Add support for remote state lock

[Zelpher]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Description

We use Scaleway object storage to store remote state, but as mentioned in the documentation, it does not support state locking for the moment :

Be careful as no locking mechanism are yet supported. Using scaleway object storage as terraform backend is not suitable if you work in a team with a risk of simultaneous access to the same plan.

Is this feature actually in your roadmap ? It would be nice to also have a proper backend configuration relying on SCW CLI configuration file instead of duplicating in an S3 credentials file !

Potential Terraform Configuration

terraform {
  backend "scw" {
    bucket                      = "terraform-state"
    key                         = "my_state.tfstate"
    region                      = "fr-par"
    lock                        = true
  }
}

[Codelax]

Hello, Scaleway object does not support state locking as it is not supported for S3. As seen Terraform S3 backend documentation, locking is not available using it, you must add a dynamoDB.

The recommended backend at scaleway is postgre, although it require a managed database. It should get better with new products found in our beta page but I don't have a good solution for now if you don't already have a postgresql db running.

[Zelpher]

Hi,

Thanks for your response ! In fact, I used to implement Terraform remote state with S3 (and DynamoDB for lock), but deploying new stuffs on Scaleway, I do not want to depend from an another Cloud provider service if possible.

Postgres sounds great, but is a bit more expensive and error prone (without HA) than a simple object storage service. Do you mean serverless DB (beta) or other might be a viable / better solution ?

[boomaker]

Hi,

If you use GitLab, it can store natively Terraform states & handle locking: https://docs.gitlab.com/ee/user/infrastructure/iac/terraform_state.html

[Codelax]

I didn't put my hand on serverless DB yet but I hope it will allow us to have an easy terraform state backend. For gitlab, if you have a self-hosted one, be careful with clustered deployment and local storage, your state may also not be safe if using local storage.