Auto-detection of terraform executable & downloading #478
Conversation
|
This PR fixes #365 |
|
Also fixes #273 |
eerkunt
changed the title
|
Changed the way how this works. There won't be any more parameter as |
There was a problem hiding this comment.
I am having a couple of concerns with this PR:
No Terraform executables
If there are no terraform executables at all, the feature won't attempt downloading it. Is this intended?
Terraform executable exists
If there is a terraform executable but with wrong version:
Running terraform-compliance resulted with the following output
-
Firstly, error message is wrong, need to use the path of the newly installed terraform executable.
-
In this case, shouldn’t terraform-compliance automatically try to fix the issue by creating the json for me, instead of prompting me to convert the plan manually and run terraform-compliance again?
Running the recommended command with correct terraform executable didn’t immediately convert my plan.out file to json:
The current setup I am testing with only has a plan.out file (and no terraform files or .terraform directory). Was I suppose to terraform init and setup the correct providers by hand? Or was terraform-compliance supposed to do those automatically as well.
Might need more documentation on how to use this functionality and/or some changes so that there are less steps to be taken by the user to convert the plan to json and run the scenario.
Testing
It would be preferable if we had a testing harness that spins up a few containers and tests this feature.
| if 'Could not satisfy plugin requirements' in terraform.stderr: | ||
| print('Hint: You can avoid this problem by converting your plan file to a JSON file via running;\n ' | ||
| '\n # terraform show -json {} > {}.json' | ||
| '\n\n OR' | ||
| '\n # terraform init' | ||
| '\n\n in {} directory and then pass (with -p) {}.json to terraform-compliance'.format(terraform_plan_file, | ||
| terraform_plan_file, | ||
| path, | ||
| terraform_plan_file)) | ||
|
|
||
| sys.exit(1) |
There was a problem hiding this comment.
Should print out the path of the correct executable if it was just downloaded. More about this below above
There was a problem hiding this comment.
Hmm this can only happen where a -t is used and a wrong version is enforced to use while creating the plan, right ? 🤔
In that case, we don't download anything,
|
The reason why you get the Converting |
|
Alright. I have misunderstood the use case then. I thought this change would handle everything regarding converting the different version plan.out to a JSON format. The user should still have .terraform directory close to the plan for auto-detection & downloading to work. I have tested this in two setups. Case 1: running a 0.13.0 plan with 0.15.3 (of Terraform)
Case 2: running a 0.15.3 plan with 0.13.0 (of Terraform)
Should this feature be able to handle Case 2 as well? |
|
You are right it should. Released 1.3.15 without this functionality, will test & improve this PR. |
|
This PR should also have a signature verification after the download as well. |
|
@Kudbettin the use case you mentioned is fixed on 04978f0 |
This PR will introduce new argument for providing a
terraformversion where it will be downloaded on the first run (and then cached). This was a feature request especially for docker users where we always download the latest version in the image.