如何使用PowerShell在Azure Devops管道中使用Terraform销毁资源
我有一个项目,我在Azure Devops管道中使用Terraform创建基础架构,但想在本地运行的PowerShell脚本中销毁基础架构。
因此,我想运行的PSCommand是这样的:
$TerraCMD = "terraform destroy -var-file C:/Users/Documents/Terraform/config.json"
Invoke-Expression -Command $TerraCMD
但是我得到以下输出:
[0m[1m[32mNo changes.[0m[1m No objects need to be destroyed.[0m
[0mEither you have not created any objects yet or the existing objects were
already deleted outside of Terraform.
[33mâ•·[0m[0m
[33m│[0m [0m[1m[33mWarning: [0m[0m[1mValue for undeclared variable[0m
[33m│[0m [0m
[33m│[0m [0m[0mThe root module does not declare a variable named "config" but a value was
[33m│[0m [0mfound in file
[33m│[0m [0m"C:/Users/mahera.erum.baloch/source/repos/PCFA-CloudMigration/On-Prem-Env/IaC/Terraform/config.json".
[33m│[0m [0mIf you meant to use this value, add a "variable" block to the
[33m│[0m [0mconfiguration.
[33m│[0m [0m
[33m│[0m [0mTo silence these warnings, use TF_VAR_... environment variables to provide
[33m│[0m [0mcertain "global" settings to all configurations in your organization. To
[33m│[0m [0mreduce the verbosity of these warnings, use the -compact-warnings option.
[33m╵[0m[0m
[0m[1m[32m
Destroy complete! Resources: 0 destroyed.
我知道这可能是由于我通过管道而不是从本地存储库创建了资源,但是有没有办法这样做?
任何帮助将不胜感激。
PS状态文件保存在Azure存储中。
I have a project where I'm using Terraform in Azure DevOps Pipeline create Infrastructure but want to destroy the infrastructure in a PowerShell script running locally.
So the PScommand that I want to run is this:
$TerraCMD = "terraform destroy -var-file C:/Users/Documents/Terraform/config.json"
Invoke-Expression -Command $TerraCMD
But I get the following output:
[0m[1m[32mNo changes.[0m[1m No objects need to be destroyed.[0m
[0mEither you have not created any objects yet or the existing objects were
already deleted outside of Terraform.
[33mâ•·[0m[0m
[33m│[0m [0m[1m[33mWarning: [0m[0m[1mValue for undeclared variable[0m
[33m│[0m [0m
[33m│[0m [0m[0mThe root module does not declare a variable named "config" but a value was
[33m│[0m [0mfound in file
[33m│[0m [0m"C:/Users/mahera.erum.baloch/source/repos/PCFA-CloudMigration/On-Prem-Env/IaC/Terraform/config.json".
[33m│[0m [0mIf you meant to use this value, add a "variable" block to the
[33m│[0m [0mconfiguration.
[33m│[0m [0m
[33m│[0m [0mTo silence these warnings, use TF_VAR_... environment variables to provide
[33m│[0m [0mcertain "global" settings to all configurations in your organization. To
[33m│[0m [0mreduce the verbosity of these warnings, use the -compact-warnings option.
[33m╵[0m[0m
[0m[1m[32m
Destroy complete! Resources: 0 destroyed.
I know this is probably due to that I created the resources through the pipeline and not from local repository, but is there a way to do this?
Any help would be appreciated.
P.S. The State file is saved in the Azure Storage.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我将假设您的代码保存在您可以访问的存储库中,因为您提到它是从Azure DevOps管道中运行的Terraform部署的。
正如其他人提到的那样,状态文件和您的Terraform代码是您的真实来源。因此,您需要使用PowerShell脚本和管道来参考同一状态文件和代码,以实现您的目标。
为了使
Terraform Destroy运行,它将需要访问您的Terraform代码和状态文件,以便可以比较需要销毁的内容。除非您的设置与此截然不同,否则您可以只使用PowerShell脚本
git clone或git pull根据您的要求,然后执行Terraform在该版本的代码上销毁。然后,您的状态文件将相应更新。I'm going to assume that your code is kept in a repo that you have access to, since you mentioned that it's being deployed from Terraform running in an Azure DevOps Pipeline.
As others mentioned, the state file AND your terraform code is your source of truth. Hence, you'd need for both the PowerShell script and the Pipeline to be referring to the same state file and code, to achieve what you're trying to.
For the
terraform destroyto run, it would need access to both your Terraform code and the state file so that it can compare what needs to be destroyed.Unless your setup is very different from this, you could have your PowerShell script just
git cloneorgit pullthe repo, depending on your requirements, and then execute aterraform destroyon that version of the code. Your state file will then be updated accordingly.我刚刚遇到了将Terraform状态从Azure管道构建中构建的问题。由于资源组已经存在,因此管道的重复构建失败了,但是Terraform状态并未由构建管道保留。而且,即使我有状态,我也找不到在管道上执行
Terraform Destroy。我在
我还不知道它是否允许
Terraform Destroy。I've just run into the problem of keeping Terraform state from an Azure Pipeline build. Repeated builds of the pipeline fail because the resource group already exists, but the Terraform state is not kept by the build pipeline. And I can find no way to execute
terraform destroyon the pipeline even if I had the state.One approach I found in chapter 2 of this book is storing terraform.tfstate in a remote back end. This looks like it will keep .tfstate across multiple builds of the pipeline and from elsewhere too.
I don't know yet if it will allow a
terraform destroy.