我正在尝试为 AWS 中的无服务器应用程序部署设置 gtilab 管道。应用程序基础设施是使用 Terraform 部署的。我在
hashocorp/terraform:ligh
中使用 .gitlab-ci.yml
图像,但它在 plan
阶段失败了
这是我的
.gitlab-ci.yml
文件
image:
name: hashicorp/terraform:light
entrypoint:
- 'usr/bin/env'
- 'PATH=/usr/localsbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
stages:
- fmt
- validate
- plan
- apply
variables:
TF_ROOT: "terraform"
AWS_ACCESS_KEY_ID: "$AWS_ACCESS_KEY_ID"
AWS_SECRET_ACCESS_KEY: "$AWS_SECRET_ACCESS_KEY"
AWS_DEFAULT_REGION: "$AWS_DEFAULT_REGION"
TF_BACKEND_BUCKET: "$TF_BACKEND_BUCKET"
TF_BACKEND_KEY: "$TF_BACKEND_KEY"
TF_BACKEND_DYNAMODB_TABLE: "$TF_BACKEND_DYNAMODB_TABLE"
before_script:
- terraform --version
- mkdir -p $TF_ROOT
- cd $TF_ROOT
- terraform init -reconfigure -backend-config="bucket=$TF_BACKEND_BUCKET" -backend-config="key=$TF_BACKEND_KEY" -backend-config="region=$AWS_DEFAULT_REGION" -backend-config="dynamodb_table=$TF_BACKEND_DYNAMODB_TABLE"
- echo "$TR_ROOT"
- echo "$TFVARS_FILE"
- ls -al
format:
stage: fmt
script:
- terraform fmt
only:
- branches
validate:
stage: validate
script:
- terraform validate
only:
- branches
plan:
stage: plan
script:
- terraform plan -var-file="$TFVARS_FILE" -out=tfplan
only:
- branches
apply:
stage: apply
script:
- terraform apply -var-file="$TFVARS_FILE" -auto-approve -out=tfplan
environment:
name: dev
url: "https://mycompany.awsapps.com/start/#"
only:
- main
when: manual
阶段
fmt
和 validate
运行良好,但在 plan
失败,并出现以下错误。
我不明白为什么它说没有
tf
文件,而
项目文件夹中有tf文件。
每次运行管道时,下面的命令都会构建空目录吗?
有人可以帮助修复以下问题并帮助我了解图像和目录在 gitlab 中的工作原理吗?
$ mkdir $TF_ROOT
$ cd $TF_ROOT
$ terraform init -reconfigure -backend-config="bucket=bucket=$TF_BACKEND_BUCKET" -backend-config="key=$TF_BACKEND_KEY" -backend-config="region=$AWS_DEFAULT_REGION" -backend-config="dynamodb_table=$TF_BACKEND_DYNAMODB_TABLE"
Terraform initialized in an empty directory!
The directory has no Terraform configuration files. You may begin working
with Terraform immediately by creating Terraform configuration files.
$ terraform plan -var-file="$TFVARS_FILE" -out=tfplan
╷
│ Error: Failed to read variables file
│
│ Given variables file does not exist.
╵
Gitlab 有一个开放的 issue 用于指定子管道的工作目录。
terraform fmt
和 terraform validate
terraform fmt
和 terraform validate
不需要 terraform 文件。您可以轻松地在任何空目录中运行这些命令而不会出现错误。
terraform plan
如果在空目录中运行此命令将引发异常。
Gitlab 有 terraform 包装器,它使用
TF_ROOT
env。此包装已弃用。
您需要将
-chdir=$TF_ROOT
添加到您的所有步骤
这是示例
.gitlab-ci.yml
文件
image:
name: hashicorp/terraform:light
entrypoint:
- 'usr/bin/env'
- 'PATH=/usr/localsbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin'
stages:
- fmt
- validate
- plan
- apply
variables:
TF_ROOT: "terraform"
AWS_ACCESS_KEY_ID: "$AWS_ACCESS_KEY_ID"
AWS_SECRET_ACCESS_KEY: "$AWS_SECRET_ACCESS_KEY"
AWS_DEFAULT_REGION: "$AWS_DEFAULT_REGION"
TF_BACKEND_BUCKET: "$TF_BACKEND_BUCKET"
TF_BACKEND_KEY: "$TF_BACKEND_KEY"
TF_BACKEND_DYNAMODB_TABLE: "$TF_BACKEND_DYNAMODB_TABLE"
before_script:
- terraform --version
- mkdir -p $TF_ROOT
- cd $TF_ROOT
- terraform init -reconfigure -backend-config="bucket=$TF_BACKEND_BUCKET" -backend-config="key=$TF_BACKEND_KEY" -backend-config="region=$AWS_DEFAULT_REGION" -backend-config="dynamodb_table=$TF_BACKEND_DYNAMODB_TABLE"
- echo "$TR_ROOT"
- echo "$TFVARS_FILE"
- ls -al
format:
stage: fmt
script:
- terraform -chdir=$TF_ROOT fmt
only:
- branches
validate:
stage: validate
script:
- terraform -chdir=$TF_ROOT validate
only:
- branches
plan:
stage: plan
script:
- terraform -chdir=$TF_ROOT plan -var-file="$TFVARS_FILE" -out=tfplan
only:
- branches
apply:
stage: apply
script:
- terraform -chdir=$TF_ROOT apply -var-file="$TFVARS_FILE" -auto-approve -out=tfplan
environment:
name: dev
url: "https://mycompany.awsapps.com/start/#"
only:
- main
when: manual