为什么terraform要从Hashicorp中提取一个提供者?
为什么terraform要从Hashicorp中提取一个提供者?
提问于 2021-02-25 21:16:57
我正在尝试为terraform提供程序测试一些新代码,出于我不明白的原因,它似乎想用hashicorp找到一个资源定义,即使它是在这个提供程序中专门定义的。显然我遗漏了一些东西:
代码到提供程序
我就是这样构建和安装它的:
christianb@unifi terraform-provider-artifactory % rm -fR .terraform
christianb@unifi terraform-provider-artifactory % go build && mkdir -p .terraform/plugins/registry.terraform.io/jfrog/artifactory/2.2.6-alpha/darwin_amd64 && mv terraform-provider-artifactory .terraform/plugins/registry.terraform.io/jfrog/artifactory/2.2.6-alpha/darwin_amd64现在运行它
christianb@unifi terraform-provider-artifactory % TF_LOG=trace terraform init
2021/02/25 13:12:56 [INFO] Terraform version: 0.13.5
2021/02/25 13:12:56 [INFO] Go runtime version: go1.14.10
2021/02/25 13:12:56 [INFO] CLI args: []string{"/usr/local/bin/terraform", "init"}
2021/02/25 13:12:56 [DEBUG] Attempting to open CLI config file: /Users/christianb/.terraformrc
2021/02/25 13:12:56 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2021/02/25 13:12:56 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2021/02/25 13:12:56 [DEBUG] ignoring non-existing provider search directory /Users/christianb/.terraform.d/plugins
2021/02/25 13:12:56 [DEBUG] ignoring non-existing provider search directory /Users/christianb/Library/Application Support/io.terraform/plugins
2021/02/25 13:12:56 [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins
2021/02/25 13:12:56 [INFO] CLI command args: []string{"init"}
Initializing the backend...
2021/02/25 13:12:56 [TRACE] Meta.Backend: no config given or present on disk, so returning nil config
2021/02/25 13:12:56 [TRACE] Meta.Backend: backend has not previously been initialized in this working directory
2021/02/25 13:12:56 [DEBUG] New state was assigned lineage "b7f7e5b9-b88c-6195-aaaf-e38b3008b8e5"
2021/02/25 13:12:56 [TRACE] Meta.Backend: using default local state only (no backend configuration, and no existing initialized backend)
2021/02/25 13:12:56 [TRACE] Meta.Backend: instantiated backend of type <nil>
2021/02/25 13:12:56 [DEBUG] checking for provisioner in "."
2021/02/25 13:12:56 [DEBUG] checking for provisioner in "/usr/local/bin"
2021/02/25 13:12:56 [INFO] Failed to read plugin lock file .terraform/plugins/darwin_amd64/lock.json: open .terraform/plugins/darwin_amd64/lock.json: no such file or directory
2021/02/25 13:12:56 [TRACE] Meta.Backend: backend <nil> does not support operations, so wrapping it in a local backend
2021/02/25 13:12:56 [TRACE] backend/local: state manager for workspace "default" will:
- read initial snapshot from terraform.tfstate
- write new snapshots to terraform.tfstate
- create any backup at terraform.tfstate.backup
2021/02/25 13:12:56 [TRACE] statemgr.Filesystem: reading initial snapshot from terraform.tfstate
2021/02/25 13:12:56 [TRACE] statemgr.Filesystem: snapshot file has nil snapshot, but that's okay
2021/02/25 13:12:56 [TRACE] statemgr.Filesystem: read nil snapshot
2021/02/25 13:12:56 [TRACE] providercache.fillMetaCache: scanning directory .terraform/plugins
2021/02/25 13:12:56 [TRACE] getproviders.SearchLocalDirectory: .terraform/plugins is a symlink to .terraform/plugins
Initializing provider plugins...
2021/02/25 13:12:56 [TRACE] getproviders.SearchLocalDirectory: found registry.terraform.io/jfrog/artifactory v2.2.6-alpha for darwin_amd64 at .terraform/plugins/registry.terraform.io/jfrog/artifactory/2.2.6-alpha/darwin_amd64
2021/02/25 13:12:56 [TRACE] providercache.fillMetaCache: including .terraform/plugins/registry.terraform.io/jfrog/artifactory/2.2.6-alpha/darwin_amd64 as a candidate package for registry.terraform.io/jfrog/artifactory 2.2.6-alpha
2021/02/25 13:12:56 [DEBUG] Service discovery for registry.terraform.io at https://registry.terraform.io/.well-known/terraform.json
2021/02/25 13:12:56 [TRACE] HTTP client GET request to https://registry.terraform.io/.well-known/terraform.json
- Using previously-installed jfrog/artifactory v2.2.6-alpha
- Finding latest version of hashicorp/xray...
2021/02/25 13:12:56 [DEBUG] GET https://registry.terraform.io/v1/providers/hashicorp/xray/versions
2021/02/25 13:12:56 [TRACE] HTTP client GET request to https://registry.terraform.io/v1/providers/hashicorp/xray/versions
2021/02/25 13:12:57 [TRACE] providercache.fillMetaCache: using cached result from previous scan of .terraform/plugins
2021/02/25 13:12:57 [DEBUG] GET https://registry.terraform.io/v1/providers/-/xray/versions
2021/02/25 13:12:57 [TRACE] HTTP client GET request to https://registry.terraform.io/v1/providers/-/xray/versions
Error: Failed to install provider
Error while installing hashicorp/xray: provider registry registry.terraform.io
does not have a provider named registry.terraform.io/hashicorp/xrayterraform运行:
# Required for Terraform 0.13 and up (https://www.terraform.io/upgrade-guides/0-13.html)
terraform {
required_providers {
artifactory = {
source = "registry.terraform.io/jfrog/artifactory"
version = "2.2.6-alpha"
}
}
}
provider "artifactory" {
url = "http://localhost:8082/artifactory"
username = "admin"
password = "password"
}
resource "xray_policy" "test" {
name = "test-policy-name"
description = "test policy description"
type = "security"
rules {
name = "rule-name"
priority = 1
criteria {
min_severity = "High"
}
actions {
block_download {
unscanned = true
active = true
}
}
}
}
resource "xray_watch" "test" {
name = "test-watch-name"
description = "test watch description"
resources {
type = "all-repos"
name = "All Repositories"
}
assigned_policies {
name = xray_policy.test.name
type = "security"
}
watch_recipients = ["test@example.com"]
}我发现它是基于资源类型的名称的,因此,它不以artifactory开头,这会产生很大的影响。我想知道的是这个查找1:https://github.com/ryndaniels/terraform-provider-xray背后的逻辑
回答 1
Stack Overflow用户
回答已采纳
发布于 2021-02-25 22:40:36
TerraFormv0.13引入了第三方提供者的概念,这些提供者属于其他不受HashiCorp直接控制的命名空间,但为了最大限度地向后兼容为Terraformv0.12和更早版本编写的模块,Terraform将假设任何未显式声明的提供程序需求都是为了使用注册表中的"hashicorp“命名空间的官方提供者之一,因为对于Terraformv0.12和更早的第三方提供者来说,根本无法自动安装。
在为Terraformv0.13或更高版本编写模块时,应该包括显式提供者需求,以便为模块使用的每个提供者指定完整的源地址,如下所示:
terraform {
required_providers {
artifactory = {
source = "jfrog/artifactory"
}
xray = {
source = "ryndaniels/xray"
}
}
}不幸的是,在我撰写这篇文章时,您试图在这里使用的"xray“提供程序还没有在地形登记处中发布。上面使用的源地址ryndaniels/xray是如果作者按原样将其发布到注册表时,该提供者将使用的地址,因为Terraform使用一个有条不紊的命名方案来从GitHub存储库地址生成提供者源地址。
但是,除非稍后在注册表中发布该提供程序,否则需要手动在本地系统上安装它,以便Terraform找到并使用它。要实现这一点,请参考隐含的本地镜像目录查看Terraform在平台上搜索插件的目录,然后您可以为Terraform创建必要的目录结构以查找提供程序。
为了举个例子,我将使用Terraform在Linux上支持的$HOME/.terraform.d/plugins/前缀,但是请注意,在Windows和macOS上路径是不同的,因此您需要在这些操作系统上调整到不同的路径前缀:
$HOME/.terraform.d/plugins/registry.terraform.io/ryndaniels/xray/0.0.1/linux_amd64/terraform-provider-xray关于以上几点,还有几点说明:
registry.terraform.io/ryndaniels/xray部分是Terraform与您在provider_requirements块中设置的source匹配的部分。registry.terraform.io是不包含主机名的源地址的默认主机名,因此ryndaniels/xray是registry.terraform.io/ryndaniels/xray的缩写。- 这个特定的提供程序没有任何标记版本,因此没有特定的版本号可供使用。因为Terraform希望所有提供程序都有一个版本号,所以我在上面的路径中任意选择
0.0.1作为版本号。只有在模块中编写显式version参数以限制允许哪个版本时,这才有意义。 - 我在这里使用
linux_amd64作为目标平台,继续我使用Linux风格镜像路径的示例。您可以通过运行terraform version(在最近的Terraform版本中包含生成Terraform可执行文件的平台的名称)来确定哪个平台是正确的: linux_amd64上的Terraform v0.14.4
在启动时,Terraform将扫描当前平台的所有隐含的本地镜像目录,并注意到它在那里找到的任何提供者,并假设您打算从本地文件系统而不是从注册表安装这些目录。因此,只要目录结构与上面一样正确,terraform init就会看到您在本地安装了ryndaniels/xray,并将从那里使用副本,而不是询问TerraformRegistry哪些版本可供该提供程序使用。
如果提供者作者稍后将此提供程序发布到Terraform,并且不将存储库重命名或将其移动到不同的GitHub帐户,则它应该以ryndaniels/xray的形式出现在注册表中,因此terraform init将能够从那里自动安装它,而无需对模块进行任何进一步的修改。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/66376560
复制相关文章
相似问题
腾讯云开发者
