Comments (4)
sushant-pradhan
commented on September 3, 2024
1
@yermulnik I was able to achieve it using an external policy rule (opa). Basically run a init, then validate .terraform/terraform.tfstate for presence of non-local backend. There may be a better way now but I haven't explored this recently
from terraform-config-inspect.
teamterraform
commented on September 3, 2024
Hi @burck1!
The scope of this library is reading the parts of a Terraform module that are relevant when it's being used as a child module, such as when distributed via a module registry. We didn't intend for it to expose the parts that live in the root module only and apply to the whole configuration. We're intentionally keeping the scope of this codebase minimal because it's essentially a forked subset of Terraform's own decoder and so the more that is implemented over here the more likely it is that the two implementations will diverge over time as the language changes.
Our longer-term goal here has been to replace the existing terraform show command with something more general that can produce JSON representations of various Terraform constructs, including provider schemas, configurations, etc.
We already defined the JSON representation of a loaded configuration as part of existing terraform show -json functionality, but in order to retain compatibility with that command we were forced to live within its constraints of only supporting JSON rendering of the current state or of a saved plan for now.
As far as we recall, there isn't an existing issue in the main Terraform repository covering the idea of having Terraform itself produce a detailed summary of configuration, so if you'd like to open an issue about this use-case over there that'd be much appreciated, and then we can use that issue to work through the design of such a command.
A tricky part of your specific request is that you want to look at the backend configuration in particular, and that's not currently part of the defined JSON format in Terraform either. However, if you mention that in your new issue we can think about how best to include it... it may require a specialized mode for whatever command we eventually implement to say that you are only interested in the backend configuration, since otherwise the command would probably require you to have already run terraform init first and would thus defeat the point of pre-validating the backend configuration.
from terraform-config-inspect.
sushant-pradhan
commented on September 3, 2024
@teamterraform is there a way to validate if the terraform code is having a non local backend set? I understand we need to do a tf init to run a tf show but is it even possible to check what is the backend configured (as I need to disallow local backend in my pipeline)
from terraform-config-inspect.
yermulnik
commented on September 3, 2024
@burck1 @sushant-pradhan Have you guys found a way to read TF backend config?
from terraform-config-inspect.
Related Issues (20)
- Add endline position for all entities
- Feature: support local variables HOT 1
- unable to install HOT 3
- Disambiguate variable defaults with "empty" values from undefined
- Feature Request: Support sensitive attribute for outputs HOT 3
- Add Binary Releases HOT 9
- Panic when calling LoadModuleFromFile HOT 3
- Use finalized io/fs.FS interface definitions HOT 1
- Feature Request: Support sensitive attribute for variables HOT 1
- 'go get ...' install method fails on MacOS/homebrew HOT 2
- Module directory main.tf does not exist or cannot be read. HOT 1
- Incompatible types using embed.FS type in LoadModuleFromFilesystem HOT 2
- Unable to get locals block data HOT 1
- Variable validation block is not parsed HOT 11
- Json UNMarshal of tfconfig.Module fails due to ResourceMode not supporting UNmarshalJSON HOT 1
- Recursive child modules?
- Support rich provider configurations
- Fail to install under go version 1.17 HOT 1
- Add CLI Version flag
- Add output `type`
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-config-inspect.