Open
Description
I am trying to add a secret to Google Secret Manager (GCP).
The secret will come from a variable defined in Terraform Enterprise (see https://www.hashicorp.com/blog/variable-management-in-terraform-cloud/ for more details).
However, referring to a Variable object prevents the stack to be serialized:
$ terraformpy
terraformpy - Processing: main.tf.py
terraformpy - Writing main.tf.json
Traceback (most recent call last):
File "/private/tmp/terraformpy-bug/.venv/bin/terraformpy", line 10, in <module>
sys.exit(main())
File "/private/tmp/terraformpy-bug/.venv/lib/python3.8/site-packages/terraformpy/cli.py", line 46, in main
json.dump(compile(), fd, indent=4, sort_keys=True)
File "/usr/local/Cellar/[email protected]/3.8.2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/__init__.py", line 179, in dump
for chunk in iterable:
File "/usr/local/Cellar/[email protected]/3.8.2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/encoder.py", line 431, in _iterencode
yield from _iterencode_dict(o, _current_indent_level)
File "/usr/local/Cellar/[email protected]/3.8.2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/encoder.py", line 405, in _iterencode_dict
yield from chunks
File "/usr/local/Cellar/[email protected]/3.8.2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/encoder.py", line 405, in _iterencode_dict
yield from chunks
File "/usr/local/Cellar/[email protected]/3.8.2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/encoder.py", line 405, in _iterencode_dict
yield from chunks
[Previous line repeated 1 more time]
File "/usr/local/Cellar/[email protected]/3.8.2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/encoder.py", line 438, in _iterencode
o = _default(o)
File "/usr/local/Cellar/[email protected]/3.8.2/Frameworks/Python.framework/Versions/3.8/lib/python3.8/json/encoder.py", line 179, in default
raise TypeError(f'Object of type {o.__class__.__name__} '
TypeError: Object of type Variable is not JSON serializableContext
Using python3 on OSX:
$ python3 --version
Python 3.8.2
$ system_profiler SPSoftwareDataType|grep macOS | xargs
System Version: macOS 10.15.4 (19E287)
$ pip list | grep -i terraformpy
terraformpy 1.3.0Repro steps
The script:
from terraformpy import Resource
from terraformpy import Variable
v = Variable("my_secret", type="string", description="secret for my project")
s = Resource(
"google_secret_manager_secret",
"my_project_secret_id",
provider="google-beta",
secret_id="my_project_secret_id",
replication=dict(automatic=True),
)
Resource(
"google_secret_manager_secret_version",
"my_project",
provider="google-beta",
secret=s.id,
secret_data=v,
)The steps:
mkdir -p /tmp/terraformpy-bug
cd /tmp/terraformpy-bug
pbpaste > main.tf.py
python3 -m venv .venv
source .venv/bin/activate
pip install terraformpy
terraformpyWorkaround
The workaround I am using is to manually "serialize" the variable:
secret_data="${var.my_secret}",But that defeats the purpose of using a python object.
Metadata
Metadata
Assignees
Labels
No labels