- Semantic Versioning
- Install the Terraform CLI
- Gitpod Lifecycle
- Working Env Vars
- AWS CLI Installation
- Terraform Basics
- Issues with Terraform Cloud Login and Gitpod Workspace
This project is going utilize semantic versioning for its tagging. semver.org
The general format:
MAJOR.MINOR.PATCH, eg. 1.0.1
- MAJOR version when you make incompatible API changes
- MINOR version when you add functionality in a backward compatible manner
- PATCH version when you make backward compatible bug fixes
The Terraform CLI installation instructions have changed due to gpg keyring changes. So we needed refer to the latest install CLI instructions via Terraform Documentation and change the scripting for install.
This project is built against Ubunutu. Please consider checking your Linux Distrubtion and change accordingly to distrubtion needs.
How To Check OS Version in Linux
Example of checking OS Version:
$ cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy
While fixing the Terraform CLI gpg depreciation issues we notice that bash scripts steps were a considerable amount more code. So we decided to create a bash script to install the Terraform CLI.
This bash script is located here: ./bin/install_terraform_cli
- This will keep the Gitpod Task File (.gitpod.yml) tidy.
- This allow us an easier to debug and execute manually Terraform CLI install
- This will allow better portablity for other projects that need to install Terraform CLI.
A Shebang (prounced Sha-bang) tells the bash script what program that will interpet the script. eg. #!/bin/bash
ChatGPT recommended this format for bash: #!/usr/bin/env bash
- for portability for different OS distributions
- will search the user's PATH for the bash executable
https://en.wikipedia.org/wiki/Shebang_(Unix)
When executing the bash script we can use the ./ shorthand notiation to execute the bash script.
eg. ./bin/install_terraform_cli
If we are using a script in .gitpod.yml we need to point the script to a program to interpert it.
eg. source ./bin/install_terraform_cli
In order to make our bash scripts executable we need to change linux permission for the fix to be exetuable at the user mode.
chmod u+x ./bin/install_terraform_clialternatively:
chmod 744 ./bin/install_terraform_clihttps://en.wikipedia.org/wiki/Chmod
We need to be careful when using the Init because it will not rerun if we restart an existing workspace.
https://www.gitpod.io/docs/configure/workspaces/tasks
We can list out all Enviroment Variables (Env Vars) using the env command
We can filter specific env vars using grep eg. env | grep AWS_
In the terminal we can set using export HELLO='world
In the terrminal we unset using unset HELLO
We can set an env var temporarily when just running a command
HELLO='world' ./bin/print_messageWithin a bash script we can set env without writing export eg.
#!/usr/bin/env bash
HELLO='world'
echo $HELLOWe can print an env var using echo eg. echo $HELLO
When you open up new bash terminals in VSCode it will not be aware of env vars that you have set in another window.
If you want to Env Vars to persist across all future bash terminals that are open you need to set env vars in your bash profile. eg. .bash_profile
We can persist env vars into gitpod by storing them in Gitpod Secrets Storage.
gp env HELLO='world'
All future workspaces launched will set the env vars for all bash terminals opened in thoes workspaces.
You can also set en vars in the .gitpod.yml but this can only contain non-senstive env vars.
AWS CLI is installed for the project via the bash script ./bin/install_aws_cli
Getting Started Install (AWS CLI) AWS CLI Env Vars
We can check if our AWS credentials is configured correctly by running the following AWS CLI command:
aws sts get-caller-identityIf it is succesful you should see a json payload return that looks like this:
{
"UserId": "AIEAVUO15ZPVHJ5WIJ5KR",
"Account": "123456789012",
"Arn": "arn:aws:iam::123456789012:user/terraform-beginner-bootcamp"
}We'll need to generate AWS CLI credits from IAM User in order to the user AWS CLI.
Terraform sources their providers and modules from the Terraform registry which located at registry.terraform.io
- Providers is an interface to APIs that will allow to create resources in terraform.
- Modules are a way to make large amount of terraform code modular, portable and sharable.
We can see a list of all the Terrform commands by simply typing terraform
At the start of a new terraform project we will run terraform init to download the binaries for the terraform providers that we'll use in this project.
terraform plan
This will generate out a changeset, about the state of our infrastructure and what will be changed.
We can output this changeset ie. "plan" to be passed to an apply, but often you can just ignore outputting.
terraform apply
This will run a plan and pass the changeset to be execute by terraform. Apply should prompt yes or no.
If we want to automatically approve an apply we can provide the auto approve flag eg. terraform apply --auto-approve
teraform destroy
This will destroy resources.
You can alos use the auto approve flag to skip the approve prompt eg. terraform apply --auto-approve
.terraform.lock.hcl contains the locked versioning for the providers or modulues that should be used with this project.
The Terraform Lock File should be committed to your Version Control System (VSC) eg. Github
.terraform.tfstate contain information about the current state of your infrastructure.
This file should not be commited to your VCS.
This file can contain sensentive data.
If you lose this file, you lose knowning the state of your infrastructure.
.terraform.tfstate.backup is the previous state file state.
.terraform directory contains binaries of terraform providers.
When attempting to run terraform login it will launch bash a wiswig view to generate a token. However it does not work expected in Gitpod VsCode in the browser.
The workaround is manually generate a token in Terraform Cloud
https://app.terraform.io/app/settings/tokens?source=terraform-login
Then create open the file manually here:
touch /home/gitpod/.terraform.d/credentials.tfrc.json
open /home/gitpod/.terraform.d/credentials.tfrc.jsonProvide the following code (replace your token in the file):
{
"credentials": {
"app.terraform.io": {
"token": "YOUR-TERRAFORM-CLOUD-TOKEN"
}
}
}We have automated this workaround with the following bash script bin/generate_tfrc_credentials