semaphore icon indicating copy to clipboard operation
semaphore copied to clipboard
verified publisher icon semaphoreui

Problem: Initialize Terraform pg backend with env variables

Open sti0 opened this issue 1 year ago • 8 comments

Issue

I'm trying to setup a Terraform task with a PG backend.

As recommended I use the libpg environment variable. This works flawless when executing Terraform locally.

I put the pg env variables (PGHOST, PGUSER....) into a Semaphore environment object which is assigned to the task. But this won't work. After executing the task it still tries to connect to localhost instead:

11:37:44 AM
11:37:44 AM
Initializing the backend...
11:37:44 AM
╷
11:37:44 AM
│ Error: dial tcp 127.0.0.1:5432: connect: connection refused
11:37:44 AM
│ 
11:37:44 AM
│ 
11:37:44 AM
╵

Impact

Other

Installation method

Docker

Database

Postgres

Browser

Chrome

Semaphore Version

2.10.22

Ansible Version

No response

Logs & errors

No response

Manual installation - system information

No response

Configuration

image

image

image

Additional information

No response

sti0 avatar Jul 26 '24 08:07 sti0

Seems that environment_variables are not applied when doing terraform init (https://github.com/semaphoreui/semaphore/blob/a5ea39e229b2d703990f317fa919b2e05cc96793/db_lib/TerraformApp.go#L87). Could this be the reason?

Same line might be the reason why other Terraform CLI parameters are not applied as well (no more arguments applied).

sti0 avatar Jul 26 '24 14:07 sti0

Hello, I checked and at least the secret environment variable type works if you put TF_VAR_ prefix to your variable name so I would think the normal environment variables would too. You will need to create the secrets again it seems, at least when I tested it they didn't update.

Edit: fixed the prefix

ollikurki avatar Aug 09 '24 10:08 ollikurki

Hi @ollikurki , I recreated the env variables and prefixed them with TF_ENV_. image

This doesn't work: image

In my understanding env variables are not passed to the init command as well: https://github.com/semaphoreui/semaphore/blob/a5ea39e229b2d703990f317fa919b2e05cc96793/db_lib/TerraformApp.go#L87

sti0 avatar Aug 12 '24 05:08 sti0

I believe I see a similar issue with Terraform AWS S3 backend. I get the same error when it tries to initialize the backend. I have set up the environment with ENV and Secret ENV values. I have prefixed with TF_VAR_ and nothing works. If I log into the container and go where the repository was cloned and manually set the ENV variables, thenterraform init works. So I know setting ENV should allow everything to work. image

ricorx7 avatar Aug 12 '24 23:08 ricorx7

Ahh yeah, I typo'd the prefix it should be TF_VAR_ and for me it works on the Secrets section if I create "Secret Environment Variable" type secrets: image image image image image

But yeah, the normal Environment Variables don't seem to work.

ollikurki avatar Aug 13 '24 14:08 ollikurki

It works for Terraform variables.

But in case of Postgres backend we don't use Terraform variables but host environment variables (PGHOST, PGUSER....). These variables need to be accessable in the init command.

It's not possible to use Terraform variables to define backend credentials.

sti0 avatar Aug 13 '24 14:08 sti0

Ohh, sorry I wasn't of much help then. I just fixated on the variable point because I had the same problem with the Environment Variables not working when trying to use terraform for my hypervisor and didn't clearly read the whole issue.

ollikurki avatar Aug 13 '24 14:08 ollikurki

Same issue here with Terraform http backend initialisation during init phase.

mohamed-mfarag avatar Aug 24 '24 07:08 mohamed-mfarag

Same issue here when using the AWS S3 backend:

image

The backend doesn't use TF VARS but actual environment variables.

maxim-vde avatar Sep 02 '24 09:09 maxim-vde