fmt, which also supports "-" to indicate receiving configuration from standard input. Any invocation of a command with an invalid trailing path parameter will result in a short error message, pointing at the -chdir alternative. There are many test updates in this commit, almost all of which are migrations from using positional arguments to specify a working directory. Because of the layer at which these tests run, we are unable to use the -chdir argument, so the churn in test files is larger than ideal. Sorry!
2021-02-02 10:35:45 -05:00
if planPath != "" {
planFile, err = c.PlanFile(planPath)
if err != nil {
c.Ui.Error(err.Error())
return 1
}
command: convert to use backends
2017-01-18 23:50:45 -05:00
}
command: validate config as part of loading it Previously we required callers to separately call .Validate on the root module to determine if there were any value errors, but we did that inconsistently and would thus see crashes in some cases where later code would try to use invalid configuration as if it were valid. Now we run .Validate automatically after config loading, returning the resulting diagnostics. Since we return a diagnostics here, it's possible to return both warnings and errors. We return the loaded module even if it's invalid, so callers are free to ignore returned errors and try to work with the config anyway, though they will need to be defensive against invalid configuration themselves in that case. As a result of this, all of the commands that load configuration now need to use diagnostic printing to signal errors. For the moment this just allows us to return potentially-multiple config errors/warnings in full fidelity, but also sets us up for later when more subsystems are able to produce rich diagnostics so we can show them all together. Finally, this commit also removes some stale, commented-out code for the "legacy" (pre-0.8) graph implementation, which has not been available for some time.
2017-12-06 19:41:48 -05:00
var diags tfdiags.Diagnostics
command: convert to use backends
2017-01-18 23:50:45 -05:00
// Load the backend
PSS: Update how commands access backends, so both `backend` and `state_store` configuration can be used (#37569) * Add a generic method for loading an operations backend in non-init commands * Refactor commands to use new prepareBackend method: group 1 * Refactor commands to use new prepareBackend method: group 2, where config parsing needs to be explicitly added * Refactor commands to use new prepareBackend method: group 3, where we can use already parsed config * Additional, more nested, places where logic for accessing backends needs to be refactored * Remove duplicated comment * Add test coverage of `(m *Meta) prepareBackend()` * Add TODO related to using plans for backend/state_store config in apply commands * Add `testStateStoreMockWithChunkNegotiation` test helper * Add assertions to tests about the backend (remote-state, local, etc) in use within operations backend * Stop prepareBackend taking locks as argument * Code comment in prepareBackend * Replace c.Meta.prepareBackend with c.prepareBackend * Change `c.Meta.loadSingleModule` to `c.loadSingleModule` * Rename (Meta).prepareBackend to (Meta).backend, update godoc comment to make relationship to (Meta).Backend more obvious. * Revert change from config.Module to config.Root.Module * Update `(m *Meta) backend` method to parse config itself, and also to adhere to calling code's viewtype instructions * Update all tests and calling code following previous commit * Change how an operations backend is obtained by autocomplete code * Update autocomplete to return nil if no workspace names are returned from the backend * Add test coverage for autocompleting workspace names when using a pluggable state store * Fix output command: pass view type data to new `backend` method * Fix in plan command: pass correct view type to `backend` method * Fix `providers schema` command to use correct viewtype when preparing a backend
2025-11-03 12:57:20 -05:00
b, backendDiags := c.backend(".", arguments.ViewHuman)
command: Various updates for the new backend package API This is a rather-messy, complex change to get the "command" package building again against the new backend API that was updated for the new configuration loader. A lot of this is mechanical rewriting to the new API, but meta_config.go and meta_backend.go in particular saw some major changes to interface with the new loader APIs and to deal with the change in order of steps in the backend API.
2018-03-27 18:31:05 -04:00
diags = diags.Append(backendDiags)
if backendDiags.HasErrors() {
c.showDiagnostics(diags)
command: convert to use backends
2017-01-18 23:50:45 -05:00
return 1
}
// We require a local backend
backendrun: Separate the types/etc for backends that support operations We previously had all of the types and helpers for all kinds of backends together in package backend. That kept things relatively simple, but it also meant that the majority of backends that only deal with remote state storage ended up still indirectly depending on the entire Terraform modules runtime, configuration loader, etc, etc, which brings into scope a bunch of external dependencies that the remote state backends don't really need. Since backends that support operations are a rare exception, we'll move the types and helpers for those into a separate package "backendrun", and then the main package backend can have a much more modest set of types and, more importantly, a modest set of dependencies on other packages in this codebase. This is part of an ongoing effort to reduce the exposure of Terraform Core and CLI code to the remote backends and vice-versa, so that in the long run we can more often treat them as separate for dependency maintenance purposes.
2024-03-11 19:27:44 -04:00
local, ok := b.(backendrun.Local)
command: convert to use backends
2017-01-18 23:50:45 -05:00
if !ok {
command: Various updates for the new backend package API This is a rather-messy, complex change to get the "command" package building again against the new backend API that was updated for the new configuration loader. A lot of this is mechanical rewriting to the new API, but meta_config.go and meta_backend.go in particular saw some major changes to interface with the new loader APIs and to deal with the change in order of steps in the backend API.
2018-03-27 18:31:05 -04:00
c.showDiagnostics(diags) // in case of any warnings in here
command: convert to use backends
2017-01-18 23:50:45 -05:00
c.Ui.Error(ErrUnsupportedLocalOp)
return 1
}
backend: Validate remote backend Terraform version When using the enhanced remote backend, a subset of all Terraform operations are supported. Of these, only plan and apply can be executed on the remote infrastructure (e.g. Terraform Cloud). Other operations run locally and use the remote backend for state storage. This causes problems when the local version of Terraform does not match the configured version from the remote workspace. If the two versions are incompatible, an `import` or `state mv` operation can cause the remote workspace to be unusable until a manual fix is applied. To prevent this from happening accidentally, this commit introduces a check that the local Terraform version and the configured remote workspace Terraform version are compatible. This check is skipped for commands which do not write state, and can also be disabled by the use of a new command-line flag, `-ignore-remote-version`. Terraform version compatibility is defined as: - For all releases before 0.14.0, local must exactly equal remote, as two different versions cannot share state; - 0.14.0 to 1.0.x are compatible, as we will not change the state version number until at least Terraform 1.1.0; - Versions after 1.1.0 must have the same major and minor versions, as we will not change the state version number in a patch release. If the two versions are incompatible, a diagnostic is displayed, advising that the error can be suppressed with `-ignore-remote-version`. When this flag is used, the diagnostic is still displayed, but as a warning instead of an error. Commands which will not write state can assert this fact by calling the helper `meta.ignoreRemoteBackendVersionConflict`, which will disable the checks. Those which can write state should instead call the helper `meta.remoteBackendVersionCheck`, which will return diagnostics for display. In addition to these explicit paths for managing the version check, we have an implicit check in the remote backend's state manager initialization method. Both of the above helpers will disable this check. This fallback is in place to ensure that future code paths which access state cannot accidentally skip the remote version check.
2020-11-13 16:43:56 -05:00
// This is a read-only command
Add cloud {} configuration block for Terraform Cloud This is a replacement declaration for using Terraform Cloud as a remote backend, leaving the literal backend as an implementation detail and not a user-level concept.
2021-08-24 15:28:12 -04:00
c.ignoreRemoteVersionConflict(b)
backend: Validate remote backend Terraform version When using the enhanced remote backend, a subset of all Terraform operations are supported. Of these, only plan and apply can be executed on the remote infrastructure (e.g. Terraform Cloud). Other operations run locally and use the remote backend for state storage. This causes problems when the local version of Terraform does not match the configured version from the remote workspace. If the two versions are incompatible, an `import` or `state mv` operation can cause the remote workspace to be unusable until a manual fix is applied. To prevent this from happening accidentally, this commit introduces a check that the local Terraform version and the configured remote workspace Terraform version are compatible. This check is skipped for commands which do not write state, and can also be disabled by the use of a new command-line flag, `-ignore-remote-version`. Terraform version compatibility is defined as: - For all releases before 0.14.0, local must exactly equal remote, as two different versions cannot share state; - 0.14.0 to 1.0.x are compatible, as we will not change the state version number until at least Terraform 1.1.0; - Versions after 1.1.0 must have the same major and minor versions, as we will not change the state version number in a patch release. If the two versions are incompatible, a diagnostic is displayed, advising that the error can be suppressed with `-ignore-remote-version`. When this flag is used, the diagnostic is still displayed, but as a warning instead of an error. Commands which will not write state can assert this fact by calling the helper `meta.ignoreRemoteBackendVersionConflict`, which will disable the checks. Those which can write state should instead call the helper `meta.remoteBackendVersionCheck`, which will return diagnostics for display. In addition to these explicit paths for managing the version check, we have an implicit check in the remote backend's state manager initialization method. Both of the above helpers will disable this check. This fallback is in place to ensure that future code paths which access state cannot accidentally skip the remote version check.
2020-11-13 16:43:56 -05:00
command: convert to use backends
2017-01-18 23:50:45 -05:00
// Build the operation
Fix for no json output of state locking actions for --json flag (#32451) * Add viewType to Meta object and use it at the call sites * Assign viewType passed from flags to state-locking cli commands * Remove temp files * Set correct mode for statelocker depending on json flag passed to commands * Add StateLocker interface conformation check for StateLockerJSON * Remove empty line at end of comment * Pass correct ViewType to StateLocker from Backend call chain * Pass viewType to backend migration and initialization functions * Remove json processing info in process comment * Restore documentation style of backendMigrateOpts
2023-02-07 03:06:12 -05:00
opReq := c.Operation(b, arguments.ViewHuman)
command: Various updates for the new backend package API This is a rather-messy, complex change to get the "command" package building again against the new backend API that was updated for the new configuration loader. A lot of this is mechanical rewriting to the new API, but meta_config.go and meta_backend.go in particular saw some major changes to interface with the new loader APIs and to deal with the change in order of steps in the backend API.
2018-03-27 18:31:05 -04:00
opReq.ConfigDir = configPath
opReq.ConfigLoader, err = c.initConfigLoader()
terraform: Ugly huge change to weave in new State and Plan types Due to how often the state and plan types are referenced throughout Terraform, there isn't a great way to switch them out gradually. As a consequence, this huge commit gets us from the old world to a _compilable_ new world, but still has a large number of known test failures due to key functionality being stubbed out. The stubs here are for anything that interacts with providers, since we now need to do the follow-up work to similarly replace the old terraform.ResourceProvider interface with its replacement in the new "providers" package. That work, along with work to fix the remaining failing tests, will follow in subsequent commits. The aim here was to replace all references to terraform.State and its downstream types with states.State, terraform.Plan with plans.Plan, state.State with statemgr.State, and switch to the new implementations of the state and plan file formats. However, due to the number of times those types are used, this also ended up affecting numerous other parts of core such as terraform.Hook, the backend.Backend interface, and most of the CLI commands. Just as with 5861dbf3fc49b19587a31816eb06f511ab861bb4 before, I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-08-14 17:24:45 -04:00
opReq.PlanFile = planFile
backend: Allow certain commands to opt out of required variable checks Terraform Core expects all variables to be set, but for some ancillary commands it's fine for them to just be set to placeholders because the variable values themselves are not key to the command's functionality as long as the terraform.Context is still self-consistent. For such commands, rather than prompting for interactive input for required variables we'll just stub them out as unknowns to reflect that they are placeholders for values that a user would normally need to provide. This achieves a similar effect to how these commands behaved before, but without the tendency to produce a slightly invalid terraform.Context that would fail in strange ways when asked to run certain operations.
2019-10-09 17:29:40 -04:00
opReq.AllowUnsetVariables = true
command: Various updates for the new backend package API This is a rather-messy, complex change to get the "command" package building again against the new backend API that was updated for the new configuration loader. A lot of this is mechanical rewriting to the new API, but meta_config.go and meta_backend.go in particular saw some major changes to interface with the new loader APIs and to deal with the change in order of steps in the backend API.
2018-03-27 18:31:05 -04:00
if err != nil {
diags = diags.Append(err)
c.showDiagnostics(diags)
return 1
}
command: convert to use backends
2017-01-18 23:50:45 -05:00
// Get the context
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
lr, _, ctxDiags := local.LocalRun(opReq)
command: Various updates for the new backend package API This is a rather-messy, complex change to get the "command" package building again against the new backend API that was updated for the new configuration loader. A lot of this is mechanical rewriting to the new API, but meta_config.go and meta_backend.go in particular saw some major changes to interface with the new loader APIs and to deal with the change in order of steps in the backend API.
2018-03-27 18:31:05 -04:00
diags = diags.Append(ctxDiags)
if ctxDiags.HasErrors() {
c.showDiagnostics(diags)
command/graph
2014-07-01 13:02:13 -04:00
return 1
}
only ignore validation if -draw-cycles is enabled
2024-12-10 09:03:04 -05:00
lr.Core.SetGraphOpts(&terraform.ContextGraphOpts{SkipGraphValidation: drawCycles})
command/graph
2014-07-01 13:02:13 -04:00
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
if graphTypeStr == "" {
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
if planFile == nil {
// Simple resource dependency mode:
// This is based on the plan graph but we then further reduce it down
// to just resource dependency relationships, assuming that in most
// cases the most important thing is what order we'll visit the
// resources in.
fullG, graphDiags := lr.Core.PlanGraphForUI(lr.Config, lr.InputState, plans.NormalMode)
diags = diags.Append(graphDiags)
if graphDiags.HasErrors() {
c.showDiagnostics(diags)
return 1
}
g := fullG.ResourceGraph()
return c.resourceOnlyGraph(g)
} else {
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
graphTypeStr = "apply"
}
command/graph: update for new graphs
2016-12-03 18:00:34 -05:00
}
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
var g *terraform.Graph
var graphDiags tfdiags.Diagnostics
switch graphTypeStr {
case "plan":
g, graphDiags = lr.Core.PlanGraphForUI(lr.Config, lr.InputState, plans.NormalMode)
case "plan-refresh-only":
g, graphDiags = lr.Core.PlanGraphForUI(lr.Config, lr.InputState, plans.RefreshOnlyMode)
case "plan-destroy":
g, graphDiags = lr.Core.PlanGraphForUI(lr.Config, lr.InputState, plans.DestroyMode)
case "apply":
plan := lr.Plan
// Historically "terraform graph" would allow the nonsensical request to
// render an apply graph without a plan, so we continue to support that
// here, though perhaps one day this should be an error.
if lr.Plan == nil {
plan = &plans.Plan{
remove old refactoring comments
2024-08-22 09:28:00 -04:00
Changes: plans.NewChangesSrc(),
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
UIMode: plans.NormalMode,
PriorState: lr.InputState,
PrevRunState: lr.InputState,
}
command/graph: update for new graphs
2016-12-03 18:00:34 -05:00
}
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
g, graphDiags = lr.Core.ApplyGraphForUI(plan, lr.Config)
case "eval", "validate":
// Terraform v0.12 through v1.0 supported both of these, but the
// graph variants for "eval" and "validate" are purely implementation
// details and don't reveal anything (user-model-wise) that you can't
// see in the plan graph.
graphDiags = graphDiags.Append(tfdiags.Sourceless(
tfdiags.Error,
"Graph type no longer available",
fmt.Sprintf("The graph type %q is no longer available. Use -type=plan instead to get a similar result.", graphTypeStr),
))
default:
graphDiags = graphDiags.Append(tfdiags.Sourceless(
tfdiags.Error,
"Unsupported graph type",
`The -type=... argument must be either "plan", "plan-refresh-only", "plan-destroy", or "apply".`,
))
command/graph: update for new graphs
2016-12-03 18:00:34 -05:00
}
terraform: ugly huge change to weave in new HCL2-oriented types Due to how deeply the configuration types go into Terraform Core, there isn't a great way to switch out to HCL2 gradually. As a consequence, this huge commit gets us from the old state to a _compilable_ new state, but does not yet attempt to fix any tests and has a number of known missing parts and bugs. We will continue to iterate on this in forthcoming commits, heading back towards passing tests and making Terraform fully-functional again. The three main goals here are: - Use the configuration models from the "configs" package instead of the older models in the "config" package, which is now deprecated and preserved only to help us write our migration tool. - Do expression inspection and evaluation using the functionality of the new "lang" package, instead of the Interpolator type and related functionality in the main "terraform" package. - Represent addresses of various objects using types in the addrs package, rather than hand-constructed strings. This is not critical to support the above, but was a big help during the implementation of these other points since it made it much more explicit what kind of address is expected in each context. Since our new packages are built to accommodate some future planned features that are not yet implemented (e.g. the "for_each" argument on resources, "count"/"for_each" on modules), and since there's still a fair amount of functionality still using old-style APIs, there is a moderate amount of shimming here to connect new assumptions with old, hopefully in a way that makes it easier to find and eliminate these shims later. I apologize in advance to the person who inevitably just found this huge commit while spelunking through the commit history.
2018-04-30 13:33:53 -04:00
diags = diags.Append(graphDiags)
if graphDiags.HasErrors() {
c.showDiagnostics(diags)
command/graph
2014-07-01 13:02:13 -04:00
return 1
}
Provider a marshaler for dag.Graph The dot format generation was done with a mix of code from the terraform package and the dot package. Unify the dot generation code, and it into the dag package. Use an intermediate structure to allow a dag.Graph to marshal itself directly. This structure will be ablt to marshal directly to JSON, or be translated to dot format. This was we can record more information about the graph in the debug logs, and provide a way to translate those logged structures to dot, which is convenient for viewing the graphs.
2016-11-09 09:58:52 -05:00
graphStr, err := terraform.GraphDot(g, &dag.DotOpts{
core: graph command gets -verbose and -draw-cycles When you specify `-verbose` you'll get the whole graph of operations, which gives a better idea of the operations terraform performs and in what order. The DOT graph is now generated with a small internal library instead of simple string building. This allows us to ensure the graph generation is as consistent as possible, among other benefits. We set `newrank = true` in the graph, which I've found does just as good a job organizing things visually as manually attempting to rank the nodes based on depth. This also fixes `-module-depth`, which was broken post-AST refector. Modules are now expanded into subgraphs with labels and borders. We have yet to regain the plan graphing functionality, so I removed that from the docs for now. Finally, if `-draw-cycles` is added, extra colored edges will be drawn to indicate the path of any cycles detected in the graph. A notable implementation change included here is that {Reverse,}DepthFirstWalk has been made deterministic. (Before it was dependent on `map` ordering.) This turned out to be unnecessary to gain determinism in the final DOT-level implementation, but it seemed a desirable enough of a property that I left it in.
2015-04-23 14:24:26 -04:00
DrawCycles: drawCycles,
MaxDepth: moduleDepth,
Verbose: verbose,
})
if err != nil {
c.Ui.Error(fmt.Sprintf("Error converting graph: %s", err))
return 1
}
command: validate config as part of loading it Previously we required callers to separately call .Validate on the root module to determine if there were any value errors, but we did that inconsistently and would thus see crashes in some cases where later code would try to use invalid configuration as if it were valid. Now we run .Validate automatically after config loading, returning the resulting diagnostics. Since we return a diagnostics here, it's possible to return both warnings and errors. We return the loaded module even if it's invalid, so callers are free to ignore returned errors and try to work with the config anyway, though they will need to be defensive against invalid configuration themselves in that case. As a result of this, all of the commands that load configuration now need to use diagnostic printing to signal errors. For the moment this just allows us to return potentially-multiple config errors/warnings in full fidelity, but also sets us up for later when more subsystems are able to produce rich diagnostics so we can show them all together. Finally, this commit also removes some stale, commented-out code for the "legacy" (pre-0.8) graph implementation, which has not been available for some time.
2017-12-06 19:41:48 -05:00
if diags.HasErrors() {
// For this command we only show diagnostics if there are errors,
// because printing out naked warnings could upset a naive program
// consuming our dot output.
c.showDiagnostics(diags)
return 1
}
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
_, err = c.Streams.Stdout.File.WriteString(graphStr)
if err != nil {
c.Ui.Error(fmt.Sprintf("Failed to write graph to stdout: %s", err))
return 1
}
command/graph
2014-07-01 13:02:13 -04:00
return 0
}
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
func (c *GraphCommand) resourceOnlyGraph(graph addrs.DirectedGraph[addrs.ConfigResource]) int {
out := c.Streams.Stdout.File
fmt.Fprintln(out, "digraph G {")
// Horizontal presentation is easier to read because our nodes tend
// to be much wider than they are tall. The leftmost nodes in the output
// are those Terraform would visit first.
fmt.Fprintln(out, " rankdir = \"RL\";")
fmt.Fprintln(out, " node [shape = rect, fontname = \"sans-serif\"];")
// To help relate the output back to the configuration it came from,
// and to make the individual node labels more reasonably sized when
// deeply nested inside modules, we'll cluster the nodes together by
// the module they belong to and then show only the local resource
// address in the individual nodes. We'll accomplish that by sorting
// the nodes first by module, so we can then notice the transitions.
allAddrs := graph.AllNodes()
if len(allAddrs) == 0 {
fmt.Fprintln(out, " /* This configuration does not contain any resources. */")
fmt.Fprintln(out, " /* For a more detailed graph, try: terraform graph -type=plan */")
}
addrsOrder := make([]addrs.ConfigResource, 0, len(allAddrs))
for _, addr := range allAddrs {
addrsOrder = append(addrsOrder, addr)
}
sort.Slice(addrsOrder, func(i, j int) bool {
iAddr, jAddr := addrsOrder[i], addrsOrder[j]
iModStr, jModStr := iAddr.Module.String(), jAddr.Module.String()
switch {
case iModStr != jModStr:
return iModStr < jModStr
default:
iRes, jRes := iAddr.Resource, jAddr.Resource
switch {
case iRes.Mode != jRes.Mode:
return iRes.Mode == addrs.DataResourceMode
case iRes.Type != jRes.Type:
return iRes.Type < jRes.Type
default:
return iRes.Name < jRes.Name
}
}
})
currentMod := addrs.RootModule
for _, addr := range addrsOrder {
if !addr.Module.Equal(currentMod) {
// We need a new subgraph, then.
// Experimentally it seems like nested clusters tend to make it
// hard for dot to converge on a good layout, so we'll stick with
// just one level of clusters for now but could revise later based
// on feedback.
if !currentMod.IsRoot() {
fmt.Fprintln(out, " }")
}
currentMod = addr.Module
fmt.Fprintf(out, " subgraph \"cluster_%s\" {\n", currentMod.String())
fmt.Fprintf(out, " label = %q\n", currentMod.String())
fmt.Fprintf(out, " fontname = %q\n", "sans-serif")
}
if currentMod.IsRoot() {
fmt.Fprintf(out, " %q [label=%q];\n", addr.String(), addr.Resource.String())
} else {
fmt.Fprintf(out, " %q [label=%q];\n", addr.String(), addr.Resource.String())
}
}
if !currentMod.IsRoot() {
fmt.Fprintln(out, " }")
}
// Now we'll emit all of the edges.
// We use addrsOrder for both levels to ensure a consistent ordering between
// runs without further sorting, which means we visit more nodes than we
// really need to but this output format is only really useful for relatively
// small graphs anyway, so this should be fine.
for _, sourceAddr := range addrsOrder {
deps := graph.DirectDependenciesOf(sourceAddr)
for _, targetAddr := range addrsOrder {
if !deps.Has(targetAddr) {
continue
}
fmt.Fprintf(out, " %q -> %q;\n", sourceAddr.String(), targetAddr.String())
}
}
fmt.Fprintln(out, "}")
return 0
}
command/graph
2014-07-01 13:02:13 -04:00
func (c *GraphCommand) Help() string {
helpText := `
cli: Add reference to global options to help text
2021-02-22 09:25:56 -05:00
Usage: terraform [global options] graph [options]
command/graph
2014-07-01 13:02:13 -04:00
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
Produces a representation of the dependency graph between different
objects in the current configuration and state.
command/graph
2014-07-01 13:02:13 -04:00
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
By default the graph shows a summary only of the relationships between
resources in the configuration, since those are the main objects that
have side-effects whose ordering is significant. You can generate more
detailed graphs reflecting Terraform's actual evaluation strategy
by specifying the -type=TYPE option to select an operation type.
core: Functional-style API for terraform.Context Previously terraform.Context was built in an unfortunate way where all of the data was provided up front in terraform.NewContext and then mutated directly by subsequent operations. That made the data flow hard to follow, commonly leading to bugs, and also meant that we were forced to take various actions too early in terraform.NewContext, rather than waiting until a more appropriate time during an operation. This (enormous) commit changes terraform.Context so that its fields are broadly just unchanging data about the execution context (current workspace name, available plugins, etc) whereas the main data Terraform works with arrives via individual method arguments and is returned in return values. Specifically, this means that terraform.Context no longer "has-a" config, state, and "planned changes", instead holding on to those only temporarily during an operation. The caller is responsible for propagating the outcome of one step into the next step so that the data flow between operations is actually visible. However, since that's a change to the main entry points in the "terraform" package, this commit also touches every file in the codebase which interacted with those APIs. Most of the noise here is in updating tests to take the same actions using the new API style, but this also affects the main-code callers in the backends and in the command package. My goal here was to refactor without changing observable behavior, but in practice there are a couple externally-visible behavior variations here that seemed okay in service of the broader goal: - The "terraform graph" command is no longer hooked directly into the core graph builders, because that's no longer part of the public API. However, I did include a couple new Context functions whose contract is to produce a UI-oriented graph, and _for now_ those continue to return the physical graph we use for those operations. There's no exported API for generating the "validate" and "eval" graphs, because neither is particularly interesting in its own right, and so "terraform graph" no longer supports those graph types. - terraform.NewContext no longer has the responsibility for collecting all of the provider schemas up front. Instead, we wait until we need them. However, that means that some of our error messages now have a slightly different shape due to unwinding through a differently-shaped call stack. As of this commit we also end up reloading the schemas multiple times in some cases, which is functionally acceptable but likely represents a performance regression. I intend to rework this to use caching, but I'm saving that for a later commit because this one is big enough already. The proximal reason for this change is to resolve the chicken/egg problem whereby there was previously no single point where we could apply "moved" statements to the previous run state before creating a plan. With this change in place, we can now do that as part of Context.Plan, prior to forking the input state into the three separate state artifacts we use during planning. However, this is at least the third project in a row where the previous API design led to piling more functionality into terraform.NewContext and then working around the incorrect order of operations that produces, so I intend that by paying the cost/risk of this large diff now we can in turn reduce the cost/risk of future projects that relate to our main workflow actions.
2021-08-24 15:06:38 -04:00
The graph is presented in the DOT language. The typical program that can
command/graph: takes config dir as arg
2014-07-11 23:38:03 -04:00
read this format is GraphViz, but many web services are also available
to read this format.
command/graph: update for new graphs
2016-12-03 18:00:34 -05:00
Options:
core: graph command gets -verbose and -draw-cycles When you specify `-verbose` you'll get the whole graph of operations, which gives a better idea of the operations terraform performs and in what order. The DOT graph is now generated with a small internal library instead of simple string building. This allows us to ensure the graph generation is as consistent as possible, among other benefits. We set `newrank = true` in the graph, which I've found does just as good a job organizing things visually as manually attempting to rank the nodes based on depth. This also fixes `-module-depth`, which was broken post-AST refector. Modules are now expanded into subgraphs with labels and borders. We have yet to regain the plan graphing functionality, so I removed that from the docs for now. Finally, if `-draw-cycles` is added, extra colored edges will be drawn to indicate the path of any cycles detected in the graph. A notable implementation change included here is that {Reverse,}DepthFirstWalk has been made deterministic. (Before it was dependent on `map` ordering.) This turned out to be unnecessary to gain determinism in the final DOT-level implementation, but it seemed a desirable enough of a property that I left it in.
2015-04-23 14:24:26 -04:00
cli: Remove positional plan argument from graph To make the command arguments easier to understand and extend, we are moving away from positional arguments. This commit changes the graph command to take a `-plan` flag instead of an optional trailing path.
2021-02-02 13:09:30 -05:00
-plan=tfplan Render graph using the specified plan file instead of the
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
configuration in the current directory. Implies -type=apply.
cli: Remove positional plan argument from graph To make the command arguments easier to understand and extend, we are moving away from positional arguments. This commit changes the graph command to take a `-plan` flag instead of an optional trailing path.
2021-02-02 13:09:30 -05:00
Remove support for the -module-depth flag # Conflicts: # backend/backend.go
2018-11-02 12:58:38 -04:00
-draw-cycles Highlight any cycles in the graph with colored edges.
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
This helps when diagnosing cycle errors. This option is
supported only when illustrating a real evaluation graph,
selected using the -type=TYPE option.
terraform: support graphing modules
2014-09-24 20:36:27 -04:00
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
-type=TYPE Type of operation graph to output. Can be: plan,
plan-refresh-only, plan-destroy, or apply. By default
Terraform just summarizes the relationships between the
resources in your configuration, without any particular
operation in mind. Full operation graphs are more detailed
but therefore often harder to read.
terraform: remove legacy graph builder
2017-01-26 18:18:42 -05:00
Update docs to reflect current behavior
2020-01-08 16:33:30 -05:00
-module-depth=n (deprecated) In prior versions of Terraform, specified the
command/graph: Simpler resource-only graph by default Unless a user specifically requests a real operation graph using the -type option, we'll by default present a simplified graph which only represents the relationships between resources, since resources are the main side-effects and so the ordering of these is more interesting than the ordering of Terraform's internal implementation details.
2023-02-09 21:32:45 -05:00
depth of modules to show in the output.
command/graph
2014-07-01 13:02:13 -04:00
`
return strings.TrimSpace(helpText)
}
func (c *GraphCommand) Synopsis() string {
command: Improve consistency of the command short descriptions The short description of our commands (as shown in the main help output from "terraform") was previously very inconsistent, using different tense/mood for different commands. Some of the commands were also using some terminology choices inconsistent with how we currently talk about the related ideas in our documentation. Here I've tried to add some consistency by first rewriting them all in the imperative mood (except the ones that just are just subcommand groupings), and tweaking some of the terminology to hopefully gel better with how we present similar ideas in our recently-updated docs. While working on this I inevitably spotted some similar inconsistencies in the longer-form help output of some of the commands. I've not reviewed all of these for consistency, but I did update some where the wording was either left inconsstent with the short form changes I'd made or where the prose stood out to me as particularly inconsistent with our current usual documentation language style. All of this is subjective, so I expect we'll continue to tweak these over time as we continue to develop our documentation writing style based on user questions and feedback.
2020-10-23 19:55:32 -04:00
return "Generate a Graphviz graph of the steps in an operation"
command/graph
2014-07-01 13:02:13 -04:00
}
Reference in a new issue Copy permalink