使用-var或-var文件时,Terraform会忽略Terraform.tfvars文件
在几个月没有处理基础设施更改之后,我试图在一台新机器上加载我们的terragrunt文件,但遇到了几个错误,我找不到解决方案 基本上,当存在使用-var或-var文件时,Terraform会忽略Terraform.tfvars文件,terraform,terragrunt,Terraform,Terragrunt,在几个月没有处理基础设施更改之后,我试图在一台新机器上加载我们的terragrunt文件,但遇到了几个错误,我找不到解决方案 基本上,当存在-var或-var文件选项时,terraform.tfvars文件(或任何*.auto.tfvars文件)似乎被terraform忽略 我们使用分层terragrunt配置为不同的环境提供不同的凭据配置,这就是为什么有一个account.tfvars文件,其中包含所有数据 直到今年8月,一切都正常运行,所以可能有一个我在变更日志中没有发现的变更 特定于模块的
-var-var文件terraform.tfvars*.auto.tfvarsaccount.tfvarsterraform.tfvarsterragrunt = {
include {
path = "${find_in_parent_folders()}"
}
terraform {
source = "../../../modules//cockpit"
}
}
bucket_prefix = "cockpit-"
domain_name = "cockpit.donutapp.io"
terragrunt = {
remote_state {
backend = "s3"
config {
encrypt = true
bucket = "my-${get_aws_account_id()}-tfstate"
key = "production/${path_relative_to_include()}/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-locks"
}
}
terraform {
extra_arguments "bucket" {
commands = ["${get_terraform_commands_that_need_vars()}"]
optional_var_files = [
"${get_tfvars_dir()}/${find_in_parent_folders("account.tfvars", "ignore")}",
]
arguments = [
"-var",
"terraform_bucket=my-${get_aws_account_id()}-tfstate",
]
}
extra_arguments "disable_input" {
commands = ["${get_terraform_commands_that_need_input()}"]
arguments = ["-input=false"]
}
}
}
terraform plan -var terraform_bucket=my-accountid-tfstate \
-var-file=some-path/../account.tfvars \
-input=false
terraform.tfvarsterragrunt = {
include {
path = "${find_in_parent_folders()}"
}
terraform {
source = "../../../modules//cockpit"
}
}
bucket_prefix = "cockpit-"
domain_name = "cockpit.donutapp.io"
terragrunt = {
remote_state {
backend = "s3"
config {
encrypt = true
bucket = "my-${get_aws_account_id()}-tfstate"
key = "production/${path_relative_to_include()}/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-locks"
}
}
terraform {
extra_arguments "bucket" {
commands = ["${get_terraform_commands_that_need_vars()}"]
optional_var_files = [
"${get_tfvars_dir()}/${find_in_parent_folders("account.tfvars", "ignore")}",
]
arguments = [
"-var",
"terraform_bucket=my-${get_aws_account_id()}-tfstate",
]
}
extra_arguments "disable_input" {
commands = ["${get_terraform_commands_that_need_input()}"]
arguments = ["-input=false"]
}
}
}
terraform plan -var terraform_bucket=my-accountid-tfstate \
-var-file=some-path/../account.tfvars \
-input=false
terragrunt = {
include {
path = "${find_in_parent_folders()}"
}
terraform {
source = "../../../modules//cockpit"
}
}
bucket_prefix = "cockpit-"
domain_name = "cockpit.donutapp.io"
terragrunt = {
remote_state {
backend = "s3"
config {
encrypt = true
bucket = "my-${get_aws_account_id()}-tfstate"
key = "production/${path_relative_to_include()}/terraform.tfstate"
region = "us-east-1"
dynamodb_table = "terraform-locks"
}
}
terraform {
extra_arguments "bucket" {
commands = ["${get_terraform_commands_that_need_vars()}"]
optional_var_files = [
"${get_tfvars_dir()}/${find_in_parent_folders("account.tfvars", "ignore")}",
]
arguments = [
"-var",
"terraform_bucket=my-${get_aws_account_id()}-tfstate",
]
}
extra_arguments "disable_input" {
commands = ["${get_terraform_commands_that_need_input()}"]
arguments = ["-input=false"]
}
}
}
terraform plan -var terraform_bucket=my-accountid-tfstate \
-var-file=some-path/../account.tfvars \
-input=false
-var file=terraform.tfvars.terragrunt cacheterraform plan有什么想法吗?上述设置变量的机制可以任意组合使用。如果为同一变量分配了多个值,Terraform将使用它找到的最后一个值,覆盖所有以前的值。请注意,同一变量不能在单个源中分配多个值 Terraform按以下顺序加载变量,后面的源优先于前面的源:
- 环境变量
- terraform.tfvars文件(如果存在)
- terraform.tfvars.json文件(如果存在)
- 按照文件名的词法顺序处理的任何*.auto.tfvars或*.auto.tfvars.json文件
- 命令行上的任何-var和-var文件选项,按提供顺序排列。(这包括Terraform云工作区设置的变量。)
Ref:我在这里遇到了同样的问题,Terraform文档似乎没有详细说明如何加载变量或赋予变量什么优先级。在我的例子中,将
-var file