terraform-apply

Creates a critical alert if a bootstrap Task failure occurs.

Runs one or more Terraform Plan templates as defined by the terraform/plan-templates variable in the stage calling the task.

Requires an terraform context with Terraform v1.0+. and plans must comply with v1.0 syntax

The terraform apply is only called once. All plans in the list are generated first. If sequential operations beyond the plan are needed, use multiple calls to this task.

Only DRP API, Provisioning URL, RSA Public Key and SSH user are automatically passed into the plan; however, the plans can use the .Param and .ParamExists template to pull any value needed.

Terraform State is stored as a Param broker/tfinfo on the Cluster Machine after first execution. It is then retrieved for all subsequent runs so that Terraform is able to correctly use it's state values. The broker/tfinfo parameter is a map of brokers that can be used to track state. Anything can be stored in this parameter.

The synchronize.sh script is used by "local-exec" to connect/update/destroy machines from Terraform into Digital Rebar.

To match existing machines, cloud/instance-id and broker/name are used first. Name is used as a backup.

When updating/creating sets the Params for

  • cloud/instance-id
  • broker/name
  • cloud/provider
  • rsa/key-user (if available in broker)

When used to detect drift mode (via calling Plan on an existing plan), then will raise a terraform.drift.[cluster name] event with details about the drift from Terraform with drift is detected.

Notes:

  • To create SSH keys, use the rsa-key-create generator task.
  • If creating cloud machines, use the cloud-init task for join or flexiflow to add ansible-join
  • When using the synchronize operations, you must define terraform/map-ip-address and terraform/map-instance-name for the created machines
  • Setting terraform/debug-plan to true will cause the TF plan to be written to terraform/debug-plan-review. This is UNSAFE and for debugging only.
  • The Param terraform/init-options can be used to modify the terraform init arguments. By default this Param sets -no-color. An example option is -plugin-dir /.terraform/providers -no-color which will turn off outbound internet connectivity for Provider lookups. (Providers are cached in the Context Container in /.terrform/providers/ dir)