Update Terraform SDK to v2 #1027
Conversation
dak1n1
force-pushed
the
sdkv2
branch
2 times, most recently
from
729bc27
to
7b54990
Compare
|
This isn't actually ready for review, but I'm marking it as such so I can run acceptance tests in TC. |
|
Here are the results of acceptance tests run locally. https://gist.githubusercontent.com/dak1n1/d9a9e1c59a3ee959fc0185be3204fe5d/raw/7ae46bfdda01636f6abe1e8b94d37fd23720183d/gistfile1.txt Also, upgrade-specific tests can be run on multiple resources using this: |
|
The test is running in GKE here. https://ci-oss.hashicorp.engineering/viewLog.html?buildId=153868 Looks like I have some work to do on some data sources. |
There was a problem hiding this comment.
Thanks for this heroic effort @dak1n1, this was A LOT of work. 💪
I've looked at every file other than the vendor directory. I see that most of it is just adding Context and wrapping errors into Diagnostics.
I've made a few comments – some questions and mostly cosmetic stuff.
| return testAccKubernetesServiceConfig_basic(name) + ` | ||
| data "kubernetes_service" "test" { | ||
| return fmt.Sprintf(`resource "kubernetes_service" "test" { | ||
| metadata { |
There was a problem hiding this comment.
Nit: need to fix the formatting here to be spaces.
There was a problem hiding this comment.
Done... across 20 files even. ha
| }) | ||
| } | ||
|
|
||
| func testAccCheckKubernetesServiceForceNew(old, new *api.Service, wantNew bool) resource.TestCheckFunc { |
There was a problem hiding this comment.
If we're only checking the UID from the metadata I'd bet we could write a generic function for this using the dynamic client so we don't need to write this function for every resource. We can do that in another PR though.
* Update import paths and functions to use Terraform SDKv2. * Add support for testing multiple versions of the provider. * Add `allowed_topologies` to the storageclass resource, authored by Ilia Lazebnik in PR hashicorp#910 * Fix acceptance tests and add upgrade tests.
|
I was going to link the TC test I'm running, but I'm number 62 in the queue! Maybe it will show up here tomorrow. https://ci-oss.hashicorp.engineering/viewQueued.html?itemId=154938 |
|
@jrhouston I think this PR is ready to go. I fixed a few more tests since running TC here, so we're close to a green run. https://ci-oss.hashicorp.engineering/viewLog.html?buildId=155031& |
.terraformrc
Outdated
| @@ -0,0 +1,10 @@ | |||
| provider_installation { | |||
There was a problem hiding this comment.
Since this configuration is specific to our testing workflow, would it make sense to place in a subfolder that highlights its purpose as a test asset? Like somewhere in a testdata folder or similar?
I'm trying to avoid it being misinterpreted by users as an example of how to deploy the provider (far fetched, but I'd rather be safe).
There was a problem hiding this comment.
Good idea! I do have a directory we can use for this: kubernetes/test-infra/external-providers. I'll use that.
|
|
||
| Schema: map[string]*schema.Schema{ | ||
| "metadata": namespacedMetadataSchema("ingress", false), | ||
| "spec": { | ||
| Type: schema.TypeList, | ||
| Description: docIngress["spec"], | ||
| Computed: true, | ||
| MaxItems: 1, |
There was a problem hiding this comment.
Why was it necessary to remove these MaxItems attributes? Can there be a scenario where multiple spec entries would be present in the ingress resource?
There was a problem hiding this comment.
The new SDK version doesn't allow using MaxItems together with Computed. It throws this error:
MaxItems is for configurable attributes,there's nothing to configure on computed-only field
| Steps: []resource.TestStep{ | ||
| { | ||
| { // The first apply creates the resource. The second apply reads the resource using the data source. |
There was a problem hiding this comment.
Nice! I like this two stepped approach to datasources. Things are easier to follow like this.
I just hope we don't end up masking any potential regressions regarding the datasources' ability to evaluate correctly in a single apply. That is how the vast majority of real world users would user them.
There was a problem hiding this comment.
Thanks. Yeah, there might actually be a regression... because these used to work in one apply. But now they require two applies. But when I looked up data sources in the Terraform docs and related issues, this seems to be the expected behavior.
Most data sources will be evaluated before the resource it depends on is evaluated. The exception is when the attribute it's fetching is computed. Only then will it wait for the resource to be created before evaluating the data source.
Terraform only delays reading a data resource if its configuration includes a value that can't be determined until the apply step.
The pattern of reading something using a data resource in the same configuration where it's created does tend to lead to this sort of problem, and so we'd recommend avoiding that where possible.
hashicorp/terraform#23242 (comment)
Most times, users should reference values from the resource itself, instead of using a data source. So I'm hoping we're setting the right example by doing this in two applies.
There was a problem hiding this comment.
TBH, i wasn't aware of that nuance in the in evaluation of datasources and computed attributes. Thanks for uncovering that bit of info. It does make a lot of sense when that's the documented expected behaviour.
| @@ -80,17 +87,15 @@ func testAccKubernetesDataSourcePVCConfig_basic(name string) string { | |||
| } | |||
|
|
|||
| wait_until_bound = false | |||
| lifecycle { | |||
There was a problem hiding this comment.
Was this necessary to remove? It's purpose is to avoid producing diffs on clusters that use Calico networking which inject some annotations. Without this, the test fails on Typhoon for example.
There was a problem hiding this comment.
Yeah, I removed this to get the test to pass. Here's what I have in my notes about it:
Error: Computed attribute cannot be set
on config992760292/terraform_plugin_test.tf line 2, in resource "kubernetes_persistent_volume_claim" "test":
metadata {
# solution: remove the ignore_changes block
wait_until_bound = false
- lifecycle {
- ignore_changes = [metadata]
- }
|
I updated the TC test to include the new .terraformrc path. It looks like it's running well now. https://ci-oss.hashicorp.engineering/viewLog.html?buildId=155606& |
|
That's better: |
Don't rely on external resources for this test.
| @@ -184,6 +184,7 @@ func TestAccKubernetesPersistentVolume_googleCloud_basic(t *testing.T) { | |||
| resource.TestCheckResourceAttr("kubernetes_persistent_volume.test", "spec.0.persistent_volume_source.0.gce_persistent_disk.#", "1"), | |||
| resource.TestCheckResourceAttr("kubernetes_persistent_volume.test", "spec.0.persistent_volume_source.0.gce_persistent_disk.0.pd_name", diskName), | |||
| ), | |||
| ExpectNonEmptyPlan: true, // GCP adds label "goog-gke-volume" to the disk. | |||
There was a problem hiding this comment.
I wonder if doing this will mask a whole set of potential issues as we will be ignoring any unexpected diffs on the whole resource.
Regardless, I think this PR is already doing a lot, so it would best to continue this conversation in a different context.
There was a problem hiding this comment.
That's a good point. This kind of worries me too. It's a label placed the google disk resource (a resource owned by another provider). I could probably use something like this:
lifecycle {
ignore_changes = [labels]
}
I might give it a test in another PR.
There was a problem hiding this comment.
Again, thanks a lot for the effort of seeing this through. It's a massive chunk of work!
I've checked this branch in a few of the CI stages and it looks like it does very similarly to master in terms of flaky tests.
I think we can go ahead and merge and address the test issues individually, like usual.
|
Thanks for the thorough reviews on this beast of a PR! @alexsomesan @jrhouston 🥳 |
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks! |
ghost
locked as resolved and limited conversation to collaborators
Description
This PR updates the Terraform SDK v2, which drops support for Terraform 0.11.
This PR also includes a feature created by Ilia Lazebnik in PR #910, adding
allowed_topologiesto the storageclass resource and data source.Acceptance tests
Release Note
Release note for CHANGELOG:
References
Community Note