sudoprovisioningterraform

How to run sudo commands in terraform?


My question is similar to this git hub post, but unfortunately it is unsolved:

https://github.com/hashicorp/terraform/issues/550

I want a simple way to give sudo privileges to the commands run in the provisioner "remote-exec" { } block of my terraform scripts.

I am coming from an ansible background that has the sudo: yes option that allows any commands ansible runs to run commands with sudo privileges when using the --ask-sudo-pass optional in my ansible-playbook run commands. I would like to do something like that in the provisioner "remote-exec" block of my terraform script.

Here is the provisioner "remote-exec" block I want to run:

  provisioner "remote-exec" {
    inline = [
      "sudo apt-get update",
      "sudo apt-get install -y curl"
    ]
  }

When I run this in my terraform apply I see the following lines appear in the output of this command:

openstack_compute_instance_v2.test.0 (remote-exec): [sudo] password for myUserName:
openstack_compute_instance_v2.test.1 (remote-exec): [sudo] password for myUserName:
openstack_compute_instance_v2.test.2 (remote-exec): [sudo] password for myUserName:

Then it just gives me an infinite number of these:

openstack_compute_instance_v2.test.0: Still creating... 
openstack_compute_instance_v2.test.1: Still creating... 
openstack_compute_instance_v2.test.2: Still creating... 

So how do I fix this and let terraform run sudo commands?

Note: The connection for my provisioner "remote-exec" block cannot be root, so even though that would be a simple solution its not what I can use.


Solution

  • The answer was to use the following syntax in my first sudo command:

    "echo yourPW | sudo -S someCommand" 
    

    This bypasses the sudo password prompt and enters the password directly into the command. I already had my sudo password as a variable "${var.pw}" so running my sudo commands was the simple matter of changing my first command to:

      provisioner "remote-exec" {
        inline = [
          "echo ${var.pw} | sudo -S apt-get update",
          "sudo apt-get install -y curl"
        ]
      }