CDKTF CLI: CLI hangs if in interactive input is required during CDKTF commands

[OliverWessels]

Expected Behavior

If a module references a git repository for its source (https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository), you may be be prompted during CDKTF commands to enter a passphrase for your SSH key or add to the list of known hosts if you have not cloned from that repo before.

Running a command such as yarn run cdktf get (with CDKTF set up for an npm package) should pause and show the input prompts to the user.

Actual Behavior

The input prompts do very briefly appear (for maybe a single frame) but then get written over by the line downloading and generating modules and providers.... Trying to type in values does not work either. The CLI hangs as a result.

This appears similar to https://github.com/hashicorp/terraform-cdk/issues/398 where the CLI hangs because it never displays a prompt and receives input from the user.

Steps to Reproduce

1. Set up the CDKTF CLI with TypeScript
2. Create a Terraform module in a .tf file e.g. something like module "my_module" { ... } with source set to a git repository that contains a source module (https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository)
3. Remove the repository from ~/.ssh/known_hosts so that you will be prompted to confirm that you trust the repo.
4. Run yarn run cdktf get

Versions

language: typescript cdktf-cli: 0.16.3 node: v19.9.0 cdktf: 0.16.3 constructs: 10.2.43 jsii: null terraform: 1.4.6 arch: arm64 os: linux 5.15.49-linuxkit

Providers

We are using SignalFX provider 6.24 and a provider for our own in-house tool. However this is not provider-specific because the CLI is hanging before reaching anything provider-specific.

Gist

No response

Possible Solutions

I suspect that the CDKTF CLI is not properly passing along stdin / allowing the process to pause and receive input from the user.

Workarounds

I had to manually run SSH commands before CDKTF, e.g. to try and prevent the case where CDKTF needs input mid-way through. There are still cases where this is not possible though.

Anything Else?

No response

References

• https://github.com/hashicorp/terraform-cdk/issues/398
• https://developer.hashicorp.com/terraform/language/modules/sources#generic-git-repository

Help Wanted

• [ ] I'm interested in contributing a fix myself

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[DanielMSchmidt]

That's an unfortunate bug, I think as a workaround you could use e.g. git submodule to download the module and reference it as a local module in your cdktf.json file.

[OliverWessels]

Thanks for the suggestion @DanielMSchmidt! One other thing I forgot to mention is that we reference different tags of the git repo e.g. using ?ref=7.1.1 and ?ref=7.2.0, so I think we'd have to to something like checking out each different tag, or cloning the target repo, including tags, and then reference it with git locally somehow (I haven't tried this, would need to dig into feasibility).

I think it would still be good to address the root cause, in case anything else needs an interactive input during CDKTF commands (e.g. the linked issue about hanging on terraform input).

[razine-bensari]

@OliverWessels I stumbled upon a similar issue with cdktf login or cdktf init and we need standard input (say terraform cloud api token).

What worked for me is the following:

cat "your-standard-input" | cdktf login

I created an issue here: https://github.com/hashicorp/terraform-cdk/issues/3470 Planning on raising a fix, hopefully soon