-
Notifications
You must be signed in to change notification settings - Fork 232
/
schema.go
2380 lines (2097 loc) · 70.1 KB
/
schema.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
// Copyright (c) HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
// schema is a high-level framework for easily writing new providers
// for Terraform. Usage of schema is recommended over attempting to write
// to the low-level plugin interfaces manually.
//
// schema breaks down provider creation into simple CRUD operations for
// resources. The logic of diffing, destroying before creating, updating
// or creating, etc. is all handled by the framework. The plugin author
// only needs to implement a configuration schema and the CRUD operations and
// everything else is meant to just work.
//
// A good starting point is to view the Provider structure.
package schema
import (
"context"
"fmt"
"log"
"os"
"reflect"
"regexp"
"sort"
"strconv"
"strings"
"github.com/hashicorp/go-cty/cty"
"github.com/hashicorp/terraform-plugin-log/tfsdklog"
"github.com/mitchellh/copystructure"
"github.com/mitchellh/mapstructure"
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
"github.com/hashicorp/terraform-plugin-sdk/v2/internal/configs/hcl2shim"
"github.com/hashicorp/terraform-plugin-sdk/v2/internal/logging"
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
)
// Schema describes the structure and type information of a value, whether
// sourced from configuration, plan, or state data. Schema is used in Provider
// and Resource types (for managed resources and data resources) and is
// fundamental to the implementations of ResourceData and ResourceDiff.
//
// The Type field must always be set. At least one of Required, Optional,
// Optional and Computed, or Computed must be enabled unless the Schema is
// directly an implementation of an Elem field of another Schema.
type Schema struct {
// Type is the type of the value and must be one of the ValueType values.
//
// This type not only determines what type is expected/valid in configuring
// this value, but also what type is returned when ResourceData.Get is
// called. The types returned by Get are:
//
// TypeBool - bool
// TypeInt - int
// TypeFloat - float64
// TypeString - string
// TypeList - []interface{}
// TypeMap - map[string]interface{}
// TypeSet - *schema.Set
//
Type ValueType
// ConfigMode allows for overriding the default behaviors for mapping
// schema entries onto configuration constructs.
//
// By default, the Elem field is used to choose whether a particular
// schema is represented in configuration as an attribute or as a nested
// block; if Elem is a *schema.Resource then it's a block and it's an
// attribute otherwise.
//
// If Elem is *schema.Resource then setting ConfigMode to
// SchemaConfigModeAttr will force it to be represented in configuration
// as an attribute, which means that the Computed flag can be used to
// provide default elements when the argument isn't set at all, while still
// allowing the user to force zero elements by explicitly assigning an
// empty list.
//
// When Computed is set without Optional, the attribute is not settable
// in configuration at all and so SchemaConfigModeAttr is the automatic
// behavior, and SchemaConfigModeBlock is not permitted.
ConfigMode SchemaConfigMode
// Required indicates whether the practitioner must enter a value in the
// configuration for this attribute. Required cannot be used with Computed
// Default, DefaultFunc, DiffSuppressFunc, DiffSuppressOnRefresh,
// InputDefault, Optional, or StateFunc. At least one of Required,
// Optional, Optional and Computed, or Computed must be enabled.
Required bool
// Optional indicates whether the practitioner can choose to not enter
// a value in the configuration for this attribute. Optional cannot be used
// with Required.
Optional bool
// Computed indicates whether the provider may return its own value for
// this attribute or not. Computed cannot be used with Required. If
// Required and Optional are both false, the attribute will be considered
// "read only" for the practitioner, with only the provider able to set
// its value.
Computed bool
// ForceNew indicates whether a change in this value requires the
// replacement (destroy and create) of the managed resource instance,
// rather than an in-place update. This field is only valid when the
// encapsulating Resource is a managed resource.
//
// If conditional replacement logic is needed, use the Resource type
// CustomizeDiff field to call the ResourceDiff type ForceNew method.
ForceNew bool
// If this is non-nil, the provided function will be used during diff
// of this field. If this is nil, a default diff for the type of the
// schema will be used.
//
// This allows comparison based on something other than primitive, list
// or map equality - for example SSH public keys may be considered
// equivalent regardless of trailing whitespace.
//
// If CustomizeDiffFunc makes this field ForceNew=true, the
// following DiffSuppressFunc will come in with the value of old being
// empty, as if creating a new resource.
//
// By default, DiffSuppressFunc is considered only when deciding whether
// a configuration value is significantly different than the prior state
// value during planning. Set DiffSuppressOnRefresh to opt in to checking
// this also during the refresh step.
DiffSuppressFunc SchemaDiffSuppressFunc
// DiffSuppressOnRefresh enables using the DiffSuppressFunc to ignore
// normalization-classified changes returned by the resource type's
// "Read" or "ReadContext" function, in addition to the default behavior of
// doing so during planning.
//
// This is a particularly good choice for attributes which take strings
// containing "microsyntaxes" where various different values are packed
// together in some serialization where there are many ways to express the
// same information. For example, attributes which accept JSON data can
// include different whitespace characters without changing meaning, and
// case-insensitive identifiers may refer to the same object using different
// characters.
//
// This is valid only for attributes of primitive types, because
// DiffSuppressFunc itself is only compatible with primitive types.
//
// The key benefit of activating this flag is that the result of Read or
// ReadContext will be cleaned of normalization-only changes in the same
// way as the planning result would normally be, which therefore prevents
// churn for downstream expressions deriving from this attribute and
// prevents incorrect "Values changed outside of Terraform" messages
// when the remote API returns values which have the same meaning as the
// prior state but in a different serialization.
//
// This is an opt-in because it was a later addition to the DiffSuppressFunc
// functionality which would cause some significant changes in behavior
// for existing providers if activated everywhere all at once.
DiffSuppressOnRefresh bool
// Default indicates a value to set if this attribute is not set in the
// configuration. Default cannot be used with DefaultFunc or Required.
// Default is only supported if the Type is TypeBool, TypeFloat, TypeInt,
// or TypeString. Default cannot be used if the Schema is directly an
// implementation of an Elem field of another Schema, such as trying to
// set a default value for a TypeList or TypeSet.
//
// Changing either Default can be a breaking change, especially if the
// attribute has ForceNew enabled. If a default needs to change to align
// with changing assumptions in an upstream API, then it may be necessary
// to also implement resource state upgrade functionality to change the
// state to match or update read operation logic to align with the new
// default.
Default interface{}
// DefaultFunc can be specified to compute a dynamic default when this
// attribute is not set in the configuration. DefaultFunc cannot be used
// with Default. For legacy reasons, DefaultFunc can be used with Required
// attributes in a Provider schema, which will prompt practitioners for
// input if the result of this function is nil.
//
// The return value should be stable to avoid generating confusing
// plan differences. Changing the return value can be a breaking change,
// especially if ForceNew is enabled. If a default needs to change to align
// with changing assumptions in an upstream API, then it may be necessary
// to also implement resource state upgrade functionality to change the
// state to match or update read operation logic to align with the new
// default.
DefaultFunc SchemaDefaultFunc
// Description is used as the description for docs, the language server and
// other user facing usage. It can be plain-text or markdown depending on the
// global DescriptionKind setting.
Description string
// InputDefault is the default value to use for when inputs are requested.
// This differs from Default in that if Default is set, no input is
// asked for. If Input is asked, this will be the default value offered.
InputDefault string
// StateFunc is a function called to change the value of this before
// storing it in the state (and likewise before comparing for diffs).
// The use for this is for example with large strings, you may want
// to simply store the hash of it.
StateFunc SchemaStateFunc
// Elem represents the element type for a TypeList, TypeSet, or TypeMap
// attribute or block. The only valid types are *Schema and *Resource.
// Only TypeList and TypeSet support *Resource.
//
// If the Elem is a *Schema, the surrounding Schema represents a single
// attribute with a single element type for underlying elements. In
// practitioner configurations, an equals sign (=) is required to set
// the value. Refer to the following documentation:
//
// https://www.terraform.io/docs/language/syntax/configuration.html
//
// The underlying *Schema is only required to implement Type. ValidateFunc
// or ValidateDiagFunc can be used to validate each element value.
//
// If the Elem is a *Resource, the surrounding Schema represents a
// configuration block. Blocks can contain underlying attributes or blocks.
// In practitioner configurations, an equals sign (=) cannot be used to
// set the value. Blocks are instead repeated as necessary, or require
// the use of dynamic block expressions. Refer to the following
// documentation:
//
// https://www.terraform.io/docs/language/syntax/configuration.html
// https://www.terraform.io/docs/language/expressions/dynamic-blocks.html
//
// The underlying *Resource must only implement the Schema field.
Elem interface{}
// MaxItems defines a maximum amount of items that can exist within a
// TypeSet or TypeList.
MaxItems int
// MinItems defines a minimum amount of items that can exist within a
// TypeSet or TypeList.
//
// If the field Optional is set to true then MinItems is ignored and thus
// effectively zero.
MinItems int
// Set defines custom hash algorithm for each TypeSet element. If not
// defined, the SDK implements a default hash algorithm based on the
// underlying structure and type information of the Elem field.
Set SchemaSetFunc
// ComputedWhen is a set of queries on the configuration. Whenever any
// of these things is changed, it will require a recompute (this requires
// that Computed is set to true).
//
// Deprecated: This functionality is not implemented and this field
// declaration should be removed.
ComputedWhen []string
// ConflictsWith is a set of attribute paths, including this attribute,
// whose configurations cannot be set simultaneously. This implements the
// validation logic declaratively within the schema and can trigger earlier
// in Terraform operations, rather than using create or update logic which
// only triggers during apply.
//
// Only absolute attribute paths, ones starting with top level attribute
// names, are supported. Attribute paths cannot be accurately declared
// for TypeList (if MaxItems is greater than 1), TypeMap, or TypeSet
// attributes. To reference an attribute under a single configuration block
// (TypeList with Elem of *Resource and MaxItems of 1), the syntax is
// "parent_block_name.0.child_attribute_name".
ConflictsWith []string
// ExactlyOneOf is a set of attribute paths, including this attribute,
// where only one attribute out of all specified can be configured. It will
// return a validation error if none are specified as well. This implements
// the validation logic declaratively within the schema and can trigger
// earlier in Terraform operations, rather than using create or update
// logic which only triggers during apply.
//
// Only absolute attribute paths, ones starting with top level attribute
// names, are supported. Attribute paths cannot be accurately declared
// for TypeList (if MaxItems is greater than 1), TypeMap, or TypeSet
// attributes. To reference an attribute under a single configuration block
// (TypeList with Elem of *Resource and MaxItems of 1), the syntax is
// "parent_block_name.0.child_attribute_name".
ExactlyOneOf []string
// AtLeastOneOf is a set of attribute paths, including this attribute,
// in which at least one of the attributes must be configured. This
// implements the validation logic declaratively within the schema and can
// trigger earlier in Terraform operations, rather than using create or
// update logic which only triggers during apply.
//
// Only absolute attribute paths, ones starting with top level attribute
// names, are supported. Attribute paths cannot be accurately declared
// for TypeList (if MaxItems is greater than 1), TypeMap, or TypeSet
// attributes. To reference an attribute under a single configuration block
// (TypeList with Elem of *Resource and MaxItems of 1), the syntax is
// "parent_block_name.0.child_attribute_name".
AtLeastOneOf []string
// RequiredWith is a set of attribute paths, including this attribute,
// that must be set simultaneously. This implements the validation logic
// declaratively within the schema and can trigger earlier in Terraform
// operations, rather than using create or update logic which only triggers
// during apply.
//
// Only absolute attribute paths, ones starting with top level attribute
// names, are supported. Attribute paths cannot be accurately declared
// for TypeList (if MaxItems is greater than 1), TypeMap, or TypeSet
// attributes. To reference an attribute under a single configuration block
// (TypeList with Elem of *Resource and MaxItems of 1), the syntax is
// "parent_block_name.0.child_attribute_name".
RequiredWith []string
// Deprecated defines warning diagnostic details to display when
// practitioner configurations use this attribute or block. The warning
// diagnostic summary is automatically set to "Argument is deprecated"
// along with configuration source file and line information.
//
// Set this field to a practitioner actionable message such as:
//
// - "Configure other_attribute instead. This attribute will be removed
// in the next major version of the provider."
// - "Remove this attribute's configuration as it no longer is used and
// the attribute will be removed in the next major version of the
// provider."
//
// In Terraform 1.2.7 and later, this warning diagnostic is displayed any
// time a practitioner attempts to configure a known value for this
// attribute and certain scenarios where this attribute is referenced.
//
// In Terraform 1.2.6 and earlier, this warning diagnostic is only
// displayed when the attribute is Required or Optional, and if the
// practitioner configuration attempts to set the attribute value to a
// known value. It cannot detect practitioner configuration values that
// are unknown ("known after apply").
//
// Additional information about deprecation enhancements for read-only
// attributes can be found in:
//
// - https://github.com/hashicorp/terraform/issues/7569
Deprecated string
// ValidateFunc allows individual fields to define arbitrary validation
// logic. It is yielded the provided config value as an interface{} that is
// guaranteed to be of the proper Schema type, and it can yield warnings or
// errors based on inspection of that value.
//
// ValidateFunc is honored only when the schema's Type is set to TypeInt,
// TypeFloat, TypeString, TypeBool, or TypeMap. It is ignored for all other types.
ValidateFunc SchemaValidateFunc
// ValidateDiagFunc allows individual fields to define arbitrary validation
// logic. It is yielded the provided config value as an interface{} that is
// guaranteed to be of the proper Schema type, and it can yield diagnostics
// based on inspection of that value.
//
// ValidateDiagFunc is honored only when the schema's Type is set to TypeInt,
// TypeFloat, TypeString, TypeBool, or TypeMap. It is ignored for all other types.
//
// ValidateDiagFunc is also yielded the cty.Path the SDK has built up to this
// attribute. The SDK will automatically set the AttributePath of any returned
// Diagnostics to this path. Therefore the developer does not need to set
// the AttributePath for primitive types.
//
// In the case of TypeMap to provide the most precise information, please
// set an AttributePath with the additional cty.IndexStep:
//
// AttributePath: cty.IndexStringPath("key_name")
//
// Or alternatively use the passed in path to create the absolute path:
//
// AttributePath: append(path, cty.IndexStep{Key: cty.StringVal("key_name")})
ValidateDiagFunc SchemaValidateDiagFunc
// Sensitive ensures that the attribute's value does not get displayed in
// the Terraform user interface output. It should be used for password or
// other values which should be hidden.
//
// Terraform does not support conditional sensitivity, so if the value may
// only be sensitive in certain scenarios, a pragmatic choice will be
// necessary upfront of whether or not to always hide the value. Some
// providers may opt to split up resources based on sensitivity, to ensure
// that practitioners without sensitive values do not have values
// unnecessarily hidden.
//
// Terraform does not support passing sensitivity from configurations to
// providers. For example, if a sensitive value is configured via another
// attribute, this attribute is not marked Sensitive, and the value is used
// in this attribute value, the sensitivity is not transitive. The value
// will be displayed as normal.
//
// Sensitive values propagate when referenced in other parts of a
// configuration unless the nonsensitive() configuration function is used.
// Certain configuration usage may also expand the sensitivity. For
// example, including the sensitive value in a set may mark the whole set
// as sensitive. Any outputs containing a sensitive value must enable the
// output sensitive argument.
Sensitive bool
}
// SchemaConfigMode is used to influence how a schema item is mapped into a
// corresponding configuration construct, using the ConfigMode field of
// Schema.
type SchemaConfigMode int
const (
SchemaConfigModeAuto SchemaConfigMode = iota
SchemaConfigModeAttr
SchemaConfigModeBlock
)
// SchemaDiffSuppressFunc is a function which can be used to determine
// whether a detected diff on a schema element is "valid" or not, and
// suppress it from the plan if necessary.
//
// Return true if the diff should be suppressed, false to retain it.
type SchemaDiffSuppressFunc func(k, oldValue, newValue string, d *ResourceData) bool
// SchemaDefaultFunc is a function called to return a default value for
// a field.
type SchemaDefaultFunc func() (interface{}, error)
// EnvDefaultFunc is a helper function that returns the value of the
// given environment variable, if one exists, or the default value
// otherwise.
func EnvDefaultFunc(k string, dv interface{}) SchemaDefaultFunc {
return func() (interface{}, error) {
if v := os.Getenv(k); v != "" {
return v, nil
}
return dv, nil
}
}
// MultiEnvDefaultFunc is a helper function that returns the value of the first
// environment variable in the given list that returns a non-empty value. If
// none of the environment variables return a value, the default value is
// returned.
func MultiEnvDefaultFunc(ks []string, dv interface{}) SchemaDefaultFunc {
return func() (interface{}, error) {
for _, k := range ks {
if v := os.Getenv(k); v != "" {
return v, nil
}
}
return dv, nil
}
}
// SchemaSetFunc is a function that must return a unique ID for the given
// element. This unique ID is used to store the element in a hash.
type SchemaSetFunc func(interface{}) int
// SchemaStateFunc is a function used to convert some type to a string
// to be stored in the state.
type SchemaStateFunc func(interface{}) string
// SchemaValidateFunc is a function used to validate a single field in the
// schema.
//
// Deprecated: please use SchemaValidateDiagFunc
type SchemaValidateFunc func(interface{}, string) ([]string, []error)
// SchemaValidateDiagFunc is a function used to validate a single field in the
// schema and has Diagnostic support.
type SchemaValidateDiagFunc func(interface{}, cty.Path) diag.Diagnostics
func (s *Schema) GoString() string {
return fmt.Sprintf("*%#v", *s)
}
// Returns a default value for this schema by either reading Default or
// evaluating DefaultFunc. If neither of these are defined, returns nil.
func (s *Schema) DefaultValue() (interface{}, error) {
if s.Default != nil {
return s.Default, nil
}
if s.DefaultFunc != nil {
defaultValue, err := s.DefaultFunc()
if err != nil {
return nil, fmt.Errorf("error loading default: %s", err)
}
return defaultValue, nil
}
return nil, nil
}
// Returns a zero value for the schema.
func (s *Schema) ZeroValue() interface{} {
// If it's a set then we'll do a bit of extra work to provide the
// right hashing function in our empty value.
if s.Type == TypeSet {
setFunc := s.Set
if setFunc == nil {
// Default set function uses the schema to hash the whole value
elem := s.Elem
switch t := elem.(type) {
case *Schema:
setFunc = HashSchema(t)
case *Resource:
setFunc = HashResource(t)
default:
panic("invalid set element type")
}
}
return &Set{F: setFunc}
} else {
return s.Type.Zero()
}
}
func (s *Schema) finalizeDiff(d *terraform.ResourceAttrDiff, customized bool) *terraform.ResourceAttrDiff {
if d == nil {
return d
}
if s.Type == TypeBool {
normalizeBoolString := func(s string) string {
switch s {
case "0":
return "false"
case "1":
return "true"
}
return s
}
d.Old = normalizeBoolString(d.Old)
d.New = normalizeBoolString(d.New)
}
if s.Computed && !d.NewRemoved && d.New == "" {
// Computed attribute without a new value set
d.NewComputed = true
}
if s.ForceNew {
// ForceNew, mark that this field is requiring new under the
// following conditions, explained below:
//
// * Old != New - There is a change in value. This field
// is therefore causing a new resource.
//
// * NewComputed - This field is being computed, hence a
// potential change in value, mark as causing a new resource.
d.RequiresNew = d.Old != d.New || d.NewComputed
}
if d.NewRemoved {
return d
}
if s.Computed {
// FIXME: This is where the customized bool from getChange finally
// comes into play. It allows the previously incorrect behavior
// of an empty string being used as "unset" when the value is
// computed. This should be removed once we can properly
// represent an unset/nil value from the configuration.
if !customized {
if d.Old != "" && d.New == "" {
// This is a computed value with an old value set already,
// just let it go.
log.Println("[DEBUG] A computed value with the empty string as the new value and a non-empty old value was found. Interpreting the empty string as \"unset\" to align with legacy behavior.")
return nil
}
}
if d.New == "" && !d.NewComputed {
// Computed attribute without a new value set
d.NewComputed = true
}
}
if s.Sensitive {
// Set the Sensitive flag so output is hidden in the UI
d.Sensitive = true
}
return d
}
func (s *Schema) validateFunc(decoded interface{}, k string, path cty.Path) diag.Diagnostics {
var diags diag.Diagnostics
if s.ValidateDiagFunc != nil {
diags = s.ValidateDiagFunc(decoded, path)
for i := range diags {
if !diags[i].AttributePath.HasPrefix(path) {
diags[i].AttributePath = append(path, diags[i].AttributePath...)
}
}
} else if s.ValidateFunc != nil {
ws, es := s.ValidateFunc(decoded, k)
for _, w := range ws {
diags = append(diags, diag.Diagnostic{
Severity: diag.Warning,
Summary: w,
AttributePath: path,
})
}
for _, e := range es {
diags = append(diags, diag.Diagnostic{
Severity: diag.Error,
Summary: e.Error(),
AttributePath: path,
})
}
}
return diags
}
// InternalMap is used to aid in the transition to the new schema types and
// protocol. The name is not meant to convey any usefulness, as this is not to
// be used directly by any providers.
type InternalMap = schemaMap
// schemaMap is a wrapper that adds nice functions on top of schemas.
type schemaMap map[string]*Schema
func (m schemaMap) panicOnError() bool {
return os.Getenv("TF_ACC") != ""
}
// Data returns a ResourceData for the given schema, state, and diff.
//
// The diff is optional.
func (m schemaMap) Data(
s *terraform.InstanceState,
d *terraform.InstanceDiff) (*ResourceData, error) {
return &ResourceData{
schema: m,
state: s,
diff: d,
panicOnError: m.panicOnError(),
}, nil
}
// DeepCopy returns a copy of this schemaMap. The copy can be safely modified
// without affecting the original.
func (m *schemaMap) DeepCopy() schemaMap {
copiedMap, err := copystructure.Config{Lock: true}.Copy(m)
if err != nil {
panic(err)
}
return *copiedMap.(*schemaMap)
}
// Diff returns the diff for a resource given the schema map,
// state, and configuration.
func (m schemaMap) Diff(
ctx context.Context,
s *terraform.InstanceState,
c *terraform.ResourceConfig,
customizeDiff CustomizeDiffFunc,
meta interface{},
handleRequiresNew bool) (*terraform.InstanceDiff, error) {
result := new(terraform.InstanceDiff)
result.Attributes = make(map[string]*terraform.ResourceAttrDiff)
// Make sure to mark if the resource is tainted
if s != nil {
result.DestroyTainted = s.Tainted
result.RawConfig = s.RawConfig
result.RawState = s.RawState
result.RawPlan = s.RawPlan
}
d := &ResourceData{
schema: m,
state: s,
config: c,
panicOnError: m.panicOnError(),
}
for k, schema := range m {
err := m.diff(ctx, k, schema, result, d, false)
if err != nil {
return nil, err
}
}
// Remove any nil diffs just to keep things clean
for k, v := range result.Attributes {
if v == nil {
delete(result.Attributes, k)
}
}
// If this is a non-destroy diff, call any custom diff logic that has been
// defined.
if !result.DestroyTainted && customizeDiff != nil {
mc := m.DeepCopy()
rd := newResourceDiff(mc, c, s, result)
logging.HelperSchemaTrace(ctx, "Calling downstream")
err := customizeDiff(ctx, rd, meta)
logging.HelperSchemaTrace(ctx, "Called downstream")
if err != nil {
return nil, err
}
for _, k := range rd.UpdatedKeys() {
err := m.diff(ctx, k, mc[k], result, rd, false)
if err != nil {
return nil, err
}
}
}
if handleRequiresNew {
// If the diff requires a new resource, then we recompute the diff
// so we have the complete new resource diff, and preserve the
// RequiresNew fields where necessary so the user knows exactly what
// caused that.
if result.RequiresNew() {
// Create the new diff
result2 := new(terraform.InstanceDiff)
result2.Attributes = make(map[string]*terraform.ResourceAttrDiff)
// Preserve the DestroyTainted flag
result2.DestroyTainted = result.DestroyTainted
result2.RawConfig = result.RawConfig
result2.RawPlan = result.RawPlan
result2.RawState = result.RawState
// Reset the data to not contain state. We have to call init()
// again in order to reset the FieldReaders.
d.state = nil
d.init()
// Perform the diff again
for k, schema := range m {
err := m.diff(ctx, k, schema, result2, d, false)
if err != nil {
return nil, err
}
}
// Re-run customization
if !result2.DestroyTainted && customizeDiff != nil {
mc := m.DeepCopy()
rd := newResourceDiff(mc, c, d.state, result2)
if err := customizeDiff(ctx, rd, meta); err != nil {
return nil, err
}
for _, k := range rd.UpdatedKeys() {
err := m.diff(ctx, k, mc[k], result2, rd, false)
if err != nil {
return nil, err
}
}
}
// Force all the fields to not force a new since we know what we
// want to force new.
for k, attr := range result2.Attributes {
if attr == nil {
continue
}
if attr.RequiresNew {
attr.RequiresNew = false
}
if s != nil {
attr.Old = s.Attributes[k]
}
}
// Now copy in all the requires new diffs...
for k, attr := range result.Attributes {
if attr == nil {
continue
}
newAttr, ok := result2.Attributes[k]
if !ok {
newAttr = attr
}
if attr.RequiresNew {
newAttr.RequiresNew = true
}
result2.Attributes[k] = newAttr
}
// And set the diff!
result = result2
}
}
// Go through and detect all of the ComputedWhens now that we've
// finished the diff.
// TODO
if result.Empty() {
// If we don't have any diff elements, just return nil
return nil, nil
}
return result, nil
}
// Validate validates the configuration against this schema mapping.
func (m schemaMap) Validate(c *terraform.ResourceConfig) diag.Diagnostics {
return m.validateObject("", m, c, cty.Path{})
}
// InternalValidate validates the format of this schema. This should be called
// from a unit test (and not in user-path code) to verify that a schema
// is properly built.
func (m schemaMap) InternalValidate(topSchemaMap schemaMap) error {
return m.internalValidate(topSchemaMap, false)
}
func (m schemaMap) internalValidate(topSchemaMap schemaMap, attrsOnly bool) error {
if topSchemaMap == nil {
topSchemaMap = m
}
for k, v := range m {
if v.Type == TypeInvalid {
return fmt.Errorf("%s: Type must be specified", k)
}
if v.Optional && v.Required {
return fmt.Errorf("%s: Optional or Required must be set, not both", k)
}
if v.Required && v.Computed {
return fmt.Errorf("%s: Cannot be both Required and Computed", k)
}
if !v.Required && !v.Optional && !v.Computed {
return fmt.Errorf("%s: One of optional, required, or computed must be set", k)
}
computedOnly := v.Computed && !v.Optional
switch v.ConfigMode {
case SchemaConfigModeBlock:
if _, ok := v.Elem.(*Resource); !ok {
return fmt.Errorf("%s: ConfigMode of block is allowed only when Elem is *schema.Resource", k)
}
if attrsOnly {
return fmt.Errorf("%s: ConfigMode of block cannot be used in child of schema with ConfigMode of attribute", k)
}
if computedOnly {
return fmt.Errorf("%s: ConfigMode of block cannot be used for computed schema", k)
}
case SchemaConfigModeAttr:
// anything goes
case SchemaConfigModeAuto:
// Since "Auto" for Elem: *Resource would create a nested block,
// and that's impossible inside an attribute, we require it to be
// explicitly overridden as mode "Attr" for clarity.
if _, ok := v.Elem.(*Resource); ok {
if attrsOnly {
return fmt.Errorf("%s: in *schema.Resource with ConfigMode of attribute, so must also have ConfigMode of attribute", k)
}
}
default:
return fmt.Errorf("%s: invalid ConfigMode value", k)
}
if v.Computed && v.Default != nil {
return fmt.Errorf("%s: Default must be nil if computed", k)
}
if v.Required && v.Default != nil {
return fmt.Errorf("%s: Default cannot be set with Required", k)
}
if len(v.ComputedWhen) > 0 && !v.Computed {
return fmt.Errorf("%s: ComputedWhen can only be set with Computed", k)
}
if len(v.ConflictsWith) > 0 && v.Required {
return fmt.Errorf("%s: ConflictsWith cannot be set with Required", k)
}
if len(v.ExactlyOneOf) > 0 && v.Required {
return fmt.Errorf("%s: ExactlyOneOf cannot be set with Required", k)
}
if len(v.AtLeastOneOf) > 0 && v.Required {
return fmt.Errorf("%s: AtLeastOneOf cannot be set with Required", k)
}
if len(v.ConflictsWith) > 0 {
err := checkKeysAgainstSchemaFlags(k, v.ConflictsWith, topSchemaMap, v, false)
if err != nil {
return fmt.Errorf("ConflictsWith: %+v", err)
}
}
if len(v.RequiredWith) > 0 {
err := checkKeysAgainstSchemaFlags(k, v.RequiredWith, topSchemaMap, v, true)
if err != nil {
return fmt.Errorf("RequiredWith: %+v", err)
}
}
if len(v.ExactlyOneOf) > 0 {
err := checkKeysAgainstSchemaFlags(k, v.ExactlyOneOf, topSchemaMap, v, true)
if err != nil {
return fmt.Errorf("ExactlyOneOf: %+v", err)
}
}
if len(v.AtLeastOneOf) > 0 {
err := checkKeysAgainstSchemaFlags(k, v.AtLeastOneOf, topSchemaMap, v, true)
if err != nil {
return fmt.Errorf("AtLeastOneOf: %+v", err)
}
}
if v.DiffSuppressOnRefresh && v.DiffSuppressFunc == nil {
return fmt.Errorf("%s: cannot set DiffSuppressOnRefresh without DiffSuppressFunc", k)
}
if v.Type == TypeList || v.Type == TypeSet {
if v.Elem == nil {
return fmt.Errorf("%s: Elem must be set for lists", k)
}
if v.Default != nil {
return fmt.Errorf("%s: Default is not valid for lists or sets", k)
}
if v.Type != TypeSet && v.Set != nil {
return fmt.Errorf("%s: Set can only be set for TypeSet", k)
}
switch t := v.Elem.(type) {
case *Resource:
attrsOnly := attrsOnly || v.ConfigMode == SchemaConfigModeAttr
if err := schemaMap(t.SchemaMap()).internalValidate(topSchemaMap, attrsOnly); err != nil {
return err
}
case *Schema:
bad := t.Computed || t.Optional || t.Required
if bad {
return fmt.Errorf(
"%s: Elem must have only Type set", k)
}
}
} else {
if v.MaxItems > 0 || v.MinItems > 0 {
return fmt.Errorf("%s: MaxItems and MinItems are only supported on lists or sets", k)
}
}
if v.Type == TypeMap && v.Elem != nil {
switch v.Elem.(type) {
case *Resource:
return fmt.Errorf("%s: TypeMap with Elem *Resource not supported,"+
"use TypeList/TypeSet with Elem *Resource or TypeMap with Elem *Schema", k)
}
}
if computedOnly {
if len(v.AtLeastOneOf) > 0 {
return fmt.Errorf("%s: AtLeastOneOf is for configurable attributes,"+
"there's nothing to configure on computed-only field", k)
}
if len(v.ConflictsWith) > 0 {
return fmt.Errorf("%s: ConflictsWith is for configurable attributes,"+
"there's nothing to configure on computed-only field", k)
}
if v.Default != nil {
return fmt.Errorf("%s: Default is for configurable attributes,"+
"there's nothing to configure on computed-only field", k)
}
if v.DefaultFunc != nil {
return fmt.Errorf("%s: DefaultFunc is for configurable attributes,"+
"there's nothing to configure on computed-only field", k)
}
if v.DiffSuppressFunc != nil {
return fmt.Errorf("%s: DiffSuppressFunc is for suppressing differences"+
" between config and state representation. "+
"There is no config for computed-only field, nothing to compare.", k)
}
if len(v.ExactlyOneOf) > 0 {
return fmt.Errorf("%s: ExactlyOneOf is for configurable attributes,"+
"there's nothing to configure on computed-only field", k)
}
if v.InputDefault != "" {
return fmt.Errorf("%s: InputDefault is for configurable attributes,"+
"there's nothing to configure on computed-only field", k)
}
if v.MaxItems > 0 {
return fmt.Errorf("%s: MaxItems is for configurable attributes,"+
"there's nothing to configure on computed-only field", k)
}
if v.MinItems > 0 {