terraform: Stabilize the variable_validation_crossref experiment #34955
Conversation
|
I've prepared this today in the hope that the experiment feedback is positive and we choose to move forward with stabilization, because it's easier to write a stabilization changeset with the experience of implementing the experiment still fresh in mind. However, I'm going to leave this in draft until we've actually included the experiment in at least one alpha release and gotten some satisfying feedback about it. If feedback suggests changing approach then this I'll close this PR and replace it with another that implements another round of the experiment. |
apparentlymart
force-pushed
the
f-variable-validation-crossref-stablize
branch
from
d8ed2fb
to
16eaffc
Compare
Our real implementation of the lang.Data interface depends on just about everything else in the modules runtime to implement its behavior, and so it's not really appropriate to use in unit tests. This new implementation is considerably simpler, just returning values predefined in a set of fixed tables. This is appropriate for unit tests of features that perform expression evaluation as a side-effect of their work but that don't contribute their own values to the real evaluation data implementation.
apparentlymart
force-pushed
the
f-variable-validation-crossref-stablize
branch
2 times, most recently
from
e271e71
to
850825c
Compare
| @@ -29,9 +29,9 @@ For more information on when to use certain custom conditions, see [Choosing Bet | |||
|
|
|||
| ## Input Variable Validation | |||
|
|
|||
| -> **Note:** Input variable validation is available in Terraform v0.13.0 and later. | |||
| -> **Note:** Input variable validation is available in Terraform v0.13.0 and later. Before Terraform v1.9.0, validation rules can refer only to the variable being validated. | |||
There was a problem hiding this comment.
| -> **Note:** Input variable validation is available in Terraform v0.13.0 and later. Before Terraform v1.9.0, validation rules can refer only to the variable being validated. | |
| -> **Note:** Input variable validation is available in Terraform v0.13.0 and later. Before Terraform v1.9.0, validation rules can refer only to the variable being validated, not other variables. |
There was a problem hiding this comment.
This seems reasonable!
I kept this short both because we typically use these callouts mainly to nudge a reader that they might want to refer to the equivalent docs in an older version (now that the docs site supports that) and because older versions of Terraform will generate a suitable error message if someone tries to refer to anything else and so this is here mainly to answer the question "why did the example I found on the internet suggest trying something that returns an error?".
However, "not other variables" is a very reasonable addition that clarifies the point without adding too many more words. I'll update this before I merge.
Previously we introduced a language experiment that would permit variable validation rules to refer to other objects declared in the same module as the variable. Now that experiment is concluded and its behavior is available for all modules. This final version deviates slightly from the experiment: we learned from the experimental implementation that we accidentally made the "validate" command able to validate constant-valued input variables in child modules despite the usual rule that input variables are unknown during validation, because the previous compromise bypassed the main expression evaluator and built its own evaluation context directly. Even though that behavior was not intended, it's a useful behavior that is protected by our compatibility promises and so this commit includes a slightly hacky emulation of that behavior, in eval_variable.go, that fetches the variable value in the same way the old implementation would have and then modifies the hcl evaluation context to include that value, while preserving anything else that our standard evaluation context builder put in there. That narrowly preserves the old behavior for expressions that compare the variable value directly to a constant, while treating all other references (which were previously totally invalid) in the standard way. This quirk was already covered by the existing test TestContext2Validate_variableCustomValidationsFail, which fails if the special workaround is removed.
apparentlymart
force-pushed
the
f-variable-validation-crossref-stablize
branch
from
850825c
to
8456322
Compare
|
Reminder for the merging maintainer: if this is a user-visible change, please update the changelog on the appropriate release branch. |
In #34947 we introduced a language experiment that would permit variable validation rules to refer to other objects declared in the same module as the variable.
Now that experiment is concluded and its behavior is available for all modules.
This closes #25609.
This final version deviates slightly from the experiment: we learned from the experimental implementation that we accidentally made the
terraform validatecommand able to validate constant-valued input variables in child modulesdespite the usual rule that input variables are unknown during validation, because the previous compromise bypassed the main expression evaluator and built its own evaluation context directly.
Even though that behavior was not intended, it's a useful behavior that is protected by our compatibility promises and so this commit includes a slightly hacky emulation of that behavior, in
eval_variable.go, that fetches the variable value in the same way the old implementation would have and then modifies the HCL evaluation context to include that value, while preserving anything else that our standard evaluation context builder put in there.That narrowly preserves the old behavior for expressions that compare the variable value directly to a constant, while treating all other references (which were previously totally invalid) in the standard way. This quirk was already covered by the existing test
TestContext2Validate_variableCustomValidationsFail, which fails if the special workaround is removed.