Description
I'm using Hashicorp Cloud to store state file. I'd like to review/approve plans with the tofu controller/CLI. The backend for Hashicorp is configured in my Terraform with a section like the one below
backend "remote" {
hostname = "app.terraform.io"
organization = "acme_inc"
workspaces {
name = "kubernetes-defaults"
}
}
It took me a while to understand how to configure the backend in the Terraform resource.
It looks like the controller will try to define a file "backend_override.tf" with a backend stanza e.g.
terraform {
backend "kubernetes" {
secret_suffix = "all-projects"
in_cluster_config = true
namespace = "flux-system"
labels = {
}
}
That code is here
You can disable that by disabling the backendConfig
backendConfig:
disable: true
But then I couldn't find my plan anywhere. It looks like if you disable the backend then a dummy terrraform plan gets saved
However, it looks like I can use backendCustomConfiguration to avoid disabling the backend while not adding a new backend definition.
So I changed my configuration to
backendConfig:
# See: https://github.com/flux-iac/tofu-controller/blob/90ae7db8a627e37ff77409e8a0fbd9227dfd7781/controllers/tf_controller_backend.go#L76
# We pass along an empty configuration so that the TOFU conroller won't override the backend we have configured in our Terraform.
customConfiguration: |
// Empty custom configuration so that backend configuration
// defined in the terraform will be used
This seems to be working as expected.
No action needed. Merely wanted to document this in case other people hit this issue.