Bug Fix in v1.1.1: Terraform crash with orphaned module instance

Avatar
Mallika Tadiparthi
  • Updated

Expected Outcome

You will use a custom Terraform Build Worker (TBW) image with Terraform Enterprise.

Prerequisites

  • Terraform Enterprise versions up to v202308-1.
  • Terraform Enterprise versions from v202302-1 through v202308-1 require run_pipeline_mode to be set to legacy.

Use Case

If your organization's Terraform configurations require additional tools not available in the default build worker image, such as the Azure CLI, Kubernetes CLI, or custom CA certificates, you can create a custom image to include them.

Procedure

This guide uses the default Terraform worker image as the base for the custom image.

  1. Inspect the Base Image

    Check the image history of the default hashicorp/build-worker image. Use the --no-trunc flag for the full output.

    $ docker image history hashicorp/build-worker:now
## IMAGE               CREATED             CREATED BY                                      SIZE                COMMENT
## 71b2010fd6a9        4 days ago          /bin/sh -c #(nop) ADD file:173252116b3482470…   221kB
## c9d9dc231b2e        4 days ago          /bin/sh -c #(nop) LABEL com.hashicorp.conta…   0B
## c0eae83ebcae        2 weeks ago         /bin/sh -c #(nop) COPY file:da5887adb3c61bb2…   1.94MB
## ... truncated output

  2. Tag and Push the Base Image to a Registry

    If you are using a Docker registry, tag the base image, log in to your registry, and push the image.

    Tag the base image to prepare it for your custom registry.

    $ docker tag hashicorp/build-worker:now custom/tbw:core

    Verify the image is tagged correctly.

    $ docker image ls custom/tbw:core
## REPOSITORY      TAG                 IMAGE ID            CREATED             SIZE
## custom/tbw        core                71b2010fd6a9        4 days ago          316MB

    Log into your Docker registry. For a self-hosted registry, include the host and port.

    $ docker login -u $USERNAME
## ... Login Succeeded

    Push the base image to the registry.

    $ docker push custom/tbw:core
## The push refers to repository [docker.io/custom/tbw]
## e9ba7e467bc1: Pushed
## ...
## 69f57fbceb1b: Pushed
## core: digest: sha256:199ee2b1c85bb72965ae69611c107db8f4632f95125d03e14ef1c70ae9648a64 size: 1791

  3. Create a Custom Dockerfile

    Create a file named Dockerfile and add your customizations. The final size of the image can impact performance.

    # This Dockerfile builds the image used for the worker containers.
FROM custom/tbw:core

# Install required software for Terraform Enterprise.
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
    apt-transport-https lsb-release gnupg

RUN curl -sL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > /etc/apt/trusted.gpg.d/microsoft.asc.gpg && \
    CLI_REPO=$(lsb_release -cs) && \
    echo "deb [arch=amd64] https://packages.microsoft.com/repos/azure-cli/ ${CLI_REPO} main" \
    > /etc/apt/sources.list.d/azure-cli.list && \
    curl -fsSLo /etc/apt/trusted.gpg.d/kubernetes-archive-keyring.gpg https://packages.cloud.google.com/apt/doc/apt-key.gpg && \
    echo "deb [signed-by=/etc/apt/trusted.gpg.d/kubernetes-archive-keyring.gpg] https://apt.kubernetes.io/ kubernetes-xenial main" \
    > /etc/apt/sources.list.d/kubernetes.list && \
    apt-get update && \
    apt-get install -y azure-cli kubectl && \
    rm -rf /var/lib/apt/lists/*

# Include all necessary CA certificates.
ADD example-root-ca.crt /usr/local/share/ca-certificates/
ADD example-intermediate-ca.crt /usr/local/share/ca-certificates/

# Update the CA certificates bundle to include newly added CA certificates.
RUN update-ca-certificates

  4. Build and Push the Custom Image

    Build the Docker image from your Dockerfile.

    $ docker build -t custom/tbw:120522 .
## Sending build context to Docker daemon 47.62kB
## Step 1/4 : FROM custom/tbw:core
## ---> 71b2010fd6a9
## Step 2/4 : RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends apt-transport-https lsb-release gnupg
## ---> Running in 8e6ad61e6595
## ...

    Push the newly built custom image to your registry.

    $ docker push custom/tbw:120522
## The push refers to repository [docker.io/custom/tbw]
## 9ca38bfd21fb: Pushed
## ...
## 120522: digest: sha256:328e1b593cd2a08b2242ebe3f4a60ff0f26169a0ff04bf8746bbefc0cb6e4ed7 size: 2426

  5. Configure Terraform Enterprise

    Update the configuration in Terraform Enterprise to reference the custom worker image and apply the changes to restart the application.

    # replicatedctl app-config set custom_image_tag --value 'custom/tbw:120522'
# replicatedctl app-config set tbw_image --value 'custom_image'
# replicatedctl app apply-config

Additional Information

Articles in this section

See more

Related articles