I’m using GitHub Actions to trigger Terraform. I’ve followed the official guide, but it’s failing in Terraform Cloud because it looks like (to me) that the TF_VAR_ I’m setting in GitHub Actions doesn’t get set properly in Terraform code.
e.g. Terraform Cloud complains…
Error: Variables not allowed
on /home/tfc-agent/.tfc-agent/component/terraform/runs/run-FDxgRzprhu6kRa5G/terraform.tfvars line 1:
env = dev
Variables may not be used here.
But in my GitHub Actions workflow I’m setting…
env:
TF_VAR_env: "dev"
So I’d expect the generated TF code to look like env = "dev".
But it’s not happening.
Does anyone know why this would be?
I’ve even tried using single quotes inside of the double quotes (just to see what happens) TF_VAR_env: "'dev'" but it still errors with env = dev.
OK fixed it. I needed to go the other way and wrap double quotes in single quotes.
TF_VAR_env: '"dev"'
1 Like
Hi @Integralist,
I think what’s happened here is that you haven’t specified a type constraint for this input variable and so Terraform is relying on the expression syntax to infer which type you meant. Placing it in quotes made it a string literal, whereas without the quotes it looked to Terraform like a reference to another symbol that is in scope, but there aren’t any symbols in scope in this context.
If you specify type = string for the input variable then Terraform will use that information to just treat the entire input variable value as a string literal without any special punctuation required.
It looks like you are also using Terraform Cloud remote operations, which adds some extra layers in the middle that might make this behave a little differently, but what I wrote above is true for Terraform CLI when it’s directly running Terraform Core on the local system, and hopefully the Terraform Cloud integration is preserving the abstraction well enough that it works consistently for remote operations too. (I have not checked the treatment of environment variables in particular, so I can’t be sure.)