I believe everything is now set up to use TF Cloud in CLI-driven mode, however on
terraform plan it takes a long time to do anything. I believe this is because it’s uploading the contents of
.git directories because of an issue with
.terraformignore. Either I have it in the wrong place, or I am using the wrong slashes.
An issue was reported on github here, however, I am not clear what was fixed.
/ on Windows
b) Terraform supports
I have tried both forward and back slashes. At the end of the day, as this is running on TF Cloud, it’s running on Linux, so I would think that
/ make the most sense.
.gitignore doesn’t care.
My local file structure looks like:
Root │ .terraformignore │ └───PRODUCTS ├───arc.product.az │ │ .gitignore │ │ README.md │ │ │ ├───.git │ └───src │ │ .terraform.lock.hcl │ │ data_resources.auto.tfvars.json │ │ product_main.tf │ │ product_outputs.tf │ │ product_variables.tf │ │ tfcloud_integration.tf │ │ │ └───.terraform │ │ environment │ │ terraform.tfstate │ │ │ ├───modules │ │ modules.json │ │ │ └───providers │ └───registry.terraform.io │ └───hashicorp │ └───azurerm │ └───2.99.0 │ └───windows_amd64 │ terraform-provider-azurerm_v2.99.0_x5.exe │ ├───terraform-azurerm-resource_group │ │ main.tf │ │ outputs.tf │ │ README.md │ │ variables.tf │ │ versions.tf │ │ │ └───.git ├───terraform-azurerm-virtual_network │ │ .gitignore │ │ main.tf │ │ outputs.tf │ │ README.md │ │ variables.tf │ │ versions.tf │ │ │ └───.git ├───terraform-meta-namer │ │ .gitignore │ │ azure-pipelines.yml │ │ outputs.tf │ │ README.md │ │ variables.tf │ │ versions.tf │ │ │ └───.git ├───terraform-meta-tagger │ │ .gitignore │ │ outputs.tf │ │ README.md │ │ variables.tf │ │ versions.tf │ │ │ └───.git └───terraform-model-az_landing_zone │ .gitignore │ main.tf │ outputs.tf │ README.md │ variables.tf │ versions.tf │ └───.git
Each module is in its own repo.
terraform plan, the output seems to suggest it wants
.terraformignore in the
Root directory (which is odd as it’s outside source control). I have tried it under
PS C:\Root\PRODUCTS\arc.product.az\src> terraform plan Running plan in Terraform Cloud. The output will stream here. Pressing Ctrl-C will stop streaming the logs, but will not stop the plan from running remotely. Preparing the remote plan... The remote workspace is configured to work with the configuration at PRODUCTS/arc.product.az/src relative to the target repository. Terraform will upload the contents of the following directory, excluding files or directories as defined by a .terraformignore file at C:\Root/.terraformignore (if it is present), in order to capture the filesystem context the remote workspace expects: C:\Root\
Terraform Working Directory is set to:
This is what my
.terraformignore looks like:
# Git **/.git/** # Local .terraform directories **/.terraform/* !**/.terraform/modules/** # .tfstate files *.tfstate *.tfstate.* # Crash log files crash.log crash.*.log # Exclude all .tfvars files, which are likely to contain sensitive data, such as # password, private keys, and other secrets. These should not be part of version # control as they are data points that are potentially sensitive and subject # to change depending on the environment. #*.tfvars #*.tfvars.json # Ignore override files as they are usually used to override resources locally and so # are not checked in override.tf override.tf.json *_override.tf *_override.tf.json # Include override files you do wish to add to version control using negated pattern # !example_override.tf # Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan # example: *tfplan* # Ignore CLI configuration files .terraformrc terraform.rc
The plan does eventually work. It just takes about 10 minutes - which isn’t much use.
If anyone has any ideas, I’d be grateful if they could share.
Terraform documentation link.