PSS: Allow pluggable state store configuration to be read from a plan file #37957
Conversation
SarahFrench
added
the
no-changelog-needed
SarahFrench
force-pushed
the
pss/state-store-from-plan-file
branch
from
6a44102 to
d405011
Compare
…ng it to prepare a Local backend that uses the state store
…an file to configure and use a state store
…e full init-plan-apply workflow
…quired providers, if PSS is in use. See the code comment added in this commit. This addition does not impact an apply command as the missing provider will be detected before this code is executed. However I'm making this change so that the method is still accurate is being able to return a complete list of providers needed by the plan.
…or state store config when getting a backend from a planfile
…der is launched and the state store is configured
SarahFrench
force-pushed
the
pss/state-store-from-plan-file
branch
from
df01aae to
75e2e46
Compare
internal/command/meta_backend.go
Outdated
| suggestions := slices.Sorted(maps.Keys(resp.StateStores)) | ||
| suggestion := didyoumean.NameSuggestion(settings.Type, suggestions) | ||
| if suggestion != "" { | ||
| suggestion = fmt.Sprintf(" Did you mean %q?", suggestion) | ||
| } |
There was a problem hiding this comment.
Wouldn't users hit this earlier when producing the plan? 🤔
I'm just trying to understand how realistic it is to have a typo'd state store name inside the plan file and how would users address it.
There was a problem hiding this comment.
That's true, this is an artefact of me copy code from elsewhere. I think once we've got most of the init code in place for PSS we'd be able to identify places where we can pull repeated code into reusable methods etc, but the different contexts (from backend state, from config, from plan, etc) might have different needs.
For now I'll remove this from here as I agree it's unlikely to be relevant in the context of a state store from a plan - 50145af
| address := addrs.AbsProviderConfig{ | ||
| Module: addrs.RootModule, // A state_store block is only ever in the root module | ||
| Provider: *p.StateStore.Provider.Source, | ||
| // Alias: aliases are not permitted when using a provider for PSS. |
There was a problem hiding this comment.
Nitpick: Do we actually validate this? 🤔 We can address in a separate PR if not.
There was a problem hiding this comment.
There is some validation here:
terraform/internal/configs/state_store.go
Lines 77 to 85 in 578766b
But I think there isn't any test coverage for that - I can make a ticket for that
…h the implementations in the provider
…ile using PSS doesn't match the resources available in the project
2 participants
This PR follows #37956
Whereas that PR allowed a
planoperation to produce a plan file that described a state store, this PR enablesapplyoperations that use a plan file to configure a state store using the data stored in the plan.This new feature is tested by integration tests and an E2E test that shows the full init-plan-apply workflow when a pluggable state store is in use.
Target Release
1.15.x
Rollback Plan
Changes to Security Controls
Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.
CHANGELOG entry