maxmustermann/pulumi
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
pulumi/pkg/resource/deploy/snapshot.go

119 lines
4.6 KiB
Go
Raw Normal View History

Add license headers
2018-05-22 21:43:36 +02:00
// Copyright 2016-2018, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
Make more progress on the new deployment model This change restructures a lot more pertaining to deployments, snapshots, environments, and the like. The most notable change is that the notion of a deploy.Source is introduced, which splits the responsibility between the deploy.Plan -- which simply understands how to compute and carry out deployment plans -- and the idea of something that can produce new objects on-demand during deployment. The primary such implementation is evalSource, which encapsulates an interpreter and takes a package, args, and config map, and proceeds to run the interpreter in a distinct goroutine. It synchronizes as needed to poke and prod the interpreter along its path to create new resource objects. There are two other sources, however. First, a nullSource, which simply refuses to create new objects. This can be handy when writing isolated tests but is also used to simulate the "empty" environment as necessary to do a complete teardown of the target environment. Second, a fixedSource, which takes a pre-computed array of objects, and hands those, in order, to the planning engine; this is mostly useful as a testing technique. Boatloads of code is now changed and updated in the various CLI commands. This further chugs along towards pulumi/lumi#90. The end is in sight.
2017-06-10 20:50:47 +02:00
package deploy
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
import (
Add a manifest to checkpoint files (#630) This change adds a new manifest section to the checkpoint files. The existing time moves into it, and we add to it the version of the Pulumi CLI that created it, along with the names, types, and versions of all plugins used to generate the file. There is a magic cookie that we also use during verification. This is to help keep us sane when debugging problems "in the wild," and I'm sure we will add more to it over time (checksum, etc). For example, after an up, you can now see this in `pulumi stack`: ``` Current stack is demo: Last updated at 2017-12-01 13:48:49.815740523 -0800 PST Pulumi version v0.8.3-79-g1ab99ad Plugin pulumi-provider-aws [resource] version v0.8.3-22-g4363e77 Plugin pulumi-langhost-nodejs [language] version v0.8.3-79-g77bb6b6 Checkpoint file is /Users/joeduffy/dev/code/src/github.com/pulumi/pulumi-aws/.pulumi/stacks/webserver/demo.json ``` This addresses pulumi/pulumi#628.
2017-12-01 22:50:32 +01:00
"crypto/sha256"
"fmt"
Don't examine the Checkpoint in the CLI The checkpoint is an implementation detail of the storage of an environment. Instead of interacting with it, make sure that all the data we need from it either hangs off the Snapshot or Target objects (which you can get from a Checkpoint) and then start consuming that data.
2017-10-10 03:02:27 +02:00
"time"
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
"github.com/pkg/errors"
Rename pulumi-fabric to pulumi This includes a few changes: * The repo name -- and hence the Go modules -- changes from pulumi-fabric to pulumi. * The Node.js SDK package changes from @pulumi/pulumi-fabric to just pulumi. * The CLI is renamed from lumi to pulumi.
2017-09-22 04:18:21 +02:00
"github.com/pulumi/pulumi/pkg/resource"
Consult the program for its list of plugins This change adds a GetRequiredPlugins RPC method to the language host, enabling us to query it for its list of plugin requirements. This is language-specific because it requires looking at the set of dependencies (e.g., package.json files). It also adds a call up front during any update/preview operation to compute the set of plugins and require that they are present. These plugins are populated in the cache and will be used for all subsequent plugin-related operations during the engine's activity. We now cache the language plugins, so that we may load them eagerly too, which we never did previously due to the fact that we needed to pass the monitor address at load time. This was a bit bizarre anyhow, since it's really the Run RPC function that needs this information. So, to enable caching and eager loading -- which we need in order to invoke GetRequiredPlugins -- the "phone home" monitor RPC address is passed at Run time. In a subsequent change, we will switch to faulting in the plugins that are missing -- rather than erroring -- in addition to supporting the `pulumi plugin install` CLI command.
2018-02-06 18:57:32 +01:00
"github.com/pulumi/pulumi/pkg/workspace"
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
)
Use `Stack` over `Environment` to describe a deployment target Previously we used the word "Environment" as the term for a deployment target, but since then we've started to use the term Stack. Adopt this across the CLI. From a user's point of view, there are a few changes: 1. The `env` verb has been renamed to `stack` 2. The `-e` and `--env` options to commands which operate on an environment now take `-s` or `--stack` instead. 3. Becase of (2), the commands that used `-s` to display a summary now only support passing the full option name (`--summary`). On the local file system, we still store checkpoint data in the `env` sub-folder under `.pulumi` (so we can reuse existing checkpoint files that were written to the old folder)
2017-10-16 21:04:35 +02:00
// Snapshot is a view of a collection of resources in an stack at a point in time. It describes resources; their
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
// IDs, names, and properties; their dependencies; and more. A snapshot is a diffable entity and can be used to create
// or apply an infrastructure deployment plan in order to make reality match the snapshot state.
Rewrite plans and deployments This change guts the deployment planning and execution process, a necessary component of pulumi/lumi#90. The major effect of this change is that resources are actually connected to the live objects, instead of being snapshots taken at inopportune moments in time.
2017-06-10 03:34:37 +02:00
type Snapshot struct {
Add a manifest to checkpoint files (#630) This change adds a new manifest section to the checkpoint files. The existing time moves into it, and we add to it the version of the Pulumi CLI that created it, along with the names, types, and versions of all plugins used to generate the file. There is a magic cookie that we also use during verification. This is to help keep us sane when debugging problems "in the wild," and I'm sure we will add more to it over time (checksum, etc). For example, after an up, you can now see this in `pulumi stack`: ``` Current stack is demo: Last updated at 2017-12-01 13:48:49.815740523 -0800 PST Pulumi version v0.8.3-79-g1ab99ad Plugin pulumi-provider-aws [resource] version v0.8.3-22-g4363e77 Plugin pulumi-langhost-nodejs [language] version v0.8.3-79-g77bb6b6 Checkpoint file is /Users/joeduffy/dev/code/src/github.com/pulumi/pulumi-aws/.pulumi/stacks/webserver/demo.json ``` This addresses pulumi/pulumi#628.
2017-12-01 22:50:32 +01:00
Manifest Manifest // a deployment manifest of versions, checksums, and so on.
Rewrite plans and deployments This change guts the deployment planning and execution process, a necessary component of pulumi/lumi#90. The major effect of this change is that resources are actually connected to the live objects, instead of being snapshots taken at inopportune moments in time.
2017-06-10 03:34:37 +02:00
Resources []*resource.State // fetches all resources and their associated states.
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
}
Add a manifest to checkpoint files (#630) This change adds a new manifest section to the checkpoint files. The existing time moves into it, and we add to it the version of the Pulumi CLI that created it, along with the names, types, and versions of all plugins used to generate the file. There is a magic cookie that we also use during verification. This is to help keep us sane when debugging problems "in the wild," and I'm sure we will add more to it over time (checksum, etc). For example, after an up, you can now see this in `pulumi stack`: ``` Current stack is demo: Last updated at 2017-12-01 13:48:49.815740523 -0800 PST Pulumi version v0.8.3-79-g1ab99ad Plugin pulumi-provider-aws [resource] version v0.8.3-22-g4363e77 Plugin pulumi-langhost-nodejs [language] version v0.8.3-79-g77bb6b6 Checkpoint file is /Users/joeduffy/dev/code/src/github.com/pulumi/pulumi-aws/.pulumi/stacks/webserver/demo.json ``` This addresses pulumi/pulumi#628.
2017-12-01 22:50:32 +01:00
// Manifest captures versions for all binaries used to construct this snapshot.
type Manifest struct {
Consult the program for its list of plugins This change adds a GetRequiredPlugins RPC method to the language host, enabling us to query it for its list of plugin requirements. This is language-specific because it requires looking at the set of dependencies (e.g., package.json files). It also adds a call up front during any update/preview operation to compute the set of plugins and require that they are present. These plugins are populated in the cache and will be used for all subsequent plugin-related operations during the engine's activity. We now cache the language plugins, so that we may load them eagerly too, which we never did previously due to the fact that we needed to pass the monitor address at load time. This was a bit bizarre anyhow, since it's really the Run RPC function that needs this information. So, to enable caching and eager loading -- which we need in order to invoke GetRequiredPlugins -- the "phone home" monitor RPC address is passed at Run time. In a subsequent change, we will switch to faulting in the plugins that are missing -- rather than erroring -- in addition to supporting the `pulumi plugin install` CLI command.
2018-02-06 18:57:32 +01:00
Time time.Time // the time this snapshot was taken.
Magic string // a magic cookie.
Version string // the pulumi command version.
Plugins []workspace.PluginInfo // the plugin versions also loaded.
Add a manifest to checkpoint files (#630) This change adds a new manifest section to the checkpoint files. The existing time moves into it, and we add to it the version of the Pulumi CLI that created it, along with the names, types, and versions of all plugins used to generate the file. There is a magic cookie that we also use during verification. This is to help keep us sane when debugging problems "in the wild," and I'm sure we will add more to it over time (checksum, etc). For example, after an up, you can now see this in `pulumi stack`: ``` Current stack is demo: Last updated at 2017-12-01 13:48:49.815740523 -0800 PST Pulumi version v0.8.3-79-g1ab99ad Plugin pulumi-provider-aws [resource] version v0.8.3-22-g4363e77 Plugin pulumi-langhost-nodejs [language] version v0.8.3-79-g77bb6b6 Checkpoint file is /Users/joeduffy/dev/code/src/github.com/pulumi/pulumi-aws/.pulumi/stacks/webserver/demo.json ``` This addresses pulumi/pulumi#628.
2017-12-01 22:50:32 +01:00
}
// NewMagic creates a magic cookie out of a manifest; this can be used to check for tampering. This ignores
// any existing magic value already stored on the manifest.
func (m Manifest) NewMagic() string {
if m.Version == "" {
return ""
}
return fmt.Sprintf("%x", sha256.Sum256([]byte(m.Version)))
}
Checkpoint deployments This change checkpoints deployments properly. That is, even in the face of partial failure, we should keep the huskfile up to date. This accomplishes that by tracking the state during plan application. There are still ways in which this can go wrong, however. Please see pulumi/coconut#101 for additional thoughts on what we might do here in the future to make checkpointing more robust in the face of failure.
2017-02-27 19:26:44 +01:00
// NewSnapshot creates a snapshot from the given arguments. The resources must be in topologically sorted order.
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
// This property is not checked; for verification, please refer to the VerifyIntegrity function below.
Remove unused stack name from deploy.Snapshot (#1386)
2018-05-18 20:15:35 +02:00
func NewSnapshot(manifest Manifest, resources []*resource.State) *Snapshot {
Rewrite plans and deployments This change guts the deployment planning and execution process, a necessary component of pulumi/lumi#90. The major effect of this change is that resources are actually connected to the live objects, instead of being snapshots taken at inopportune moments in time.
2017-06-10 03:34:37 +02:00
return &Snapshot{
Add a manifest to checkpoint files (#630) This change adds a new manifest section to the checkpoint files. The existing time moves into it, and we add to it the version of the Pulumi CLI that created it, along with the names, types, and versions of all plugins used to generate the file. There is a magic cookie that we also use during verification. This is to help keep us sane when debugging problems "in the wild," and I'm sure we will add more to it over time (checksum, etc). For example, after an up, you can now see this in `pulumi stack`: ``` Current stack is demo: Last updated at 2017-12-01 13:48:49.815740523 -0800 PST Pulumi version v0.8.3-79-g1ab99ad Plugin pulumi-provider-aws [resource] version v0.8.3-22-g4363e77 Plugin pulumi-langhost-nodejs [language] version v0.8.3-79-g77bb6b6 Checkpoint file is /Users/joeduffy/dev/code/src/github.com/pulumi/pulumi-aws/.pulumi/stacks/webserver/demo.json ``` This addresses pulumi/pulumi#628.
2017-12-01 22:50:32 +01:00
Manifest: manifest,
Rewrite plans and deployments This change guts the deployment planning and execution process, a necessary component of pulumi/lumi#90. The major effect of this change is that resources are actually connected to the live objects, instead of being snapshots taken at inopportune moments in time.
2017-06-10 03:34:37 +02:00
Resources: resources,
Begin resource modeling and planning This change introduces a new package, pkg/resource, that will form the foundation for actually performing deployment plans and applications. It contains the following key abstractions: * resource.Provider is a wrapper around the CRUD operations exposed by underlying resource plugins. It will eventually defer to resource.Plugin, which itself defers -- over an RPC interface -- to the actual plugin, one per package exposing resources. The provider will also understand how to load, cache, and overall manage the lifetime of each plugin. * resource.Resource is the actual resource object. This is created from the overall evaluation object graph, but is simplified. It contains only serializable properties, for example. Inter-resource references are translated into serializable monikers as part of creating the resource. * resource.Moniker is a serializable string that uniquely identifies a resource in the Mu system. This is in contrast to resource IDs, which are generated by resource providers and generally opaque to the Mu system. See marapongo/mu#69 for more information about monikers and some of their challenges (namely, designing a stable algorithm). * resource.Snapshot is a "snapshot" taken from a graph of resources. This is a transitive closure of state representing one possible configuration of a given environment. This is what plans are created from. Eventually, two snapshots will be diffable, in order to perform incremental updates. One way of thinking about this is that a snapshot of the old world's state is advanced, one step at a time, until it reaches a desired snapshot of the new world's state. * resource.Plan is a plan for carrying out desired CRUD operations on a target environment. Each plan consists of zero-to-many Steps, each of which has a CRUD operation type, a resource target, and a next step. This is an enumerator because it is possible the plan will evolve -- and introduce new steps -- as it is carried out (hence, the Next() method). At the moment, this is linearized; eventually, we want to make this more "graph-like" so that we can exploit available parallelism within the dependencies. There are tons of TODOs remaining. However, the `mu plan` command is functioning with these new changes -- including colorization FTW -- so I'm landing it now. This is part of marapongo/mu#38 and marapongo/mu#41.
2017-02-17 21:31:48 +01:00
}
}
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
// VerifyIntegrity checks a snapshot to ensure it is well-formed. Because of the cost of this operation,
// integrity verification is only performed on demand, and not automatically during snapshot construction.
Delete Before Create (#1365) * Delete Before Create This commit implements the full semantics of delete before create. If a resource is replaced and requires deletion before creation, the engine will use the dependency graph saved in the snapshot to delete all resources that depend on the resource being replaced prior to the deletion of the resource to be replaced. * Rebase against master * CR: Simplify the control flow in makeRegisterResourceSteps * Run Check on new inputs when re-creating a resource * Fix an issue where the planner emitted benign but incorrect deletes of DBR-deleted resources * CR: produce the list of dependent resources in dependency order and iterate over the list in reverse * CR: deps->dependents, fix an issue with DependingOn where duplicate nodes could be added to the dependent set * CR: Fix an issue where we were considering old defaults and new inputs inappropriately when re-creating a deleted resource * CR: save 'iter.deletes[urn]' as a local, iterate starting at cursorIndex + 1 for dependency graph
2018-05-23 23:43:17 +02:00
//
// This function enforces a couple of invariants:
// 1. Parents should always come before children in the resource list
// 2. Dependents should always come before their dependencies in the resource list
// 3. For every URN in the snapshot, there must be at most one resource with that URN that is not pending deletion
// 4. The magic manifest number should change every time the snapshot is mutated
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
func (snap *Snapshot) VerifyIntegrity() error {
Revert "Lift snapshot management out of the engine and serialize writes to snapshot (#1069)" (#1216) This reverts commit 2c479c172da66ebcc1be8efe12c36e9516ced382.
2018-04-17 08:04:56 +02:00
if snap != nil {
// Ensure the magic cookie checks out.
if snap.Manifest.Magic != snap.Manifest.NewMagic() {
return errors.Errorf("magic cookie mismatch; possible tampering/corruption detected")
Lift snapshot management out of the engine and serialize writes to snapshot (#1069) * Lift snapshot management out of the engine This PR is a prerequisite for parallelism by addressing a major problem that the engine has to deal with when performing parallel resource construction: parallel mutation of the global snapshot. This PR adds a `SnapshotManager` type that is responsible for maintaining and persisting the current resource snapshot. It serializes all reads and writes to the global snapshot and persists the snapshot to persistent storage upon every write. As a side-effect of this, the core engine no longer needs to know about snapshot management at all; all snapshot operations can be handled as callbacks on deployment events. This will greatly simplify the parallelization of the core engine. Worth noting is that the core engine will still need to be able to read the current snapshot, since it is interested in the dependency graphs contained within. The full implications of that are out of scope of this PR. Remove dead code, Steps no longer need a reference to the plan iterator that created them Fixing various issues that arise when bringing up pulumi-aws Line length broke the build Code review: remove dead field, fix yaml name error Rebase against master, provide implementation of StackPersister for cloud backend Code review feedback: comments on MutationStatus, style in snapshot.go Code review feedback: move SnapshotManager to pkg/backend, change engine to use an interface SnapshotManager Code review feedback: use a channel for synchronization Add a comment and a new test * Maintain two checkpoints, an immutable base and a mutable delta, and periodically merge the two to produce snapshots * Add a lot of tests - covers all of the non-error paths of BeginMutation and End * Fix a test resource provider * Add a few tests, fix a few issues * Rebase against master, fixed merge
2018-04-12 18:55:34 +02:00
}
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
Revert "Lift snapshot management out of the engine and serialize writes to snapshot (#1069)" (#1216) This reverts commit 2c479c172da66ebcc1be8efe12c36e9516ced382.
2018-04-17 08:04:56 +02:00
// Now check the resources. For now, we just verify that parents come before children, and that there aren't
Delete Before Create (#1365) * Delete Before Create This commit implements the full semantics of delete before create. If a resource is replaced and requires deletion before creation, the engine will use the dependency graph saved in the snapshot to delete all resources that depend on the resource being replaced prior to the deletion of the resource to be replaced. * Rebase against master * CR: Simplify the control flow in makeRegisterResourceSteps * Run Check on new inputs when re-creating a resource * Fix an issue where the planner emitted benign but incorrect deletes of DBR-deleted resources * CR: produce the list of dependent resources in dependency order and iterate over the list in reverse * CR: deps->dependents, fix an issue with DependingOn where duplicate nodes could be added to the dependent set * CR: Fix an issue where we were considering old defaults and new inputs inappropriately when re-creating a deleted resource * CR: save 'iter.deletes[urn]' as a local, iterate starting at cursorIndex + 1 for dependency graph
2018-05-23 23:43:17 +02:00
// any duplicate URNs.
Revert "Lift snapshot management out of the engine and serialize writes to snapshot (#1069)" (#1216) This reverts commit 2c479c172da66ebcc1be8efe12c36e9516ced382.
2018-04-17 08:04:56 +02:00
urns := make(map[resource.URN]*resource.State)
for i, state := range snap.Resources {
urn := state.URN
if par := state.Parent; par != "" {
if _, has := urns[par]; !has {
// The parent isn't there; to give a good error message, see whether it's missing entirely, or
// whether it comes later in the snapshot (neither of which should ever happen).
for _, other := range snap.Resources[i+1:] {
if other.URN == par {
return errors.Errorf("child resource %s's parent %s comes after it", urn, par)
}
Lift snapshot management out of the engine and serialize writes to snapshot (#1069) * Lift snapshot management out of the engine This PR is a prerequisite for parallelism by addressing a major problem that the engine has to deal with when performing parallel resource construction: parallel mutation of the global snapshot. This PR adds a `SnapshotManager` type that is responsible for maintaining and persisting the current resource snapshot. It serializes all reads and writes to the global snapshot and persists the snapshot to persistent storage upon every write. As a side-effect of this, the core engine no longer needs to know about snapshot management at all; all snapshot operations can be handled as callbacks on deployment events. This will greatly simplify the parallelization of the core engine. Worth noting is that the core engine will still need to be able to read the current snapshot, since it is interested in the dependency graphs contained within. The full implications of that are out of scope of this PR. Remove dead code, Steps no longer need a reference to the plan iterator that created them Fixing various issues that arise when bringing up pulumi-aws Line length broke the build Code review: remove dead field, fix yaml name error Rebase against master, provide implementation of StackPersister for cloud backend Code review feedback: comments on MutationStatus, style in snapshot.go Code review feedback: move SnapshotManager to pkg/backend, change engine to use an interface SnapshotManager Code review feedback: use a channel for synchronization Add a comment and a new test * Maintain two checkpoints, an immutable base and a mutable delta, and periodically merge the two to produce snapshots * Add a lot of tests - covers all of the non-error paths of BeginMutation and End * Fix a test resource provider * Add a few tests, fix a few issues * Rebase against master, fixed merge
2018-04-12 18:55:34 +02:00
}
Revert "Lift snapshot management out of the engine and serialize writes to snapshot (#1069)" (#1216) This reverts commit 2c479c172da66ebcc1be8efe12c36e9516ced382.
2018-04-17 08:04:56 +02:00
return errors.Errorf("child resource %s refers to missing parent %s", urn, par)
Lift snapshot management out of the engine and serialize writes to snapshot (#1069) * Lift snapshot management out of the engine This PR is a prerequisite for parallelism by addressing a major problem that the engine has to deal with when performing parallel resource construction: parallel mutation of the global snapshot. This PR adds a `SnapshotManager` type that is responsible for maintaining and persisting the current resource snapshot. It serializes all reads and writes to the global snapshot and persists the snapshot to persistent storage upon every write. As a side-effect of this, the core engine no longer needs to know about snapshot management at all; all snapshot operations can be handled as callbacks on deployment events. This will greatly simplify the parallelization of the core engine. Worth noting is that the core engine will still need to be able to read the current snapshot, since it is interested in the dependency graphs contained within. The full implications of that are out of scope of this PR. Remove dead code, Steps no longer need a reference to the plan iterator that created them Fixing various issues that arise when bringing up pulumi-aws Line length broke the build Code review: remove dead field, fix yaml name error Rebase against master, provide implementation of StackPersister for cloud backend Code review feedback: comments on MutationStatus, style in snapshot.go Code review feedback: move SnapshotManager to pkg/backend, change engine to use an interface SnapshotManager Code review feedback: use a channel for synchronization Add a comment and a new test * Maintain two checkpoints, an immutable base and a mutable delta, and periodically merge the two to produce snapshots * Add a lot of tests - covers all of the non-error paths of BeginMutation and End * Fix a test resource provider * Add a few tests, fix a few issues * Rebase against master, fixed merge
2018-04-12 18:55:34 +02:00
}
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
}
Lift snapshot management out of the engine and serialize writes to snapshot (#1069) * Lift snapshot management out of the engine This PR is a prerequisite for parallelism by addressing a major problem that the engine has to deal with when performing parallel resource construction: parallel mutation of the global snapshot. This PR adds a `SnapshotManager` type that is responsible for maintaining and persisting the current resource snapshot. It serializes all reads and writes to the global snapshot and persists the snapshot to persistent storage upon every write. As a side-effect of this, the core engine no longer needs to know about snapshot management at all; all snapshot operations can be handled as callbacks on deployment events. This will greatly simplify the parallelization of the core engine. Worth noting is that the core engine will still need to be able to read the current snapshot, since it is interested in the dependency graphs contained within. The full implications of that are out of scope of this PR. Remove dead code, Steps no longer need a reference to the plan iterator that created them Fixing various issues that arise when bringing up pulumi-aws Line length broke the build Code review: remove dead field, fix yaml name error Rebase against master, provide implementation of StackPersister for cloud backend Code review feedback: comments on MutationStatus, style in snapshot.go Code review feedback: move SnapshotManager to pkg/backend, change engine to use an interface SnapshotManager Code review feedback: use a channel for synchronization Add a comment and a new test * Maintain two checkpoints, an immutable base and a mutable delta, and periodically merge the two to produce snapshots * Add a lot of tests - covers all of the non-error paths of BeginMutation and End * Fix a test resource provider * Add a few tests, fix a few issues * Rebase against master, fixed merge
2018-04-12 18:55:34 +02:00
Delete Before Create (#1365) * Delete Before Create This commit implements the full semantics of delete before create. If a resource is replaced and requires deletion before creation, the engine will use the dependency graph saved in the snapshot to delete all resources that depend on the resource being replaced prior to the deletion of the resource to be replaced. * Rebase against master * CR: Simplify the control flow in makeRegisterResourceSteps * Run Check on new inputs when re-creating a resource * Fix an issue where the planner emitted benign but incorrect deletes of DBR-deleted resources * CR: produce the list of dependent resources in dependency order and iterate over the list in reverse * CR: deps->dependents, fix an issue with DependingOn where duplicate nodes could be added to the dependent set * CR: Fix an issue where we were considering old defaults and new inputs inappropriately when re-creating a deleted resource * CR: save 'iter.deletes[urn]' as a local, iterate starting at cursorIndex + 1 for dependency graph
2018-05-23 23:43:17 +02:00
for _, dep := range state.Dependencies {
if _, has := urns[dep]; !has {
// same as above - doing this for better error messages
for _, other := range snap.Resources[i+1:] {
if other.URN == dep {
return errors.Errorf("resource %s's dependency %s comes after it", urn, other.URN)
}
}
return errors.Errorf("resource %s dependency %s refers to missing resource", urn, dep)
}
}
Revert "Lift snapshot management out of the engine and serialize writes to snapshot (#1069)" (#1216) This reverts commit 2c479c172da66ebcc1be8efe12c36e9516ced382.
2018-04-17 08:04:56 +02:00
if _, has := urns[urn]; has && !state.Delete {
// The only time we should have duplicate URNs is when all but one of them are marked for deletion.
return errors.Errorf("duplicate resource %s (not marked for deletion)", urn)
}
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
Revert "Lift snapshot management out of the engine and serialize writes to snapshot (#1069)" (#1216) This reverts commit 2c479c172da66ebcc1be8efe12c36e9516ced382.
2018-04-17 08:04:56 +02:00
urns[urn] = state
Add automatic integrity checking (#625) This change introduces automatic integrity checking for snapshots. Hopefully this will help us track down what's going on in pulumi/pulumi#613. Eventually we probably want to make this opt-in, or disable it entirely other than for internal Pulumi debugging, but until we add more complete DAG verification, it's relatively cheap and is worthwhile to leave on for now.
2017-11-30 20:13:18 +01:00
}
}
return nil
}
Reference in a new issue Copy permalink