Fatal编程技术网
  • terraform/
  • Terraform云(即远程后端)TF_VAR_环境替换不起作用?

Terraform云(即远程后端)TF_VAR_环境替换不起作用?

terraform

Terraform云(即远程后端)TF_VAR_环境替换不起作用?,terraform,Terraform,地形版本:0.12.24 这真的很奇怪,因为我以前使用过TF\u VAR\u替换语法,而且效果很好 provider.tf # Configure the AWS Provider provider "aws" { version = "~> 2.0" region = "ap-southeast-2" access_key = var.aws_access_key_id secret_key = var.aws_secret_access_key } variable

地形版本:
0.12.24

这真的很奇怪,因为我以前使用过
TF\u VAR\u
替换语法,而且效果很好

provider.tf

# Configure the AWS Provider
provider "aws" {
  version = "~> 2.0"
  region  = "ap-southeast-2"
  access_key = var.aws_access_key_id
  secret_key = var.aws_secret_access_key
}

variable "aws_access_key_id" {
  description = "Access Key for AWS IAM User"
}

variable "aws_secret_access_key" {
  description = "Secret Access Key for AWS IAM User"
}

variable "terraform_cloud_token" {
  description = "Token used to log into Terraform Cloud via the CLI"
}
vars.tf

# Configure the AWS Provider
provider "aws" {
  version = "~> 2.0"
  region  = "ap-southeast-2"
  access_key = var.aws_access_key_id
  secret_key = var.aws_secret_access_key
}

variable "aws_access_key_id" {
  description = "Access Key for AWS IAM User"
}

variable "aws_secret_access_key" {
  description = "Secret Access Key for AWS IAM User"
}

variable "terraform_cloud_token" {
  description = "Token used to log into Terraform Cloud via the CLI"
}
后端.tf用于地形云

terraform {
  backend "remote" {
    organization = "xx"

    workspaces {
      name = "xx"
    }
  }
}
构建日志

---------------
TF_VAR_aws_secret_access_key=***
TF_VAR_aws_access_key_id=***
TF_VAR_terraform_cloud_token=***
---------------
当我试图在本地Docker容器中运行它时,它也会在本地失败

Dockerfile

FROM hashicorp/terraform:0.12.24

COPY . /app

COPY .terraformrc $HOME

ENV TF_VAR_aws_secret_access_key 'XX'
ENV TF_VAR_aws_access_key_id 'XX'
ENV TF_VAR_terraform_cloud_token 'XX'

WORKDIR /app

ENTRYPOINT ["/app/.github/actions/terraform-plan/entrypoint.sh"]
entrypoint.sh

#!/bin/sh -l

# move terraform cloud configuration file to user root as expected
# by the backend resource
mv ./.terraformrc ~/

terraform init
terraform plan
docker容器运行的输出

$ docker run -it tf-test
---------------
TF_VAR_aws_secret_access_key=XX
TF_VAR_aws_access_key_id=XX
TF_VAR_terraform_cloud_token=XX
---------------

Initializing the backend...

Successfully configured the backend "remote"! Terraform will automatically
use this backend unless the backend configuration changes.

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "aws" (hashicorp/aws) 2.56.0...

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Running plan in the remote backend. Output will stream here. Pressing Ctrl-C
will stop streaming the logs, but will not stop the plan running remotely.

Preparing the remote plan...

To view this run in a browser, visit:
https://app.terraform.io/app/XX/XX/runs/run-XX

Waiting for the plan to start...

Terraform v0.12.24
Configuring remote state backend...
Initializing Terraform configuration...
2020/04/03 01:43:04 [DEBUG] Using modified User-Agent: Terraform/0.12.24 TFC/05d5abc3eb

Error: No value for required variable

  on vars.tf line 1:
   1: variable "aws_access_key_id" {

The root module input variable "aws_access_key_id" is not set, and has no
default value. Use a -var or -var-file command line argument to provide a
value for this variable.


Error: No value for required variable

  on vars.tf line 5:
   5: variable "aws_secret_access_key" {

The root module input variable "aws_secret_access_key" is not set, and has no
default value. Use a -var or -var-file command line argument to provide a
value for this variable.


Error: No value for required variable

  on vars.tf line 9:
   9: variable "terraform_cloud_token" {

The root module input variable "terraform_cloud_token" is not set, and has no
default value. Use a -var or -var-file command line argument to provide a
value for this variable.
好的。。。这是令人困惑的,因为Terraform的虚拟机中生成的日志流式传输到您自己的终端/运行日志

但这是我发现的。当您使用Terraform Cloud时,有两个选项可用

  • 使用Terraform的虚拟机运行
    Terraform
    命令
  • 使用您自己(或您的CI/CD平台)的基础结构来运行这些
    terraform
    命令

    • 如果您选择第一个选项(令人恼火的是默认选项)。。。您必须在Terraform Cloud仪表板中设置环境变量。这是因为用于此执行类型的所有terraform命令都在其VM中运行,并且出于良好的安全原因,本地环境中的环境变量不会传递给terraform

    如果您选择了
    remote
    选项,一旦您这样做,它将按预期工作。

    好的。。。这是令人困惑的,因为Terraform的虚拟机中生成的日志流式传输到您自己的终端/运行日志

    但这是我发现的。当您使用Terraform Cloud时,有两个选项可用

  • 使用Terraform的虚拟机运行
    Terraform
    命令
  • 使用您自己(或您的CI/CD平台)的基础结构来运行这些
    terraform
    命令

    • 如果您选择第一个选项(令人恼火的是默认选项)。。。您必须在Terraform Cloud仪表板中设置环境变量。这是因为用于此执行类型的所有terraform命令都在其VM中运行,并且出于良好的安全原因,本地环境中的环境变量不会传递给terraform

    如果选择了
    remote
    选项,则一旦选择,它将按预期工作