Store resource identities in state (TF-23255) #36464
Conversation
dbanck
added
the
no-changelog-needed
|
The equivalence tests failed. Please investigate here. |
|
The equivalence tests failed. Please investigate here. |
DanielMSchmidt
force-pushed
the
dbanck/identity-state
branch
from
166a9a9 to
17acf8f
Compare
|
The equivalence tests failed. Please investigate here. |
|
The equivalence tests failed. Please investigate here. |
|
The equivalence tests failed. Please investigate here. |
DanielMSchmidt
force-pushed
the
dbanck/identity-state
branch
from
7e6d5d7 to
ca4fe7e
Compare
|
The equivalence tests failed. Please investigate here. |
|
The equivalence tests failed. Please investigate here. |
DanielMSchmidt
force-pushed
the
dbanck/identity-state
branch
from
43a0fe8 to
f204824
Compare
dbanck
force-pushed
the
dbanck/identity-state
branch
from
73cfddf to
39a29d4
Compare
dbanck
force-pushed
the
dbanck/identity-state
branch
from
ad27f6e to
78b6847
Compare
| @@ -94,7 +117,7 @@ const ( | |||
| // The returned object may share internal references with the receiver and | |||
| // so the caller must not mutate the receiver any further once once this | |||
| // method is called. | |||
| func (o *ResourceInstanceObject) Encode(ty cty.Type, schemaVersion uint64) (*ResourceInstanceObjectSrc, error) { | |||
| func (o *ResourceInstanceObject) Encode(schema providers.Schema) (*ResourceInstanceObjectSrc, error) { | |||
There was a problem hiding this comment.
something to come back to later might be to update the comments for the functions whose signature have changed
There was a problem hiding this comment.
Actually, we should probably update them along with the change, or else we'll never find them again ;)
| @@ -94,7 +117,7 @@ const ( | |||
| // The returned object may share internal references with the receiver and | |||
| // so the caller must not mutate the receiver any further once once this | |||
| // method is called. | |||
| func (o *ResourceInstanceObject) Encode(ty cty.Type, schemaVersion uint64) (*ResourceInstanceObjectSrc, error) { | |||
| func (o *ResourceInstanceObject) Encode(schema providers.Schema) (*ResourceInstanceObjectSrc, error) { | |||
There was a problem hiding this comment.
Actually, we should probably update them along with the change, or else we'll never find them again ;)
internal/grpcwrap/provider.go
Outdated
| @@ -60,13 +63,13 @@ func (p *provider) GetSchema(_ context.Context, req *tfplugin5.GetProviderSchema | |||
|
|
|||
| for typ, res := range p.schema.ResourceTypes { | |||
| resp.ResourceSchemas[typ] = &tfplugin5.Schema{ | |||
| Version: res.Version, | |||
| Version: int64(res.Version), | |||
There was a problem hiding this comment.
The type here shouldn't have changed, does this need a conversion?
There was a problem hiding this comment.
Sorry, this is a remnant of the SchemaForResourceType changes. Nice catch!
|
|
||
| resp.IdentityTypes = make(map[string]providers.IdentitySchema) | ||
|
|
||
| protoResp, err := p.client.GetResourceIdentitySchemas(p.ctx, new(proto.GetResourceIdentitySchemas_Request)) |
There was a problem hiding this comment.
We don't have a capability flag for this one, so we should be checking specifically for an unimplemented method here. I can't remember the best way to do this, but I thin the grpc framework will return codes.Unimplemented
dbanck
force-pushed
the
dbanck/identity-state
branch
from
83bb6bc to
fd2a73f
Compare
| @@ -129,23 +128,33 @@ func (p *GRPCProvider) GetProviderSchema() providers.GetProviderSchemaResponse { | |||
| return resp | |||
| } | |||
|
|
|||
| resp.Provider = convert.ProtoToProviderSchema(protoResp.Provider) | |||
| identResp, err := p.client.GetResourceIdentitySchemas(p.ctx, new(proto.GetResourceIdentitySchemas_Request)) | |||
| if err != nil { | |||
There was a problem hiding this comment.
We want to check the unimplemented status here too, especially since this is going to be the primary call point from core for now. Or maybe this should just our own GetResourceIdentitySchemas method instead?
There was a problem hiding this comment.
How should Terraform handle GetResourceIdentitySchemas errors here?
- Always continue on error and return at least the provider schema (current implementation)
- Only continue in case of an unimplemented status and return the provider schema; any other
GetResourceIdentitySchemaserror will be raised - something else?
I assumed we want to do the first case, because GetProviderSchema can still return something useful even if the resource identity schema calls fail
This PR implements the two new RPCs for resource identities and stores resource identities along with the resource attributes in state.
The new
GetResourceIdentitySchemasRPC call is used to fetch all resource identity schemas for a provider. We fetch the identity schemas during theGetProviderSchemaworkflow and combine the results. In that way we end up with a resource type schema that contains everything we need later on:terraform/internal/providers/provider.go
Lines 165 to 171 in 22cba43
Most methods, such as
states.Decodeandstates.Encode, are updated to receive the above schema instead of a separate type and version.The new
UpgradeResourceIdentityRPC call is used to upgrade stored identities to the latest resource identity schema version. We only trigger the RPC if the stored identity schema version differs from the one in the resource identity schema.Follow-up PRs
Target Release
1.12.x
CHANGELOG entry