scottwinkler/terraform-provider-shell

Error: changes to `lifecycle_commands` and/or `interpreter` should not be follwed by changes to other arguments

Opened this issue · 4 comments

vknemanavar commented

we are using shell_script resource to create IBM VPN server, first time creation resource creation worked perfectly but second time when we run plan getting below error
Error: changes to lifecycle_commands and/or interpreter should not be follwed by changes to other arguments

Here is our TF code
resource "shell_script" "vpn_server_route" {

lifecycle_commands {
create = file("${path.module}/scripts/create-vpn-route.sh")
read = file("${path.module}/scripts/read-vpn-route.sh")
delete = file("${path.module}/scripts/delete-vpn-route.sh")
}

environment = {
REGION = var.region
RESOURCE_GROUP = var.resource_group_name
VPC_NAME = var.vpc_name
VPN_SERVER_NAME = var.vpn_instance_name
API_KEY = var.ibmcloud_api_key

VPN_ROUTE_NAME        = var.vpn_route_name != "" ? var.vpn_route_name : "${var.vpn_instance_name}-default-route"
VPN_ROUTE_DESTINATION = var.vpn_route_destination
VPN_ROUTE_ACTION      = var.vpn_route_action

}

working_directory = path.module

}

richardj-bsquare commented

Yes, this is irksome for me also, since I'm using the shell resource to do git manipulation across multiple repositories. The environment contains a hash (of git ls-remote) that indicates which repositories have changed and need updating.

Since the for_each contains around 250 repositories; at least one of them always has a change. So it's practically impossible to change the script since one of those 250 repositories will have changed and hence the environment will have changed.

I have to keep 'state rm'-ing the relevant portions.

Can we lift this restriction?

pennersm commented

I am running into the same error with a almost identical config. It's a pitty, because if that would work, it'd be a really clean and native way to integrate a shell. E.g. to call ansible-playbook in an ENV that is feed from Terraform, very handy ....

resource "shell_script" "call_ansible" {
lifecycle_commands {
create = <<-EOF
cd "${path.module}/ansible/" && ansible-playbook -l ${path.module}/${var.ansible_playbook}
EOF
delete = "rm -f ${path.module}/${var.ansible_log}"
}
environment = {
ANSIBLE_PRIVATE_KEY_FILE = var.ansible_privkey
ANSIBLE_LOG_PATH = var.ansible_log
ANSIBLE_REMOTE_USER = var.ami_user
ANSIBLE_INVENTORY = var.ansible_hosts
}
depends_on = [local_file.ansible_inventory]
}

TJM commented

There should at least be an option to override this. It is probably a decent restriction most of the time, but for me it just makes one MR turn into about 3-4.

cveld commented

@scottwinkler there is a typo in this message follwed -> followed 😅