[PE-2316] Updating AzureRM is causing failures

[kevinkirkup]

Jira Issue: PE-2316

Details

AzureRM and Terraform SDK don't play nice with each other.

[mtraynham]

Dang that's a lot of changes. Is this just a package upgrade?

Honestly, if this library isn't "intalled" via a Git call and rather done as a tar download, I think there are better ways to store this rather than in source control. I believe releases can have additional artifacts.

[kevinkirkup]

2 packages and dependencies.

[kevinkirkup]

This is the required process for gendering dependencies in go. TBH, it’s not that bad.

[mtraynham]

Not sure if I understand Go dependency management; do you need the vendor directory as you already have the go.mod/go.sum files? In Node, you gitignore the node_modules folder but check in the package.json and package-lock.json files. This means the user needs to install the dependencies, but the package-lock file ensures a consistent experience between installs.
This also prevents gigantic change sets such as this one. Is there not a way to take that approach?

The only reason I ask, the repo is storing the history of all these files and it's going to start making the repo slow to download.

[kevinkirkup]

For go, the official way for handling dependencies is with go modules. They don't require you to download all of the dependencies within your project. It defaults to downloading them in to GOROOT.
go.mod is like package.json. go.sum is similar to package-lock.json.

There can be issues with this though since it's global you can have conflicting dependencies. Sometime the dependencies also disappear.

To get around this they added module vendoring.
This downloads all module dependencies locally to the project in the /vendor directory.

For Terraform Providers, this is a requirement so that each provider can be built by Hashicorp in an isolated environment.