Hi! I am new to Terraform (and currently in “experiencing/learning mode”), but I am using terraform cloud to deploy resources in azure. However, to deploy a mysql replica, I understand that this cant be done by terraform directly, but has to be done by for example azure cli.
If I run a “local” terraform in a azure cloud shell, I can get the following code to work as expected:
resource “null_resource” “azure-cli” {
provisioner “local-exec” {
command = "az mysql server replica create --name $replicaserver --source-server $sourceserver --resource-group $rg_name --location westeurope"
However, when running the same code in terraform cloud, I get “exit status 127. Output: /bin/sh: 1: az: not found”.
Can someone point me in the right direction on how to run azure cli commands when I am using Terraform Cloud?
3 Likes
@Frank_Thingelstad Have you found any work around?
1 Like
I want this too. Any solutions? Please.
I tried to use the AZ bash install script, but that failed with ‘bash: line 42: /dev/tty: No such device or address’
resource "null_resource" "script-signalr-setappconfig" {
# Use this mechanism to always execute the script on 'terraform apply'
triggers = {
build_number = "${timestamp()}"
}
provisioner "local-exec" {
command = <<EOH
curl -L https://aka.ms/InstallAzureCli | bash
chmod 0755 az
az appconfig kv set-keyvault <some extra stuff>
EOH
}
}
@rahulraj7-del: Sorry, didn’t find any. Ended up creating the replica manually.
This works pretty good using pipelines in Azure.
It seems to have the Azure CLI available natively. You probably need the Terraform Cloud team to make that available in the enviroment your running the scripts from.
can you share your sample code. I appreciate your help
There you go:
resource "null_resource" "install_az_cli" {
provisioner "local-exec" {
command = <<EOF
. /etc/lsb-release
wget https://packages.microsoft.com/repos/azure-cli/pool/main/a/azure-cli/azure-cli_2.36.0-1~$${DISTRIB_CODENAME}_all.deb
mkdir ./env && dpkg -x *.deb ./env
./env/usr/bin/az login --service-principal -u "${var.client_id}" -p "${var.client_secret}" -t "${var.tenant_id}"
./env/usr/bin/az account show
EOF
}
triggers = {
always_run = uuid()
}
}
There is room for improvement, but this is my baseline.
1 Like
Thanks for sharing that example, @sturlabragason-devot.
I want to be explicit that although Terraform Cloud is currently running Terraform Core inside an Ubuntu system that is not a guaranteed made by the Terraform Cloud team and so strategies like this will not necessarily keep working under future updates to Terraform Cloud’s execution environment. (This solution in particular relies on dpkg, which would not be available if this were not running on a Debian-based Linux distribution.)
It’s reasonable and pragmatic to use strategies like this as a temporary measure while real provider support isn’t available, but you shouldn’t consider it to be a final solution. In this case, I’d suggest making sure there is an active feature request for the API action you need to take in the hashicorp/azurerm provider’s repository and to subscribe to updates on that issue so that you can see when it’s been implemented and then transition ASAP to the real provider feature.
If you need to use additional software on an ongoing basis rather than only as a temporary workaround, you can use Terraform Cloud Agents to run remote operations on servers you control, and so where you can install whatever software you need for your Terraform configurations to use.
2 Likes