1

我正在使用 for_each 循环创建一个 GCP 存储桶,并希望将现有存储桶导入我的 terraform 状态

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # google_storage_bucket.buckets["a-test-test-test"] will be created
  + resource "google_storage_bucket" "buckets" {
      + bucket_policy_only          = (known after apply)
      + force_destroy               = false
      + id                          = (known after apply)
      + location                    = "US"
      + name                        = "a-test-test-test"
      + project                     = "xxx"
      + self_link                   = (known after apply)
      + storage_class               = "STANDARD"
      + uniform_bucket_level_access = false
      + url                         = (known after apply)

      + versioning {
          + enabled = true
        }
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Changes to Outputs:
  ~ urls = [
      - "gs://a-test-test-test",
      + (known after apply),
    ]

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

google_storage_bucket.buckets["a-test-test-test"]: Creating...

Error: googleapi: Error 409: You already own this bucket. Please select another name., conflict

资源已经存在但没关系,我可以导入它,问题是如何

因为像这样运行它

MacBook-Pro% terragrunt import google_storage_bucket.buckets a-test-test-test
...
Acquiring state lock. This may take a few moments...
google_storage_bucket.buckets: Importing from ID "a-test-test-test"...
google_storage_bucket.buckets: Import prepared!
  Prepared google_storage_bucket for import
google_storage_bucket.buckets: Refreshing state... [id=a-test-test-test]

Import successful!

似乎有效,但它“错误地”导入了它

terragrunt state list
...
google_storage_bucket.buckets

它在我的 tfstate 中显示,但应该是这样的

google_storage_bucket.buckets["a-test-test-test"]

因为如果我现在运行 apply - 它说它要删除google_storage_bucket.buckets并创建google_storage_bucket.buckets["a-test-test-test"]

google_storage_bucket.buckets: Refreshing state... [id=a-test-test-test]

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create
  - destroy

Terraform will perform the following actions:

  # google_storage_bucket.buckets will be destroyed
  - resource "google_storage_bucket" "buckets" {
      - bucket_policy_only          = false -> null
      - default_event_based_hold    = false -> null
      - force_destroy               = false -> null
      - id                          = "a-test-test-test" -> null
      - labels                      = {} -> null
      - location                    = "US" -> null
      - name                        = "a-test-test-test" -> null
      - project                     = "xxx" -> null
      - requester_pays              = false -> null
      - self_link                   = "https://www.googleapis.com/storage/v1/b/a-test-test-test" -> null
      - storage_class               = "STANDARD" -> null
      - uniform_bucket_level_access = false -> null
      - url                         = "gs://a-test-test-test" -> null

      - versioning {
          - enabled = true -> null
        }
    }

  # google_storage_bucket.buckets["a-test-test-test"] will be created
  + resource "google_storage_bucket" "buckets" {
      + bucket_policy_only          = (known after apply)
      + force_destroy               = false
      + id                          = (known after apply)
      + location                    = "US"
      + name                        = "a-test-test-test"
      + project                     = "xxx"
      + self_link                   = (known after apply)
      + storage_class               = "STANDARD"
      + uniform_bucket_level_access = false
      + url                         = (known after apply)

      + versioning {
          + enabled = true
        }
    }

Plan: 1 to add, 0 to change, 1 to destroy.

Changes to Outputs:
  + urls = [
      + (known after apply),
    ]

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

任何想法如何导入 terragrunt 中的 for_each ?

我试过了

terragrunt import google_storage_bucket.buckets a-test-test-test
terragrunt import google_storage_bucket.buckets.a-test-test-test a-test-test-test
terragrunt import google_storage_bucket.buckets["a-test-test-test"] a-test-test-test
terragrunt import google_storage_bucket.buckets[\"a-test-test-test\"] a-test-test-test

没有人工作只是让我出错

zsh: no matches found: google_storage_bucket.buckets["a-test-test-test"]

而第一个选项terragrunt import google_storage_bucket.buckets a-test-test-test,导入(又名。工作)但不是正确的方式

terraform 代码是这样的:

inputs = {
  project_id  = "${local.project_id}"
    {
      name                        = "a-test-test-test"
      location                    = "US"
    }
}

locals {
  buckets        = {for b in jsondecode(var.buckets) : b.name => b }
}

variable "buckets" {
  description = "The name of the bucket."
}

resource "google_storage_bucket" "buckets" {
  for_each      = local.buckets
  name          = each.key
  project       = var.project_id
  location      = each.value.location
4

2 回答 2

4

导入完整的实例地址(包括实例键索引部分)是正确的方法,但这里的技巧是确定解决 shell 语法的最佳方法,以便必要的字符可以到达 Terraform。

对于 Unix 风格的 shell,我通常建议将地址放在单引号中以禁用元字符解释,如下所示:

terragrunt import 'google_storage_bucket.buckets["a-test-test-test"]' a-test-test-test

我特别没有太多经验,zsh但是通过参考其部分文档的副本,我得到的印象是上面的zsh语法也是有效的。如果上述方法不起作用,则可能值得尝试使用不同的 shell,例如bash查看是否得到不同的结果。

尽管您特别提到zsh了 ,但为了完整起见,我还要注意,在 Windows 上,规则有些不同:传统的 Windows 命令行语法不支持单引号,因此不幸的是,在从Windows 命令提示符:

terragrunt import google_storage_bucket.buckets[\"a-test-test-test\"] a-test-test-test

重要的是地址中的引号字符"通过 shell 到达 Terraform,以便 Terraform 可以成功地将参数解析为资源地址语法

于 2021-02-18T01:47:04.473 回答
0

我在 Terraform 模块中使用数据来避免这个问题,这个问题是从 main.tf 中的 Terragrunt 调用的变量

data "azurerm_resource_group" "k8s" {
  name = var.resource_group_name
}

在 terragrunt.hcl

resource_group_name = "rgpazewsmlit-sandbox-xxxxx"
于 2021-03-18T14:38:21.213 回答