Resuse random_password and map them to enviroment variables for use with envsubst on local-exec

sviart · July 19, 2021, 9:33am

Hi,

I’ve some random_password resource that I would like to pass to environment for local-exec so I can send some SQL query to the newly created SQL database:

How can I avoid code duplication repeating the same environment = {} definition over and over again?

looks like:

  provisioner "local-exec" {
    command = "sqlcmd -S ${azurerm_sql_server.sqlserver.fully_qualified_domain_name} -d manager -U 's' -P '${random_password.sa.result}' -i <(envsubst ./sql/manager_users_grant.sql)"
    interpreter = [ "/bin/bash", "-c"]
    environment = {
      pass_sa = random_password.a.result
      pass_prod_service_01 = random_password.prod_service_01.result
      pass_prod_service_02 = random_password.prod_service_02.result
      pass_prod_project_user = random_password.prod_project_user.result
      pass_prod_master_key_jobdatabase = random_password.prod_master_key_jobdatabase.result
      pass_prod_master_key_manager = random_password.prod_master_key_manager.result
      pass_prod_master_key_common = random_password.prod_master_key_common.result
    }

I’ve multiple database to set permission like this.

Regards,
Sylvain.

stuart-c · July 19, 2021, 10:02am

Use a map local variable for all those env vars and then just reference in your provisioner blocks (environment = local.environment)

sviart · November 4, 2021, 1:20pm

worked just fine thanks!

locals {
  # The following map avoid code duplication, keys are also exported in output.tf to be
  # used by export_all_env_var.sh is some script needs to be run directly from
  # command line outside terraform
   shell_env_var = {
      pass_sa = random_password.sa.result
      pass_prod_service_01 = random_password.prod_service_01.result                                                                                                                                                                          
      pass_prod_service_02 = random_password.prod_service_02.result
      pass_prod_project_user = random_password.prod_project_user.result
      pass_prod_master_key_jobdatabase = random_password.prod_master_key_jobdatabase.result
      pass_prod_master_key_manager = random_password.prod_master_key_manager.result
      pass_prod_master_key_common = random_password.prod_master_key_common.result
      sql_elastic_pool_name = azurerm_mssql_elasticpool.pool.name
  }
}                                                                                                                                                                                                                                            

# [...]
  provisioner "local-exec" {
    command = "sql/import_sql.sh ${azurerm_sql_server.sqlserver.fully_qualified_domain_name} _templateproject"
    environment = local.shell_env_var
  }

Topic		Replies	Views
Local-exec provider and attribute references - i don't get it Terraform	0	536	November 22, 2020
Use local variable in local-exec destroy provisioner Terraform	2	2170	October 17, 2023
Terraform local block issue Terraform	1	329	December 12, 2023
Having issues with passing array to a local_exec provisioner Terraform	1	1427	March 6, 2020
Problems using for_each using local variable created based on another local Terraform hcp-terraform , azure	1	689	March 11, 2022

Resuse random_password and map them to enviroment variables for use with envsubst on local-exec

Related topics