Having trouble with Level1 azure_devops deployment
kgibson-insight opened this issue · 3 comments
kgibson-insight commented
Describe the bug
var.global_settings.regions is null on deploy of level1
To Reproduce
Update regions to custom
Successfully deploy level0/launchpad
Deploy level1 with command
rover -lz /tf/caf/walkthrough/landingzones/caf_solution \
-var-folder /tf/caf/walkthrough/configuration/sandpit/level1/gitops/azure_devops_agents_vm \
-tfstate azure_devops_agents_vm.tfstate \
-level level1 \
-env sandpit \
-a apply
Produces:
│ Warning: Value for undeclared variable
│
│ The root module does not declare a variable named "azure_devops" but a
│ value was found in file
│ "/tf/caf/walkthrough/configuration/sandpit/level1/gitops/azure_devops_agents_vm/landingzone.tfvars".
│ If you meant to use this value, add a "variable" block to the
│ configuration.
│
│ To silence these warnings, use TF_VAR_... environment variables to provide
│ certain "global" settings to all configurations in your organization. To
│ reduce the verbosity of these warnings, use the -compact-warnings option.
╵
Terraform plan return code: 1
Terraform returned errors:
╷
│ Error: Attempt to index null value
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/resource_group/module.tf line 15, in resource "azurerm_resource_group" "rg":
│ 15: location = var.global_settings.regions[lookup(var.settings, "region", var.global_settings.default_region)]
│ ├────────────────
│ │ var.global_settings.default_region is "region1"
│ │ var.global_settings.regions is null
│ │ var.settings is object with 1 attribute "name"
│
│ This value is null, so it does not have any indices.
╵
╷
│ Error: Attempt to index null value
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/resource_group/module.tf line 15, in resource "azurerm_resource_group" "rg":
│ 15: location = var.global_settings.regions[lookup(var.settings, "region", var.global_settings.default_region)]
│ ├────────────────
│ │ var.global_settings.default_region is "region1"
│ │ var.global_settings.regions is null
│ │ var.settings is object with 1 attribute "name"
│
│ This value is null, so it does not have any indices.
╵
╷
│ Error: Attempt to index null value
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/resource_group/module.tf line 15, in resource "azurerm_resource_group" "rg":
│ 15: location = var.global_settings.regions[lookup(var.settings, "region", var.global_settings.default_region)]
│ ├────────────────
│ │ var.global_settings.default_region is "region1"
│ │ var.global_settings.regions is null
│ │ var.settings is object with 1 attribute "name"
│
│ This value is null, so it does not have any indices.
╵
╷
│ Error: Attempt to index null value
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/resource_group/module.tf line 15, in resource "azurerm_resource_group" "rg":
│ 15: location = var.global_settings.regions[lookup(var.settings, "region", var.global_settings.default_region)]
│ ├────────────────
│ │ var.global_settings.default_region is "region1"
│ │ var.global_settings.regions is null
│ │ var.settings is object with 1 attribute "name"
│
│ This value is null, so it does not have any indices.
╵
╷
│ Error: Attempt to index null value
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/resource_group/module.tf line 15, in resource "azurerm_resource_group" "rg":
│ 15: location = var.global_settings.regions[lookup(var.settings, "region", var.global_settings.default_region)]
│ ├────────────────
│ │ var.global_settings.default_region is "region1"
│ │ var.global_settings.regions is null
│ │ var.settings is object with 1 attribute "name"
│
│ This value is null, so it does not have any indices.
╵
╷
│ Error: Invalid index
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/security/keyvault_access_policies/policies.tf line 48, in module "azuread_group":
│ 48: object_id = try(each.value.lz_key, null) == null ? var.azuread_groups[var.client_config.landingzone_key][each.value.azuread_group_key].id : var.azuread_groups[each.value.lz_key][each.value.azuread_group_key].id
│ ├────────────────
│ │ each.value.azuread_group_key is "keyvault_level1_rw"
│ │ each.value.lz_key is "launchpad"
│ │ var.azuread_groups is object with 4 attributes
│
│ The given key does not identify an element in this collection value.
╵
╷
│ Error: Invalid index
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/security/keyvault_access_policies/policies.tf line 48, in module "azuread_group":
│ 48: object_id = try(each.value.lz_key, null) == null ? var.azuread_groups[var.client_config.landingzone_key][each.value.azuread_group_key].id : var.azuread_groups[each.value.lz_key][each.value.azuread_group_key].id
│ ├────────────────
│ │ each.value.azuread_group_key is "keyvault_level1_rw"
│ │ each.value.lz_key is "launchpad"
│ │ var.azuread_groups is object with 4 attributes
│
│ The given key does not identify an element in this collection value.
╵
╷
│ Error: Invalid index
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/security/keyvault_access_policies/policies.tf line 48, in module "azuread_group":
│ 48: object_id = try(each.value.lz_key, null) == null ? var.azuread_groups[var.client_config.landingzone_key][each.value.azuread_group_key].id : var.azuread_groups[each.value.lz_key][each.value.azuread_group_key].id
│ ├────────────────
│ │ each.value.azuread_group_key is "keyvault_level1_rw"
│ │ each.value.lz_key is "launchpad"
│ │ var.azuread_groups is object with 4 attributes
│
│ The given key does not identify an element in this collection value.
╵
╷
│ Error: Invalid index
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/security/keyvault_access_policies/policies.tf line 48, in module "azuread_group":
│ 48: object_id = try(each.value.lz_key, null) == null ? var.azuread_groups[var.client_config.landingzone_key][each.value.azuread_group_key].id : var.azuread_groups[each.value.lz_key][each.value.azuread_group_key].id
│ ├────────────────
│ │ each.value.azuread_group_key is "keyvault_level1_rw"
│ │ each.value.lz_key is "launchpad"
│ │ var.azuread_groups is object with 4 attributes
│
│ The given key does not identify an element in this collection value.
╵
╷
│ Error: Invalid index
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/security/keyvault_access_policies/policies.tf line 48, in module "azuread_group":
│ 48: object_id = try(each.value.lz_key, null) == null ? var.azuread_groups[var.client_config.landingzone_key][each.value.azuread_group_key].id : var.azuread_groups[each.value.lz_key][each.value.azuread_group_key].id
│ ├────────────────
│ │ each.value.azuread_group_key is "keyvault_level1_rw"
│ │ each.value.lz_key is "launchpad"
│ │ var.azuread_groups is object with 4 attributes
│
│ The given key does not identify an element in this collection value.
Expected behavior
Level 1 deploy success
Screenshots
If applicable, add screenshots to help explain your problem.
Environment (please complete the following information):
- OS: macOS
- Rover Version: aztfmod/rover:1.0.1-2106.3012
Additional context
Add any other context about the problem here.
kgibson-insight commented
resolved
│ Error: Attempt to index null value
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/resource_group/module.tf line 15, in resource "azurerm_resource_group" "rg":
│ 15: location = var.global_settings.regions[lookup(var.settings, "region", var.global_settings.default_region)]
│ ├────────────────
│ │ var.global_settings.default_region is "region1"
│ │ var.global_settings.regions is null
│ │ var.settings is object with 1 attribute "name"
│
│ This value is null, so it does not have any indices.
by adding
global_settings = {
regions = {
region1 = "my_region_1"
region2 = "my_region_2"
}
}
to ../level1/gitops/azure_devops_agents_vm/landingzone.tfvars
kgibson-insight commented
still getting error
│ Error: Invalid index
│
│ on /home/vscode/.terraform.cache/modules/solution/modules/security/keyvault_access_policies/policies.tf line 48, in module "azuread_group":
│ 48: object_id = try(each.value.lz_key, null) == null ? var.azuread_groups[var.client_config.landingzone_key][each.value.azuread_group_key].id : var.azuread_groups[each.value.lz_key][each.value.azuread_group_key].id
│ ├────────────────
│ │ each.value.azuread_group_key is "keyvault_level1_rw"
│ │ each.value.lz_key is "launchpad"
│ │ var.azuread_groups is object with 4 attributes
│
│ The given key does not identify an element in this collection value.
I don't fully understand this error message nor how var.client_config.landingzone_key gets populated.
pmatthews05 commented
It should be reading in the regions from what was set from the level0 state file. You shouldn't need to re-add global settings to level1.
Is your level0 state file name matching the landingzone state file name in landingzones.tfvars file?
https://github.com/Azure/caf-terraform-landingzones-starter/blob/starter/configuration/sandpit/level1/gitops/azure_devops_agents_vm/landingzone.tfvars#L9
Currently I have a pull request, where I re-wrote instructions to deploy sandpit with pipelines, level 0 - 3. Couldn't get level4 deployed so haven't included it yet.
This pull request also contains changes to some other files to get the pipelines to work.