terraform-provider-nix icon indicating copy to clipboard operation
terraform-provider-nix copied to clipboard

Published 20 hours ago verified publisher icon andrewchambers

Add import support

Open ocharles opened this issue 6 years ago • 7 comments

I imagine it would be terraform import nix_nixos.foo <readlink /run/current-system on remote host>.

ocharles avatar Apr 11 '19 13:04 ocharles

not sure it is so easy. I can't think of a way to find the configuration of a machine, especially if it is split into multiple modules. Maybe the cases of a single configuration.nix in the default location could work.

andrewchambers avatar Apr 11 '19 20:04 andrewchambers

Oh, would you need to do that? I thought it would be enough to just store the store path that the current-system symlink points to

ocharles avatar Apr 11 '19 22:04 ocharles

I don't think I fully understand the use case. If you write a new resource pointing to an existing nixos install, it will read the system and update only if it differs already - It won't really do anything destructive.

andrewchambers avatar Apr 11 '19 22:04 andrewchambers

It's just about bringing an existing network into Terraform. For example, I have a machine x that's running some NixOS configuration. I'd like to be able to import that into my Terraform state, such that the initial terraform plan says there is nothing to do. It's harmless to deploy the current running system, but it is redundant and makes it difficult to make sure my Terraform configuration matches what I'm currently running. To clarify, this is about the initial work of moving existing infrastructure into Terraform.

ocharles avatar Apr 15 '19 13:04 ocharles

Perhaps another way to think about it is: I should be able to write a Terraform configuration, deploying it, delete my state, and then using only terraform import I should be able to reach a state where terraform plan says there is nothing to do. Or maybe you are saying that should already be the case?

ocharles avatar Apr 15 '19 13:04 ocharles

Hmm, terraform plan may say it is creating a new resource - but then when the creation actually runs, I don't think anything would happen. I will leave this issue open though, maybe it isn't too hard to support.

andrewchambers avatar Apr 16 '19 00:04 andrewchambers

I don't know if you're interested in this anymore.

Usually, resources are based on some canonical ID, like an ARN in AWS; and that state can be used to find the resource in the real world and load its state the next time Read is invoked.

Here however, the resources are given random IDs, as finding the nixos server is simply a matter of interrogating the host via ssh. So I think for a terraform import the best thing to do would be to ignore the final argument and just assign a random ID as well.

Importer: &schema.ResourceImporter{
	State: func(d *schema.ResourceData, m interface{}) ([]*schema.ResourceData, error) {
		d.SetId(randomID())
		return []*schema.ResourceData{d}, nil
	},
},

Then when Read is invoked on the next plan, it will get the current state of the operating system and not say it has to create it (or update it at all if it is indeed the right system state).

HuwCampbell avatar Jun 13 '24 02:06 HuwCampbell