* Fix S3 backend test affected by making the Workspaces method return errors via diagnostics
* Address diagnostics comparison issues in test by ensuring expected diagnostics are defined in the context of the config they're triggered by
* Fix failing test case `TestBackendConfig_EC2MetadataEndpoint/envvar_invalid_mode` by making `diagnosticBase` struct comparable
* Add compile-time checks that diagnostic types fulfil interfaces
* Stop diagnosticBase implementing ComparableDiagnostic, re-add S3-specific comparer code to s3 package
* Update tests to use the S3-specific comparer again
* Fix test case missed in refactoring
* Update the backend.Backend interface to use diagnostics as return value from StateMgr method
* Fix calls to `Fatalf`
* Update Backend interface to use diagnostics for `DeleteWorkspace` and `Workspaces` methods
* Update testing helpers in backend package
* Update pluggable package to match interface changes
* Update builtin terraform provider package to match interface changes
* Update code in Meta-related files in command package; update error check logic
* Update workspace commands; update error check logic
* Update Local backend package to match interface changes
* Update Cloud backend to match interface changes
* Update Remote backend to match interface changes
* Update cos remote-state backend to match interface changes
* Update inmem remote-state backend to match interface changes
* Update pg remote-state backend to match interface changes
* Update http remote-state backend to match interface changes
* Update consul remote-state backend to match interface changes
* Update oss remote-state backend to match interface changes
* Update kubernetes remote-state backend to match interface changes
* Update gcs remote-state backend to match interface changes
* Update s3 remote-state backend to match interface changes
* Update oci remote-state backend to match interface changes
* Update azure remote-state backend to match interface changes
* Allow warnings from Workspaces and DeleteWorkspace methods to be logged or returned to calling code
* Fix defect in inmem backend test
* Change how warnings from workspace-related methods are output to view/ui
* Fix copy-pasta
* Update some comments clarifying backend-related interfaces and "enhanced" versus "operations"
* Fix more comments that refer to types and interfaces that have moved into the backendrun package
* Update comments to reflect that the backend.Enhanced interface no longer exists
* Add compile-time check that Local backend implements backendrun.OperationsBackend
Added a comment to explain the rationale behind the guard statement, which prevents potential nil errors during backend initialization and retryLogHook call.
Signed-off-by: Bruno Schaatsbergen <git@bschaatsbergen.com>
When key-value tags are enabled and used in the workspace, users may
define the tags attribute as a map of strings in the cloud block in order
to more precicely match workspaces using those tags.
In order to inject the value of TFP-AppName, we will need a backend.Cloud ref available
to use. This change modifies generalError as a receiver method for backend.Cloud types.
We also duplicate this method as a receiver for TestSuiteRunner, since TestSuiteRunner does
not have a backend.Cloud ref.
We previously had all of the types and helpers for all kinds of backends
together in package backend. That kept things relatively simple, but it
also meant that the majority of backends that only deal with remote state
storage ended up still indirectly depending on the entire Terraform modules
runtime, configuration loader, etc, etc, which brings into scope a bunch
of external dependencies that the remote state backends don't really need.
Since backends that support operations are a rare exception, we'll move the
types and helpers for those into a separate package "backendrun", and
then the main package backend can have a much more modest set of types and,
more importantly, a modest set of dependencies on other packages in this
codebase.
This is part of an ongoing effort to reduce the exposure of Terraform Core
and CLI code to the remote backends and vice-versa, so that in the long
run we can more often treat them as separate for dependency maintenance
purposes.
Most of the time, the Cloud backend is the only thing that needs to read the
results of this discovery, and the only thing it cares about is the URL to the
TFE v2 API service. However:
- Other things might need to know about services that your TFC instance
provides, including services other than the TFE v2 API.
- There's a lot of complexity involved in determining which TFC instance you
should be talking to (as well as the credentials for contacting it, the
default org/workspace/project you're interested in, etc.), and it makes sense
to leave the Cloud backend as the owner of that complexity rather than
re-implement it in other potential consumers!
So, since other TFC consumers will likely be configuring a Cloud backend to get
their information anyway, might as well cache the known services so we don't
have to repeat the discovery request.
As part of this commit, note that I removed some code that swallowed a
particular error during discovery. This was vestigial behavior that came over
from the `remote` backend, but we were no longer performing the second part of
the process (i.e. producing a more descriptive error in place of the one we
swallowed). See https://github.com/hashicorp/terraform/pull/19659 for discussion
about the original intent.
This fixes issue #33976, introduced in https://github.com/hashicorp/terraform/pull/33489,
which broke the intended behavior of specifying the active workspace via the
TF_WORKSPACE variable when using a tag-based workspace mapping.
Now that all the default and fallback value behaviors are cleanly isolated in a
function, this whole flow can be a bit simpler.
- Remove `setConfigurationFields`. Instead, `Configure` can just trade its Cty
`obj` for a dumb struct and set a couple fields from it. The
`TF_FORCE_LOCAL_BACKEND` handling can just join the relevant section of
Configure directly.
- Radically chop down PrepareConfig. It turns out we were violating the interface
contract, which says PrepareConfig shouldn't trouble itself with the shell
environment and fallback values... So, don't do that.
This will be the central location for everything involving combining environment
variables with a `cloud` config block to obtain a final cloud config. It returns
a plain Go value (so that nothing downstream of it ever needs to mess with Cty
types), and doesn't mutate any fields on the backend, so it has a nice firm
boundary of responsibilities.
Also, it's quite a bit more pedantic and explicit about HOW the environment
variables get consulted, in the hope of reducing future misunderstandings about
our UI-level expectations.
* Add ability to specify Terraform Cloud Project in cloud block
Adds project configuration to the workspaces section of the cloud block.
Also configurable via the `TF_CLOUD_PROJECT` environment variable.
When a project is configured, the following behaviors will occur:
- `terraform init` with workspaces.name configured will create the workspace in the given project
- `terraform workspace new <name>` with workspaces.tags configured will create workspaces in the given project
- `terraform workspace list` will list workspaces only from the given project
The following behaviors are NOT affected by project configuration
- `terraform workspace delete <name>` does not validate the workspace's inclusion in the given project
- When initializing a workspace that already exists in Terraform Cloud, the workspace's parent project is NOT validated against the given project
Adds tests for cloud block configuration of project
Update changelog
* Update cloud block docs
* Fix typos and changelog entry
* Add speculative project lookup early in the cloud initialize process to capture inability to find a configured project
* Add project config for alias test
Previously, remote and cloud backends would automatically alias localterraform.com as the configured hostname during configuration. This turned out to be an issue with how backends could potentially be used within the builtin terraform_remote_state data source. Those data sources each configure the same service discovery with different targets for localterraform.com, and do so simultaneously, creating an occasional concurrent map read & write panic when multiple data sources are defined.
localterraform.com is obviously not useful for every backend configuration. Therefore, I relocated the alias configuration to the callers, so they may specify when to use it. The modified design adds a new method to backend.Enhanced to allow configurators to ask which aliases should be defined.
* Implementation of structured logging.
These are the changes that enable the cloud backend to consume
structured logs and make use of the new plan renderer. This will enable
CLI-driven runs to view the structured output in the Terraform Cloud UI.
* Cloud structured logging unit tests
* Remove deferred logs logic, fix minor issues
Color formatting fixes, log type stop lists, default behavior for logs
that are unknown
* Use service disco path in redacted plan url
Go 1.19's "fmt" has some awareness of the new doc comment formatting
conventions and adjusts the presentation of the source comments to make
it clearer how godoc would interpret them. Therefore this commit includes
various updates made by "go fmt" to acheve that.
In line with our usual convention that we make stylistic/grammar/spelling
tweaks typically only when we're "in the area" changing something else
anyway, I also took this opportunity to review most of the comments that
this updated to see if there were any other opportunities to improve them.
