我正在terraform中使用gitlab提供程序,并且已经导入了gitlab用户。但是,当我尝试运行我的Terraform计划时,它说它将重新创建资源。
之所以发生这种情况,是因为我为password参数提供了一个虚拟密码。 我不想改变用户的地形,因为这会影响产品。 我的主要目标是在不更改生产gilab内容的情况下以地形形式处理gitlab用户
如何避免这种情况?这是一个已知问题吗?还是我做错了什么?
Terraform v0.11.7
+ provider.aws v1.54.0
+ provider.gitlab v1.1.0
provider "gitlab" {
base_url = "http://gitlab.XXX.com/api/v4"
token = "${var.gitlab_token}"
}
resource "gitlab_user" "user" {
name = "ab c"
password = "dummypassword"
username = "ab.c"
email = "ab.c@xxx.com"
is_admin = "false"
projects_limit = "100"
can_create_group = "true"
}
我对此值进行了导入。
terraform import -var 'gitlab_token=xxxx' gitlab_user.user 70
gitlab_user.user: Importing from ID "70"...
gitlab_user.user: Import complete!
Imported gitlab_user (ID: 70)
gitlab_user.user: Refreshing state... (ID: 70)
Import successful!
地形计划
-/+ gitlab_user.user (new resource required)
id: "70" => <computed> (forces new resource)
can_create_group: "true" => "true"
email: "" => "ab.c@xxx.com" (forces new resource)
is_admin: "" => "false"
is_external: "" => "false"
name: "ab c" => "ab c"
password: <sensitive> => <sensitive> (attribute changed)
projects_limit: "100" => "100"
skip_confirmation: "" => "true"
username: "ab.c" => "ab.c"
我试图添加生命周期以忽略更改,但是我仍然遇到相同的问题
resource "gitlab_user" "user" {
name = "ab c"
username = "ab.c"
password = "defaultpassword"
email = "ab.c@xxx.com"
is_admin = "false"
projects_limit = "100"
can_create_group = "true"
lifecycle {
ignore_changes = ["password"]
}
}