Can null_resource Execute Scripts on Local Machine Instead of Terraform Cloud?
I’m currently working with Terraform Cloud to create an Azure Container App using Terraform as part of my Infrastructure as Code (IaC) efforts. I’m using a null_resource with the local-exec provisioner to execute a script that builds a Docker image and pushes it to Azure Container Registry (ACR). However, I've run into a limitation where the script doesn’t execute as intended because Terraform Cloud runs in a remote environment.
Here’s a snippet of my configuration (sample):
provider "azurerm" {
features {}
}
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "East US"
}
resource "azurerm_container_registry" "acr" {
name = "myUniqueACRName"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
sku = "Basic"
admin_enabled = true
}
resource "null_resource" "deploy_image_acr" {
triggers = {
deploy_time = timestamp()
}
provisioner "local-exec" {
command = "./deploy_to_acr.sh ${var.client_id} ${var.client_secret} ${var.tenant_id} ${var.subscription_id} ${azurerm_container_registry.acr.name} ${var.image_name}"
}
depends_on = [azurerm_container_registry.acr]
}
Bash Script:
#!/bin/bash
# Login to Azure with the Service Principal
az login --service-principal -u "$1" -p="$2" --tenant "$3"
# Set the desired subscription
az account set --subscription "$4"
# Remove all existing images
for repo in $(az acr repository list --name "$5" --output tsv); do
az acr repository delete --name "$5" --repository "$repo" --yes
done
# Build and push the new image
docker build -t <image_name> ..
az acr login --name $5
docker tag <image_name> $5.azurecr.io/<image_name>
docker push $5.azurecr.io/<image_name>
The Problem: When I try to apply this configuration in Terraform Cloud, the local-exec provisioner does not execute the script because it's designed to run on the local machine where Terraform is executed.
Questions:
- Is there a way to execute scripts that are defined in a null_resource or any other resource on my local machine while using Terraform Cloud?
- If local execution isn’t possible, what alternative approaches can I use to run Docker commands or scripts as part of my deployment workflow?
To execute scripts defined in a null_resource or any other resource on my local machine while using Terraform Cloud:
Solution: Ensure that your execution mode is set to local in your workspace. This will store the state file inside Terraform while all infrastructure provisioning occurs on your local machine.
Terraform File Example:
terraform {
required_providers {
azurerm = {
source = "hashicorp/azurerm"
version = "4.2.0"
}
}
cloud {
organization = "org-name"
workspaces {
name = "wk-space"
}
}
}
Setting to Look For in Terraform Cloud:
Navigate to Workspace Settings > Execution Mode.
Documentation: Terraform Cloud Execution Mode
- Azure PowerShell command to list all Azure VM SKU Sizes enabled for Confidential Computing Azure ACC
- Create Azure TimerTrigger Durable Function in python
- Azure File Share: Cannot map network drive
- RBAC with bicep
- ADF expression to convert array to comma separated string
- How to get status of Azure machine learning service pipeline run using Rest Api?
- How do I deploy a Nuxt 3 solution to an Azure Node Web App
- Azure Blob Upload not working in ASP .Net Core Application
- How to clear a Cosmos DB database or delete all items using Azure portal
- Using script commands, how to add multiple scale rules to an Azure Container App?
- User Assigned Managed Identity: No User Assigned or Delegated Managed Identity found for specified ClientId/ResourceId/PrincipalId
- Generate resources dynamically from another group of dynamically generated resources in Terraform
- Column reordering in ADF
- Logic App AuthorizationFailure - vnet integration needed
- Azure blob, controlling filename on download
- Azure VNet peering with Private Link
- Get Private FQDNs, IPs, Names of the Private Endpoints for the Azure resources deployed in an Virtual Network using PowerShell Script
- How to configure appsettings on a auto-generated preview environment
- Using Azure DevOps, how do I migrate a release pipeline to code, similar to build pipeline yml?
- Root login Ubuntu VM on Azure
- Filtering azure devops release build based upon build tag with "Continuous deployment trigger"
- Azure WebApp autoscale
- How to handle long startup times in Azure App Service deployment
- Frontend not available when front and back on same Web App Azure
- Use Salesforce Connectors from Hosted Azure Logic App in VSCode?
- What is considered an ingestion request in Azure Data Explorer?
- Provisioning (SCIM) by Entra/Azure: Why can I not select the "groups" attribute in my attribute mapping?
- Azure function verbose trace logging to Application Insights
- Azure function app GraphServiceClient create list
- Cypress tests fail to run in parallel mode due to mismatched specs between different runs