"resource null_resource doesn't support import"

Hello all!

I’ve run into a bit of a quandary, and I have not been able to Google my way to victory, so I turn to you all for help.

In short, I’m trying to split a null_resource up into two null_resources, as to reduce the “churn” on the provisioners specified within. Currently, one null_resource is used to apply three provisioners where the first one does a system update, installing ruby, and setting up permissions (etc), another that copies a file, and one that executes the file.

I’m splitting that into two null_resources, the first with the first provisioner, and the second with the last two provisioners. I’m also assigning “triggers” to the provisioners (which I didn’t have previously, as they were inline remote executions).

The problem is that all this is (understandably) causing terraform to detect a change in null_resources, and it now wants to apply the new ones. My goal is to “migrate” the “original” null_resource to the “new” first null_resource and mark that as “untainted”(?), and let the second null_provisioner execute.

  1. I’ve successfully “moved” the original null_resource to the new first null_resource
  2. I’ve been UNABLE to mark that resource as untainted (so it still wants to apply)
  3. I’ve been unable to “import” the null_resource in an attempt to “trick” Terraform into thinking there is no change with that one.

Long story long, how can I accomplish this?

Thanks!

Original Null Resources:

resource "null_resource" "configure-bastion" {
  count = "${var.count}"

  triggers = {
    bastion_id = "${element(var.bastion_ids, count.index)}"
  }

  connection {
    type        = "ssh"
    private_key = "${var.private_key}"

    host = "${element(var.bastion_ips, count.index)}"
    user = "ec2-user"
  }

  # TODO: Move this stuff into a file and track it's fingerprint as a trigger (above)
  provisioner "remote-exec" {
    inline = [
      "sudo chown -R root:wheel /etc/profile.d",
      "sudo chmod -R g+w /etc/profile.d",
      "sudo chown -R root:wheel /usr/local/bin",
      "sudo chmod -R g+w /usr/local/bin",
      "sudo yum update -yq --exclude=system-release*",
    ]
  }

  provisioner "file" {
    content     = "${var.jumpcloud_init}"
    destination = "/usr/local/bin/jumpcloud_init"
  }

  provisioner "remote-exec" {
    inline = [
      # ... inline commands
    ]
  }
}

New Null Resources:

resource "null_resource" "configure-bastion-host" {
  count = "${var.count}"

  triggers = {
    file       = "${file("${path.module}/files/host_init.sh")}"
    bastion_id = "${element(var.bastion_ids, count.index)}"
  }

  connection {
    type        = "ssh"
    private_key = "${var.private_key}"

    host = "${element(var.bastion_ips, count.index)}"
    user = "ec2-user"
  }

  provisioner "remote-exec" {
    script = "${path.module}/files/host_init.sh"
  }
}

resource "null_resource" "configure-bastion-jumpcloud" {
  count = "${var.count}"

  triggers = {
    file       = "${file("${path.module}/files/jumpcloud.sh")}"
    bastion_id = "${element(var.bastion_ids, count.index)}"
  }

  connection {
    type        = "ssh"
    private_key = "${var.private_key}"

    host = "${element(var.bastion_ips, count.index)}"
    user = "ec2-user"
  }

  provisioner "file" {
    content     = "${var.jumpcloud_init}"
    destination = "/usr/local/bin/jumpcloud_init"
  }

  provisioner "remote-exec" {
    script = "${path.module}/files/jumpcloud.sh"
  }

  depends_on = ["null_resource.configure-bastion-host"]
}
3 Likes