This project will utilize semantic versioning for its tagging, semver.org

The general format will be :

MAJOR.MINOR.PATCH, eg. 1.0.1

• MAJOR version when you make incompatible API changes
• MINOR version when you add functionality in a backward compatible manner
• PATCH version when you make backward compatible bug fixes Additional labels for pre-release and build metadata are available as extensions to the MAJOR.MINOR.PATCH format.

The Terraform CLI installation instructions have changed due to gpg keyring changes. So we needed refer to the latest install CLI instructions via Terraform Documentation and change the scripting for install.

Install Terraform CLI

This project is built against Ubunutu. Please consider checking your Linux Distrubtion and change accordingly to distrubtion needs.

How To Check OS Version in Linux

Example of checking OS Version:

$ cat /etc/os-release
PRETTY_NAME="Ubuntu 22.04.3 LTS"
NAME="Ubuntu"
VERSION_ID="22.04"
VERSION="22.04.3 LTS (Jammy Jellyfish)"
VERSION_CODENAME=jammy
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=jammy

While fixing the Terraform CLI gpg depreciation issues we notice that bash scripts steps were a considerable amount more code. So we decided to create a bash script to install the Terraform CLI.

This bash script is located here: ./bin/install_terraform_cli

• This will keep the Gitpod Task File (.gitpod.yml) tidy.
• This allow us an easier to debug and execute manually Terraform CLI install
• This will allow better portablity for other projects that need to install Terraform CLI.

A Shebang (prounced Sha-bang) tells the bash script what program that will interpet the script. eg. #!/bin/bash

ChatGPT recommended this format for bash: #!/usr/bin/env bash

• for portability for different OS distributions
• will search the user's PATH for the bash executable

https://en.wikipedia.org/wiki/Shebang_(Unix)

When executing the bash script we can use the ./ shorthand notiation to execute the bash script.

eg. ./bin/install_terraform_cli

If we are using a script in .gitpod.yml we need to point the script to a program to interpert it.

eg. source ./bin/install_terraform_cli

In order to make our bash scripts executable we need to change linux permission for the fix to be exetuable at the user mode.

chmod u+x ./bin/install_terraform_cli

alternatively:

chmod 744 ./bin/install_terraform_cli

https://en.wikipedia.org/wiki/Chmod

We need to be careful when using the Init because it will not rerun if we restart an existing workspace.

https://www.gitpod.io/docs/configure/workspaces/tasks

We can list out all Enviroment Variables (Env Vars) using the env command

We can filter specific env vars using grep eg. env | grep AWS_

In the terminal we can set using export HELLO='world

In the terrminal we unset using unset HELLO

We can set an env var temporarily when just running a command

HELLO='world' ./bin/print_message

Within a bash script we can set env without writing export eg.

#!/usr/bin/env bash

HELLO='world'

echo $HELLO

We can print an env var using echo eg. echo $HELLO

When you open up new bash terminals in VSCode it will not be aware of env vars that you have set in another window.

If you want to Env Vars to persist across all future bash terminals that are open you need to set env vars in your bash profile. eg. .bash_profile

We can persist env vars into gitpod by storing them in Gitpod Secrets Storage.

gp env HELLO='world'

All future workspaces launched will set the env vars for all bash terminals opened in those workspaces.

You can also set en vars in the .gitpod.yml but this can only contain non-senstive env vars.

AWS CLI is installed for the project via the bash script ./bin/install_aws_cli

Getting Started Install (AWS CLI) AWS CLI Env Vars

We can check if our AWS credentials is configured correctly by running the following AWS CLI command:

aws sts get-caller-identity

If it is succesful you should see a json payload return that looks like this:

{
    "UserId": "AIEAVUO15ZPVHJ5WIJ5KR",
    "Account": "123456789012",
    "Arn": "arn:aws:iam::123456789012:user/terraform-beginner-bootcamp"
}

We'll need to generate AWS CLI credits from IAM User in order to the user AWS CLI.

Terraform sources their providers and modules from the Terraform registry which located at registry.terraform.io

• Providers is an interface to APIs that will allow to create resources in terraform.
• Modules are a way to make large amount of terraform code modular, portable and sharable.

Random Terraform Provider

We can see a list of all the Terrform commands by simply typing terraform

At the start of a new terraform project we will run terraform init to download the binaries for the terraform providers that we'll use in this project.

terraform plan

This will generate out a changeset, about the state of our infrastructure and what will be changed.

We can output this changeset ie. "plan" to be passed to an apply, but often you can just ignore outputting.

terraform apply

This will run a plan and pass the changeset to be execute by terraform. Apply should prompt yes or no.

If we want to automatically approve an apply we can provide the auto approve flag eg. terraform apply --auto-approve

teraform destroy This will destroy resources.

You can alos use the auto approve flag to skip the approve prompt eg. terraform apply --auto-approve

.terraform.lock.hcl contains the locked versioning for the providers or modulues that should be used with this project.

The Terraform Lock File should be committed to your Version Control System (VSC) eg. Github

.terraform.tfstate contain information about the current state of your infrastructure.

This file should not be commited to your VCS.

This file can contain sensentive data.

If you lose this file, you lose knowning the state of your infrastructure.

.terraform.tfstate.backup is the previous state file state.

.terraform directory contains binaries of terraform providers.

Terraform must store state about your managed infrastructure and configuration. This state is used by Terraform to map real world resources to your configuration, keep track of metadata, and to improve performance for large infrastructures.

This state is stored by default in a local file named "terraform.tfstate", but we recommend storing it in Terraform Cloud to version, encrypt, and securely share it with your team.

Terraform uses state to determine which changes to make to your infrastructure. Prior to any operation, Terraform does a refresh to update the state with the real infrastructure.

The primary purpose of Terraform state is to store bindings between objects in a remote system and resource instances declared in your configuration. When Terraform creates a remote object in response to a change of configuration, it will record the identity of that remote object against a particular resource instance, and then potentially update or delete that object in response to future configuration changes.

For more information on why Terraform requires state and why Terraform cannot function without state, please see the page state purpose. terraform.tfstate

When attempting to run terraform login it will launch bash a wiswig view to generate a token. However it does not work expected in Gitpod VsCode in the browser.

The workaround is manually generate a token in Terraform Cloud

https://app.terraform.io/app/settings/tokens?source=terraform-login

Then create open the file manually here:

touch /home/gitpod/.terraform.d/credentials.tfrc.json
open /home/gitpod/.terraform.d/credentials.tfrc.json

Provide the following code (replace your token in the file):

{
  "credentials": {
    "app.terraform.io": {
      "token": "YOUR-TERRAFORM-CLOUD-TOKEN"
    }
  }
}

I forgot to create another issue and a terraform cloud backend branch, we were working from main so after creating the new branch we did git add . then git stash save then we checkout to new branch and we apply git stash apply

We have automated this workaround with the following bash script bin/generate_tfrc_credentials

open ~/.bash_profile

we add alias tf="terraform" in the file

we reload it using source ~/.bash_profile

We need to wwrite a bash script set_tf_alias to add this alias to .bash_profile and we add it to gitpod

Terraform is Infrastructure as code to create ressources in servers, virtual machines, public clouds and the written code is HCL : Hashicorp Language