Add hidden --local flag to bundle plan and deploy#5680
Open
denik wants to merge 5 commits into
Open
Conversation
Contributor
Approval status: pending
|
Collaborator
Integration test reportCommit: 9b4c606
|
When passed, the plan is computed from the local state only: the per-resource remote read is skipped, so the remote state of resources is neither fetched nor considered. References that genuinely need a target's remote state (e.g. a remote-only field) fetch that target on demand, so $resources references still resolve. Direct engine only; rejected on terraform. Exercise it in the no_drift invariant via a LOCAL_DIFF matrix. Co-authored-by: Isaac
When --local resolves a reference that needs a target's remote-only field, it already fetches that target on demand. Copy those fetched states onto their plan entries (entry.RemoteState) so the plan shows what was actually read. Done in a single-threaded pass after the parallel walk: during the walk a target is fetched from a dependent's goroutine under the target's read lock, where writing its entry would race with sibling dependents. Co-authored-by: Isaac
Co-authored-by: Isaac
Add a LOCAL=["", "--local"] matrix to three resource tests (jobs/num_workers, schemas/update, volumes/change-name) so plan/deploy run both with and without --local. Deploy issues the same mutating requests either way (only GET reads differ, which print_requests.py excludes), so output is identical across variants. --local is excluded on terraform (rejected there) and not applied to `bundle plan -o json`, whose remote_state would diverge. Co-authored-by: Isaac
A --local plan is computed without remote state, so a saved plan can miss out-of-band drift. Add a top-level local_only field (omitempty, so normal plans are unchanged) and warn when deploy --plan applies a local-only plan. Extend local/basic to record the JSON plan, showing local_only: true and the absence of remote_state. Co-authored-by: Isaac
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds a hidden
--localflag tobundle planandbundle deploy. When passed, the plan is computed from the local state only — the per-resource remote read is skipped, so the remote state of resources is neither fetched nor considered.${resources...}references still resolve:.idand other fields come from local state, and a reference that genuinely needs a target's remote state (a remote-only field) fetches that one target on demand. Direct engine only; rejected with an actionable error on terraform.Tests:
acceptance/bundle/local/basic—plan --localreports no drift and issues no resource reads, while still resolving a cross-resource reference;local_usedtelemetry on deploy.acceptance/bundle/local/rejected— terraform rejects the flag.no_driftinvariant gains aLOCAL_DIFFmatrix that runs every config with and without--local. Five resources are excluded from the--localvariant (documented intest.toml): dashboard/genie_space/vector_search_index persist a remote-sourced field in state, and postgres_role/postgres_database hit a state-serialization bug fixed on main but not yet on this branch.This pull request and its description were written by Isaac.