Tainting does not work

[kbrady-wooliesx]

Hi,

I store my state in an azure storage container, and when I run the command terraform taint -state "statename.tfstate" -state-out "statename.tfstate" "azurerm_virtual_machine_extension.azw-dsc" the arguments -input=false -no-color are appended (from looking at the powershell source). This causes terraform to throw the error The taint command expects exactly one argument.

Is there another way I can run the taint command or disable the input=false arg for it? It doesnt look like taint supports it.

Thanks

[mud5150]

@kbrady-wooliesx Typically taint is run in a one-off scenario. I'm pretty sure that's why terraform doesn't support the -input=false command since they don't expect it to be run by automation. Is there a scenario where you would need to taint a resource on every build?

[kbrady-wooliesx]

@mud5150 yep - using it in a cicd scenario where the underlying infrastructure is retained, all that is tainted is a virtual machine custom extension in azure. when apply is run, the extension is recreated, which reruns the dsc process and allow it to get the latest build of the code. this saves time as the whole vm does not need to be reprovisioned.

[mud5150]

@kbrady-wooliesx That's a pretty creative use of taint and the VM extensions. There are quite a few more standard options for kicking off a DSC run. If you're just loading the DSC config locally on the Azure VM you could use Azure powershell to run Invoke-AzVMRunCommand to run Start-DscConfiguration which seems like what you're doing with the taint option. Of course Azure has a lot more options with DSC in Azure automation but that may be more complicated than what you need.

I think in the future I'll update the docs to show which commands support automation.

[kbrady-wooliesx]

@mud5150 having a terraform state file makes it much easier to update via a taint than having to work out the vm name and run the Invoke-AzVMRunCommand against it :)

[ddarwent]

I've also run into this problem. I taint the script for the custom script extension script in storage, as without the taint the blob doesn't get updated by Terraform when it's changed.

Without taint support I can't use this task.