Merge pull request #2 from stgraber/main

Update for new repository URL and switch over to Incus packages

.github/workflows/commits.yml

@@ -0,0 +1,47 @@
+name: Commits
+on:
+  - pull_request
+
+permissions:
+  contents: read
+
+jobs:
+  dco-check:
+    permissions:
+      pull-requests: read  # for tim-actions/get-pr-commits to get list of commits from the PR
+    name: Signed-off-by (DCO)
+    runs-on: ubuntu-22.04
+    steps:
+    - name: Get PR Commits
+      id: 'get-pr-commits'
+      uses: tim-actions/get-pr-commits@master
+      with:
+        token: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Check that all commits are signed-off
+      uses: tim-actions/dco@master
+      with:
+        commits: ${{ steps.get-pr-commits.outputs.commits }}
+
+  target-branch:
+    permissions:
+      contents: none
+    name: Branch target
+    runs-on: ubuntu-22.04
+    steps:
+    - name: Check branch target
+      env:
+        TARGET: ${{ github.event.pull_request.base.ref }}
+        TITLE: ${{ github.event.pull_request.title }}
+      run: |
+        set -eux
+        TARGET_FROM_PR_TITLE="$(echo "${TITLE}" | sed -n 's/.*(\(stable-[0-9]\.[0-9]\))$/\1/p')"
+        if [ -z "${TARGET_FROM_PR_TITLE}" ]; then
+          TARGET_FROM_PR_TITLE="main"
+        else
+          echo "Branch target overridden from PR title"
+        fi
+        [ "${TARGET}" = "${TARGET_FROM_PR_TITLE}" ] && exit 0
+
+        echo "Invalid branch target: ${TARGET} != ${TARGET_FROM_PR_TITLE}"
+        exit 1

.github/workflows/test.yml

@@ -22,11 +22,9 @@ jobs:
       matrix:
         go-version:
           - "1.21"
-        channel:
-          - 5.0/stable
-          - 5.0/candidate
-          - latest/stable
-          - latest/candidate
+        incus-version:
+          - daily
+          - stable
 
     env:
       TF_ACC: "1"
@@ -37,7 +35,6 @@ jobs:
       LXD_GENERATE_CLIENT_CERTS: "true"
       LXD_ACCEPT_SERVER_CERTIFICATE: "true"
       LXD_SCHEME: https
-      LXD_PASSWORD: the-password
 
     steps:
       - uses: actions/checkout@v4
@@ -46,31 +43,29 @@ jobs:
         with:
           go-version: ${{ matrix.go-version }}
 
-      - name: Setup LXD from ${{ matrix.channel }} channel
+      - name: Setup Incus from ${{ matrix.incus-version }} repository
         run: |
-          sudo snap refresh lxd --channel=${{ matrix.channel }}
-          sudo lxd waitready --timeout 60
-          sudo lxd init --auto --trust-password="$LXD_PASSWORD" --network-port="$LXD_PORT" --network-address="$LXD_ADDR"
-          sudo chmod 777 /var/snap/lxd/common/lxd/unix.socket
-
-          # 5.0/* currently use core20 which ships with a buggy lvm2 package so
-          # if the base used by the LXD snap is core20, use the external lvm provider
-          # which is the one installed on the runner machine. Since there are plans
-          # to switch 5.0/* to using core22, it's best to autodetect this condition.
-          if snap info lxd --verbose | grep -qxE 'base:\s+core20'; then
-            echo "WARN: Using external lvm command to workaround bug in core20" >&2
-            sudo snap set lxd lvm.external=true
-            sudo snap restart --reload lxd
-          fi
+          sudo apt-get update
+          sudo apt-get install --no-install-recommends --yes \
+            zfsutils-linux \
+            bind9-dnsutils \
+            jq
+          sudo apt-get remove --purge uidmap --yes
+          sudo rm -f /etc/subuid /etc/subgid
+
+          curl -sL https://pkgs.zabbly.com/get/incus-${{ matrix.incus-version }} | sudo sh
+          sudo chmod 666 /var/lib/incus/unix.socket
+          sudo incus admin init --auto --network-port="$LXD_PORT" --network-address="$LXD_ADDR"
+
+          LXD_TOKEN=$(incus config trust add terraform --quiet)
+          incus remote add localhost "${LXD_TOKEN}"
 
       - name: Configure OVN
         run: |
           sudo apt-get update
           sudo apt-get install --no-install-recommends --yes \
             ovn-host \
-            ovn-central \
-            bind9-dnsutils \
-            jq
+            ovn-central
 
           sudo ovs-vsctl set open_vswitch . \
             external_ids:ovn-remote=unix:/var/run/ovn/ovnsb_db.sock \
@@ -84,7 +79,8 @@ jobs:
       - uses: hashicorp/setup-terraform@v3
         with:
           terraform_wrapper: false
-      - run: make test
+      - run: |
+          make test
 
   build-platforms:
     runs-on: ubuntu-22.04

Makefile

@@ -1,18 +1,19 @@
+GO ?= go
 GOFMT_FILES?=$$(find . -name '*.go' |grep -v vendor)
 TARGETS=darwin/amd64 freebsd/386 freebsd/amd64 freebsd/arm linux/386 linux/amd64 linux/arm openbsd/386 openbsd/amd64 windows/386 windows/amd64
 TF_LOG?=error
 
 default: build
 
 test:
-	go get -d -t ./...
-	go test -parallel $$(nproc) -race -timeout 60m -v ./internal/...
+	$(GO) get -d -t ./...
+	$(GO) test -parallel $$(nproc) -race -timeout 60m -v ./internal/...
 
 testacc:
-	TF_LOG=$(TF_LOG) TF_ACC=1 go test -parallel 4 -v -race $(TESTARGS) -timeout 60m ./internal/...
+	TF_LOG=$(TF_LOG) TF_ACC=1 $(GO) test -parallel 4 -v -race $(TESTARGS) -timeout 60m ./internal/...
 
 build:
-	go build -v
+	$(GO) build -v
 
 targets:
 	gox -osarch='$(TARGETS)' -output="dist/{{.OS}}_{{.Arch}}/terraform-provider-lxd_${TRAVIS_TAG}_x4"
@@ -21,11 +22,11 @@ targets:
 	xargs -0 --verbose --replace={} zip -r -j "dist/terraform-provider-lxd_${TRAVIS_TAG}_{}.zip" "dist/{}"
 
 dev:
-	go build -v
+	$(GO) build -v
 
 vet:
-	@echo "go vet ."
-	@go vet $$(go list ./... | grep -v vendor/) ; if [ $$? -eq 1 ]; then \
+	@echo "$(GO) vet ."
+	@$(GO) vet $$($(GO) list ./... | grep -v vendor/) ; if [ $$? -eq 1 ]; then \
 		echo ""; \
 		echo "Vet found suspicious constructs. Please check the reported constructs"; \
 		echo "and fix them if necessary before submitting the code for review."; \
@@ -61,4 +62,11 @@ static-analysis:
 		echo "Missing \"terraform\" command, not checking .tf format" >&2; \
 	fi
 
+.PHONY: update-gomod
+update-gomod:
+	$(GO) get -t -v -d -u ./...
+	$(GO) mod tidy --go=1.20
+	$(GO) get toolchain@none
+	@echo "Dependencies updated"
+
 .PHONY: build test testacc dev vet fmt fmtcheck targets

docs/index.md

@@ -6,7 +6,7 @@ Use Terraform to manage LXD resources.
 
 This provider connects to the LXD daemon over local Unix socket or HTTPS.
 
-It makes use of the [LXD client library](https://github.com/canonical/lxd), which
+It makes use of the [LXD client library](https://github.com/lxc/incus), which
 currently looks in `~/snap/lxd/common/config` (and `~/.config/lxc`) for `client.crt`
 and `client.key` files to authenticate against the LXD daemon.
 

go.mod

@@ -1,42 +1,39 @@
-module github.com/terraform-lxd/terraform-provider-lxd
+module github.com/lxc/terraform-provider-incus
 
 go 1.20
 
 require (
-	github.com/canonical/lxd v0.0.0-20230721084020-fa2ec65c7e2e
 	github.com/dustinkirkland/golang-petname v0.0.0-20231002161417-6a283f1aaaf2
 	github.com/hashicorp/go-version v1.6.0
 	github.com/hashicorp/terraform-plugin-framework v1.4.2
 	github.com/hashicorp/terraform-plugin-framework-validators v0.12.0
 	github.com/hashicorp/terraform-plugin-go v0.20.0
 	github.com/hashicorp/terraform-plugin-sdk/v2 v2.31.0
 	github.com/hashicorp/terraform-plugin-testing v1.6.0
+	github.com/lxc/incus v0.3.0
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/stretchr/testify v1.8.4
 	golang.org/x/sys v0.15.0
 )
 
 require (
-	github.com/ProtonMail/go-crypto v0.0.0-20230828082145-3c4c8a2d2371 // indirect
+	github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/apparentlymart/go-textseg/v15 v15.0.0 // indirect
-	github.com/cloudflare/circl v1.3.3 // indirect
-	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/fatih/color v1.15.0 // indirect
-	github.com/flosch/pongo2 v0.0.0-20200913210552-0d938eb266f3 // indirect
-	github.com/go-macaroon-bakery/macaroon-bakery/v3 v3.0.1 // indirect
-	github.com/go-macaroon-bakery/macaroonpb v1.0.0 // indirect
+	github.com/cloudflare/circl v1.3.6 // indirect
+	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
+	github.com/fatih/color v1.16.0 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/go-cmp v0.6.0 // indirect
-	github.com/google/uuid v1.3.1 // indirect
-	github.com/gorilla/schema v1.2.0 // indirect
-	github.com/gorilla/securecookie v1.1.1 // indirect
-	github.com/gorilla/websocket v1.5.0 // indirect
+	github.com/google/uuid v1.5.0 // indirect
+	github.com/gorilla/schema v1.2.1 // indirect
+	github.com/gorilla/securecookie v1.1.2 // indirect
+	github.com/gorilla/websocket v1.5.1 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-checkpoint v0.5.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect
-	github.com/hashicorp/go-hclog v1.5.0 // indirect
+	github.com/hashicorp/go-hclog v1.6.2 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
 	github.com/hashicorp/go-plugin v1.6.0 // indirect
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
@@ -49,50 +46,35 @@ require (
 	github.com/hashicorp/terraform-registry-address v0.2.3 // indirect
 	github.com/hashicorp/terraform-svchost v0.1.1 // indirect
 	github.com/hashicorp/yamux v0.1.1 // indirect
-	github.com/juju/go4 v0.0.0-20160222163258-40d72ab9641a // indirect
-	github.com/juju/persistent-cookiejar v1.0.0 // indirect
-	github.com/juju/schema v1.0.1 // indirect
-	github.com/juju/webbrowser v1.0.0 // indirect
-	github.com/julienschmidt/httprouter v1.3.0 // indirect
-	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
 	github.com/kr/fs v0.1.0 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.19 // indirect
+	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect
 	github.com/mitchellh/go-testing-interface v1.14.1 // indirect
 	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 	github.com/muhlemmer/gu v0.3.1 // indirect
 	github.com/oklog/run v1.1.0 // indirect
-	github.com/pborman/uuid v1.2.1 // indirect
-	github.com/pkg/sftp v1.13.5 // indirect
-	github.com/pkg/xattr v0.4.9 // indirect
+	github.com/pkg/sftp v1.13.6 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
-	github.com/robfig/cron/v3 v3.0.1 // indirect
-	github.com/rogpeppe/fastuuid v1.2.0 // indirect
 	github.com/sirupsen/logrus v1.9.3 // indirect
 	github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect
 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/zclconf/go-cty v1.14.1 // indirect
-	github.com/zitadel/oidc/v2 v2.7.0 // indirect
+	github.com/zitadel/oidc/v2 v2.12.0 // indirect
 	golang.org/x/crypto v0.16.0 // indirect
-	golang.org/x/exp v0.0.0-20230809150735-7b3493d9a819 // indirect
+	golang.org/x/exp v0.0.0-20231214170342-aacd6d4b4611 // indirect
 	golang.org/x/mod v0.14.0 // indirect
-	golang.org/x/net v0.18.0 // indirect
-	golang.org/x/oauth2 v0.13.0 // indirect
+	golang.org/x/net v0.19.0 // indirect
+	golang.org/x/oauth2 v0.15.0 // indirect
 	golang.org/x/term v0.15.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
-	google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20231212172506-995d672761c0 // indirect
 	google.golang.org/grpc v1.60.0 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect
-	gopkg.in/errgo.v1 v1.0.1 // indirect
-	gopkg.in/httprequest.v1 v1.2.1 // indirect
-	gopkg.in/juju/environschema.v1 v1.0.1 // indirect
-	gopkg.in/macaroon.v2 v2.1.0 // indirect
-	gopkg.in/retry.v1 v1.0.3 // indirect
 	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect