Set minimum Terraform version to 0.12.26/0.13.0

cmd/kops/integration_test.go

@@ -195,20 +195,12 @@ func TestBastionAdditionalUserData(t *testing.T) {
 // TestMinimalJSON runs the test on a minimal data set and outputs JSON
 func TestMinimalJSON(t *testing.T) {
 	featureflag.ParseFlags("+TerraformJSON")
-	unsetFeaureFlag := func() {
+	unsetFeatureFlags := func() {
 		featureflag.ParseFlags("-TerraformJSON")
 	}
-	defer unsetFeaureFlag()
-	newIntegrationTest("minimal-json.example.com", "minimal-json").withJSONOutput().runTestTerraformAWS(t)
-}
+	defer unsetFeatureFlags()
 
-func TestMinimalTerraform011(t *testing.T) {
-	featureflag.ParseFlags("-Terraform-0.12")
-	unsetFeaureFlag := func() {
-		featureflag.ParseFlags("+Terraform-0.12")
-	}
-	defer unsetFeaureFlag()
-	newIntegrationTest("minimal-tf11.example.com", "minimal-tf11").runTestTerraformAWS(t)
+	newIntegrationTest("minimal-json.example.com", "minimal-json").withJSONOutput().runTestTerraformAWS(t)
 }
 
 // TestPrivateWeave runs the test on a configuration with private topology, weave networking

docs/advanced/experimental.md

@@ -21,5 +21,5 @@ The following experimental features are currently available:
 * `+SpotinstHybrid` - Toogles between hybrid and full instance group implementations
 * `-SpotinstController` - Toggles the installation of the Spot controller addon off
 * `+SkipEtcdVersionCheck` - Bypasses the check that etcd-manager is using a supported etcd version
-* `+TerraformJSON` - Produce kubernetes.ts.json file instead of writing HCL v1 syntax. Can be consumed by terraform 0.12
-* `+VFSVaultSupport` - Enables setting Vault as secret/keystore
+* `+TerraformJSON` - Produce kubernetes.tf.json file instead of writing HCLv2 syntax. Can be consumed by terraform 0.12+
+* `+VFSVaultSupport` - Enables setting Vault as secret/keystore

docs/terraform.md

@@ -10,11 +10,12 @@ Note that if you modify the Terraform files that kops spits out, it will overrid
 
 ### Terraform Version Compatibility
 | Kops Version | Terraform Version | Feature Flag Notes |
-|--------------|-------------------|-------|
-| >= 1.18      | >= 0.12           | HCL2 supported by default |
-| >= 1.18      | < 0.12            | `KOPS_FEATURE_FLAGS=-Terraform-0.12` |
-| >= 1.17      | >= 0.12           | `KOPS_FEATURE_FLAGS=TerraformJSON` outputs JSON |
-| <= 1.17      | < 0.12            | Supported by default |
+|--------------|-------------------|--------------------|
+| >= 1.19      | >= 0.12.26, >= 0.13 | HCL2 supported by default <br>`KOPS_FEATURE_FLAGS=Terraform-0.12` is now deprecated |
+| >= 1.18      | >= 0.12             | HCL2 supported by default |
+| >= 1.18      | < 0.12              | `KOPS_FEATURE_FLAGS=-Terraform-0.12` |
+| >= 1.17      | >= 0.12             | `KOPS_FEATURE_FLAGS=TerraformJSON` outputs JSON |
+| <= 1.17      | < 0.12              | Supported by default |
 
 ### Using Terraform
 
@@ -32,13 +33,7 @@ terraform {
 }
 ```
 
-Then run:
-
-```
-$ terraform init
-```
-to set up s3 backend.
-Learn more [about Terraform state here](https://www.terraform.io/docs/state/remote.html).
+Learn more about [Terraform state](https://www.terraform.io/docs/state/remote.html).
 
 #### Initialize/create a cluster
 
@@ -54,7 +49,32 @@ $ kops create cluster \
   --target=terraform
 ```
 
-The above command will create kops state on S3 (defined in `--state`) and output a representation of your configuration into Terraform files. Thereafter you can preview your changes and then apply as shown below:
+The above command will create kops state on S3 (defined in `--state`) and output a representation of your configuration into Terraform files. Thereafter you can preview your changes in `kubernetes.tf` and then use Terraform to create all the resources as shown below:
+
+Additional Terraform `.tf` files could be added at this stage to customize your deployment, but remember the kops state should continue to remain the ultimate source of truth for the Kubernetes cluster.
+
+Initialize Terraform to set-up the S3 backend and provider plugins.
+
+```
+$ terraform init
+```
+
+If you're using Terraform v0.12.26+, the following warning will be displayed and can be safely ignored. It will not be displayed if you're using Terraform v0.13.0+.
+
+```
+Warning: Provider source not supported in Terraform v0.12
+
+  on kubernetes.tf line 665, in terraform:
+ 665:     aws = {
+ 666:       "source"  = "hashicorp/aws"
+ 667:       "version" = ">= 2.46.0"
+ 668:     }
+
+A source was declared for provider aws. Terraform v0.12 does not support the   
+provider source attribute. It will be ignored.
+```
+
+Use Terraform to review and create the cloud infrastructure and Kubernetes cluster.
 
 ```
 $ terraform plan
@@ -110,7 +130,6 @@ $ kops delete cluster --yes \
 
 Ps: You don't have to `kops delete cluster` if you just want to recreate from scratch. Deleting kops cluster state means that you've have to `kops create` again.
 
-
 ### Caveats
 
 #### `kops rolling-update` might be needed after editing the cluster
@@ -121,13 +140,11 @@ To see your changes applied to the cluster you'll also need to run `kops rolling
 
 #### Terraform JSON output
 
-With terraform 0.12 JSON is now officially supported as configuration language. To enable JSON output instead of HCLv1 output you need to enable it through a feature flag.
+With terraform 0.12 JSON is now officially supported as configuration language. To enable JSON output instead of HCLv2 output you need to enable it through a feature flag.
+
 ```
 export KOPS_FEATURE_FLAGS=TerraformJSON
 kops update cluster .....
 ```
 
 This is an alternative to of using terraforms own configuration syntax HCL. Be sure to delete the existing kubernetes.tf file. Terraform will otherwise use both and then complain. 
-
-Kops will require terraform 0.12 for JSON configuration. Inofficially (partially) it was also supported with terraform 0.11, so you can try and remove the `required_version` in `kubernetes.tf.json`. 
-

go.mod

@@ -77,7 +77,6 @@ require (
 	github.com/google/uuid v1.1.1
 	github.com/gophercloud/gophercloud v0.11.1-0.20200518183226-7aec46f32c19
 	github.com/gorilla/mux v1.7.3
-	github.com/hashicorp/hcl v1.0.0
 	github.com/hashicorp/hcl/v2 v2.3.0
 	github.com/hashicorp/vault/api v1.0.4
 	github.com/huandu/xstrings v1.2.0 // indirect

hack/verify-terraform.sh

@@ -20,25 +20,17 @@ set -o pipefail
 
 . "$(dirname "${BASH_SOURCE[0]}")/common.sh"
 
-# integration test cluster directories that are terraform 0.11 compatible
-CLUSTERS_0_11=(
-  "minimal-tf11"
-)
-
 # Terraform versions
-TAG_0_13=0.13.0
-TAG_0_11=0.11.14
+TF_TAG=0.13.5
 
 PROVIDER_CACHE="${KOPS_ROOT}/.cache/terraform"
 
 RC=0
 while IFS= read -r -d '' -u 3 test_dir; do
   [ -f "${test_dir}/kubernetes.tf" ] || [ -f "${test_dir}/kubernetes.tf.json" ] || continue
   echo -e "${test_dir}\n"
-  cluster=$(basename "${test_dir}")
-  kube::util::array_contains "${cluster}" "${CLUSTERS_0_11[@]}" && tag=$TAG_0_11 || tag=$TAG_0_13
 
-  docker run --rm -e "TF_PLUGIN_CACHE_DIR=${PROVIDER_CACHE}" -v "${PROVIDER_CACHE}:${PROVIDER_CACHE}" -v "${test_dir}":"${test_dir}" -w "${test_dir}" --entrypoint=sh hashicorp/terraform:$tag -c '/bin/terraform init >/dev/null && /bin/terraform validate' || RC=$?
+  docker run --rm -e "TF_PLUGIN_CACHE_DIR=${PROVIDER_CACHE}" -v "${PROVIDER_CACHE}:${PROVIDER_CACHE}" -v "${test_dir}":"${test_dir}" -w "${test_dir}" --entrypoint=sh hashicorp/terraform:${TF_TAG} -c '/bin/terraform init >/dev/null && /bin/terraform validate' || RC=$?
 done 3< <(find "${KOPS_ROOT}/tests/integration/update_cluster" -maxdepth 1 -type d -print0)
 
 if [ $RC != 0 ]; then

pkg/featureflag/featureflag.go

@@ -91,8 +91,6 @@ var (
 	SkipEtcdVersionCheck = New("SkipEtcdVersionCheck", Bool(false))
 	// TerraformJSON outputs terraform in JSON instead of hcl output. JSON output can be also parsed by terraform 0.12
 	TerraformJSON = New("TerraformJSON", Bool(false))
-	// Terraform012 will output terraform in the 0.12 (hcl2) syntax
-	Terraform012 = New("Terraform-0.12", Bool(true))
 	// LegacyIAM will permit use of legacy IAM permissions.
 	LegacyIAM = New("LegacyIAM", Bool(false))
 	// ClusterAddons activates experimental cluster-addons support

tests/integration/update_cluster/bastionadditional_user-data/kubernetes.tf

@@ -954,5 +954,11 @@ resource "aws_vpc" "bastionuserdata-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }

tests/integration/update_cluster/complex/kubernetes.tf

@@ -787,5 +787,11 @@ resource "aws_vpc" "complex-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }

tests/integration/update_cluster/existing_iam/kubernetes.tf

@@ -844,5 +844,11 @@ resource "aws_vpc" "existing-iam-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }

tests/integration/update_cluster/existing_sg/kubernetes.tf

@@ -1180,5 +1180,11 @@ resource "aws_vpc" "existingsg-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }

tests/integration/update_cluster/externallb/kubernetes.tf

@@ -585,5 +585,11 @@ resource "aws_vpc" "externallb-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }

tests/integration/update_cluster/externalpolicies/kubernetes.tf

@@ -753,5 +753,11 @@ resource "aws_vpc" "externalpolicies-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }

tests/integration/update_cluster/ha/kubernetes.tf

@@ -896,5 +896,11 @@ resource "aws_vpc" "ha-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }

tests/integration/update_cluster/ha_gce/kubernetes.tf

@@ -17,8 +17,7 @@ output "region" {
 }
 
 provider "google" {
-  region  = "us-test1"
-  version = ">= 3.0.0"
+  region = "us-test1"
 }
 
 resource "google_compute_disk" "d1-etcd-events-ha-gce-example-com" {
@@ -497,5 +496,11 @@ resource "google_compute_network" "default" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    google = {
+      "source"  = "hashicorp/google"
+      "version" = ">= 2.19.0"
+    }
+  }
 }

tests/integration/update_cluster/launch_templates/kubernetes.tf

@@ -714,5 +714,11 @@ resource "aws_vpc" "launchtemplates-example-com" {
 }
 
 terraform {
-  required_version = ">= 0.12.0"
+  required_version = ">= 0.12.26"
+  required_providers {
+    aws = {
+      "source"  = "hashicorp/aws"
+      "version" = ">= 2.46.0"
+    }
+  }
 }