如何将terraform state整合到github动作流程中?
[英]How to integrate terraform state into github action workflow?
问题描述
I have the github action workflow outlining the simple process of spinning up terraform to create resources in Azure. What I am missing is how to integrate the terraform state file so that upon sequential runs of this workflow it should compare the current state with the main.tf file and only permit the.net changes.
我有 github 操作工作流,概述了旋转 terraform 以在 Azure 中创建资源的简单过程。我缺少的是如何集成 terraform state 文件,以便在顺序运行此工作流时,它应该将当前的 882714.48387401 与主文件进行比较tf 文件并且只允许.net 更改。 At present if I run this sequentially, will always fail the second time because the resources will have already been created in Azure.目前,如果我按顺序运行,第二次总是会失败,因为资源已经在 Azure 中创建。
How can I configure the github workflow below to permit terraform state file comparison?, I have not found a single source that does this我如何配置下面的 github 工作流程以允许 terraform state 文件比较?,我还没有找到这样做的单一来源
github repo layout: github 回购布局:
github action workflow: github动作流程:
name: Terraform deploy to Azur
on: [push]
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: "Checkout"
uses: actions/checkout@master
- name: "Terraform Init"
uses: hashicorp/terraform-github-actions@master
with:
tf_actions_version: 0.12.13
tf_actions_subcommand: "init"
- name: "Terraform Plan"
uses: hashicorp/terraform-github-actions@master
with:
tf_actions_version: 0.12.13
tf_actions_subcommand: "plan"
args: -var="client_secret=${{ secrets.clientSecret }}"
-var="client_id=${{ secrets.clientId }}"
-var="tenant_id=${{ secrets.tenantId }}"
-var="sub=${{ secrets.sub }}"
- name: "Terraform Apply"
uses: hashicorp/terraform-github-actions@master
with:
tf_actions_version: 0.12.13
tf_actions_subcommand: "apply"
args: -var="client_secret=${{ secrets.clientSecret }}"
-var="client_id=${{ secrets.clientId }}"
-var="tenant_id=${{ secrets.tenantId }}"
-var="sub=${{ secrets.sub }}"
2 个解决方案
解决方案1
2 已采纳 2020-10-18 15:17:03
您需要向 Terraform添加后端配置,以便它将状态文件存储在外部某处,以便在每次运行时引用和更新。
解决方案2
0 2022-04-21 11:23:13
A better solution than storing the backend configuration elsewhere, when running in a pipeline, is to generate the backend configuration on the fly just before the terraform init :在管道中运行时,比将后端配置存储在其他地方更好的解决方案是在terraform init之前动态生成后端配置:
- name: Setup Terraform Backend
id: backend
run: |
cat > backend.tf << EOF
terraform {
backend "remote" {
organization = "${secrets.TF_CLOUD_ORGANIZATION}"
workspaces {
name = "${secrets.TF_CLOUD_WORKSPACE}"
}
}
}
EOF
- name: Terraform Init
id: init
run: terraform init
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.