terraform - Terraform Cloud（即远程后端）TF_VAR_ 环境替换不起作用？

问题描述

地形版本：0.12.24

这真的很奇怪，因为我之前使用过TF_VAR_替换语法并且效果很好。

提供者.tf

# Configure the AWS Provider
provider "aws" {
  version = "~> 2.0"
  region  = "ap-southeast-2"
  access_key = var.aws_access_key_id
  secret_key = var.aws_secret_access_key
}

变量.tf

variable "aws_access_key_id" {
  description = "Access Key for AWS IAM User"
}

variable "aws_secret_access_key" {
  description = "Secret Access Key for AWS IAM User"
}

variable "terraform_cloud_token" {
  description = "Token used to log into Terraform Cloud via the CLI"
}

用于 terraform 云的backend.tf

terraform {
  backend "remote" {
    organization = "xx"

    workspaces {
      name = "xx"
    }
  }
}

构建日志

---------------
TF_VAR_aws_secret_access_key=***
TF_VAR_aws_access_key_id=***
TF_VAR_terraform_cloud_token=***
---------------

当我尝试在本地 Docker 容器中运行它时，它也会在本地失败

Dockerfile

FROM hashicorp/terraform:0.12.24

COPY . /app

COPY .terraformrc $HOME

ENV TF_VAR_aws_secret_access_key 'XX'
ENV TF_VAR_aws_access_key_id 'XX'
ENV TF_VAR_terraform_cloud_token 'XX'

WORKDIR /app

ENTRYPOINT ["/app/.github/actions/terraform-plan/entrypoint.sh"]

入口点.sh

#!/bin/sh -l

# move terraform cloud configuration file to user root as expected
# by the backend resource
mv ./.terraformrc ~/

terraform init
terraform plan

docker 容器运行的输出

$ docker run -it tf-test
---------------
TF_VAR_aws_secret_access_key=XX
TF_VAR_aws_access_key_id=XX
TF_VAR_terraform_cloud_token=XX
---------------

Initializing the backend...

Successfully configured the backend "remote"! Terraform will automatically
use this backend unless the backend configuration changes.

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "aws" (hashicorp/aws) 2.56.0...

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
Running plan in the remote backend. Output will stream here. Pressing Ctrl-C
will stop streaming the logs, but will not stop the plan running remotely.

Preparing the remote plan...

To view this run in a browser, visit:
https://app.terraform.io/app/XX/XX/runs/run-XX

Waiting for the plan to start...

Terraform v0.12.24
Configuring remote state backend...
Initializing Terraform configuration...
2020/04/03 01:43:04 [DEBUG] Using modified User-Agent: Terraform/0.12.24 TFC/05d5abc3eb

Error: No value for required variable

  on vars.tf line 1:
   1: variable "aws_access_key_id" {

The root module input variable "aws_access_key_id" is not set, and has no
default value. Use a -var or -var-file command line argument to provide a
value for this variable.


Error: No value for required variable

  on vars.tf line 5:
   5: variable "aws_secret_access_key" {

The root module input variable "aws_secret_access_key" is not set, and has no
default value. Use a -var or -var-file command line argument to provide a
value for this variable.


Error: No value for required variable

  on vars.tf line 9:
   9: variable "terraform_cloud_token" {

The root module input variable "terraform_cloud_token" is not set, and has no
default value. Use a -var or -var-file command line argument to provide a
value for this variable.

标签： terraform