diff --git a/examples/examples_go_test.go b/examples/examples_go_test.go index b274957e692..afc62348bfe 100644 --- a/examples/examples_go_test.go +++ b/examples/examples_go_test.go @@ -202,6 +202,13 @@ func (st tagsState) expectedTags() map[string]string { return r } +func normTags(tags map[string]string) map[string]string { + if tags == nil { + return map[string]string{} + } + return tags +} + type tagsFetcher = func() (map[string]string, error) func (st tagsState) assertTagsEqualWithRetry( @@ -214,7 +221,7 @@ func (st tagsState) assertTagsEqualWithRetry( for attempt := 0; attempt < 10; attempt++ { var err error = nil actualTags, err = getActualTags() - if err == nil && assert.ObjectsAreEqual(expectTags, actualTags) { + if err == nil && assert.ObjectsAreEqual(normTags(expectTags), normTags(actualTags)) { break } if err != nil { @@ -226,7 +233,7 @@ func (st tagsState) assertTagsEqualWithRetry( time.Sleep(5 * time.Second) t.Logf("Trying to fetch tags again, attempt %d", attempt+1) } - require.Equalf(t, expectTags, actualTags, msg) + require.Equalf(t, normTags(expectTags), normTags(actualTags), msg) } func (st tagsState) validateStateResult(phase int) func( @@ -247,7 +254,7 @@ func (st tagsState) validateStateResult(phase int) func( require.NoError(t, err) t.Logf("phase: %d", phase) t.Logf("state: %v", st.serialize(t)) - require.Equalf(t, st.expectedTags(), actualTags, "key=%s", k) + require.Equalf(t, normTags(st.expectedTags()), normTags(actualTags), "key=%s", k) t.Logf("key=%s tags are as expected: %v", k, actualTagsJSON) if k == "bucket" { diff --git a/examples/examples_yaml_test.go b/examples/examples_yaml_test.go index ef26df1781e..f7cc0d79437 100644 --- a/examples/examples_yaml_test.go +++ b/examples/examples_yaml_test.go @@ -380,9 +380,9 @@ outputs: // The first test ensures we don't regress on https://github.com/pulumi/pulumi-aws/issues/2682 // // The second test is when upgrading from pulumi-aws version <5.0.0 to v6.x.x, and -// prevents regressions on https://github.com/pulumi/pulumi-aws/issues/2823. +// prevents regressions on https://github.com/pulumi/pulumi-aws/issues/2823 // -// Updated in https://github.com/pulumi/pulumi-aws/pull/3881 to accept CHANGES_SOME so long as they are not +// Updated in https://github.com/pulumi/pulumi-aws/pull/3881 // replacements. func TestMigrateRdsInstance(t *testing.T) { case1 := `[{ @@ -533,143 +533,7 @@ func TestMigrateRdsInstance(t *testing.T) { "__meta": "{\"e2bfb730-ecaa-11e6-8f88-34363bc7c4c0\":{\"create\":2400000000000,\"delete\":3600000000000,\"update\":4800000000000},\"schema_version\":\"1\"}", "address": "rds2f5ed54.c1xxca33i6kr.us-east-2.rds.amazonaws.com", "allocatedStorage": 16, - "arn": "arn:aws:rds:us-east-2:616138583583:db:rds2f5ed54", - "autoMinorVersionUpgrade": true, - "availabilityZone": "us-east-2c", - "backupRetentionPeriod": 0, - "backupWindow": "07:34-08:04", - "caCertIdentifier": "rds-ca-2019", - "copyTagsToSnapshot": false, - "dbSubnetGroupName": "default", - "deleteAutomatedBackups": true, - "deletionProtection": false, - "domain": "", - "domainIamRoleName": "", - "enabledCloudwatchLogsExports": [], - "endpoint": "rds2f5ed54.c1xxca33i6kr.us-east-2.rds.amazonaws.com:3306", - "engine": "mysql", - "engineVersion": "8.0.33", - "hostedZoneId": "Z2XHWR1WZ565X2", - "iamDatabaseAuthenticationEnabled": false, - "id": "rds2f5ed54", - "identifier": "rds2f5ed54", - "instanceClass": "db.t3.micro", - "iops": 0, - "kmsKeyId": "", - "latestRestorableTime": "0001-01-01T00:00:00Z", - "licenseModel": "general-public-license", - "maintenanceWindow": "sun:03:59-sun:04:29", - "maxAllocatedStorage": 0, - "monitoringInterval": 0, - "monitoringRoleArn": "", - "multiAz": false, - "name": "name", - "optionGroupName": "default:mysql-8-0", - "parameterGroupName": "default.mysql8.0", - "password": "FOO-BAR-FIZZ1!2", - "performanceInsightsEnabled": false, - "performanceInsightsKmsKeyId": "", - "performanceInsightsRetentionPeriod": 0, - "port": 3306, - "publiclyAccessible": false, - "replicas": [], - "replicateSourceDb": "", - "resourceId": "db-N57SF65OZ5KO3TPK73R7DQMLZA", - "securityGroupNames": [], - "skipFinalSnapshot": true, - "status": "available", - "storageEncrypted": false, - "storageType": "gp2", - "tags": { - "some": "change" - }, - "timezone": "", - "username": "root", - "vpcSecurityGroupIds": [ - "sg-1928d262" - ] - }, - "news": { - "__defaults": [ - "applyImmediately", - "autoMinorVersionUpgrade", - "copyTagsToSnapshot", - "deleteAutomatedBackups", - "identifier", - "monitoringInterval", - "performanceInsightsEnabled", - "publiclyAccessible" - ], - "allocatedStorage": 16, "applyImmediately": false, - "autoMinorVersionUpgrade": true, - "copyTagsToSnapshot": false, - "dbName": "name", - "deleteAutomatedBackups": true, - "engine": "mysql", - "identifier": "rds2f5ed54", - "instanceClass": "db.t3.micro", - "monitoringInterval": 0, - "password": "FOO-BAR-FIZZ1!2", - "performanceInsightsEnabled": false, - "publiclyAccessible": false, - "skipFinalSnapshot": true, - "tags": { - "__defaults": [], - "some": "change" - }, - "username": "root" - }, - "oldInputs": { - "__defaults": [ - "applyImmediately", - "autoMinorVersionUpgrade", - "copyTagsToSnapshot", - "deleteAutomatedBackups", - "identifier", - "monitoringInterval", - "performanceInsightsEnabled", - "publiclyAccessible" - ], - "allocatedStorage": 16, - "applyImmediately": false, - "autoMinorVersionUpgrade": true, - "copyTagsToSnapshot": false, - "deleteAutomatedBackups": true, - "engine": "mysql", - "identifier": "rds2f5ed54", - "instanceClass": "db.t3.micro", - "monitoringInterval": 0, - "name": "name", - "password": "FOO-BAR-FIZZ1!2", - "performanceInsightsEnabled": false, - "publiclyAccessible": false, - "skipFinalSnapshot": true, - "tags": { - "__defaults": [], - "some": "change" - }, - "username": "root" - } - }, - "response": { - "stables": "*", - "changes": "*", - "hasDetailedDiff": true - } - } - ]` - - // Like case2 but permits detailedDiff. - case2a := `[{ - "method": "/pulumirpc.ResourceProvider/Diff", - "request": { - "id": "rds2f5ed54", - "urn": "urn:pulumi:exp2::secret-random-yaml::aws:rds/instance:Instance::rds", - "olds": { - "__meta": "{\"e2bfb730-ecaa-11e6-8f88-34363bc7c4c0\":{\"create\":2400000000000,\"delete\":3600000000000,\"update\":4800000000000},\"schema_version\":\"1\"}", - "address": "rds2f5ed54.c1xxca33i6kr.us-east-2.rds.amazonaws.com", - "allocatedStorage": 16, "arn": "arn:aws:rds:us-east-2:616138583583:db:rds2f5ed54", "autoMinorVersionUpgrade": true, "availabilityZone": "us-east-2c", @@ -790,20 +654,15 @@ func TestMigrateRdsInstance(t *testing.T) { } }, "response": { - "diffs": "*", "stables": "*", "changes": "*", - "hasDetailedDiff": true, - "detailedDiff": "*" + "hasDetailedDiff": true } } ]` t.Run("case1", func(t *testing.T) { replay(t, case1) }) t.Run("case2", func(t *testing.T) { replay(t, case2) }) - t.Setenv("PULUMI_ENABLE_PLAN_RESOURCE_CHANGE", "true") - t.Run("case1-plan-resource-change", func(t *testing.T) { replay(t, case1) }) - t.Run("case2-plan-resource-change", func(t *testing.T) { replay(t, case2a) }) } func TestRegressUnknownTags(t *testing.T) { @@ -1042,4 +901,4 @@ func TestSourceCodeHashImportedLambdaChecksCleanly(t *testing.T) { "name": "aws" } }]`) -} \ No newline at end of file +} diff --git a/patches/0066-Legacy-bucket-Read-now-sets-acl-and-force_destroy-de.patch b/patches/0066-Legacy-bucket-Read-now-sets-acl-and-force_destroy-de.patch new file mode 100644 index 00000000000..d71234cdd98 --- /dev/null +++ b/patches/0066-Legacy-bucket-Read-now-sets-acl-and-force_destroy-de.patch @@ -0,0 +1,58 @@ +From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 +From: Anton Tayanovskyy +Date: Thu, 29 Aug 2024 13:17:47 -0400 +Subject: [PATCH] Legacy bucket Read now sets acl and force_destroy defaults + + +diff --git a/internal/service/s3legacy/bucket_legacy.go b/internal/service/s3legacy/bucket_legacy.go +index d5c03b22fb..8c26fee574 100644 +--- a/internal/service/s3legacy/bucket_legacy.go ++++ b/internal/service/s3legacy/bucket_legacy.go +@@ -35,6 +35,10 @@ import ( + "github.com/hashicorp/terraform-provider-aws/internal/verify" + ) + ++const ( ++ bucketACLDefaultValue = "private" ++) ++ + func ResourceBucketLegacy() *schema.Resource { + return &schema.Resource{ + CreateWithoutTimeout: resourceBucketLegacyCreate, +@@ -80,7 +84,7 @@ func ResourceBucketLegacy() *schema.Resource { + + "acl": { + Type: schema.TypeString, +- Default: "private", ++ Default: bucketACLDefaultValue, + Optional: true, + ConflictsWith: []string{"grant"}, + ValidateFunc: validation.StringInSlice(BucketCannedACL_Values(), false), +@@ -943,7 +947,7 @@ func resourceBucketLegacyRead(ctx context.Context, d *schema.ResourceData, meta + } + + //Read the Grant ACL. Reset if `acl` (canned ACL) is set. +- if acl, ok := d.GetOk("acl"); ok && acl.(string) != "private" { ++ if acl, ok := d.GetOk("acl"); ok && acl.(string) != bucketACLDefaultValue { + if err := d.Set("grant", nil); err != nil { + return diag.Errorf("error resetting grant %s", err) + } +@@ -1403,6 +1407,18 @@ func resourceBucketLegacyRead(ctx context.Context, d *schema.ResourceData, meta + }.String() + d.Set("arn", arn) + ++ // Set ACL default if unset, this fixes resource import option operation under Pulumi. ++ _, gotGrant := d.GetOk("grant") ++ _, gotACL := d.GetOk("acl") ++ if !gotGrant && !gotACL { ++ d.Set("acl", bucketACLDefaultValue) ++ } ++ ++ // Similarly, set force_destroy to default value if unset, to fix resource import operation. ++ if _, fdSet := d.GetOk("force_destroy"); !fdSet { ++ d.Set("force_destroy", false) ++ } ++ + return nil + } + diff --git a/provider/provider_test.go b/provider/provider_test.go index 37b3cfa2a27..05dfa8ee713 100644 --- a/provider/provider_test.go +++ b/provider/provider_test.go @@ -205,8 +205,8 @@ func pulumiUpWithSnapshot(t *testing.T, pulumiTest *pulumitest.PulumiTest) { } pulumiTest.Preview(optpreview.Plan(planFile)) upResult := pulumiTest.Up(optup.Plan(planFile)) - fmt.Printf("stdout: %s \n", upResult.StdOut) - fmt.Printf("stderr: %s \n", upResult.StdErr) + t.Logf("stdout: %s \n", upResult.StdOut) + t.Logf("stderr: %s \n", upResult.StdErr) } func pulumiTest(t *testing.T, dir string, opts ...opttest.Option) *pulumitest.PulumiTest { diff --git a/provider/provider_yaml_test.go b/provider/provider_yaml_test.go index 83876a28f6d..c7a1d6803da 100644 --- a/provider/provider_yaml_test.go +++ b/provider/provider_yaml_test.go @@ -371,13 +371,13 @@ resources: }) res := pulumiTest.Preview() - fmt.Printf("stdout: %s \n", res.StdOut) - fmt.Printf("stderr: %s \n", res.StdErr) + t.Logf("stdout: %s \n", res.StdOut) + t.Logf("stderr: %s \n", res.StdErr) assertpreview.HasNoChanges(t, res) upResult := pulumiTest.Up() - fmt.Printf("stdout: %s \n", upResult.StdOut) - fmt.Printf("stderr: %s \n", upResult.StdErr) + t.Logf("stdout: %s \n", upResult.StdOut) + t.Logf("stderr: %s \n", upResult.StdErr) }) // test that we can deploy a new filesystem with a list of subnetIds @@ -548,7 +548,7 @@ type tagsTestStep struct { // TestAccDefaultTags tries to test all the scenarios that might affect provider defaultTags / resource tags // i.e. up, refresh, preview, import, etc -func TestAccDefaultTags(t *testing.T) { +func TestAccDefaultTagsWithImport(t *testing.T) { t.Parallel() if testing.Short() { t.Skipf("Skipping in testing.Short() mode, assuming this is a CI run without credentials") diff --git a/provider/resources.go b/provider/resources.go index 2bfbe1f364d..299775d5020 100644 --- a/provider/resources.go +++ b/provider/resources.go @@ -819,20 +819,8 @@ func ProviderFromMeta(metaInfo *tfbridge.MetadataInfo) *tfbridge.ProviderInfo { v2p := shimv2.NewProvider(upstreamProvider.SDKV2Provider, shimv2.WithDiffStrategy(shimv2.PlanState), - shimv2.WithPlanResourceChange(func(s string) bool { - switch s { - case "aws_ssm_document", - "aws_wafv2_web_acl", - "aws_wafv2_rule_group", - "aws_batch_job_definition", - "aws_lb_listener", - "aws_lb_listener_rule", - "aws_alb_listener", - "aws_alb_listener_rule": - return true - default: - return false - } + shimv2.WithPlanResourceChange(func(string) bool { + return true })) p := pftfbridge.MuxShimWithDisjointgPF(ctx, v2p, upstreamProvider.PluginFrameworkProvider) @@ -2204,6 +2192,18 @@ compatibility shim in favor of the new "name" field.`) "node_group_name": tfbridge.AutoName("nodeGroupName", 255, "-"), }, }, + "aws_eks_cluster": { + TransformFromState: func(_ context.Context, pm resource.PropertyMap) (resource.PropertyMap, error) { + // if the defaultOutboundAccessEnabled property is not set, set it to the default value of true + // this prevents an unnecessary replacement when upgrading the provider + // There is a TF migration which should handle this but due to [pulumi/pulumi-terraform-bridge#1667] + // it does not work as expected. + if _, ok := pm["bootstrapSelfManagedAddons"]; !ok { + pm["bootstrapSelfManagedAddons"] = resource.NewBoolProperty(true) + } + return pm, nil + }, + }, "aws_eks_fargate_profile": { Tok: awsResource(eksMod, "FargateProfile"), Fields: map[string]*tfbridge.SchemaInfo{ diff --git a/provider/testdata/recorded/TestProviderUpgrade/TestOpenZfsFileSystemUpgrade/new-version/plan.json b/provider/testdata/recorded/TestProviderUpgrade/TestOpenZfsFileSystemUpgrade/new-version/plan.json index 33b98fb0461..50c80cf2a24 100644 --- a/provider/testdata/recorded/TestProviderUpgrade/TestOpenZfsFileSystemUpgrade/new-version/plan.json +++ b/provider/testdata/recorded/TestProviderUpgrade/TestOpenZfsFileSystemUpgrade/new-version/plan.json @@ -1,12 +1,12 @@ { + "manifest": { + "time": "2024-08-28T10:55:18.06234+01:00", + "magic": "59ab42470ec682a2eb8566128a64ecaee8e5d25c6d5902576977eb325cf4d7b3", + "version": "v3.130.0" + }, "config": { "aws:region": "us-east-2" }, - "manifest": { - "time": "2024-06-21T11:53:56.242051-04:00", - "magic": "26455f4e783faab27da6c6ee2e252716b1c84e7f67777a274faa7d2452f68cf7", - "version": "v3.120.0" - }, "resourcePlans": { "urn:pulumi:test::openzfs::aws:ec2/subnet:Subnet::MySubnet": { "goal": { @@ -52,16 +52,29 @@ "create" ], "state": { + "__meta": "{\"_new_extra_shim\":{},\"e2bfb730-ecaa-11e6-8f88-34363bc7c4c0\":{\"create\":600000000000,\"delete\":1200000000000}}", + "arn": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", "assignIpv6AddressOnCreation": false, + "availabilityZone": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "availabilityZoneId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", "cidrBlock": "10.0.1.0/24", + "customerOwnedIpv4Pool": null, "enableDns64": false, + "enableLniAtDeviceIndex": null, "enableResourceNameDnsARecordOnLaunch": false, "enableResourceNameDnsAaaaRecordOnLaunch": false, - "id": "", + "id": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "ipv6CidrBlock": null, + "ipv6CidrBlockAssociationId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", "ipv6Native": false, - "mapPublicIpOnLaunch": false + "mapCustomerOwnedIpOnLaunch": null, + "mapPublicIpOnLaunch": false, + "outpostArn": null, + "ownerId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "privateDnsHostnameTypeOnLaunch": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "vpcId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9" }, - "seed": "A/8WUtf+VHqLjHFCAuMN/H4nGq+hqtjY6QEh8Os/gL4=" + "seed": "jVbviX6tLd0yo1zAT6cHjeYo9zoCVQLaL0klusIpqDM=" }, "urn:pulumi:test::openzfs::aws:ec2/vpc:Vpc::MyVPC": { "goal": { @@ -90,12 +103,29 @@ "create" ], "state": { + "arn": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "assignGeneratedIpv6CidrBlock": null, "cidrBlock": "10.0.0.0/16", + "defaultNetworkAclId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "defaultRouteTableId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "defaultSecurityGroupId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "dhcpOptionsId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "enableDnsHostnames": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", "enableDnsSupport": true, - "id": "", - "instanceTenancy": "default" + "enableNetworkAddressUsageMetrics": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "id": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "instanceTenancy": "default", + "ipv4IpamPoolId": null, + "ipv4NetmaskLength": null, + "ipv6AssociationId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "ipv6CidrBlock": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "ipv6CidrBlockNetworkBorderGroup": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "ipv6IpamPoolId": null, + "ipv6NetmaskLength": null, + "mainRouteTableId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "ownerId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9" }, - "seed": "HRRxtNXyCA/albslvw9oRcNpmS+ZdRFdAcgnfB8FoIE=" + "seed": "2y7HlC8cCdGzxTqSoVpRwDpKtdWckb53R4zcyAz/odk=" }, "urn:pulumi:test::openzfs::aws:fsx/openZfsFileSystem:OpenZfsFileSystem::MyFileSystem": { "goal": { @@ -145,17 +175,38 @@ "create" ], "state": { + "__meta": "{\"_new_extra_shim\":{},\"e2bfb730-ecaa-11e6-8f88-34363bc7c4c0\":{\"create\":3600000000000,\"delete\":3600000000000,\"update\":3600000000000}}", + "arn": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", "automaticBackupRetentionDays": 0, + "backupId": null, "copyTagsToBackups": false, "copyTagsToVolumes": false, + "dailyAutomaticBackupStartTime": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "deleteOptions": null, "deploymentType": "SINGLE_AZ_1", - "id": "", + "diskIopsConfiguration": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "dnsName": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "endpointIpAddress": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "endpointIpAddressRange": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "finalBackupTags": null, + "id": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "kmsKeyId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "networkInterfaceIds": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "ownerId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "preferredSubnetId": null, + "rootVolumeConfiguration": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "rootVolumeId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "routeTableIds": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "securityGroupIds": null, "skipFinalBackup": false, "storageCapacity": 64, "storageType": "SSD", - "throughputCapacity": 64 + "subnetIds": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "throughputCapacity": 64, + "vpcId": "04da6b54-80e4-46f7-96ec-b56ff0331ba9", + "weeklyMaintenanceStartTime": "04da6b54-80e4-46f7-96ec-b56ff0331ba9" }, - "seed": "NS4cTu4tsZzJ3zXCCYZ4HRNa+pvgcsfy8WCM1CXgaZM=" + "seed": "0s+0wM6MlNBQWWeGJq+RPJG59yJWeBUn5Y3iChwx7ds=" }, "urn:pulumi:test::openzfs::pulumi:providers:aws::default": { "goal": { @@ -181,7 +232,7 @@ "skipCredentialsValidation": "false", "skipRegionValidation": "true" }, - "seed": "JSoHt3w+sEo4jC1wjZar653mfk7+3s9KJhvV186L+Zs=" + "seed": "P7e3NwkTiq1KjpRIeyhpwdalaUH5DxN2cphLiJo5IjY=" }, "urn:pulumi:test::openzfs::pulumi:pulumi:Stack::openzfs-test": { "goal": { @@ -197,7 +248,7 @@ "create" ], "state": {}, - "seed": "O8GPxHK8Ggd/nl1FsTnBkwVPMj0BPEyPFbDKEnhS3iQ=" + "seed": "XgKFfV/aFt4GXqWlV8zHoLDOGPU6vgN517bCZ1RpuRI=" } } }