Add tokens.StackName (#14487)
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
This adds a new type `tokens.StackName` which is a relatively strongly
typed container for a stack name. The only weakly typed aspect of it is
Go will always allow the "zero" value to be created for a struct, which
for a stack name is the empty string which is invalid. To prevent
introducing unexpected empty strings when working with stack names the
`String()` method will panic for zero initialized stack names.
Apart from the zero value, all other instances of `StackName` are via
`ParseStackName` which returns a descriptive error if the string is not
valid.
This PR only updates "pkg/" to use this type. There are a number of
places in "sdk/" which could do with this type as well, but there's no
harm in doing a staggered roll out, and some parts of "sdk/" are user
facing and will probably have to stay on the current `tokens.Name` and
`tokens.QName` types.
There are two places in the system where we panic on invalid stack
names, both in the http backend. This _should_ be fine as we've had long
standing validation that stacks created in the service are valid stack
names.
Just in case people have managed to introduce invalid stack names, there
is the `PULUMI_DISABLE_VALIDATION` environment variable which will turn
off the validation _and_ panicing for stack names. Users can use that to
temporarily disable the validation and continue working, but it should
only be seen as a temporary measure. If they have invalid names they
should rename them, or if they think they should be valid raise an issue
with us to change the validation code.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
2023-11-15 07:44:54 +00:00
|
|
|
// Copyright 2016-2023, Pulumi Corporation.
|
2022-12-14 12:21:30 +00:00
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
// A small library for creating consistent and documented environmental variable accesses.
|
|
|
|
//
|
|
|
|
// Public environmental variables should be declared as a module level variable.
|
|
|
|
|
|
|
|
package env
|
|
|
|
|
|
|
|
import "github.com/pulumi/pulumi/sdk/v3/go/common/util/env"
|
|
|
|
|
|
|
|
// Re-export some types and functions from the env library.
|
|
|
|
|
|
|
|
type Env = env.Env
|
2022-12-14 14:18:13 +00:00
|
|
|
|
2022-12-14 12:21:30 +00:00
|
|
|
type MapStore = env.MapStore
|
|
|
|
|
|
|
|
func NewEnv(s env.Store) env.Env { return env.NewEnv(s) }
|
|
|
|
|
2022-12-14 14:18:13 +00:00
|
|
|
// Global is the environment defined by environmental variables.
|
2022-12-14 12:21:30 +00:00
|
|
|
func Global() env.Env {
|
|
|
|
return env.NewEnv(env.Global)
|
|
|
|
}
|
|
|
|
|
|
|
|
// That Pulumi is running in experimental mode.
|
|
|
|
//
|
|
|
|
// This is our standard gate for an existing feature that's not quite ready to be stable
|
|
|
|
// and publicly consumed.
|
2023-05-03 23:52:31 +00:00
|
|
|
var Experimental = env.Bool("EXPERIMENTAL", "Enable experimental options and commands.")
|
2022-12-14 12:21:30 +00:00
|
|
|
|
2023-05-03 23:52:31 +00:00
|
|
|
var SkipUpdateCheck = env.Bool("SKIP_UPDATE_CHECK", "Disable checking for a new version of pulumi.")
|
2022-12-14 12:21:30 +00:00
|
|
|
|
2023-05-03 23:52:31 +00:00
|
|
|
var Dev = env.Bool("DEV", "Enable features for hacking on pulumi itself.")
|
2022-12-14 14:18:13 +00:00
|
|
|
|
2024-01-30 18:31:49 +00:00
|
|
|
var SkipCheckpoints = env.Bool("SKIP_CHECKPOINTS", "Skip saving state checkpoints and only save "+
|
|
|
|
"the final deployment. See #10668.")
|
2022-12-15 14:46:39 +00:00
|
|
|
|
2023-05-03 23:52:31 +00:00
|
|
|
var DebugCommands = env.Bool("DEBUG_COMMANDS", "List commands helpful for debugging pulumi itself.")
|
2022-12-15 14:46:39 +00:00
|
|
|
|
|
|
|
var EnableLegacyDiff = env.Bool("ENABLE_LEGACY_DIFF", "")
|
|
|
|
|
Change `pulumi refresh` to report diff relative to desired state instead of relative to only output changes (#16146)
Presently, the behaviour of diffing during refresh steps is incomplete,
returning only an "output diff" that presents the changes in outputs.
This commit changes refresh steps so that:
* they compute a diff similar to the one that would be computed if a
`preview` were run immediately after the refresh, which is more
typically what users expect and want; and
* `IgnoreChanges` resource options are respected when performing the new
desired-state diffs, so that property additions or changes reported by a
refresh can be ignored.
In particular, `IgnoreChanges` can now be used to acknowledge that part
or all of a resource may change in the provider, but the user is OK with
this and doesn't want to be notified about it during a refresh.
Importantly, this means that the diff won't be reported, but also that
the changes won't be applied to state.
The implementation covers the following:
* A diff is computed using the inputs from the program and then
inverting the result, since in the case of a refresh the diff is being
driven by the provider side and not the program. This doesn't change
what is stored back into the state, but it does produce a diff that is
more aligned with the "true changes to the desired state".
* `IgnoreChanges` resource options are now stored in state, so that this
information can be used in refresh operations that do not have access
to/run the program.
* In the context of a refresh operation, `IgnoreChanges` applies to
*both* input and output properties. This differs from the behaviour of a
normal update operation, where `IgnoreChanges` only considers input
properties.
* The special `"*"` value for `IgnoreChanges` can be used to ignore all
properties. It _also_ ignores the case where the resource cannot be
found in the provider, and instead keeps the resource intact in state
with its existing input and output properties.
Because the program is not run for refresh operations, `IgnoreChanges`
options must be applied separately before a refresh takes place. This
can be accomplished using e.g. a `pulumi up` that applies the options
prior to a refresh. We should investigate perhaps providing a `pulumi
state set ...`-like CLI to make these sorts of changes directly to a
state.
For use cases relying on the legacy refresh diff provider, the
`PULUMI_USE_LEGACY_REFRESH_DIFF` environment variable can be set, which
will disable desired-state diff computation. We only need to perform
checks in `RefreshStep.{ResultOp,Apply}`, since downstream code will
work correctly based on the presence or absence of a `DetailedDiff` in
the step.
### Notes
- https://github.com/pulumi/pulumi/issues/16144 affects some of these
cases - though its technically orthogonal
- https://github.com/pulumi/pulumi/issues/11279 is another technically
orthogonal issue that many providers (at least TFBridge ones) - do not
report back changes to input properties on Read when the input property
(or property path) was missing on the inputs. This is again technically
orthogonal - but leads to cases that appear "wrong" in terms of what is
stored back into the state still - though the same as before this
change.
- Azure Native doesn't seem to handle `ignoreChanges` passed to Diff, so
the ability to ignore changes on refresh doesn't currently work for
Azure Native.
### Fixes
* Fixes #16072
* Fixes #16278
* Fixes #16334
* Not quite #12346, but likely replaces the need for that
Co-authored-by: Will Jones <will@sacharissa.co.uk>
2024-06-12 16:17:05 +00:00
|
|
|
var EnableLegacyRefreshDiff = env.Bool("ENABLE_LEGACY_REFRESH_DIFF",
|
|
|
|
"Use legacy refresh diff behaviour, in which only output changes are "+
|
|
|
|
"reported and changes against the desired state are not calculated.")
|
|
|
|
|
2022-12-15 14:46:39 +00:00
|
|
|
var DisableProviderPreview = env.Bool("DISABLE_PROVIDER_PREVIEW", "")
|
|
|
|
|
|
|
|
var DisableResourceReferences = env.Bool("DISABLE_RESOURCE_REFERENCES", "")
|
|
|
|
|
|
|
|
var DisableOutputValues = env.Bool("DISABLE_OUTPUT_VALUES", "")
|
|
|
|
|
2023-12-20 11:43:07 +00:00
|
|
|
var ErrorOutputString = env.Bool("ERROR_OUTPUT_STRING", "Throw an error instead "+
|
|
|
|
"of returning a string on attempting to convert an Output to a string")
|
|
|
|
|
2022-12-14 14:18:13 +00:00
|
|
|
var IgnoreAmbientPlugins = env.Bool("IGNORE_AMBIENT_PLUGINS",
|
2023-05-03 23:52:31 +00:00
|
|
|
"Discover additional plugins by examining $PATH.")
|
2022-12-15 14:46:39 +00:00
|
|
|
|
2023-10-03 15:35:23 +00:00
|
|
|
var DisableAutomaticPluginAcquisition = env.Bool("DISABLE_AUTOMATIC_PLUGIN_ACQUISITION",
|
|
|
|
"Disables the automatic installation of missing plugins.")
|
|
|
|
|
2022-12-15 14:46:39 +00:00
|
|
|
var SkipConfirmations = env.Bool("SKIP_CONFIRMATIONS",
|
|
|
|
`Whether or not confirmation prompts should be skipped. This should be used by pass any requirement
|
|
|
|
that a --yes parameter has been set for non-interactive scenarios.
|
|
|
|
|
|
|
|
This should NOT be used to bypass protections for destructive operations, such as those that will
|
|
|
|
fail without a --force parameter.`)
|
|
|
|
|
|
|
|
var DebugGRPC = env.String("DEBUG_GRPC", `Enables debug tracing of Pulumi gRPC internals.
|
|
|
|
The variable should be set to the log file to which gRPC debug traces will be sent.`)
|
2023-03-23 18:49:54 +00:00
|
|
|
|
2023-05-03 23:52:31 +00:00
|
|
|
var GitSSHPassphrase = env.String("GITSSH_PASSPHRASE",
|
|
|
|
"The passphrase to use with Git operations that use SSH.", env.Secret)
|
|
|
|
|
[sdk/python] Adds a default exception when dependency cycles are created (#14597)
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
Currently, when we detect that we've created a cycle in the dependency
graph, we early-exit. This works well enough for simple cycles, but when
early exiting is not sufficient (as when providing a resource output as
an argument to another resource's inputs), we will still fail to resolve
the full dependency graph. This PR introduces an exception-by-default,
as any cycles represent an unsafe/invalid dependency graph and should be
resolved manually. We also provide an escape hatch to fall back to
current behavior, in case users would prefer to retain the ability to
create unsafe dependency graphs (potentially introducing infinite hangs
when resolving those graphs).
Fixes https://github.com/pulumi/pulumi/issues/13551
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [x] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
2023-11-21 16:26:02 +00:00
|
|
|
var ErrorOnDependencyCycles = env.Bool("ERROR_ON_DEPENDENCY_CYCLES",
|
|
|
|
"Whether or not to error when dependency cycles are detected.")
|
|
|
|
|
2024-01-26 16:01:17 +00:00
|
|
|
var SkipVersionCheck = env.Bool("AUTOMATION_API_SKIP_VERSION_CHECK",
|
|
|
|
"If set skip validating the version number reported by the CLI.")
|
|
|
|
|
2024-06-25 08:28:37 +00:00
|
|
|
var ContinueOnError = env.Bool("CONTINUE_ON_ERROR",
|
|
|
|
"Continue to perform the update/destroy operation despite the occurrence of errors.")
|
|
|
|
|
2024-01-30 09:00:15 +00:00
|
|
|
// Environment variables that affect the DIY backend.
|
2023-03-23 18:49:54 +00:00
|
|
|
var (
|
2024-01-30 15:53:10 +00:00
|
|
|
DIYBackendNoLegacyWarning = env.Bool("DIY_BACKEND_NO_LEGACY_WARNING",
|
2024-01-30 09:00:15 +00:00
|
|
|
"Disables the warning about legacy stack files mixed with project-scoped stack files.",
|
|
|
|
env.Alternative("SELF_MANAGED_STATE_NO_LEGACY_WARNING"))
|
2023-02-10 12:24:28 +00:00
|
|
|
|
2024-01-30 15:53:10 +00:00
|
|
|
DIYBackendLegacyLayout = env.Bool("DIY_BACKEND_LEGACY_LAYOUT",
|
2024-01-30 09:00:15 +00:00
|
|
|
"Uses the legacy layout for new buckets, which currently default to project-scoped stacks.",
|
|
|
|
env.Alternative("SELF_MANAGED_STATE_LEGACY_LAYOUT"))
|
2023-09-25 14:07:46 +00:00
|
|
|
|
2024-01-30 15:53:10 +00:00
|
|
|
DIYBackendGzip = env.Bool("DIY_BACKEND_GZIP",
|
2024-01-30 09:00:15 +00:00
|
|
|
"Enables gzip compression when writing state files.",
|
|
|
|
env.Alternative("SELF_MANAGED_STATE_GZIP"))
|
2023-09-25 14:07:46 +00:00
|
|
|
|
2024-01-30 15:53:10 +00:00
|
|
|
DIYBackendRetainCheckpoints = env.Bool("DIY_BACKEND_RETAIN_CHECKPOINTS",
|
2024-01-30 09:00:15 +00:00
|
|
|
"If set every checkpoint will be duplicated to a timestamped file.",
|
|
|
|
env.Alternative("RETAIN_CHECKPOINTS"))
|
2023-09-25 14:07:46 +00:00
|
|
|
|
2024-01-30 15:53:10 +00:00
|
|
|
DIYBackendDisableCheckpointBackups = env.Bool("DIY_BACKEND_DISABLE_CHECKPOINT_BACKUPS",
|
2024-01-30 09:00:15 +00:00
|
|
|
"If set checkpoint backups will not be written the to the backup folder.",
|
|
|
|
env.Alternative("DISABLE_CHECKPOINT_BACKUPS"))
|
2023-03-23 18:49:54 +00:00
|
|
|
)
|
2023-09-05 23:18:03 +00:00
|
|
|
|
|
|
|
// Environment variables which affect Pulumi AI integrations
|
|
|
|
var (
|
|
|
|
AIServiceEndpoint = env.String("AI_SERVICE_ENDPOINT", "Endpoint for Pulumi AI service")
|
|
|
|
)
|
Add tokens.StackName (#14487)
<!---
Thanks so much for your contribution! If this is your first time
contributing, please ensure that you have read the
[CONTRIBUTING](https://github.com/pulumi/pulumi/blob/master/CONTRIBUTING.md)
documentation.
-->
# Description
<!--- Please include a summary of the change and which issue is fixed.
Please also include relevant motivation and context. -->
This adds a new type `tokens.StackName` which is a relatively strongly
typed container for a stack name. The only weakly typed aspect of it is
Go will always allow the "zero" value to be created for a struct, which
for a stack name is the empty string which is invalid. To prevent
introducing unexpected empty strings when working with stack names the
`String()` method will panic for zero initialized stack names.
Apart from the zero value, all other instances of `StackName` are via
`ParseStackName` which returns a descriptive error if the string is not
valid.
This PR only updates "pkg/" to use this type. There are a number of
places in "sdk/" which could do with this type as well, but there's no
harm in doing a staggered roll out, and some parts of "sdk/" are user
facing and will probably have to stay on the current `tokens.Name` and
`tokens.QName` types.
There are two places in the system where we panic on invalid stack
names, both in the http backend. This _should_ be fine as we've had long
standing validation that stacks created in the service are valid stack
names.
Just in case people have managed to introduce invalid stack names, there
is the `PULUMI_DISABLE_VALIDATION` environment variable which will turn
off the validation _and_ panicing for stack names. Users can use that to
temporarily disable the validation and continue working, but it should
only be seen as a temporary measure. If they have invalid names they
should rename them, or if they think they should be valid raise an issue
with us to change the validation code.
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [ ] I have formatted my code using `gofumpt`
<!--- Please provide details if the checkbox below is to be left
unchecked. -->
- [x] I have added tests that prove my fix is effective or that my
feature works
<!---
User-facing changes require a CHANGELOG entry.
-->
- [ ] I have run `make changelog` and committed the
`changelog/pending/<file>` documenting my change
<!--
If the change(s) in this PR is a modification of an existing call to the
Pulumi Cloud,
then the service should honor older versions of the CLI where this
change would not exist.
You must then bump the API version in
/pkg/backend/httpstate/client/api.go, as well as add
it to the service.
-->
- [ ] Yes, there are changes in this PR that warrants bumping the Pulumi
Cloud API version
<!-- @Pulumi employees: If yes, you must submit corresponding changes in
the service repo. -->
2023-11-15 07:44:54 +00:00
|
|
|
|
|
|
|
var DisableValidation = env.Bool(
|
|
|
|
"DISABLE_VALIDATION",
|
|
|
|
`Disables format validation of system inputs.
|
|
|
|
|
|
|
|
Currently this disables validation of the following formats:
|
|
|
|
- Stack names
|
|
|
|
|
|
|
|
This should only be used in cases where current data does not conform to the format and either cannot be migrated
|
|
|
|
without using the system itself, or show that the validation is too strict. Over time entries in the list above will be
|
|
|
|
removed and enforced to be validated.`)
|