search

NixOS / nixpkgs

Nix Packages collection & NixOS
MIT License
18.06k stars 14.08k forks source link

Unable to use old versions of terraform #218617

Open jrluis opened 1 year ago

jrluis commented 1 year ago

Describe the bug

nixpkgs used to have many versions of terraform, but at some point in time, it started to have only the latests version of terraform.

We are managing around 50 terraform modules, with many versions of terraform being used, the code base is quite large (upwards of 200k lines of hcl), which makes it quite impossible to be always on the latest version.

I've tried to use an old version of nix pkgs, but the version of the nixpkgs repository that had terraform 1.0.0 is quite old, which causes compatibility issues with the latest nix version. Raising the following error:

direnv: loading ~/work/terraform-modules/stacks/gcp_rt_pipeline/1.1.0/.envrc
direnv: using flake
warning: Git tree '/Users/jrluis/work/terraform-modules' is dirty
warning: creating lock file '/Users/jrluis/work/terraform-modules/stacks/gcp_rt_pipeline/1.1.0/flake.lock'
warning: Git tree '/Users/jrluis/work/terraform-modules' is dirty
error: The option `warnings' does not exist. Definition values:
       - In `/nix/store/wbz50d6v9vwdw7h44x5sxiils14hpmdm-source/src/modules/services/redis.nix': [ ]
(use '--show-trace' to show detailed location information)

I've tried to find any guidance/docs on how to run the old versions of terraform, but found nothing that could help.

I'm currently running nix (Nix) 2.10.3

Steps To Reproduce

Steps to reproduce the behavior:

  1. Install nix version 2.10.3
  2. Create a flake with reference to nixpkgs "github:nixos/nixpkgs?rev=56f08c070d1e7bc170cce570a791a32089a3e8fa"
  3. When activating a nix shell, it will output an error in the redis nix expression, halting the activation

Expected behavior

To be able to install in a flake any terraform version to be able to support multiples versions of terraform code

Metadata

❯ nix-shell -p nix-info --run "nix-info -m"
these 2 paths will be fetched (0.01 MiB download, 0.14 MiB unpacked):
  /nix/store/d1nci0syj7sn38bz157z49z5p34yl1gz-nix-info
  /nix/store/dqwlzb1jb51padp3f09nj470kfy96yha-DarwinTools-1
copying path '/nix/store/dqwlzb1jb51padp3f09nj470kfy96yha-DarwinTools-1' from 'https://cache.nixos.org'...
copying path '/nix/store/d1nci0syj7sn38bz157z49z5p34yl1gz-nix-info' from 'https://cache.nixos.org'...
 - system: `"aarch64-darwin"`
 - host os: `Darwin 21.4.0, macOS 12.3.1`
 - multi-user?: `yes`
 - sandbox: `no`
 - version: `nix-env (Nix) 2.10.3`
 - channels(root): `"nixpkgs"`
 - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixpkgs`
thornycrackers commented 1 year ago

I'm not sure what the official way is, but I use the pkgs.mkTerraform function to generate the versions I need:

  environment.systemPackages = with pkgs;
    let
      terraform-1_0_4 = pkgs.mkTerraform {
        version = "1.0.4";
        sha256 = "09g0ln247scv8mj40gxhkij0li62v0rjm2bsgmvl953aj7g3dlh1";
        vendorSha256 = "07pzqvf9lwgc1fadmyam5hn7arlvzrjsplls445738jpn61854gg";
      };
    in
  [
    terraform-1_0_4
  ];

Hopefully that helps.

x418 commented 1 year ago

I also don't know if there's any other way, but I quite like using flakes & have recently been using the following workflow to work with older versions of terraform. I have a couple of rudimentary nix flake templates in my private repo that I bootstrapped following the nix flake tutorial.

  1. Found the revision of packages for terraform 1.0.8 using the excellent (but what sadly appears to be unmaintained) https://lazamar.co.uk/nix-versions/ and created the following rudimentary flake (pinned to 1.0.8 which is the version I use on a daily basis). 
{
  description = "A flake for terraform pinned to specific version";

  inputs = {
    nixpkgs.url = "nixpkgs"; # Resolves to github:NixOS/nixpkgs
    # Helpers for system-specific outputs
    flake-utils.url = "github:numtide/flake-utils";
  };

  outputs = { self, nixpkgs, flake-utils }:
    flake-utils.lib.eachDefaultSystem (system:
     # Fetched via https://lazamar.co.uk/nix-versions/?channel=nixpkgs-unstable&package=terraform
      let oldPkgs = import (builtins.fetchTarball {
                                url = "https://github.com/NixOS/nixpkgs/archive/2cdd608fab0af07647da29634627a42852a8c97f.tar.gz";
                                sha256= "sha256:1szv364xr25yqlljrlclv8z2lm2n1qva56ad9vd02zcmn2pimdih";
                            }) { inherit system;};
      terraform_1_0_8 = oldPkgs.terraform;
      pkgs = nixpkgs.legacyPackages.x86_64-linux;
      in
      {
         devShell = pkgs.mkShell { buildInputs = [ terraform_1_0_8 pkgs.tflint pkgs.terraform-docs ]; };
      });
}
  1. Added my private flake templates repo to the registry like so nix registry add myflakes github:x418/nix-flake-templates
  2. Then all I need to do after checking out a repo containing terraform modules is to run nix flake init -t myflakes#terraform.
  3. Use .envrc & direnv to enable automatically use the flake (The flake template repo already has an .envrc file with a use flake line)

So far, this is all I needed. But, I can imagine extending this to make it a bit more configurable with various version.

Hope that helps

fstaffa commented 1 year ago

With flakes you can make it even easier - you can use the specific nixpkgs commit as a flake input (and don't have to specify hash as with fetchTarball)

{
  description = "A flake for terraform pinned to specific version";

  inputs = {
    nixpkgs.url = "nixpkgs"; # Resolves to github:NixOS/nixpkgs
    # Helpers for system-specific outputs
    flake-utils.url = "github:numtide/flake-utils";
    # Fetched via https://lazamar.co.uk/nix-versions/?channel=nixpkgs-unstable&package=terraform
    terraform_1_0_8-nixpkgs.url = "github:NixOS/nixpkgs/2cdd608fab0af07647da29634627a42852a8c97f";
  };

  outputs = { self, nixpkgs, flake-utils, terraform_1_0_8-nixpkgs }:
    flake-utils.lib.eachDefaultSystem (system:
      let pkgs = nixpkgs.legacyPackages.${system};
      in
        {
          devShell = pkgs.mkShell { buildInputs = [ terraform_1_0_8-nixpkgs.legacyPackages.${system}.terraform pkgs.tflint pkgs.terraform-docs ]; };
        });
}
jdheyburn commented 1 year ago

I'm trying to build an old terraform version on nix-darwin, but I get this error - sharing in case anyone has any suggestions.

these 12 derivations will be built:
  /nix/store/49m6nc54cfs7f70mz4i030ld4dqkp3sf-terraform-1.0.4-go-modules.drv
  /nix/store/1cs28w9hg397myacnf58zmnw94yzxb9s-terraform-1.0.4.drv
  /nix/store/99nmv3y8rhaf7i3lcycfw9yld2ppynyk-home-manager-path.drv
  /nix/store/1j2glnaixls8vbjvjfbxx1glzdrjvnwb-user-environment.drv
  /nix/store/r6025hcs9rpv84pdhc9c904yp1dr10b4-home-manager-applications.drv
  /nix/store/7izw7amvcrcr6qkhnhqg9f52jp923hsj-home-manager-files.drv
  /nix/store/lmmb8mfh69626pgxw7nc96c035r865rs-home-manager-fonts.drv
  /nix/store/940x3rwdnybv9lfb9lskc0qbw8hs7y8h-activation-script.drv
  /nix/store/48z1l0i6zfb9d61ki08rx8v997zqmbq4-home-manager-generation.drv
  /nix/store/7n9wgpznxrk2xraasn69w1184vld4slr-etc.drv
  /nix/store/vvs24f9i7s019f2pvgmh9nxlk6gk2nbw-activation-joseph.heyburn.drv
  /nix/store/6w98ch9zcai7p8p0gk8y7skd6cdc1lkv-darwin-system-23.05.20230307.c707238+darwin4.87b9d09.drv
Password:
don't know how to build these paths:
  /nix/store/6pjc5rj6nixmni08m519jp776xgzpcy8-darwin-system-23.05.20230307.c707238+darwin4.87b9d09
error: build of '/nix/store/6pjc5rj6nixmni08m519jp776xgzpcy8-darwin-system-23.05.20230307.c707238+darwin4.87b9d09' failed
nixos-discourse commented 1 year ago

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/use-a-specific-version-of-terraform-in-a-nix-shell/27880/1

rjpcasalino commented 1 year ago

@fstaffa worked like a charm! many thanks; also hot tip with https://lazamar.co.uk/nix-versions/?channel=nixpkgs-unstable&package=terraform