-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
preview.go
387 lines (342 loc) 路 13.7 KB
/
preview.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
// Copyright 2016-2018, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package main
import (
"bytes"
"errors"
"fmt"
"github.com/spf13/cobra"
"github.com/pulumi/pulumi/pkg/v3/backend"
"github.com/pulumi/pulumi/pkg/v3/backend/display"
"github.com/pulumi/pulumi/pkg/v3/engine"
"github.com/pulumi/pulumi/pkg/v3/resource/deploy"
"github.com/pulumi/pulumi/sdk/v3/go/common/apitype"
"github.com/pulumi/pulumi/sdk/v3/go/common/diag"
"github.com/pulumi/pulumi/sdk/v3/go/common/util/cmdutil"
"github.com/pulumi/pulumi/sdk/v3/go/common/util/contract"
"github.com/pulumi/pulumi/sdk/v3/go/common/util/result"
"github.com/pulumi/pulumi/sdk/v3/go/common/workspace"
)
func newPreviewCmd() *cobra.Command {
var debug bool
var expectNop bool
var message string
var execKind string
var execAgent string
var stack string
var configArray []string
var configPath bool
var client string
var planFilePath string
var showSecrets bool
// Flags for remote operations.
remoteArgs := RemoteArgs{}
// Flags for engine.UpdateOptions.
var jsonDisplay bool
var policyPackPaths []string
var policyPackConfigPaths []string
var diffDisplay bool
var eventLogPath string
var parallel int
var refresh string
var showConfig bool
var showReplacementSteps bool
var showSames bool
var showReads bool
var suppressOutputs bool
var suppressPermalink string
var targets []string
var replaces []string
var targetReplaces []string
var targetDependents bool
use, cmdArgs := "preview", cmdutil.NoArgs
if remoteSupported() {
use, cmdArgs = "preview [url]", cmdutil.MaximumNArgs(1)
}
var cmd = &cobra.Command{
Use: use,
Aliases: []string{"pre"},
SuggestFor: []string{"build", "plan"},
Short: "Show a preview of updates to a stack's resources",
Long: "Show a preview of updates a stack's resources.\n" +
"\n" +
"This command displays a preview of the updates to an existing stack whose state is\n" +
"represented by an existing state file. The new desired state is computed by running\n" +
"a Pulumi program, and extracting all resource allocations from its resulting object graph.\n" +
"These allocations are then compared against the existing state to determine what\n" +
"operations must take place to achieve the desired state. No changes to the stack will\n" +
"actually take place.\n" +
"\n" +
"The program to run is loaded from the project in the current directory. Use the `-C` or\n" +
"`--cwd` flag to use a different directory.",
Args: cmdArgs,
Run: cmdutil.RunResultFunc(func(cmd *cobra.Command, args []string) result.Result {
ctx := commandContext()
var displayType = display.DisplayProgress
if diffDisplay {
displayType = display.DisplayDiff
}
displayOpts := display.Options{
Color: cmdutil.GetGlobalColorization(),
ShowConfig: showConfig,
ShowReplacementSteps: showReplacementSteps,
ShowSameResources: showSames,
ShowReads: showReads,
SuppressOutputs: suppressOutputs,
IsInteractive: cmdutil.Interactive(),
Type: displayType,
JSONDisplay: jsonDisplay,
EventLogPath: eventLogPath,
Debug: debug,
}
// we only suppress permalinks if the user passes true. the default is an empty string
// which we pass as 'false'
if suppressPermalink == "true" {
displayOpts.SuppressPermalink = true
} else {
displayOpts.SuppressPermalink = false
}
if remoteArgs.remote {
if len(args) == 0 {
return result.FromError(errors.New("must specify remote URL"))
}
err := validateUnsupportedRemoteFlags(expectNop, configArray, configPath, client, jsonDisplay,
policyPackPaths, policyPackConfigPaths, refresh, showConfig, showReplacementSteps, showSames,
showReads, suppressOutputs, "default", &targets, replaces, targetReplaces,
targetDependents, planFilePath, stackConfigFile)
if err != nil {
return result.FromError(err)
}
return runDeployment(ctx, displayOpts, apitype.Preview, stack, args[0], remoteArgs)
}
filestateBackend, err := isFilestateBackend(displayOpts)
if err != nil {
return result.FromError(err)
}
// by default, we are going to suppress the permalink when using self-managed backends
// this can be re-enabled by explicitly passing "false" to the `suppress-permalink` flag
if suppressPermalink != "false" && filestateBackend {
displayOpts.SuppressPermalink = true
}
if err := validatePolicyPackConfig(policyPackPaths, policyPackConfigPaths); err != nil {
return result.FromError(err)
}
s, err := requireStack(ctx, stack, true, displayOpts, false /*setCurrent*/)
if err != nil {
return result.FromError(err)
}
// Save any config values passed via flags.
if err = parseAndSaveConfigArray(s, configArray, configPath); err != nil {
return result.FromError(err)
}
proj, root, err := readProjectForUpdate(client)
if err != nil {
return result.FromError(err)
}
m, err := getUpdateMetadata(message, root, execKind, execAgent, planFilePath != "")
if err != nil {
return result.FromError(fmt.Errorf("gathering environment metadata: %w", err))
}
sm, err := getStackSecretsManager(s)
if err != nil {
return result.FromError(fmt.Errorf("getting secrets manager: %w", err))
}
cfg, err := getStackConfiguration(ctx, s, proj, sm)
if err != nil {
return result.FromError(fmt.Errorf("getting stack configuration: %w", err))
}
decrypter, err := sm.Decrypter()
if err != nil {
return result.FromError(fmt.Errorf("getting stack decrypter: %w", err))
}
stackName := s.Ref().Name().String()
configErr := workspace.ValidateStackConfigAndApplyProjectConfig(stackName, proj, cfg.Config, decrypter)
if configErr != nil {
return result.FromError(fmt.Errorf("validating stack config: %w", configErr))
}
if err != nil {
return result.FromError(fmt.Errorf("getting stack configuration: %w", err))
}
targetURNs := []string{}
for _, t := range targets {
targetURNs = append(targetURNs, t)
}
replaceURNs := []string{}
for _, r := range replaces {
replaceURNs = append(replaceURNs, r)
}
for _, tr := range targetReplaces {
targetURNs = append(targetURNs, tr)
replaceURNs = append(replaceURNs, tr)
}
refreshOption, err := getRefreshOption(proj, refresh)
if err != nil {
return result.FromError(err)
}
opts := backend.UpdateOptions{
Engine: engine.UpdateOptions{
LocalPolicyPacks: engine.MakeLocalPolicyPacks(policyPackPaths, policyPackConfigPaths),
Parallel: parallel,
Debug: debug,
Refresh: refreshOption,
ReplaceTargets: deploy.NewUrnTargets(replaceURNs),
UseLegacyDiff: useLegacyDiff(),
DisableProviderPreview: disableProviderPreview(),
DisableResourceReferences: disableResourceReferences(),
DisableOutputValues: disableOutputValues(),
UpdateTargets: deploy.NewUrnTargets(targetURNs),
TargetDependents: targetDependents,
// If we're trying to save a plan then we _need_ to generate it. We also turn this on in
// experimental mode to just get more testing of it.
GeneratePlan: hasExperimentalCommands() || planFilePath != "",
},
Display: displayOpts,
}
plan, changes, res := s.Preview(ctx, backend.UpdateOperation{
Proj: proj,
Root: root,
M: m,
Opts: opts,
StackConfiguration: cfg,
SecretsManager: sm,
Scopes: cancellationScopes,
})
switch {
case res != nil:
return PrintEngineResult(res)
case expectNop && changes != nil && engine.HasChanges(changes):
return result.FromError(errors.New("error: no changes were expected but changes were proposed"))
default:
if planFilePath != "" {
encrypter, err := sm.Encrypter()
if err != nil {
return result.FromError(err)
}
if err = writePlan(planFilePath, plan, encrypter, showSecrets); err != nil {
return result.FromError(err)
}
// Write out message on how to use the plan
var buf bytes.Buffer
fprintf(&buf, "Update plan written to '%s'", planFilePath)
fprintf(
&buf,
"\nRun `pulumi up --plan='%s'` to constrain the update to the operations planned by this preview",
planFilePath)
cmdutil.Diag().Infof(diag.RawMessage("" /*urn*/, buf.String()))
}
return nil
}
}),
}
cmd.PersistentFlags().BoolVarP(
&debug, "debug", "d", false,
"Print detailed debugging output during resource operations")
cmd.PersistentFlags().BoolVar(
&expectNop, "expect-no-changes", false,
"Return an error if any changes are proposed by this preview")
cmd.PersistentFlags().StringVarP(
&stack, "stack", "s", "",
"The name of the stack to operate on. Defaults to the current stack")
cmd.PersistentFlags().StringVar(
&stackConfigFile, "config-file", "",
"Use the configuration values in the specified file rather than detecting the file name")
cmd.PersistentFlags().StringArrayVarP(
&configArray, "config", "c", []string{},
"Config to use during the preview")
cmd.PersistentFlags().BoolVar(
&configPath, "config-path", false,
"Config keys contain a path to a property in a map or list to set")
cmd.PersistentFlags().StringVar(
&planFilePath, "save-plan", "",
"[EXPERIMENTAL] Save the operations proposed by the preview to a plan file at the given path")
if !hasExperimentalCommands() {
contract.AssertNoError(cmd.PersistentFlags().MarkHidden("save-plan"))
}
cmd.Flags().BoolVarP(
&showSecrets, "show-secrets", "", false, "Emit secrets in plaintext in the plan file. Defaults to `false`")
cmd.PersistentFlags().StringVar(
&client, "client", "", "The address of an existing language runtime host to connect to")
_ = cmd.PersistentFlags().MarkHidden("client")
cmd.PersistentFlags().StringVarP(
&message, "message", "m", "",
"Optional message to associate with the preview operation")
cmd.PersistentFlags().StringArrayVarP(
&targets, "target", "t", []string{},
"Specify a single resource URN to update. Other resources will not be updated."+
" Multiple resources can be specified using --target urn1 --target urn2")
cmd.PersistentFlags().StringArrayVar(
&replaces, "replace", []string{},
"Specify resources to replace. Multiple resources can be specified using --replace urn1 --replace urn2")
cmd.PersistentFlags().StringArrayVar(
&targetReplaces, "target-replace", []string{},
"Specify a single resource URN to replace. Other resources will not be updated."+
" Shorthand for --target urn --replace urn.")
cmd.PersistentFlags().BoolVar(
&targetDependents, "target-dependents", false,
"Allows updating of dependent targets discovered but not specified in --target list")
// Flags for engine.UpdateOptions.
cmd.PersistentFlags().StringSliceVar(
&policyPackPaths, "policy-pack", []string{},
"Run one or more policy packs as part of this update")
cmd.PersistentFlags().StringSliceVar(
&policyPackConfigPaths, "policy-pack-config", []string{},
`Path to JSON file containing the config for the policy pack of the corresponding "--policy-pack" flag`)
cmd.PersistentFlags().BoolVar(
&diffDisplay, "diff", false,
"Display operation as a rich diff showing the overall change")
cmd.Flags().BoolVarP(
&jsonDisplay, "json", "j", false,
"Serialize the preview diffs, operations, and overall output as JSON")
cmd.PersistentFlags().IntVarP(
¶llel, "parallel", "p", defaultParallel,
"Allow P resource operations to run in parallel at once (1 for no parallelism). Defaults to unbounded.")
cmd.PersistentFlags().StringVarP(
&refresh, "refresh", "r", "",
"Refresh the state of the stack's resources before this update")
cmd.PersistentFlags().Lookup("refresh").NoOptDefVal = "true"
cmd.PersistentFlags().BoolVar(
&showConfig, "show-config", false,
"Show configuration keys and variables")
cmd.PersistentFlags().BoolVar(
&showReplacementSteps, "show-replacement-steps", false,
"Show detailed resource replacement creates and deletes instead of a single step")
cmd.PersistentFlags().BoolVar(
&showSames, "show-sames", false,
"Show resources that needn't be updated because they haven't changed, alongside those that do")
cmd.PersistentFlags().BoolVar(
&showReads, "show-reads", false,
"Show resources that are being read in, alongside those being managed directly in the stack")
cmd.PersistentFlags().BoolVar(
&suppressOutputs, "suppress-outputs", false,
"Suppress display of stack outputs (in case they contain sensitive values)")
cmd.PersistentFlags().StringVar(
&suppressPermalink, "suppress-permalink", "",
"Suppress display of the state permalink")
cmd.Flag("suppress-permalink").NoOptDefVal = "false"
// Remote flags
remoteArgs.applyFlags(cmd)
if hasDebugCommands() {
cmd.PersistentFlags().StringVar(
&eventLogPath, "event-log", "",
"Log events to a file at this path")
}
// internal flags
cmd.PersistentFlags().StringVar(&execKind, "exec-kind", "", "")
// ignore err, only happens if flag does not exist
_ = cmd.PersistentFlags().MarkHidden("exec-kind")
cmd.PersistentFlags().StringVar(&execAgent, "exec-agent", "", "")
// ignore err, only happens if flag does not exist
_ = cmd.PersistentFlags().MarkHidden("exec-agent")
return cmd
}