maxmustermann/pulumi
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
pulumi/pkg/resource/plugin/provider.go

203 lines
9 KiB
Go
Raw Normal View History

Add license headers
2018-05-22 21:43:36 +02:00
// Copyright 2016-2018, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
Overhaul resources, planning, and environments This change, part of pulumi/lumi#90, overhauls quite a bit of the core resource, planning, environments, and related areas. The biggest amount of movement comes from the splitting of pkg/resource into multiple sub-packages. This results in: - pkg/resource: just the core resource data structures. - pkg/resource/deployment: all planning and deployment logic. - pkg/resource/environment: all environment, configuration, and serialized checkpoint structures and logic. - pkg/resource/plugin: all dynamically loaded analyzer and provider logic, including the actual loading and RPC mechanisms. This also splits the resource abstraction up. We now have: - resource.Resource: a shared interface. - resource.Object: a resource that is connected to a live object that will periodically observe mutations due to ongoing evaluation of computations. Snapshots of its state may be taken; however, this is purely a "pre-planning" abstraction. - resource.State: a snapshot of a resource's state that is frozen. In other words, it is no longer connected to a live object. This is what will store provider outputs (ID and properties), and is what may be serialized into a deployment record. The branch is in a half-baked state as of this change; more changes are to come...
2017-06-09 01:37:40 +02:00
package plugin
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
Drive plan application This moves us one step closer from planning to application (marapongo/mu#21). Namely, we now drive the right resource provider operations in response to the plan's steps. Those providers, however, are still empty shells.
2017-02-18 20:54:24 +01:00
import (
Implement resource provider plugins This change adds basic support for discovering, loading, binding to, and invoking RPC methods on, resource provider plugins. In a nutshell, we add a new context object that will share cached state such as loaded plugins and connections to them. It will be a policy decision in server scenarios how much state to share and between whom. This context also controls per-resource context allocation, which in the future will allow us to perform structured cancellation and teardown amongst entire groups of requests. Plugins are loaded based on their name, and can be found in one of two ways: either simply by having them on your path (with a name of "mu-ressrv-<pkg>", where "<pkg>" is the resource package name with any "/"s replaced with "_"s); or by placing them in the standard library installation location, which need not be on the path for this to work (since we know precisely where to look). If we find a protocol, we will load it as a child process. The protocol for plugins is that they will choose a port on their own -- to eliminate races that'd be involved should Mu attempt to pre-pick one for them -- and then write that out as the first line to STDOUT (terminated by a "\n"). This is the only STDERR/STDOUT that Mu cares about; from there, the plugin is free to write all it pleases (e.g., for logging, debugging purposes, etc). Afterwards, we then bind our gRPC connection to that port, and create a typed resource provider client. The CRUD operations that get driven by plan application are then simple wrappers atop the underlying gRPC calls. For now, we interpret all errors as catastrophic; in the near future, we will probably want to introduce a "structured error" mechanism in the gRPC interface for "transactional errors"; that is, errors for which the server was able to recover to a safe checkpoint, which can be interpreted as ResourceOK rather than ResourceUnknown.
2017-02-19 20:08:06 +01:00
"io"
Rename pulumi-fabric to pulumi This includes a few changes: * The repo name -- and hence the Go modules -- changes from pulumi-fabric to pulumi. * The Node.js SDK package changes from @pulumi/pulumi-fabric to just pulumi. * The CLI is renamed from lumi to pulumi.
2017-09-22 04:18:21 +02:00
"github.com/pulumi/pulumi/pkg/resource"
"github.com/pulumi/pulumi/pkg/tokens"
Defer all diffs to resource providers. (#2849) Thse changes make a subtle but critical adjustment to the process the Pulumi engine uses to determine whether or not a difference exists between a resource's actual and desired states, and adjusts the way this difference is calculated and displayed accordingly. Today, the Pulumi engine get the first chance to decide whether or not there is a difference between a resource's actual and desired states. It does this by comparing the current set of inputs for a resource (i.e. the inputs from the running Pulumi program) with the last set of inputs used to update the resource. If there is no difference between the old and new inputs, the engine decides that no change is necessary without consulting the resource's provider. Only if there are changes does the engine consult the resource's provider for more information about the difference. This can be problematic for a number of reasons: - Not all providers do input-input comparison; some do input-state comparison - Not all providers are able to update the last deployed set of inputs when performing a refresh - Some providers--either intentionally or due to bugs--may see changes in resources whose inputs have not changed All of these situations are confusing at the very least, and the first is problematic with respect to correctness. Furthermore, the display code only renders diffs it observes rather than rendering the diffs observed by the provider, which can obscure the actual changes detected at runtime. These changes address both of these issues: - Rather than comparing the current inputs against the last inputs before calling a resource provider's Diff function, the engine calls the Diff function in all cases. - Providers may now return a list of properties that differ between the requested and actual state and the way in which they differ. This information will then be used by the CLI to render the diff appropriately. A provider may also indicate that a particular diff is between old and new inputs rather than old state and new inputs. Fixes #2453.
2019-07-01 21:34:19 +02:00
"github.com/pulumi/pulumi/pkg/util/contract"
Consult the program for its list of plugins This change adds a GetRequiredPlugins RPC method to the language host, enabling us to query it for its list of plugin requirements. This is language-specific because it requires looking at the set of dependencies (e.g., package.json files). It also adds a call up front during any update/preview operation to compute the set of plugins and require that they are present. These plugins are populated in the cache and will be used for all subsequent plugin-related operations during the engine's activity. We now cache the language plugins, so that we may load them eagerly too, which we never did previously due to the fact that we needed to pass the monitor address at load time. This was a bit bizarre anyhow, since it's really the Run RPC function that needs this information. So, to enable caching and eager loading -- which we need in order to invoke GetRequiredPlugins -- the "phone home" monitor RPC address is passed at Run time. In a subsequent change, we will switch to faulting in the plugins that are missing -- rather than erroring -- in addition to supporting the `pulumi plugin install` CLI command.
2018-02-06 18:57:32 +01:00
"github.com/pulumi/pulumi/pkg/workspace"
Drive plan application This moves us one step closer from planning to application (marapongo/mu#21). Namely, we now drive the right resource provider operations in response to the plan's steps. Those providers, however, are still empty shells.
2017-02-18 20:54:24 +01:00
)
Small typo in comment `read` spelled `reead`
2019-01-15 23:59:05 +01:00
// Provider presents a simple interface for orchestrating resource create, read, update, and delete operations. Each
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
// provider understands how to handle all of the resource types within a single package.
//
// This interface hides some of the messiness of the underlying machinery, since providers are behind an RPC boundary.
//
// It is important to note that provider operations are not transactional. (Some providers might decide to offer
// transactional semantics, but such a provider is a rare treat.) As a result, failures in the operations below can
// range from benign to catastrophic (possibly leaving behind a corrupt resource). It is up to the provider to make a
Tidy up more lint This change fixes a few things: * Most importantly, we need to place a leading "." in the paths to Gometalinter, otherwise some sub-linters just silently skip the directory altogether. errcheck is one such linter, which is a very important one! * Use an explicit Gometalinter.json file to configure the various settings. This flips on a few additional linters that aren't on by default (line line length checking). Sadly, a few that I'd like to enable take waaaay too much time, so in the future we may consider a nightly job (this includes code similarity, unused parameters, unused functions, and others that generally require global analysis). * Now that we're running more, however, linting takes a while! The core Lumi project now takes 26 seconds to lint on my laptop. That's not terrible, but it's long enough that we don't want to do the silly "run them twice" thing our Makefiles were previously doing. Instead, we shall deploy some $$($${PIPESTATUS[1]}-1))-fu to rely on the fact that grep returns 1 on "zero lines". * Finally, fix the many issues that this turned up. I think(?) we are done, except, of course, for needing to drive down some of the cyclomatic complexity issues (which I'm possibly going to punt on; see pulumi/lumi#259 for more details).
2017-06-22 21:09:46 +02:00
// best effort to ensure catastrophes do not occur. The errors returned from mutating operations indicate both the
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
// underlying error condition in addition to a bit indicating whether the operation was successfully rolled back.
type Provider interface {
Implement resource provider plugins This change adds basic support for discovering, loading, binding to, and invoking RPC methods on, resource provider plugins. In a nutshell, we add a new context object that will share cached state such as loaded plugins and connections to them. It will be a policy decision in server scenarios how much state to share and between whom. This context also controls per-resource context allocation, which in the future will allow us to perform structured cancellation and teardown amongst entire groups of requests. Plugins are loaded based on their name, and can be found in one of two ways: either simply by having them on your path (with a name of "mu-ressrv-<pkg>", where "<pkg>" is the resource package name with any "/"s replaced with "_"s); or by placing them in the standard library installation location, which need not be on the path for this to work (since we know precisely where to look). If we find a protocol, we will load it as a child process. The protocol for plugins is that they will choose a port on their own -- to eliminate races that'd be involved should Mu attempt to pre-pick one for them -- and then write that out as the first line to STDOUT (terminated by a "\n"). This is the only STDERR/STDOUT that Mu cares about; from there, the plugin is free to write all it pleases (e.g., for logging, debugging purposes, etc). Afterwards, we then bind our gRPC connection to that port, and create a typed resource provider client. The CRUD operations that get driven by plan application are then simple wrappers atop the underlying gRPC calls. For now, we interpret all errors as catastrophic; in the near future, we will probably want to introduce a "structured error" mechanism in the gRPC interface for "transactional errors"; that is, errors for which the server was able to recover to a safe checkpoint, which can be interpreted as ResourceOK rather than ResourceUnknown.
2017-02-19 20:08:06 +01:00
// Closer closes any underlying OS resources associated with this provider (like processes, RPC channels, etc).
io.Closer
Add basic analyzer support This change introduces the basic requirements for analyzers, as per pulumi/coconut#119. In particular, an analyzer can implement either, or both, of the RPC methods, Analyze and AnalyzeResource. The former is meant to check an overall deployment (e.g., to ensure it has been signed off on) and the latter is to check individual resources (e.g., to ensure properties of them are correct, such as checking style, security, etc. rules). These run simultaneous to overall checking. Analyzers are loaded as plugins just like providers are. The difference is mainly in their naming ("analyzer-" prefix, rather than "resource-"), and the RPC methods that they support. This isn't 100% functional since we need a way to specify at the CLI that a particular analyzer should be run, in addition to a way of recording which analyzers certain projects should use in their manifests.
2017-03-11 08:49:17 +01:00
// Pkg fetches this provider's package.
Pkg() tokens.Package
Implement first-class providers. (#1695) ### First-Class Providers These changes implement support for first-class providers. First-class providers are provider plugins that are exposed as resources via the Pulumi programming model so that they may be explicitly and multiply instantiated. Each instance of a provider resource may be configured differently, and configuration parameters may be source from the outputs of other resources. ### Provider Plugin Changes In order to accommodate the need to verify and diff provider configuration and configure providers without complete configuration information, these changes adjust the high-level provider plugin interface. Two new methods for validating a provider's configuration and diffing changes to the same have been added (`CheckConfig` and `DiffConfig`, respectively), and the type of the configuration bag accepted by `Configure` has been changed to a `PropertyMap`. These changes have not yet been reflected in the provider plugin gRPC interface. We will do this in a set of follow-up changes. Until then, these methods are implemented by adapters: - `CheckConfig` validates that all configuration parameters are string or unknown properties. This is necessary because existing plugins only accept string-typed configuration values. - `DiffConfig` either returns "never replace" if all configuration values are known or "must replace" if any configuration value is unknown. The justification for this behavior is given [here](https://github.com/pulumi/pulumi/pull/1695/files#diff-a6cd5c7f337665f5bb22e92ca5f07537R106) - `Configure` converts the config bag to a legacy config map and configures the provider plugin if all config values are known. If any config value is unknown, the underlying plugin is not configured and the provider may only perform `Check`, `Read`, and `Invoke`, all of which return empty results. We justify this behavior becuase it is only possible during a preview and provides the best experience we can manage with the existing gRPC interface. ### Resource Model Changes Providers are now exposed as resources that participate in a stack's dependency graph. Like other resources, they are explicitly created, may have multiple instances, and may have dependencies on other resources. Providers are referred to using provider references, which are a combination of the provider's URN and its ID. This design addresses the need during a preview to refer to providers that have not yet been physically created and therefore have no ID. All custom resources that are not themselves providers must specify a single provider via a provider reference. The named provider will be used to manage that resource's CRUD operations. If a resource's provider reference changes, the resource must be replaced. Though its URN is not present in the resource's dependency list, the provider should be treated as a dependency of the resource when topologically sorting the dependency graph. Finally, `Invoke` operations must now specify a provider to use for the invocation via a provider reference. ### Engine Changes First-class providers support requires a few changes to the engine: - The engine must have some way to map from provider references to provider plugins. It must be possible to add providers from a stack's checkpoint to this map and to register new/updated providers during the execution of a plan in response to CRUD operations on provider resources. - In order to support updating existing stacks using existing Pulumi programs that may not explicitly instantiate providers, the engine must be able to manage the "default" providers for each package referenced by a checkpoint or Pulumi program. The configuration for a "default" provider is taken from the stack's configuration data. The former need is addressed by adding a provider registry type that is responsible for managing all of the plugins required by a plan. In addition to loading plugins froma checkpoint and providing the ability to map from a provider reference to a provider plugin, this type serves as the provider plugin for providers themselves (i.e. it is the "provider provider"). The latter need is solved via two relatively self-contained changes to plan setup and the eval source. During plan setup, the old checkpoint is scanned for custom resources that do not have a provider reference in order to compute the set of packages that require a default provider. Once this set has been computed, the required default provider definitions are conjured and prepended to the checkpoint's resource list. Each resource that requires a default provider is then updated to refer to the default provider for its package. While an eval source is running, each custom resource registration, resource read, and invoke that does not name a provider is trapped before being returned by the source iterator. If no default provider for the appropriate package has been registered, the eval source synthesizes an appropriate registration, waits for it to complete, and records the registered provider's reference. This reference is injected into the original request, which is then processed as usual. If a default provider was already registered, the recorded reference is used and no new registration occurs. ### SDK Changes These changes only expose first-class providers from the Node.JS SDK. - A new abstract class, `ProviderResource`, can be subclassed and used to instantiate first-class providers. - A new field in `ResourceOptions`, `provider`, can be used to supply a particular provider instance to manage a `CustomResource`'s CRUD operations. - A new type, `InvokeOptions`, can be used to specify options that control the behavior of a call to `pulumi.runtime.invoke`. This type includes a `provider` field that is analogous to `ResourceOptions.provider`.
2018-08-07 02:50:29 +02:00
// CheckConfig validates the configuration for this resource provider.
Flow `allowUnknows` for Diff/Check Config We pass this information for Diff and Check on specific resources, so we can correctly block unknows from flowing to plugins during applies.
2019-05-23 19:54:18 +02:00
CheckConfig(urn resource.URN, olds, news resource.PropertyMap,
allowUnknowns bool) (resource.PropertyMap, []CheckFailure, error)
Implement first-class providers. (#1695) ### First-Class Providers These changes implement support for first-class providers. First-class providers are provider plugins that are exposed as resources via the Pulumi programming model so that they may be explicitly and multiply instantiated. Each instance of a provider resource may be configured differently, and configuration parameters may be source from the outputs of other resources. ### Provider Plugin Changes In order to accommodate the need to verify and diff provider configuration and configure providers without complete configuration information, these changes adjust the high-level provider plugin interface. Two new methods for validating a provider's configuration and diffing changes to the same have been added (`CheckConfig` and `DiffConfig`, respectively), and the type of the configuration bag accepted by `Configure` has been changed to a `PropertyMap`. These changes have not yet been reflected in the provider plugin gRPC interface. We will do this in a set of follow-up changes. Until then, these methods are implemented by adapters: - `CheckConfig` validates that all configuration parameters are string or unknown properties. This is necessary because existing plugins only accept string-typed configuration values. - `DiffConfig` either returns "never replace" if all configuration values are known or "must replace" if any configuration value is unknown. The justification for this behavior is given [here](https://github.com/pulumi/pulumi/pull/1695/files#diff-a6cd5c7f337665f5bb22e92ca5f07537R106) - `Configure` converts the config bag to a legacy config map and configures the provider plugin if all config values are known. If any config value is unknown, the underlying plugin is not configured and the provider may only perform `Check`, `Read`, and `Invoke`, all of which return empty results. We justify this behavior becuase it is only possible during a preview and provides the best experience we can manage with the existing gRPC interface. ### Resource Model Changes Providers are now exposed as resources that participate in a stack's dependency graph. Like other resources, they are explicitly created, may have multiple instances, and may have dependencies on other resources. Providers are referred to using provider references, which are a combination of the provider's URN and its ID. This design addresses the need during a preview to refer to providers that have not yet been physically created and therefore have no ID. All custom resources that are not themselves providers must specify a single provider via a provider reference. The named provider will be used to manage that resource's CRUD operations. If a resource's provider reference changes, the resource must be replaced. Though its URN is not present in the resource's dependency list, the provider should be treated as a dependency of the resource when topologically sorting the dependency graph. Finally, `Invoke` operations must now specify a provider to use for the invocation via a provider reference. ### Engine Changes First-class providers support requires a few changes to the engine: - The engine must have some way to map from provider references to provider plugins. It must be possible to add providers from a stack's checkpoint to this map and to register new/updated providers during the execution of a plan in response to CRUD operations on provider resources. - In order to support updating existing stacks using existing Pulumi programs that may not explicitly instantiate providers, the engine must be able to manage the "default" providers for each package referenced by a checkpoint or Pulumi program. The configuration for a "default" provider is taken from the stack's configuration data. The former need is addressed by adding a provider registry type that is responsible for managing all of the plugins required by a plan. In addition to loading plugins froma checkpoint and providing the ability to map from a provider reference to a provider plugin, this type serves as the provider plugin for providers themselves (i.e. it is the "provider provider"). The latter need is solved via two relatively self-contained changes to plan setup and the eval source. During plan setup, the old checkpoint is scanned for custom resources that do not have a provider reference in order to compute the set of packages that require a default provider. Once this set has been computed, the required default provider definitions are conjured and prepended to the checkpoint's resource list. Each resource that requires a default provider is then updated to refer to the default provider for its package. While an eval source is running, each custom resource registration, resource read, and invoke that does not name a provider is trapped before being returned by the source iterator. If no default provider for the appropriate package has been registered, the eval source synthesizes an appropriate registration, waits for it to complete, and records the registered provider's reference. This reference is injected into the original request, which is then processed as usual. If a default provider was already registered, the recorded reference is used and no new registration occurs. ### SDK Changes These changes only expose first-class providers from the Node.JS SDK. - A new abstract class, `ProviderResource`, can be subclassed and used to instantiate first-class providers. - A new field in `ResourceOptions`, `provider`, can be used to supply a particular provider instance to manage a `CustomResource`'s CRUD operations. - A new type, `InvokeOptions`, can be used to specify options that control the behavior of a call to `pulumi.runtime.invoke`. This type includes a `provider` field that is analogous to `ResourceOptions.provider`.
2018-08-07 02:50:29 +02:00
// DiffConfig checks what impacts a hypothetical change to this provider's configuration will have on the provider.
Pass ignoreChanges to providers. (#3005) These changes add support for passing `ignoreChanges` paths to resource providers. This is intended to accommodate providers that perform diffs between resource inputs and resource state (e.g. all Terraform-based providers, the k8s provider when using API server dry-runs). These paths are specified using the same syntax as the paths used in detailed diffs. In addition to passing these paths to providers, the existing support for `ignoreChanges` in inputs has been extended to accept paths rather than top-level keys. It is an error to specify a path that is missing one or more component in the old or new inputs. Fixes #2936, #2663.
2019-07-31 18:39:07 +02:00
DiffConfig(urn resource.URN, olds, news resource.PropertyMap, allowUnknowns bool,
ignoreChanges []string) (DiffResult, error)
Configure providers at well-defined points As explained in pulumi/pulumi-fabric#293, we were a little ad-hoc in how configuration was "applied" to resource providers. In fact, config wasn't ever communicated directly to providers; instead, the resource providers would simply ask the engine to read random heap locations (via tokens). Now that we're on a plan where configuration gets handed to the program at startup, and that's that, and where generally speaking resource providers never communicate directly with the language runtime, we need to take a different approach. As such, the resource provider interface now offers a Configure RPC method that the resource planning engine will invoke at the right times with the right subset of configuration variables filtered to just that provider's package. This fixes pulumi/pulumi#293.
2017-08-31 23:31:33 +02:00
// Configure configures the resource provider with "globals" that control its behavior.
Implement first-class providers. (#1695) ### First-Class Providers These changes implement support for first-class providers. First-class providers are provider plugins that are exposed as resources via the Pulumi programming model so that they may be explicitly and multiply instantiated. Each instance of a provider resource may be configured differently, and configuration parameters may be source from the outputs of other resources. ### Provider Plugin Changes In order to accommodate the need to verify and diff provider configuration and configure providers without complete configuration information, these changes adjust the high-level provider plugin interface. Two new methods for validating a provider's configuration and diffing changes to the same have been added (`CheckConfig` and `DiffConfig`, respectively), and the type of the configuration bag accepted by `Configure` has been changed to a `PropertyMap`. These changes have not yet been reflected in the provider plugin gRPC interface. We will do this in a set of follow-up changes. Until then, these methods are implemented by adapters: - `CheckConfig` validates that all configuration parameters are string or unknown properties. This is necessary because existing plugins only accept string-typed configuration values. - `DiffConfig` either returns "never replace" if all configuration values are known or "must replace" if any configuration value is unknown. The justification for this behavior is given [here](https://github.com/pulumi/pulumi/pull/1695/files#diff-a6cd5c7f337665f5bb22e92ca5f07537R106) - `Configure` converts the config bag to a legacy config map and configures the provider plugin if all config values are known. If any config value is unknown, the underlying plugin is not configured and the provider may only perform `Check`, `Read`, and `Invoke`, all of which return empty results. We justify this behavior becuase it is only possible during a preview and provides the best experience we can manage with the existing gRPC interface. ### Resource Model Changes Providers are now exposed as resources that participate in a stack's dependency graph. Like other resources, they are explicitly created, may have multiple instances, and may have dependencies on other resources. Providers are referred to using provider references, which are a combination of the provider's URN and its ID. This design addresses the need during a preview to refer to providers that have not yet been physically created and therefore have no ID. All custom resources that are not themselves providers must specify a single provider via a provider reference. The named provider will be used to manage that resource's CRUD operations. If a resource's provider reference changes, the resource must be replaced. Though its URN is not present in the resource's dependency list, the provider should be treated as a dependency of the resource when topologically sorting the dependency graph. Finally, `Invoke` operations must now specify a provider to use for the invocation via a provider reference. ### Engine Changes First-class providers support requires a few changes to the engine: - The engine must have some way to map from provider references to provider plugins. It must be possible to add providers from a stack's checkpoint to this map and to register new/updated providers during the execution of a plan in response to CRUD operations on provider resources. - In order to support updating existing stacks using existing Pulumi programs that may not explicitly instantiate providers, the engine must be able to manage the "default" providers for each package referenced by a checkpoint or Pulumi program. The configuration for a "default" provider is taken from the stack's configuration data. The former need is addressed by adding a provider registry type that is responsible for managing all of the plugins required by a plan. In addition to loading plugins froma checkpoint and providing the ability to map from a provider reference to a provider plugin, this type serves as the provider plugin for providers themselves (i.e. it is the "provider provider"). The latter need is solved via two relatively self-contained changes to plan setup and the eval source. During plan setup, the old checkpoint is scanned for custom resources that do not have a provider reference in order to compute the set of packages that require a default provider. Once this set has been computed, the required default provider definitions are conjured and prepended to the checkpoint's resource list. Each resource that requires a default provider is then updated to refer to the default provider for its package. While an eval source is running, each custom resource registration, resource read, and invoke that does not name a provider is trapped before being returned by the source iterator. If no default provider for the appropriate package has been registered, the eval source synthesizes an appropriate registration, waits for it to complete, and records the registered provider's reference. This reference is injected into the original request, which is then processed as usual. If a default provider was already registered, the recorded reference is used and no new registration occurs. ### SDK Changes These changes only expose first-class providers from the Node.JS SDK. - A new abstract class, `ProviderResource`, can be subclassed and used to instantiate first-class providers. - A new field in `ResourceOptions`, `provider`, can be used to supply a particular provider instance to manage a `CustomResource`'s CRUD operations. - A new type, `InvokeOptions`, can be used to specify options that control the behavior of a call to `pulumi.runtime.invoke`. This type includes a `provider` field that is analogous to `ResourceOptions.provider`.
2018-08-07 02:50:29 +02:00
Configure(inputs resource.PropertyMap) error
Return all computed inputs from Provider.Check. As documented in issue #616, the inputs/defaults/outputs model we have today has fundamental problems. The crux of the issue is that our current design requires that defaults present in the old state of a resource are applied to the new inputs for that resource. Unfortunately, it is not possible for the engine to decide which defaults remain applicable and which do not; only the provider has that knowledge. These changes take a more tactical approach to resolving this issue than that originally proposed in #616 that avoids breaking compatibility with existing checkpoints. Rather than treating the Pulumi inputs as the provider input properties for a resource, these inputs are first translated by `Check`. In order to accommodate provider defaults that were chosen for the old resource but should not change for the new, `Check` now takes the old provider inputs as well as the new Pulumi inputs. Rather than the Pulumi inputs and provider defaults, the provider inputs returned by `Check` are recorded in the checkpoint file. Put simply, these changes remove defaults as a first-class concept (except inasmuch as is required to retain the ability to read old checkpoint files) and move the responsibilty for manging and merging defaults into the provider that supplies them. Fixes #616.
2017-12-03 01:34:16 +01:00
// Check validates that the given property bag is valid for a resource of the given type and returns the inputs
// that should be passed to successive calls to Diff, Create, or Update for this resource.
Supply unknown properties to providers during preview. My previous change to stop supplying unknown properties to providers broke `pulumi preview` in the case of unknown inputs. This change restores the previous behavior for previews only; the new unknown-free behavior remains for applies. Fixes #790.
2018-01-10 03:40:08 +01:00
Check(urn resource.URN, olds, news resource.PropertyMap,
allowUnknowns bool) (resource.PropertyMap, []CheckFailure, error)
Explicitly track default properties This changes the RPC interfaces between Lumi and provider ever so slightly, so that we can track default properties explicitly. This is required to perform accurate diffing between inputs provided by the developer, inputs provided by the system, and outputs. This is particularly important for default values that may be indeterminite, such as those we use in the bridge to auto-generate unique IDs. Otherwise, we fail to reapply defaults correctly, and trick the provider into thinking that properties changed when they did not. This is a small step towards pulumi/lumi#306, in which we will defer even more responsibility for diffing semantics to the providers.
2017-08-01 03:26:15 +02:00
// Diff checks what impacts a hypothetical update will have on the resource's properties.
Supply unknown properties to providers during preview. My previous change to stop supplying unknown properties to providers broke `pulumi preview` in the case of unknown inputs. This change restores the previous behavior for previews only; the new unknown-free behavior remains for applies. Fixes #790.
2018-01-10 03:40:08 +01:00
Diff(urn resource.URN, id resource.ID, olds resource.PropertyMap, news resource.PropertyMap,
Pass ignoreChanges to providers. (#3005) These changes add support for passing `ignoreChanges` paths to resource providers. This is intended to accommodate providers that perform diffs between resource inputs and resource state (e.g. all Terraform-based providers, the k8s provider when using API server dry-runs). These paths are specified using the same syntax as the paths used in detailed diffs. In addition to passing these paths to providers, the existing support for `ignoreChanges` in inputs has been extended to accept paths rather than top-level keys. It is an error to specify a path that is missing one or more component in the old or new inputs. Fixes #2936, #2663.
2019-07-31 18:39:07 +02:00
allowUnknowns bool, ignoreChanges []string) (DiffResult, error)
Overhaul resources, planning, and environments This change, part of pulumi/lumi#90, overhauls quite a bit of the core resource, planning, environments, and related areas. The biggest amount of movement comes from the splitting of pkg/resource into multiple sub-packages. This results in: - pkg/resource: just the core resource data structures. - pkg/resource/deployment: all planning and deployment logic. - pkg/resource/environment: all environment, configuration, and serialized checkpoint structures and logic. - pkg/resource/plugin: all dynamically loaded analyzer and provider logic, including the actual loading and RPC mechanisms. This also splits the resource abstraction up. We now have: - resource.Resource: a shared interface. - resource.Object: a resource that is connected to a live object that will periodically observe mutations due to ongoing evaluation of computations. Snapshots of its state may be taken; however, this is purely a "pre-planning" abstraction. - resource.State: a snapshot of a resource's state that is frozen. In other words, it is no longer connected to a live object. This is what will store provider outputs (ID and properties), and is what may be serialized into a deployment record. The branch is in a half-baked state as of this change; more changes are to come...
2017-06-09 01:37:40 +02:00
// Create allocates a new instance of the provided resource and returns its unique resource.ID.
Addition of Custom Timeouts (#2885) * Plumbing the custom timeouts from the engine to the providers * Plumbing the CustomTimeouts through to the engine and adding test to show this * Change the provider proto to include individual timeouts * Plumbing the CustomTimeouts from the engine through to the Provider RPC interface * Change how the CustomTimeouts are sent across RPC These errors were spotted in testing. We can now see that the timeout information is arriving in the RegisterResourceRequest ``` req=&pulumirpc.RegisterResourceRequest{ Type: "aws:s3/bucket:Bucket", Name: "my-bucket", Parent: "urn:pulumi:dev::aws-vpc::pulumi:pulumi:Stack::aws-vpc-dev", Custom: true, Object: &structpb.Struct{}, Protect: false, Dependencies: nil, Provider: "", PropertyDependencies: {}, DeleteBeforeReplace: false, Version: "", IgnoreChanges: nil, AcceptSecrets: true, AdditionalSecretOutputs: nil, Aliases: nil, CustomTimeouts: &pulumirpc.RegisterResourceRequest_CustomTimeouts{ Create: 300, Update: 400, Delete: 500, XXX_NoUnkeyedLiteral: struct {}{}, XXX_unrecognized: nil, XXX_sizecache: 0, }, XXX_NoUnkeyedLiteral: struct {}{}, XXX_unrecognized: nil, XXX_sizecache: 0, } ``` * Changing the design to use strings * CHANGELOG entry to include the CustomTimeouts work * Changing custom timeouts to be passed around the engine as converted value We don't want to pass around strings - the user can provide it but we want to make the engine aware of the timeout in seconds as a float64
2019-07-15 23:26:28 +02:00
Create(urn resource.URN, news resource.PropertyMap, timeout float64) (resource.ID, resource.PropertyMap,
resource.Status, error)
Add an ID property to ReadResponse (#1145) The RPC provider interface needs a way to convey back to the engine that a resource being read no longer exists. To do this, we'll return the ID property that was read back. If it is empty, it means the resource is gone. If it is non-empty, we expect it to match the input.
2018-04-10 21:58:50 +02:00
// Read the current live state associated with a resource. Enough state must be include in the inputs to uniquely
// identify the resource; this is typically just the resource ID, but may also include some properties. If the
// resource is missing (for instance, because it has been deleted), the resulting property map will be nil.
Implement partial `Read` Some time ago, we introduced the concept of the initialization error to Pulumi (i.e., an error where the resource was successfully created but failed to fully initialize). This was originally implemented in `Create` and `Update` methods of the resource provider interface; when we detected an initialization failure, we'd pack the live version of the object into the error, and return that to the engine. Omitted from this initial implementation was a similar semantics for `Read`. There are many implications of this, but one of them is that a `pulumi refresh` will erase any initialization errors that had previously been observed, even if the initialization errors still exist in the resource. This commit will introduce the initialization error semantics to `Read`, fixing this issue.
2018-08-07 09:40:43 +02:00
Read(urn resource.URN, id resource.ID,
Refresh inputs (#2531) These changes take advantage of the newly-added support for returning inputs from Read to update a resource's inputs as part of a refresh. As a consequence, the Pulumi engine will now properly detect drift between the actual state of a resource and the desired state described by the program and generate appropriate update or replace steps. As part of these changes, a resource's old inputs are now passed to the provider when performing a refresh. The provider can take advantage of this to maintain the accuracy of any additional data or metadata in the resource's inputs that may need to be updated during the refresh. This is required for the complete implementation of https://github.com/pulumi/pulumi-terraform/pull/349. Without access to the old inputs for a resource, TF-based providers would lose all information about default population during a refresh.
2019-03-11 21:50:00 +01:00
inputs, state resource.PropertyMap) (ReadResult, resource.Status, error)
Make replacement first class This change, part of pulumi/coconut#105, rearranges support for resource replacement. The old model didn't properly account for the cascading updates and possible replacement of dependencies. Namely, we need to model a replacement as a creation followed by a deletion, inserted into the overall DAG correctly so that any resources that must be updated are updated after the creation but prior to the deletion. This is done by inserting *three* nodes into the graph per replacement: a physical creation step, a physical deletion step, and a logical replacement step. The logical step simply makes it nicer in the output (the plan output shows a single "replacement" rather than the fine-grained outputs, unless they are requested with --show-replace-steps). It also makes it easier to fold all of the edges into a single linchpin node. As part of this, the update step no longer gets to choose whether to recreate the resource. Instead, the engine takes care of orchestrating the replacement through actual create and delete calls.
2017-03-02 18:52:08 +01:00
// Update updates an existing resource with new values.
Simplify resource provider RPC interface This change simplifies the provider RPC interface slightly: 1) Eliminate Get. We really don't need it anymore. There are several possibly-interesting scenarios down the road that may demand it, but when we get there, we can consider how best to bring this back. Furthermore, the old-style Get remains mostly incompatible with Terraform anyway. 2) Pass URNs, not type tokens, across the RPC boundary. This gives the provider access to more interesting information: the type, still, but also the name (which is no longer an object property).
2017-08-31 22:10:55 +02:00
Update(urn resource.URN, id resource.ID,
Pass ignoreChanges to providers. (#3005) These changes add support for passing `ignoreChanges` paths to resource providers. This is intended to accommodate providers that perform diffs between resource inputs and resource state (e.g. all Terraform-based providers, the k8s provider when using API server dry-runs). These paths are specified using the same syntax as the paths used in detailed diffs. In addition to passing these paths to providers, the existing support for `ignoreChanges` in inputs has been extended to accept paths rather than top-level keys. It is an error to specify a path that is missing one or more component in the old or new inputs. Fixes #2936, #2663.
2019-07-31 18:39:07 +02:00
olds resource.PropertyMap, news resource.PropertyMap, timeout float64,
ignoreChanges []string) (resource.PropertyMap, resource.Status, error)
Implement resource provider plugins This change adds basic support for discovering, loading, binding to, and invoking RPC methods on, resource provider plugins. In a nutshell, we add a new context object that will share cached state such as loaded plugins and connections to them. It will be a policy decision in server scenarios how much state to share and between whom. This context also controls per-resource context allocation, which in the future will allow us to perform structured cancellation and teardown amongst entire groups of requests. Plugins are loaded based on their name, and can be found in one of two ways: either simply by having them on your path (with a name of "mu-ressrv-<pkg>", where "<pkg>" is the resource package name with any "/"s replaced with "_"s); or by placing them in the standard library installation location, which need not be on the path for this to work (since we know precisely where to look). If we find a protocol, we will load it as a child process. The protocol for plugins is that they will choose a port on their own -- to eliminate races that'd be involved should Mu attempt to pre-pick one for them -- and then write that out as the first line to STDOUT (terminated by a "\n"). This is the only STDERR/STDOUT that Mu cares about; from there, the plugin is free to write all it pleases (e.g., for logging, debugging purposes, etc). Afterwards, we then bind our gRPC connection to that port, and create a typed resource provider client. The CRUD operations that get driven by plan application are then simple wrappers atop the underlying gRPC calls. For now, we interpret all errors as catastrophic; in the near future, we will probably want to introduce a "structured error" mechanism in the gRPC interface for "transactional errors"; that is, errors for which the server was able to recover to a safe checkpoint, which can be interpreted as ResourceOK rather than ResourceUnknown.
2017-02-19 20:08:06 +01:00
// Delete tears down an existing resource.
Addition of Custom Timeouts (#2885) * Plumbing the custom timeouts from the engine to the providers * Plumbing the CustomTimeouts through to the engine and adding test to show this * Change the provider proto to include individual timeouts * Plumbing the CustomTimeouts from the engine through to the Provider RPC interface * Change how the CustomTimeouts are sent across RPC These errors were spotted in testing. We can now see that the timeout information is arriving in the RegisterResourceRequest ``` req=&pulumirpc.RegisterResourceRequest{ Type: "aws:s3/bucket:Bucket", Name: "my-bucket", Parent: "urn:pulumi:dev::aws-vpc::pulumi:pulumi:Stack::aws-vpc-dev", Custom: true, Object: &structpb.Struct{}, Protect: false, Dependencies: nil, Provider: "", PropertyDependencies: {}, DeleteBeforeReplace: false, Version: "", IgnoreChanges: nil, AcceptSecrets: true, AdditionalSecretOutputs: nil, Aliases: nil, CustomTimeouts: &pulumirpc.RegisterResourceRequest_CustomTimeouts{ Create: 300, Update: 400, Delete: 500, XXX_NoUnkeyedLiteral: struct {}{}, XXX_unrecognized: nil, XXX_sizecache: 0, }, XXX_NoUnkeyedLiteral: struct {}{}, XXX_unrecognized: nil, XXX_sizecache: 0, } ``` * Changing the design to use strings * CHANGELOG entry to include the CustomTimeouts work * Changing custom timeouts to be passed around the engine as converted value We don't want to pass around strings - the user can provide it but we want to make the engine aware of the timeout in seconds as a float64
2019-07-15 23:26:28 +02:00
Delete(urn resource.URN, id resource.ID, props resource.PropertyMap, timeout float64) (resource.Status, error)
Add an Invoke RPC method on ResourceProvider This change enables us to make progress on exposing data sources (see pulumi/pulumi-terraform#29). The idea is to have an Invoke function that simply takes a function token and arguments, performs the function lookup and invocation, and then returns a return value.
2017-09-20 02:23:10 +02:00
// Invoke dynamically executes a built-in function in the provider.
Invoke(tok tokens.ModuleMember, args resource.PropertyMap) (resource.PropertyMap, []CheckFailure, error)
Add a manifest to checkpoint files (#630) This change adds a new manifest section to the checkpoint files. The existing time moves into it, and we add to it the version of the Pulumi CLI that created it, along with the names, types, and versions of all plugins used to generate the file. There is a magic cookie that we also use during verification. This is to help keep us sane when debugging problems "in the wild," and I'm sure we will add more to it over time (checksum, etc). For example, after an up, you can now see this in `pulumi stack`: ``` Current stack is demo: Last updated at 2017-12-01 13:48:49.815740523 -0800 PST Pulumi version v0.8.3-79-g1ab99ad Plugin pulumi-provider-aws [resource] version v0.8.3-22-g4363e77 Plugin pulumi-langhost-nodejs [language] version v0.8.3-79-g77bb6b6 Checkpoint file is /Users/joeduffy/dev/code/src/github.com/pulumi/pulumi-aws/.pulumi/stacks/webserver/demo.json ``` This addresses pulumi/pulumi#628.
2017-12-01 22:50:32 +01:00
// GetPluginInfo returns this plugin's information.
Consult the program for its list of plugins This change adds a GetRequiredPlugins RPC method to the language host, enabling us to query it for its list of plugin requirements. This is language-specific because it requires looking at the set of dependencies (e.g., package.json files). It also adds a call up front during any update/preview operation to compute the set of plugins and require that they are present. These plugins are populated in the cache and will be used for all subsequent plugin-related operations during the engine's activity. We now cache the language plugins, so that we may load them eagerly too, which we never did previously due to the fact that we needed to pass the monitor address at load time. This was a bit bizarre anyhow, since it's really the Run RPC function that needs this information. So, to enable caching and eager loading -- which we need in order to invoke GetRequiredPlugins -- the "phone home" monitor RPC address is passed at Run time. In a subsequent change, we will switch to faulting in the plugins that are missing -- rather than erroring -- in addition to supporting the `pulumi plugin install` CLI command.
2018-02-06 18:57:32 +01:00
GetPluginInfo() (workspace.PluginInfo, error)
Add signal cancellation to resource provider
2018-07-12 06:20:26 +02:00
// SignalCancellation asks all resource providers to gracefully shut down and abort any ongoing
// operations. Operation aborted in this way will return an error (e.g., `Update` and `Create`
// will either a creation error or an initialization error. SignalCancellation is advisory and
// non-blocking; it is up to the host to decide how long to wait after SignalCancellation is
// called before (e.g.) hard-closing any gRPC connection.
SignalCancellation() error
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
}
Add a pre-pass to validate resources before creating/updating This change adds a new Check RPC method on the provider interface, permitting resource providers to perform arbitrary verification on the values of properties. This is useful for validating things that might be difficult to express in the type system, and it runs before *any* modifications are run (so failures can be caight early before it's too late). My favorite motivating example is verifying that an AWS EC2 instance's AMI is available within the target region. This resolves pulumi/coconut#107, although we aren't using this in any resource providers just yet. I'll add a work item now for that...
2017-03-03 03:15:38 +01:00
// CheckFailure indicates that a call to check failed; it contains the property and reason for the failure.
type CheckFailure struct {
Overhaul resources, planning, and environments This change, part of pulumi/lumi#90, overhauls quite a bit of the core resource, planning, environments, and related areas. The biggest amount of movement comes from the splitting of pkg/resource into multiple sub-packages. This results in: - pkg/resource: just the core resource data structures. - pkg/resource/deployment: all planning and deployment logic. - pkg/resource/environment: all environment, configuration, and serialized checkpoint structures and logic. - pkg/resource/plugin: all dynamically loaded analyzer and provider logic, including the actual loading and RPC mechanisms. This also splits the resource abstraction up. We now have: - resource.Resource: a shared interface. - resource.Object: a resource that is connected to a live object that will periodically observe mutations due to ongoing evaluation of computations. Snapshots of its state may be taken; however, this is purely a "pre-planning" abstraction. - resource.State: a snapshot of a resource's state that is frozen. In other words, it is no longer connected to a live object. This is what will store provider outputs (ID and properties), and is what may be serialized into a deployment record. The branch is in a half-baked state as of this change; more changes are to come...
2017-06-09 01:37:40 +02:00
Property resource.PropertyKey // the property that failed checking.
Reason string // the reason the property failed to check.
Add a pre-pass to validate resources before creating/updating This change adds a new Check RPC method on the provider interface, permitting resource providers to perform arbitrary verification on the values of properties. This is useful for validating things that might be difficult to express in the type system, and it runs before *any* modifications are run (so failures can be caight early before it's too late). My favorite motivating example is verifying that an AWS EC2 instance's AMI is available within the target region. This resolves pulumi/coconut#107, although we aren't using this in any resource providers just yet. I'll add a work item now for that...
2017-03-03 03:15:38 +01:00
}
Explicitly track default properties This changes the RPC interfaces between Lumi and provider ever so slightly, so that we can track default properties explicitly. This is required to perform accurate diffing between inputs provided by the developer, inputs provided by the system, and outputs. This is particularly important for default values that may be indeterminite, such as those we use in the bridge to auto-generate unique IDs. Otherwise, we fail to reapply defaults correctly, and trick the provider into thinking that properties changed when they did not. This is a small step towards pulumi/lumi#306, in which we will defer even more responsibility for diffing semantics to the providers.
2017-08-01 03:26:15 +02:00
Make some resource model changes This commit changes two things about our resource model: * Stop performing Pulumi Engine-side diffing of resource state. Instead, we defer to the resource plugins themselves to determine whether a change was made and, if so, the extent of it. This manifests as a simple change to the Diff function; it is done in a backwards compatible way so that we continue with legacy diffing for existing resource provider plugins. * Add a Read RPC method for resource providers. It simply takes a resource's ID and URN, plus an optional bag of further qualifying state, and it returns the current property state as read back from the actual live environment. Note that the optional bag of state must at least include enough additional properties for resources wherein the ID is insufficient for the provider to perform a lookup. It may, however, include the full bag of prior state, for instance in the case of a refresh operation. This is part of pulumi/pulumi#1108.
2018-04-05 16:00:16 +02:00
// DiffChanges represents the kind of changes detected by a diff operation.
type DiffChanges int
const (
// DiffUnknown indicates the provider didn't offer information about the changes (legacy behavior).
DiffUnknown DiffChanges = 0
// DiffNone indicates the provider performed a diff and concluded that no update is needed.
DiffNone DiffChanges = 1
// DiffSome indicates the provider performed a diff and concluded that an update or replacement is needed.
DiffSome DiffChanges = 2
)
Defer all diffs to resource providers. (#2849) Thse changes make a subtle but critical adjustment to the process the Pulumi engine uses to determine whether or not a difference exists between a resource's actual and desired states, and adjusts the way this difference is calculated and displayed accordingly. Today, the Pulumi engine get the first chance to decide whether or not there is a difference between a resource's actual and desired states. It does this by comparing the current set of inputs for a resource (i.e. the inputs from the running Pulumi program) with the last set of inputs used to update the resource. If there is no difference between the old and new inputs, the engine decides that no change is necessary without consulting the resource's provider. Only if there are changes does the engine consult the resource's provider for more information about the difference. This can be problematic for a number of reasons: - Not all providers do input-input comparison; some do input-state comparison - Not all providers are able to update the last deployed set of inputs when performing a refresh - Some providers--either intentionally or due to bugs--may see changes in resources whose inputs have not changed All of these situations are confusing at the very least, and the first is problematic with respect to correctness. Furthermore, the display code only renders diffs it observes rather than rendering the diffs observed by the provider, which can obscure the actual changes detected at runtime. These changes address both of these issues: - Rather than comparing the current inputs against the last inputs before calling a resource provider's Diff function, the engine calls the Diff function in all cases. - Providers may now return a list of properties that differ between the requested and actual state and the way in which they differ. This information will then be used by the CLI to render the diff appropriately. A provider may also indicate that a particular diff is between old and new inputs rather than old state and new inputs. Fixes #2453.
2019-07-01 21:34:19 +02:00
// DiffKind represents the kind of diff that applies to a particular property.
type DiffKind int
func (d DiffKind) String() string {
switch d {
case DiffAdd:
return "add"
case DiffAddReplace:
return "add-replace"
case DiffDelete:
return "delete"
case DiffDeleteReplace:
return "delete-replace"
case DiffUpdate:
return "update"
case DiffUpdateReplace:
return "update-replace"
default:
contract.Failf("Unknown diff kind %v", int(d))
return ""
}
}
func (d DiffKind) IsReplace() bool {
switch d {
case DiffAddReplace, DiffDeleteReplace, DiffUpdateReplace:
return true
default:
return false
}
}
const (
// DiffAdd indicates that the property was added.
DiffAdd DiffKind = 0
// DiffAddReplace indicates that the property was added and requires that the resource be replaced.
DiffAddReplace DiffKind = 1
// DiffDelete indicates that the property was deleted.
DiffDelete DiffKind = 2
// DiffDeleteReplace indicates that the property was added and requires that the resource be replaced.
DiffDeleteReplace DiffKind = 3
// DiffUpdate indicates that the property was updated.
DiffUpdate DiffKind = 4
// DiffUpdateReplace indicates that the property was updated and requires that the resource be replaced.
DiffUpdateReplace DiffKind = 5
)
// PropertyDiff records the difference between a single property's old and new values.
type PropertyDiff struct {
Kind DiffKind // The kind of diff.
InputDiff bool // True if this is a diff between old and new inputs rather than old state and new inputs.
}
Explicitly track default properties This changes the RPC interfaces between Lumi and provider ever so slightly, so that we can track default properties explicitly. This is required to perform accurate diffing between inputs provided by the developer, inputs provided by the system, and outputs. This is particularly important for default values that may be indeterminite, such as those we use in the bridge to auto-generate unique IDs. Otherwise, we fail to reapply defaults correctly, and trick the provider into thinking that properties changed when they did not. This is a small step towards pulumi/lumi#306, in which we will defer even more responsibility for diffing semantics to the providers.
2017-08-01 03:26:15 +02:00
// DiffResult indicates whether an operation should replace or update an existing resource.
type DiffResult struct {
Defer all diffs to resource providers. (#2849) Thse changes make a subtle but critical adjustment to the process the Pulumi engine uses to determine whether or not a difference exists between a resource's actual and desired states, and adjusts the way this difference is calculated and displayed accordingly. Today, the Pulumi engine get the first chance to decide whether or not there is a difference between a resource's actual and desired states. It does this by comparing the current set of inputs for a resource (i.e. the inputs from the running Pulumi program) with the last set of inputs used to update the resource. If there is no difference between the old and new inputs, the engine decides that no change is necessary without consulting the resource's provider. Only if there are changes does the engine consult the resource's provider for more information about the difference. This can be problematic for a number of reasons: - Not all providers do input-input comparison; some do input-state comparison - Not all providers are able to update the last deployed set of inputs when performing a refresh - Some providers--either intentionally or due to bugs--may see changes in resources whose inputs have not changed All of these situations are confusing at the very least, and the first is problematic with respect to correctness. Furthermore, the display code only renders diffs it observes rather than rendering the diffs observed by the provider, which can obscure the actual changes detected at runtime. These changes address both of these issues: - Rather than comparing the current inputs against the last inputs before calling a resource provider's Diff function, the engine calls the Diff function in all cases. - Providers may now return a list of properties that differ between the requested and actual state and the way in which they differ. This information will then be used by the CLI to render the diff appropriately. A provider may also indicate that a particular diff is between old and new inputs rather than old state and new inputs. Fixes #2453.
2019-07-01 21:34:19 +02:00
Changes DiffChanges // true if this diff represents a changed resource.
ReplaceKeys []resource.PropertyKey // an optional list of replacement keys.
StableKeys []resource.PropertyKey // an optional list of property keys that are stable.
ChangedKeys []resource.PropertyKey // an optional list of keys that changed.
DetailedDiff map[string]PropertyDiff // an optional structured diff
DeleteBeforeReplace bool // if true, this resource must be deleted before recreating it.
Explicitly track default properties This changes the RPC interfaces between Lumi and provider ever so slightly, so that we can track default properties explicitly. This is required to perform accurate diffing between inputs provided by the developer, inputs provided by the system, and outputs. This is particularly important for default values that may be indeterminite, such as those we use in the bridge to auto-generate unique IDs. Otherwise, we fail to reapply defaults correctly, and trick the provider into thinking that properties changed when they did not. This is a small step towards pulumi/lumi#306, in which we will defer even more responsibility for diffing semantics to the providers.
2017-08-01 03:26:15 +02:00
}
// Replace returns true if this diff represents a replacement.
func (r DiffResult) Replace() bool {
Defer all diffs to resource providers. (#2849) Thse changes make a subtle but critical adjustment to the process the Pulumi engine uses to determine whether or not a difference exists between a resource's actual and desired states, and adjusts the way this difference is calculated and displayed accordingly. Today, the Pulumi engine get the first chance to decide whether or not there is a difference between a resource's actual and desired states. It does this by comparing the current set of inputs for a resource (i.e. the inputs from the running Pulumi program) with the last set of inputs used to update the resource. If there is no difference between the old and new inputs, the engine decides that no change is necessary without consulting the resource's provider. Only if there are changes does the engine consult the resource's provider for more information about the difference. This can be problematic for a number of reasons: - Not all providers do input-input comparison; some do input-state comparison - Not all providers are able to update the last deployed set of inputs when performing a refresh - Some providers--either intentionally or due to bugs--may see changes in resources whose inputs have not changed All of these situations are confusing at the very least, and the first is problematic with respect to correctness. Furthermore, the display code only renders diffs it observes rather than rendering the diffs observed by the provider, which can obscure the actual changes detected at runtime. These changes address both of these issues: - Rather than comparing the current inputs against the last inputs before calling a resource provider's Diff function, the engine calls the Diff function in all cases. - Providers may now return a list of properties that differ between the requested and actual state and the way in which they differ. This information will then be used by the CLI to render the diff appropriately. A provider may also indicate that a particular diff is between old and new inputs rather than old state and new inputs. Fixes #2453.
2019-07-01 21:34:19 +02:00
for _, v := range r.DetailedDiff {
if v.Kind.IsReplace() {
return true
}
}
Explicitly track default properties This changes the RPC interfaces between Lumi and provider ever so slightly, so that we can track default properties explicitly. This is required to perform accurate diffing between inputs provided by the developer, inputs provided by the system, and outputs. This is particularly important for default values that may be indeterminite, such as those we use in the bridge to auto-generate unique IDs. Otherwise, we fail to reapply defaults correctly, and trick the provider into thinking that properties changed when they did not. This is a small step towards pulumi/lumi#306, in which we will defer even more responsibility for diffing semantics to the providers.
2017-08-01 03:26:15 +02:00
return len(r.ReplaceKeys) > 0
}
Handle unconfigured plugins in Diff. (#2238) After #2088, we began calling `Diff` on providers that are not configured due to unknown configuration values. This hit an assertion intended to detect exactly this scenario, which was previously unexpected. These changes adjust `Diff` to indicate that a Diff is unavailable and return an error message that describes why. The step generator then interprets the diff as indicating a normal update and issues the error message to the diagnostic stream. Fixes #2223.
2018-11-22 01:53:29 +01:00
// DiffUnavailableError may be returned by a provider if the provider is unable to diff a resource.
type DiffUnavailableError struct {
reason string
}
// DiffUnavailable creates a new DiffUnavailableError with the given message.
func DiffUnavailable(reason string) DiffUnavailableError {
return DiffUnavailableError{reason: reason}
}
// Error returns the error message for this DiffUnavailableError.
func (e DiffUnavailableError) Error() string {
return e.reason
}
Refresh inputs (#2531) These changes take advantage of the newly-added support for returning inputs from Read to update a resource's inputs as part of a refresh. As a consequence, the Pulumi engine will now properly detect drift between the actual state of a resource and the desired state described by the program and generate appropriate update or replace steps. As part of these changes, a resource's old inputs are now passed to the provider when performing a refresh. The provider can take advantage of this to maintain the accuracy of any additional data or metadata in the resource's inputs that may need to be updated during the refresh. This is required for the complete implementation of https://github.com/pulumi/pulumi-terraform/pull/349. Without access to the old inputs for a resource, TF-based providers would lose all information about default population during a refresh.
2019-03-11 21:50:00 +01:00
// ReadResult is the result of a call to Read.
type ReadResult struct {
Allow resource IDs to change on reresh steps (#3087) * Allow resource IDs to change on reresh steps This is a requirement for us to be able to move forward with versions of the Terraform Azurerm provider. In v1.32.1, there was a state migration that changed the ID format of the azure table storage resource We used to have a check in place for old ID being equal to new ID. This has been changed now and we allow the change of ID to happen in the RefreshStep * Update pkg/resource/deploy/step.go Co-Authored-By: Pat Gavlin <pat@pulumi.com>
2019-08-16 20:04:03 +02:00
// This is the ID for the resource. This ID will always be populated and will ensure we get the most up-to-date
// resource ID.
ID resource.ID
Refresh inputs (#2531) These changes take advantage of the newly-added support for returning inputs from Read to update a resource's inputs as part of a refresh. As a consequence, the Pulumi engine will now properly detect drift between the actual state of a resource and the desired state described by the program and generate appropriate update or replace steps. As part of these changes, a resource's old inputs are now passed to the provider when performing a refresh. The provider can take advantage of this to maintain the accuracy of any additional data or metadata in the resource's inputs that may need to be updated during the refresh. This is required for the complete implementation of https://github.com/pulumi/pulumi-terraform/pull/349. Without access to the old inputs for a resource, TF-based providers would lose all information about default population during a refresh.
2019-03-11 21:50:00 +01:00
// Inputs contains the new inputs for the resource, if any. If this field is nil, the provider does not support
// returning inputs from a call to Read and the old inputs (if any) should be preserved.
Inputs resource.PropertyMap
// Outputs contains the new outputs/state for the resource, if any. If this field is nil, the resource does not
// exist.
Outputs resource.PropertyMap
}
Reference in a new issue Copy permalink