Check out a free preview of the full Enterprise DevOps & Cloud Infrastructure course
The "Adding Repository to Terraform Cloud" Lesson is part of the full, Enterprise DevOps & Cloud Infrastructure course featured in this preview video. Here's what you'd learn in this lesson:
Erik creates a backend.tf file so the new repo can be added to Terraform Cloud. Terraform plan and apply commands are run for the configuration. Note: The repos will need to have public visibility if a GitHub Pro account is not being used.
Transcript from the "Adding Repository to Terraform Cloud" Lesson
[00:00:00]
>> All right, so now, I'm going to save all of that and I'm going to do init doppler run--terraform in it. I don't actually need Doppler here. Why don't I actually need Doppler here? Can anyone tell me?
>> It's just local state.
>> Why is it just a local state
[00:00:17]
>> This is the first time we're creating a state and we have yet to push it.
>> Yep. But what is the thing that makes it so it's not local, there's a specific file that we create.
>> The state or back end.
>> Backend.tf, yeah. Basically whenever you have a backend.tf file, you need credentials.
[00:00:35]
If you don't have a backend.tf file, you don't need credentials. So you might be like, well, why aren't we doing that yet? Well, it's just to make sure that everything gets inited fine and validated fine without it, right? Then what we do is we add our backend.tf file.
[00:00:52]
The cool thing about this is that we've already done a lot of this work, right? We don't need to go back into Terraform TFE or any of that stuff. We can just create a backend.tf file now. Right, and just like we did with Terraform TFE, we're going to put in our organization name seat-rhetoric I think that's what it is for me, seat-rhetoric, and then the workspace that it's supposed to track, right, which in this case is FEM ECI Github.
[00:01:29]
What's up?
>> Doppler not specifying a project.
>> Yeah, I get that too. Do Doppler setup. So if you get Doppler not specifying a project that might mean that Doppler scope your credentials just to that one folder, that's how it works sometimes. And so that means that you did it when you did Doppler setup before you get in that folder, but if you go all the way to your home directory and do Doppler setup.
[00:01:59]
It'll go out through all of your other stuff. So that's just one thing to note. I would actually say keep doing it the way you're doing it. Just have your credentials scoped to the directories next time you go in, it'll always know to use those credentials. I don't have to do that because again, I did the the global scoping thing.
[00:02:15]
Actually, I don't know if I did or not. So we'll see I might actually run into that too.
>> So was that like when you say home-
>> The home directory, but your home your user directory.
>> If all my repos are in under like say projects and I put it under the project folder, is that the equivalent?
[00:02:31]
>> No you do it in your home directory because that's where your user is yeah, yeah.
>> We want to do a plan and apply before we set up the backend.
>> Locals. Just, just in,
>> No, just init and validate.
>> And backend.
>> Yeah.
>> Okay.
[00:02:46]
>> Yep, and then backend, yeah. Init, validate and then backend, yeah. Okay, cool. So now that we've got this. Now we can do an init with Doppler run, right? I got the same problem you guys did. So Doppler setup, right? Again, if you run into this problem or if you initialize, then it's like, I can't talk to it, right?
[00:03:22]
That means that your Doppler credentials got shifted, so we do Doppler setup one more time. And then we tell this directory to also use the Frontend Master's project, and then it should work. There we go, cool. So now we have a backend in place. We have our automation repository set up, and we've added our configurations.
[00:03:44]
Last chicken before the egg scenario. [LAUGH] Go ahead and do a plan for me. Go ahead and do a plan space. Don't forget the space if you are using history. You might notice that when you do an ad or when you do a plan, you got a bunch of stuff that's being added.
[00:04:02]
We're back in the scenario where it doesn't know that something was created, right, because we've already created two repos outside of the state. So what we want to do is we actually want to import these into state. Now, some of our class members have already had a little bit of experience with that, but I'm gonna show it for everyone else.
[00:04:23]
If you go to the main FVM repository, the one that I showed you for Altair four, all right? The GitHub one. Nope, that's not the one I want but we can get there. Two seconds guys, sorry. GitHub, yep. I included a very simple import.sh script for you, now you don't need to use this script, but you do need to copy and paste the commands in it, right?
[00:04:58]
What we need to do is we need to do Doppler run dash dash and then import the state of the two repository. Now we just need to import the repos. We don't need to import like branch protections or any other crazy things because Terraform will pick that up for us, right?
[00:05:16]
But this Command right here, is what you need to run first and I'll leave that up for you so that you guys can do it. Now what this command is gonna do is it's gonna say for starters, hey Doppler, I need you. And then it's gonna say, after I've imported the credentials, Terraform via this path module.repository["fem-eci-terraform-github"].github_repository.self, right?
[00:05:46]
Because the module contains the actual GitHub repository resource, which in this case is named .self, right? And then we need to give it the name of the actual resource we made, right? So fem-eci-terraform, excuse me, terraform-github. So once I have this and I hit enter, Terraform is gonna take a moment, it's gonna make sure everything is good and then it's gonna import my resource for me, okay?
[00:06:14]
So you're gonna wanna do the same thing for both repos. So we're gonna do the same thing for terraform-tfe now. Go like that. Hit enter.
>> So that's importing the first parameter there. That's from the local state?
>> Yes, exactly. So even though we didn't create it, because it's in configuration, we can still import it with it knowing that it's in the code, right?
[00:06:46]
Because it'll read the code and it'll go, okay, well, is there any resource in the code that exists that's this? I see it. It's module.repository, right? Because it's a for loop, we have to do the quotes and all that stuff. And so yeah, what we basically do is after we have that, we then import the actual name of the repository itself.
[00:07:10]
And so you might be like, well, there's no Eric Reinert there, right? Well, because Doppler has GitHub owner in its credentials, it already knows which one we're looking at, yeah. So a little bit of magic there for sure.
>> And if we had a literal string air.
>> I'm slightly worried that that might be a Windows thing.
[00:07:34]
Can you put that into like a quick PowerShell script and see if it runs? Like I'm trying to figure out how that, yeah, we might have to Google and see, cuz I'm not really too sure, I feel like it's like string escaping or something weird. Why don't you Google really quick for me, Terraform import PowerShell.
[00:08:02]
I guarantee you somebody else has dealt with this. So really quickly, just see if that's your problem. Cause we're almost done with this section. So like I can come and help you in a second.
>> Yeah. One note in the chat that if you copy paste it, it might be pasting like weird quotes.
[00:08:19]
>> If you copy, okay.
>> So you might wanna copy paste into like notepad.
>> There you go.
>> And then-
>> Thank you, Chet-
>> Clean set of quotes around it.
>> There you go. Yeah, give that a shot. Did everyone else get imported? Did that work for you?
[00:08:31]
>> Escaping the double quotes.
>> Beautiful. Awesome. Okay, cool. So now, now, we can do a plan. Alright, so we're gonna do a plan. Let's see what the plan says. Whoa, what happened first, look at this up at the top. Refreshing state, okay, cool. So that means that Terraform Cloud now sees our repos, it went out to GitHub, checked them, and then told us that here's the stuff that we're gonna need or we're gonna need to change, right?
[00:09:00]
So first off, you'll notice that it's gonna create a branch protection. This is one of the first things when it comes to automation and standardization that's really helpful. Every repo going forward, will now have proper branch protections on it. I don't ever have to think about this again.
[00:09:21]
If I wanna update branch protections for every repo going forward I just go into Terraform GitHub and I apply it, yes.
>> Upgrade to GitHub Pro or make this repo public to enable this feature.
>> Make it public. Yeah, yeah. Make it public. Yeah. Go ahead and make that one public, yeah.
[00:09:36]
These ones can be public. Yeah, yeah, yeah, that's fine. Go ahead and make that one public, yeah.
>> We need to update the visibility and locals then as well.
>> Yeah, let's go ahead and do that. Wait, so did anyone else get that error?
>> I thought it was-
[00:09:50]
>> I got it both in public.
>> Okay.
>> They gotta go, so-
>> Okay, cool, yeah, so let's just do public just to be safe. So here, I'll do the same thing as you. So again, one quick change we're gonna make is we're gonna set these to public.
[00:10:07]
If you run into an error where it says like, licensing can't do it, anything like that, that's okay. Just set them to public for now. This, I don't pay for this account, so I have no idea why it's still doing that for me. But yeah, if we set it to public we can plan one more time and then it should work, yes?
[00:10:30]
Yes, okay. [LAUGH] Cool I was like, okay, cool, all right, cool, yeah. So again, realistically these can be private or this would be an organization. You know what I mean? If it was in an org, you wouldn't be running into these problems. So again, let me just go back through this one more time.
[00:10:47]
So we've got it. We have our main repository, right? All of our main options that we've created. We then also have our variables, which is the owner that we are now passing, right. We then also have our locals, right, which is our configuration for our repositories. And again, they're set to public for now just so that we don't deal with any weird issues.
[00:11:16]
And then we also have our backend.tf so that we can actually utilize the cloud state, right?
>> Did we already apply?
>> No, we have not yet, no. Yeah, so now we're gonna plan one last time. And again, we should only add two and change two. That's it, right?
[00:11:39]
So now I'm going to apply. And just like every other DevOps engineer you cross your fingers and hope it works [LAUGH] And these companies and their licensing man just give us a free trial [LAUGH] come on, okay cool so everyone should be able to apply that. Is that correct, we can all apply that?
[00:12:00]
Okay, great, that means going forward we definitely don't have any other problems. Great, okay and by the way you should go into QA
Learn Straight from the Experts Who Shape the Modern Web
- In-depth Courses
- Industry Leading Experts
- Learning Paths
- Live Interactive Workshops