metadata_startup_script 中的 Terraform 外部数据
Terraform external data in metadata_startup_script
我要将其他 .tf 文件中的标记值解析为其他 .tf 文件
我试图理解这个link and also from this article
data.tf
data "external" "get_token" {
program = ["/bin/sh", "${path.module}/get-token.sh"]
}
get-token.sh
#!/bin/bash
token=$(kubectl -n kube-system exec [POD_NAME] cat /var/lib/kube-proxy/kubeconfig 2>/dev/null | grep token | awk '{print }'
proxy.tf
...
metadata_startup_script = <<-EOT
- name: kube-proxy
user:
token: ${lookup(data.external.get_token.result, "token")}
certificate-authority-data: ${google_container_cluster.new_container_cluster.master_auth.0.cluster_ca_certificate}
...
EOT
我的期望是
token 的值与 certificate-authority-data 相同。
certificate-authority-data 具有我预期的确切值,但 token 为零或空白。
我有 运行 我的 get-token.sh 手动,这很好。但是当terraform要解析的时候,这个值没有解析成功。我在变量 ${lookup(data.external.get_token.result, "token")} 前后添加了 '。好像不行。
https://www.terraform.io/docs/providers/external/data_source.html
The program must then produce a valid JSON object on stdout, which
will be used to populate the result attribute exported to the rest of
the Terraform configuration. This JSON object must again have all of
its values as strings. On successful completion it must exit with
status zero.
所以脚本应该return一个json对象。
#!/bin/bash
...
# add below line for make a json result
jq -n --arg token "$token" '{"token":$token}'
或者如果没有jq,
#!/bin/bash
...
#add below
echo -n "{\"token\":\"${token}\"}"
我要将其他 .tf 文件中的标记值解析为其他 .tf 文件
我试图理解这个link and also from this article
data.tf
data "external" "get_token" {
program = ["/bin/sh", "${path.module}/get-token.sh"]
}
get-token.sh
#!/bin/bash
token=$(kubectl -n kube-system exec [POD_NAME] cat /var/lib/kube-proxy/kubeconfig 2>/dev/null | grep token | awk '{print }'
proxy.tf
...
metadata_startup_script = <<-EOT
- name: kube-proxy
user:
token: ${lookup(data.external.get_token.result, "token")}
certificate-authority-data: ${google_container_cluster.new_container_cluster.master_auth.0.cluster_ca_certificate}
...
EOT
我的期望是
token 的值与 certificate-authority-data 相同。
certificate-authority-data 具有我预期的确切值,但 token 为零或空白。
我有 运行 我的 get-token.sh 手动,这很好。但是当terraform要解析的时候,这个值没有解析成功。我在变量 ${lookup(data.external.get_token.result, "token")} 前后添加了 '。好像不行。
https://www.terraform.io/docs/providers/external/data_source.html
The program must then produce a valid JSON object on stdout, which will be used to populate the result attribute exported to the rest of the Terraform configuration. This JSON object must again have all of its values as strings. On successful completion it must exit with status zero.
所以脚本应该return一个json对象。
#!/bin/bash
...
# add below line for make a json result
jq -n --arg token "$token" '{"token":$token}'
或者如果没有jq,
#!/bin/bash
...
#add below
echo -n "{\"token\":\"${token}\"}"