Managing workspace output interdepencies / Chicken&egg problem


I have microservice architecture setup with Terraform in AWS. Each microservice is setup with separate workspaces. Some of these workspaces need outputs from other workspaces but in an event where say we spin up a new clean environment. These outputs/state files won’t exist unless an apply is completed.

For example,

  • workspace A needs outputs from workspace B
  • workspace B needs outputs from workspace A

Both workspaces will fail their applies because the outputs/state files do not exist for both and we run into a Chicken&egg problem. Anyone ever encounter this?

My initial reaction is that this is probably a sign that things have been excessively decomposed into too many workspaces.

I think you would have to describe the kinds of resources in each workspace, and the reasons for the interdependencies, to get a more useful answer than that.

Hey thanks for the reply!

We have basically removed resources related to microservices and put them into their own workspaces so service A would have its own route53, security groups, ecs service, rds etc etc with a shared workspace that would manage vpc, domain etc etc. Sometimes service A might need an output from service B to be used in it’s env. This might be an issue with how we have setup our services but it is what is.

I have figured out that tfe_outputs has 2 attributes, values and nonsensitive_values. Apparently the values attribute is set to “sensitive” when there is no state file so terraform will freak out if you try to query it with no state BUT nonsensitive_values does not care and will just return an empty map. So I used nonsensitive instead and made a conditional to check if it returns an empty value (meaning state doesnt exist yet), then just set a default value otherwise use the regular tfe_output nonsensitive value.