Description
Problem
Per the Terraform Documentation
Terraform also automatically loads a number of variable definitions files if they are present:
Files named exactly terraform.tfvars or terraform.tfvars.json.
Any files with names ending in .auto.tfvars or .auto.tfvars.json.
Coder silently ignores the above files and prompts the user to specify values for template variables without a default specified.
Steps to reproduce:
main.tf:
variable "name" {
type = string
}
resource "local_file" "a" {
filename = "${path.module}/a.txt"
content = "hello ${var.name}"
}
output "a" {
value = local_file.a.content
}
terraform.tfvars:
name = "world"
Output of terraform plan:
terraform plan
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# local_file.a will be created
+ resource "local_file" "a" {
+ content = "hello world"
+ content_base64sha256 = (known after apply)
+ content_base64sha512 = (known after apply)
+ content_md5 = (known after apply)
+ content_sha1 = (known after apply)
+ content_sha256 = (known after apply)
+ content_sha512 = (known after apply)
+ directory_permission = "0777"
+ file_permission = "0777"
+ filename = "./a.txt"
+ id = (known after apply)
}
Plan: 1 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ a = "hello world"
Output of coder templates create:
==> ⧗ Queued
=== ✔ Queued [184ms]
==> ⧗ Setting up
=== ✔ Setting up [0ms]
==> ⧗ No README.md provided
=== ✔ No README.md provided [0ms]
==> ⧗ Parsing template parameters
=== ✔ Parsing template parameters [5ms]
==> ⧗ Cleaning Up
=== ✘ Cleaning Up [4ms]
=== ✘ Cleaning Up [12ms]
running command "coder templates create": update job: required template variables need values: name
Specifying the variable name (e.g. --variable name=foo) allows the template to be created, but this then clobbers the default value from *.tfvars as shown by the output of coder state pull:
{
"version": 4,
"terraform_version": "1.5.3",
"serial": 1,
"lineage": "87d175b4-eeb6-404d-9c67-75095fdd29ee",
"outputs": {
"a": {
"value": "hello foo",
"type": "string"
}
},
"resources": [
{
"mode": "managed",
"type": "local_file",
"name": "a",
"provider": "provider[\"registry.terraform.io/hashicorp/local\"]",
"instances": [
{
"schema_version": 0,
"attributes": {
"content": "hello foo",
"content_base64": null,
"content_base64sha256": "bIqlJPriejYH+cQgRWe2XUg0GzvMDjbp5QhWqq8HPSE=",
"content_base64sha512": "IrdVX6WAqR0wqX6EJZ9z7CiUVRRDnOnJ3K4pMFSBwuKrdtRdB9OiSoSSvPBo9GOJxUxneXXPkKeDA7PTm8Y8hA==",
"content_md5": "b4e9c4bc17e0a52c17c59c1fb7fad2e3",
"content_sha1": "e42fac7662fe66e50afa1e67a549a51aa5b664b0",
"content_sha256": "6c8aa524fae27a3607f9c4204567b65d48341b3bcc0e36e9e50856aaaf073d21",
"content_sha512": "22b7555fa580a91d30a97e84259f73ec28945514439ce9c9dcae29305481c2e2ab76d45d07d3a24a8492bcf068f46389c54c677975cf90a78303b3d39bc63c84",
"directory_permission": "0777",
"file_permission": "0777",
"filename": "./a.txt",
"id": "e42fac7662fe66e50afa1e67a549a51aa5b664b0",
"sensitive_content": null,
"source": null
},
"sensitive_attributes": []
}
]
}
],
"check_results": null
}
The file terraform.tfvars is however present in the uploaded template tar, as evidenced by the output of coder templates pull <template_name> --tar | tar -tvf -:
-rw-r--r-- coder/coder 1153 2023-07-13 17:05 .terraform.lock.hcl
-rw-r--r-- coder/coder 183 2023-07-13 17:04 main.tf
-rw-r--r-- coder/coder 15 2023-07-13 15:16 terraform.tfvars
Activity
[-]bug: cli (and probably also api): .auto.tfvars are silently ignored[/-][+]bug: cli/api: terraform.tfvars and *.auto.tfvars are silently ignored[/+].tfvarsnot getting loaded #8356bpmct commentedon Aug 15, 2023
In this case, we probably shouldn't upload the file but instead send them to the database as managed variables.
ffais commentedon Nov 27, 2023
any news on this issue?
mtojek commentedon Dec 14, 2023
It seems that
*.tfvarsfiles have the following format:Fortunately, they contain only variable assignments and no conditional logic. It will make parsing easier.
The only thing we need to confirm is the definition precedence:
terraform.tfvarsfileterraform.tfvars.jsonfile*.auto.tfvarsor*.auto.tfvars.jsonfiles, processed in a lexical order of their filenames.As @bpmct noticed, CLI should not pack
.tfvarsfiles into template archives.Battle plan:
.tfvarsfiles & Load content from.tfvarsin order..tfvars