Comments (5)
ljfranklin
commented on August 20, 2024
@minniux my guess is the backend_config.shared_credentials_file path might be incorrect. The path should be relative to the terraform_source dir I think, so you'd need something like ``backend_config.shared_credentials_file: ../creds/creds.json. If that doesn't work posting your pipeline config's source` and `put` sections would help debug further.
from terraform-resource.
minniux
commented on August 20, 2024
@ljfranklin thank you for the fast reply, I've tried setting the credentials file relative to terraform_source as advised, but still got the same error.
Here are the source and put sections I'm using:
resources:
- name: example-stack
type: terraform
source:
backend_type: s3
backend_config:
bucket: example-bucket
key: example/main
region: eu-west-1
profile: ((AWS_PROFILE_NAME))
shared_credentials_file: ((CREDENTIALS_FILE))
- put: example-stack
params:
env_name: staging
terraform_source: terraform/example-stack
env:
AWS_SHARED_CREDENTIALS_FILE: ((CREDENTIALS_FILE))
AWS_DEFAULT_REGION: eu-west-1
AWS_PROFILE: ((AWS_PROFILE_NAME))
Note that If put.env is removed it fails to read the state, and if it's replaced with source.env it gives the same behavior to read the state and apply changes without uploading state
from terraform-resource.
ljfranklin
commented on August 20, 2024
As far as I can tell from reading the docs here and the terraform source code, it looks like shared_credentials_file must be a path to a file on disk rather than the contents of the file. Since the Concourse design doesn't let you pass files to check tasks, the resource's check calls will always fail. To use profiles and the shared credential file I think you'd have to open a PR or feature request to Terraform.
That said, using access_key and secret_key should work as expected.
from terraform-resource.
minniux
commented on August 20, 2024
shared_credentials_file is referring to a file, but the file gets written in a task before the put task (that's to generate the session token), so that's why the check is failing
Although I'm not totally sure, is the failure in saving state in apply related to check failure?
But anyway I'll look for another authentication method to use for our case, thanks for helping :)
from terraform-resource.
ljfranklin
commented on August 20, 2024
Happy to help! Going to close this out as there's unfortunately not anything I can change in the resource to support the shared_credentials_file use case. In the past I've submitted PRs to terraform providers to take either a filepath or file contents for params like shared_credentials_file, so if you submit a PR to Terraform they'd probably accept it.
from terraform-resource.
Related Issues (20)
- "parameters" contains an invalid JSON: invalid character ':' after top-level value
- The terraform-provider-azurerm_v2.71.0_x5.exe plugin crashed! HOT 2
- [Feature Request] Install `curl` on images HOT 2
- [feature request] Ability to customize the `name`, `metadata`, `plan.json` filenames (support for across step) HOT 2
- HCSEC-2021-12 - Missing Tags/Releases HOT 2
- Timeout no longer seems to work with Concourse v7.5.0 HOT 2
- put with `plan_only: true` returns non zero exit code HOT 4
- Accessing local files HOT 2
- unknown provider "registry.terraform.io/-/stateful" (we don't use this) HOT 2
- Read backend configuration from source files HOT 4
- Ability to specify state locking timeout HOT 1
- TF_LOG environment variable doesn't seem to work HOT 1
- Error installing provider "random": openpgp: signature made by unknown entity. HOT 1
- Error refreshing state error HOT 3
- Other plan output options besides .json file HOT 2
- terraform apply --replace method or taint HOT 3
- SSH warnings during module download HOT 1
- "No satisfiable builds from passed jobs found for set of inputs" when using plan_only. HOT 3
- Building image from Dockerfile - COPY failed: no source files were specified HOT 1
- Plan fails due to the size when uploading to backend HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-resource.