Authentication working on Windows but not UNIX

Terraform
1

Hello!
I have a problem! When using Windows and “file” to get the API Key I have no issues and everything works as expected. When using RHEL the Authentication Failes as the API Key is “wrong” … when setting the API Key as a Variable it works as expected … can someone help or knows why it is like this??? (If I get the file contents with a output I get exactly the API Key … the contents of the file is 100% correct)

Used provider: “CiscoDevNet/intersight”

Provider Configuration that works on Windows:

provider "intersight" {
  apikey    = file("../../_secrets/intersight_apikey.txt")
  secretkey = file("../../_secrets/intersight_secretkey.txt")
  endpoint  = "https://intersight.com"
}

Provider Configuration that works on RHEL and Windows:

provider "intersight" {
  apikey    = "XXXXX"
  secretkey = file("../../_secrets/intersight_secretkey.txt")
  endpoint  = "https://intersight.com"
}

As soon as I change the “apikey” as describe above it works … for the “secretkey” I have no issues at all…

I guess this is related to Terraform and not the provider.

Thanks in advance.

2

This really doesn’t make much sense…

When Linux vs. Windows issues arise, it’s always worth wondering if differing interpretation of line endings (LF vs. CRLF) could be an issue.

Apart from that, you could define a Terraform output:

output "apikey" {
  value = base64encode(file("../../_secrets/intersight_apikey.txt"))
}

and compare the emitted base64 representation of the file, to verify whether or not it truly is byte-for-byte identical on both platforms.

3

Hi @maxb
Thank you for your suggestion. I tried a bit around and actually found out that when i do “file” and encode the output in base64 I’m missing a “=” in the end. I tried with different LF in both Windows and RHEL but again no difference in Windows it is correct with CRLF and LF. In RHEL it is not working in both scenario

See the output:

From Windows machine (same output no matter if CRLF/LF) [CORRECT AND WORKING]

apikey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="
apikey_clear = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="

From RHEL machine (if CRLF) [in apikey we have two ==]

apikey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=="
apikey_clear = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="

From RHEL machine (if UNIX LF) [in apikey we don’t have any “=”]

apikey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
apikey_clear = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX="
4

= in base64 is just a padding character. All you’re really telling me is that the raw contents are different lengths.