From 6ed048eb65f175f95e4f7732b2b81b97d6147278 Mon Sep 17 00:00:00 2001 From: Dalton Hubble Date: Tue, 28 Dec 2021 11:42:11 -0800 Subject: [PATCH] Workaround Terraform v1.1 file provisioner regression * Terraform v1.1 changed the behavior of provisioners and `remote-exec` in a way that breaks support for expansions in commands (including file provisioner, where `destination` is part of an `scp` command) * Terraform will likely revert the change eventually, but I suspect it will take a while * Instead, we can stop relying on Terraform's expansion behavior. `/home/core` is a suitable choice for `$HOME` on both Flatcar Linux and Fedora CoreOS (harldink `/var/home/core`) Rel: https://github.com/hashicorp/terraform/issues/30243 --- CHANGES.md | 1 + aws/fedora-coreos/kubernetes/ssh.tf | 2 +- aws/flatcar-linux/kubernetes/ssh.tf | 2 +- azure/fedora-coreos/kubernetes/ssh.tf | 2 +- azure/flatcar-linux/kubernetes/ssh.tf | 2 +- bare-metal/fedora-coreos/kubernetes/ssh.tf | 10 +++++----- bare-metal/flatcar-linux/kubernetes/ssh.tf | 10 +++++----- digital-ocean/fedora-coreos/kubernetes/ssh.tf | 10 +++++----- digital-ocean/flatcar-linux/kubernetes/ssh.tf | 10 +++++----- google-cloud/fedora-coreos/kubernetes/ssh.tf | 2 +- google-cloud/flatcar-linux/kubernetes/ssh.tf | 2 +- 11 files changed, 27 insertions(+), 26 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 4cf68a8e..c3ea6c19 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -5,6 +5,7 @@ Notable changes between versions. ## Latest * Kubernetes [v1.23.1](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG/CHANGELOG-1.23.md#v1231) +* Workaround Terraform v1.1 regression in `file` provisioner ([#1093](https://github.com/poseidon/typhoon/pull/1093)) ### Flatcar Linux diff --git a/aws/fedora-coreos/kubernetes/ssh.tf b/aws/fedora-coreos/kubernetes/ssh.tf index b6396d02..96033cf2 100644 --- a/aws/fedora-coreos/kubernetes/ssh.tf +++ b/aws/fedora-coreos/kubernetes/ssh.tf @@ -24,7 +24,7 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { diff --git a/aws/flatcar-linux/kubernetes/ssh.tf b/aws/flatcar-linux/kubernetes/ssh.tf index b6396d02..96033cf2 100644 --- a/aws/flatcar-linux/kubernetes/ssh.tf +++ b/aws/flatcar-linux/kubernetes/ssh.tf @@ -24,7 +24,7 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { diff --git a/azure/fedora-coreos/kubernetes/ssh.tf b/azure/fedora-coreos/kubernetes/ssh.tf index 04f54393..9b1f3a8a 100644 --- a/azure/fedora-coreos/kubernetes/ssh.tf +++ b/azure/fedora-coreos/kubernetes/ssh.tf @@ -25,7 +25,7 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { diff --git a/azure/flatcar-linux/kubernetes/ssh.tf b/azure/flatcar-linux/kubernetes/ssh.tf index 04f54393..9b1f3a8a 100644 --- a/azure/flatcar-linux/kubernetes/ssh.tf +++ b/azure/flatcar-linux/kubernetes/ssh.tf @@ -25,7 +25,7 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { diff --git a/bare-metal/fedora-coreos/kubernetes/ssh.tf b/bare-metal/fedora-coreos/kubernetes/ssh.tf index 98c09699..0ca5f6ba 100644 --- a/bare-metal/fedora-coreos/kubernetes/ssh.tf +++ b/bare-metal/fedora-coreos/kubernetes/ssh.tf @@ -28,17 +28,17 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", "sudo touch /etc/kubernetes", "sudo /opt/bootstrap/layout", ] @@ -65,12 +65,12 @@ resource "null_resource" "copy-worker-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", "sudo touch /etc/kubernetes", ] } diff --git a/bare-metal/flatcar-linux/kubernetes/ssh.tf b/bare-metal/flatcar-linux/kubernetes/ssh.tf index ab91deaf..5a718c1d 100644 --- a/bare-metal/flatcar-linux/kubernetes/ssh.tf +++ b/bare-metal/flatcar-linux/kubernetes/ssh.tf @@ -29,17 +29,17 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", "sudo /opt/bootstrap/layout", ] } @@ -66,12 +66,12 @@ resource "null_resource" "copy-worker-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", ] } } diff --git a/digital-ocean/fedora-coreos/kubernetes/ssh.tf b/digital-ocean/fedora-coreos/kubernetes/ssh.tf index 84bfc621..f5700e9f 100644 --- a/digital-ocean/fedora-coreos/kubernetes/ssh.tf +++ b/digital-ocean/fedora-coreos/kubernetes/ssh.tf @@ -25,17 +25,17 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", "sudo touch /etc/kubernetes", "sudo /opt/bootstrap/layout", ] @@ -55,12 +55,12 @@ resource "null_resource" "copy-worker-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", "sudo touch /etc/kubernetes", ] } diff --git a/digital-ocean/flatcar-linux/kubernetes/ssh.tf b/digital-ocean/flatcar-linux/kubernetes/ssh.tf index f4888fe0..4b3cad5d 100644 --- a/digital-ocean/flatcar-linux/kubernetes/ssh.tf +++ b/digital-ocean/flatcar-linux/kubernetes/ssh.tf @@ -25,17 +25,17 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", "sudo /opt/bootstrap/layout", ] } @@ -54,12 +54,12 @@ resource "null_resource" "copy-worker-secrets" { provisioner "file" { content = module.bootstrap.kubeconfig-kubelet - destination = "$HOME/kubeconfig" + destination = "/home/core/kubeconfig" } provisioner "remote-exec" { inline = [ - "sudo mv $HOME/kubeconfig /etc/kubernetes/kubeconfig", + "sudo mv /home/core/kubeconfig /etc/kubernetes/kubeconfig", ] } } diff --git a/google-cloud/fedora-coreos/kubernetes/ssh.tf b/google-cloud/fedora-coreos/kubernetes/ssh.tf index 6f80c558..18029220 100644 --- a/google-cloud/fedora-coreos/kubernetes/ssh.tf +++ b/google-cloud/fedora-coreos/kubernetes/ssh.tf @@ -24,7 +24,7 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" { diff --git a/google-cloud/flatcar-linux/kubernetes/ssh.tf b/google-cloud/flatcar-linux/kubernetes/ssh.tf index 6f80c558..18029220 100644 --- a/google-cloud/flatcar-linux/kubernetes/ssh.tf +++ b/google-cloud/flatcar-linux/kubernetes/ssh.tf @@ -24,7 +24,7 @@ resource "null_resource" "copy-controller-secrets" { provisioner "file" { content = join("\n", local.assets_bundle) - destination = "$HOME/assets" + destination = "/home/core/assets" } provisioner "remote-exec" {