Closed schollii closed 4 years ago
@schollii you're right, this should be documented somewhere. Right now it's not.
Please have a look here for some of the scripts we've used in the past: https://github.com/cloudposse/terraform-root-modules/tree/master/aws/tfstate-backend/scripts
Thanks that's useful to know. It could be useful to mention the scripts in the docs, but also the procedure I mentioned, in case the scripts are not adequate for whatever reason.
@schollii @osterman. I found and documented a smooth way to apply and destroy using this module. See PR #46.
So the trick of using the module's support for automatically generating a backend.tf file works really nicely and simplifies the destruction. Here is what I use.
# main.tf
module "terraform_state_backend" {
source = "git::https://github.com/cloudposse/terraform-aws-tfstate-backend.git?ref=..."
...
terraform_backend_config_file_name = "backend.tf"
terraform_backend_config_file_path = "."
force_destroy = false
}
Then this is needed only once:
terraform init
: downloads modules and providersterraform apply -auto-approve
: creates the backend.tf
and the s3 bucket etc but state is stored locallyterraform init -force-copy
: moves the state to s3 bucket createSince this is only once I put all these in a script init.sh
that gets run once and that's it. It seems idempotent but I have not pushed testing of that very much.
Once the above is done you can define more resources and terraform apply as needed.
main.tf
edit the module.terraform_state_backend
to have force_destroy
true and terraform_backend_config_file_path
to ""
terraform apply -target module.terraform_state_backend -auto-approve
: activate the above mods (s3 becomes destroyable, remove the backend.tf file)terraform init -force-copy
: move the state to local hostI put all the above in a destroy.sh
script that also check before step 3 that step 2 has been done (actually I could surely have the scrip do step 2 automatically but this way it is a more "conscious" decision by the user to destroy - running it by mistake will fail). Additionally the script does terraform init before step 2 because there are some failure conditions that need it.
Excellent. Thank you. Could you put your scripts in a comment for reference? Then I'll rewrite my doc.
I think this cam be closed. Nice working with you, @schollii.
likewise @jmcgeheeiv thanks for contributing the solution in #46
Found a bug? Maybe our Slack Community can help.
Describe the Bug
The module docs should explain how to cleanup.
Expected Behavior
The module docs would say something like (I'm still confirming the details but I just don't want to loose this issue report):
Destroy
terraform init
force_destroy=true
to yourterraform_state_backend
thenterraform apply
terraform destroy
Warning: while the state is local, the state in the bucket still exists, others (or CI/CD!) should not modify it.