Creds for terraform cloud remote #113
Creds for terraform cloud remote #113
Conversation
This workflow is already covered in the examples here: https://github.com/hashicorp/terraform-github-actions/blob/master/examples/backends.md Thank you for the work. The reason why I moved away from creating the |
Thanks, I might suggest to actually have a link on the main page of the github repo. When I wrote this the . It isn't clear in Terraform Cloud's remote docs how to do that. Also, when I wrote this, the docs at https://www.terraform.io/docs/github-actions/common-tasks/backends.html were using the previous workflow style, so I picked something that mirrored that behavior. |
Actually, I have a follow up @sudomateo . I switched to use what was in that document, and init went through but it didn't seem to carry over to my plan. I also set in my env TF_API_TOKEN so that it's available to the plan. Is there something else I should do when running plan to make the credentials available if I ran init in the same job?
|
I might have a similar issue than you @jmahowald (even though my init does not even to through):
|
@jmahowald would you be able to provide the redacted Terraform files being used? |
@iniinikoski it would be helpful to see how the |
@sudomateo sure. We just do this:
|
@iniinikoski Thank you for providing that. After reading this documentation, it seems that the only way to authenticate to modules within a private module registry at this time is by using the CLI credentials file. I'll work on adding the CLI credentials file back into the code. That being said I'm a bit curious as to where GitHub Actions fits into your workflow if you already are using Terraform Cloud/Enterprise. Care to share some details there? |
@sudomateo sure. I plan to use the Actions to test & verify modules - everything else is covered by TFE and it's PR-checking. I've never given a thought on plumbing the module repositories also to TFE workspaces. Hmm... |
@iniinikoski For clarity, when you say this, do you mean you are testing and validating modules using Also I have a branch named |
Both yes - and I need to do the init in between :)
Works like a charm, cool and thanks for the quick fix! :) |
@iniinikoski Thank you for testing that. I released v0.6.3 to include this functionality. Also thank you for the details on your use case. I will discuss use cases like this internally to see if this is something we can begin to provide in Terraform Cloud/Enterprise. |
Regarding why Github Actions and Terraform Cloud. I am actually trying both out, wanting to ensure the dev team that doesn't touch terraform much can do so with there standard pipeline tools, while weighing the workflow improvements of Terraform Cloud. But even if I don't use Terraform Cloud for the workflows, using the remote state is nice. I wish it would be easier to create a new workspace and set the management to local. (I'm aware that I can create something for this with using the TFE provider, but I'm talking about a simple command/flag) |
@jmahowald tfhelper (https://github.com/hashicorp-community/tf-helper) could help you here maybe, if the TFE provider does not... |
I wasn't able to figure another way to be able to use terraform cloud for remote states, nor could I figure out if there is a general environment variable name to use for the terraform cloud token.