mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-10-01 01:36:09 -04:00
93 lines
3.1 KiB
Markdown
93 lines
3.1 KiB
Markdown
# Constellation Terraform Provider
|
|
|
|
This document explains the basic ways of working with the [Constellation Terraform Provider](../../terraform-provider-constellation/).
|
|
|
|
## Building the Terraform Provider
|
|
|
|
The Constellation Terraform provider can be built through Bazel.
|
|
|
|
Use the all-in-one Target (Recommended):
|
|
|
|
The [`devbuild` target](./build-develop-deploy.md), will create a `terraform` directory
|
|
with the provider binary and some utility files in the dedicated local Terraform registry directory.
|
|
|
|
```bash
|
|
bazel run //:devbuild'
|
|
```
|
|
|
|
> [!IMPORTANT] when making changes on the provider without a commit, subsequent applies will fail due to the changed binary hash. To solve this, in your Terraform directory run:
|
|
>
|
|
> ```bash
|
|
> rm .terraform.lock.hcl
|
|
> terraform init
|
|
> ```
|
|
|
|
Only build:
|
|
|
|
```bash
|
|
bazel build //terraform-provider-constellation:tf_provider
|
|
```
|
|
|
|
Documentation for the provider can be generated with:
|
|
|
|
```bash
|
|
bazel run //:generate
|
|
# or
|
|
bazel run //bazel/ci:terraform_docgen
|
|
```
|
|
|
|
## Using the Terraform Provider
|
|
|
|
If using the [`devbuild` target](./build-develop-deploy.md), the Terraform provider binary is automatically copied to your local registry cache
|
|
at `${HOME}/.terraform.d/plugins/registry.terraform.io/edgelesssys/constellation/<version>/<os>_<arch>/`.
|
|
After running `devbuild`, you can use the provider by simply adding the following to your Terraform configuration:
|
|
|
|
```hcl
|
|
terraform {
|
|
required_providers {
|
|
constellation = {
|
|
source = "edgelesssys/constellation"
|
|
version = "<version>"
|
|
}
|
|
}
|
|
}
|
|
```
|
|
|
|
Make sure to add the build's pseudo-version (without the `v` prefix) as the `<version>`. Alternatively, check the available versions in your local plugin cache:
|
|
|
|
```bash
|
|
ls ~/.terraform.d/plugins/registry.terraform.io/edgelesssys/constellation
|
|
```
|
|
|
|
Alternatively, you can configure Terraform to use your binary by setting a [development override](https://developer.hashicorp.com/terraform/cli/config/config-file#development-overrides-for-provider-developers),
|
|
so that the registry path to the provider is replaced with the path to the locally built provider.
|
|
A `config.tfrc` file containing the necessary configuration can be created with the following commands:
|
|
|
|
```bash
|
|
bazel build //terraform-provider-constellation:terraform_rc
|
|
cp bazel-bin/terraform-provider-constellation/config.tfrc .
|
|
sed -i "s|@@TERRAFORM_PROVIDER_PATH@@|$(realpath bazel-bin/terraform-provider-constellation/tf_provider_/tf_provider)|g" config.tfrc
|
|
```
|
|
|
|
Afterwards, all Terraform commands that should use the local provider build should be prefixed with `TF_CLI_CONFIG_FILE=config.tfrc` like so:
|
|
|
|
```bash
|
|
TF_CLI_CONFIG_FILE=config.tfrc terraform apply
|
|
...
|
|
```
|
|
|
|
## Testing the Terraform Provider
|
|
|
|
Terraform acceptance tests can be run hermetically through Bazel (recommended):
|
|
|
|
```bash
|
|
bazel test --config=integration-only //terraform-provider-constellation/internal/provider:provider_test
|
|
```
|
|
|
|
The tests can also be run through Go, but the `TF_ACC` environment variable needs to be set to `1`, and the host's Terraform binary is used, which may produce inaccurate test results.
|
|
|
|
```bash
|
|
cd terraform-provider-constellation
|
|
TF_ACC=1 go test -v ./...
|
|
```
|