Is this project still active? - Using env-vars in vars

[unfor19]

Is this project still active? I have a few enhancements that I've added here - https://github.com/unfor19/drone-terraform

I would really like to push it to this project to avoid duplicate work.

[unfor19]

@jmccann ?

[caioquirino]

@unfor19 Yes, the project is still active :) What are the enhancements you are thinking that could be beneficial to the project?

[jmccann]

It's still active in the sense that I work to maintain it by reviewing PRs and such. I don't so much actively try to develop it as I don't use it much myself anymore. Plus there may be other better tools to do automation against TF now such as https://www.runatlantis.io/guide/#getting-started

Totally open to reviewing any potential PRs you'd like to open. Will say that:

• more smaller and more focused PRs preferred vs 1 big PR with all your updates
• unit testing helps PRs get reviewed and merged

[unfor19]

@jmccann @caioquirino Thanks for reaching out! The PR that I want to push - allow the use of environment variables in vars, for example:

.drone.yml

  - name: server-terraform
    when:
      branch:
        - dev
        - staging
    image: unfor19/drone-terraform:dev
    pull: "always"
    environment:
      AWS_ACCESS_KEY_ID:
        from_secret: aws_access_key_id_dev
      AWS_SECRET_ACCESS_KEY:
        from_secret: aws_secret_access_key_dev
      DB_MASTER_PASSWORD:
        from_secret: server_${DRONE_BRANCH}_db_password # <-- set as env var
    settings:
      actions:
        - validate
        - plan
        - apply
      root_dir: ${DRONE_BRANCH}/server
      vars:
        server_image_tag_latest: drone-latest
        environment: ${DRONE_BRANCH}
        db_master_password: $${DB_MASTER_PASSWORD} # <-- using the env var, note the double $$

The rest of the changes that I made are negligible, but I do think that this one is a great improvement. I've already set up this feature for one of my customers, and it works great.

Do you want me to push this PR?

[unfor19]

Created PR #118 which does exactly as I mentioned here :point_up:

Let me know if there's anything else that you want me to add

[jmccann]

@unfor19 Wouldn't the following work based on https://www.terraform.io/docs/configuration/variables.html#environment-variables ?

  - name: server-terraform
    when:
      branch:
        - dev
        - staging
    image: unfor19/drone-terraform:dev
    pull: "always"
    environment:
      AWS_ACCESS_KEY_ID:
        from_secret: aws_access_key_id_dev
      AWS_SECRET_ACCESS_KEY:
        from_secret: aws_secret_access_key_dev
+     # not sure if DB_MASTER_PASSWORD would still be needed either ... maybe could also be removed?
      DB_MASTER_PASSWORD:
        from_secret: server_${DRONE_BRANCH}_db_password # <-- set as env var
+     TF_VAR_db_master_password:
+       from_secret: server_${DRONE_BRANCH}_db_password
    settings:
      actions:
        - validate
        - plan
        - apply
      root_dir: ${DRONE_BRANCH}/server
      vars:
        server_image_tag_latest: drone-latest
        environment: ${DRONE_BRANCH}
-       db_master_password: $${DB_MASTER_PASSWORD} # <-- using the env var, note the double $$

[caioquirino]

I agree that the new feature you have created is nice, but it is possible to implement already, by using drone's own Environment variables, and Terraform's TFVAR* variables and it is more clear for people that is used to drone and terraform as they are built-in features

[unfor19]

Thank you guys, I agree, closing issue and PR