From 7b13306909191258aa76f63c145ee5087039a81c Mon Sep 17 00:00:00 2001 From: Jacob McCann Date: Fri, 12 May 2017 10:06:54 -0500 Subject: [PATCH 1/4] Allow multiple backend-config options --- plugin.go | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/plugin.go b/plugin.go index 739aae1..c230135 100644 --- a/plugin.go +++ b/plugin.go @@ -31,9 +31,9 @@ type ( } InitOptions struct { - BackendConfig string `json:"backend-config"` - Lock *bool `json:"lock"` - LockTimeout string `json:"lock-timeout"` + BackendConfig []string `json:"backend-config"` + Lock *bool `json:"lock"` + LockTimeout string `json:"lock-timeout"` } Plugin struct { @@ -122,8 +122,9 @@ func initCommand(config InitOptions) *exec.Cmd { "init", } - if config.BackendConfig != "" { - args = append(args, fmt.Sprintf("-backend-config=%s", config.BackendConfig)) + fmt.Printf("config.BackendConfig: %v\n", config.BackendConfig) + for _, v := range config.BackendConfig { + args = append(args, fmt.Sprintf("-backend-config=%s", v)) } // True is default in TF From 40a5e1af9bbdf3d4befbe9207e353d35ff774615 Mon Sep 17 00:00:00 2001 From: Jacob McCann Date: Fri, 12 May 2017 10:14:17 -0500 Subject: [PATCH 2/4] Update DOCS to reflect new way of setting up and configuring the remote/backend --- DOCS.md | 62 +++++++++++++++++++++++++++++++++------------------------ 1 file changed, 36 insertions(+), 26 deletions(-) diff --git a/DOCS.md b/DOCS.md index fb8990a..8b59dad 100644 --- a/DOCS.md +++ b/DOCS.md @@ -54,19 +54,27 @@ pipeline: + sensitive: true ``` -Example configuration with state tracked via remote: +Example configuration with state tracked via remote. You will need a file +that specifies the backend type along with ability to pass options via the `.drone.yml`. +`backend.tf` +``` +terraform { + backend "s3" {} +} +``` + +`.drone.yml` ```diff pipeline: terraform: image: jmccann/drone-terraform:1 plan: false -+ remote: -+ backend: S3 -+ config: -+ bucket: my-terraform-config-bucket -+ key: tf-states/my-project -+ region: us-east-1 ++ init_options: ++ backend-config: ++ - "bucket=my-terraform-config-bucket" ++ - "key=tf-states/my-project" ++ - "region=us-east-1" ``` You may want to run terraform against internal resources, like an internal @@ -145,12 +153,11 @@ pipeline: dev_terraform: image: jmccann/drone-terraform:1 plan: false - remote: - backend: S3 - config: - bucket: my-terraform-config-bucket - key: tf-states/my-project - region: us-east-1 + init_options: + backend_config: + - "bucket=my-terraform-config-bucket" + - "key=tf-states/my-project" + - "region=us-east-1" + secrets: + AWS_ACCESS_KEY_ID: DEV_AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: DEV_AWS_SECRET_ACCESS_KEY @@ -158,12 +165,11 @@ pipeline: prod_terraform: image: jmccann/drone-terraform:1 plan: false - remote: - backend: S3 - config: - bucket: my-terraform-config-bucket - key: tf-states/my-project - region: us-east-1 + init_options: + backend_config: + - "bucket=my-terraform-config-bucket" + - "key=tf-states/my-project" + - "region=us-east-1" + secrets: + AWS_ACCESS_KEY_ID: PROD_AWS_ACCESS_KEY_ID + AWS_SECRET_ACCESS_KEY: PROD_AWS_SECRET_ACCESS_KEY @@ -174,15 +180,19 @@ pipeline: plan : if true, calculates a plan but does __NOT__ apply it. -remote -: contains the configuration for the Terraform remote state tracking. +init_options +: contains the configuration for the Terraform backend. + +init_options.backend-config +: This specifies additional configuration to merge for the backend. This can be +specified multiple times. Flags specified later in the line override those +specified earlier if they conflict. -remote.backend -: the Terraform remote state backend to use. +init_options.lock +: Lock the state file when locking is supported. -remote.config -: a map of configuration parameters for the remote state backend. -Each value is passed as a `-backend-config==` option. +init_options.lock-timeout +: Duration to retry a state lock. vars : a map of variables to pass to the Terraform `plan` and `apply` commands. From de4bd0bd5dcdac40f34543d61383ff64dd545914 Mon Sep 17 00:00:00 2001 From: Jacob McCann Date: Fri, 12 May 2017 10:17:08 -0500 Subject: [PATCH 3/4] Remove debug line --- plugin.go | 1 - 1 file changed, 1 deletion(-) diff --git a/plugin.go b/plugin.go index c230135..18c1cfa 100644 --- a/plugin.go +++ b/plugin.go @@ -122,7 +122,6 @@ func initCommand(config InitOptions) *exec.Cmd { "init", } - fmt.Printf("config.BackendConfig: %v\n", config.BackendConfig) for _, v := range config.BackendConfig { args = append(args, fmt.Sprintf("-backend-config=%s", v)) } From 592b34090dc15a918514b7c6f2f2db332c08ecde Mon Sep 17 00:00:00 2001 From: Jacob McCann Date: Fri, 12 May 2017 10:58:53 -0500 Subject: [PATCH 4/4] Clarify backend config --- DOCS.md | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/DOCS.md b/DOCS.md index 8b59dad..d65bd6c 100644 --- a/DOCS.md +++ b/DOCS.md @@ -54,17 +54,10 @@ pipeline: + sensitive: true ``` -Example configuration with state tracked via remote. You will need a file -that specifies the backend type along with ability to pass options via the `.drone.yml`. +Example configuration with state tracked via remote. You will need a +[backend configuration](https://www.terraform.io/docs/backends/config.html) +specified in a `.tf` file. You can then pass additional options via the `.drone.yml`. -`backend.tf` -``` -terraform { - backend "s3" {} -} -``` - -`.drone.yml` ```diff pipeline: terraform: