-
Notifications
You must be signed in to change notification settings - Fork 38
Terraform Cloud #42
Comments
@neilmock you could theoretically proxy it if you really have to and then set https://registry.terraform.io/providers/fly-apps/fly/latest/docs#fly_http_endpoin and maybe even you could proxy it with another fly app? I think #31 will solve this in the future. |
@DAlperin I just noticed that the same .tf always times out while trying to create fly_machines using Terraform CLI v1.3.0 which was just released, whereas it applies fine using Terraform CLI v1.2.9:
compared to
|
I literally can't imagine what the terraform cli could possibly be breaking, sigh. Thanks for finding that out. Do you mind opening a new issue for that? In the meantime let me look into it and see what I find out. |
Today, I tried both versions of Terraform CLi again. Actually, with both of them
Re-applying a partially failed apply manages to create the missing machine(s), most of the time in a second or third attempt. Now, I will try with another image in order to exclude that this behavior is actually related to the image I was testing with so far. |
@hb9cwp can you drop your config so I can try out a modified version? |
@DAlperin I have just sent you my build steps with the sources via PM. Thank you. |
Terraform Cloud appears to choke once it tries to open a WG tunnel, although I have added the env variable Here is the detailed output from
|
@hb9cwp thanks for all the materials. I'll take a look. As for the |
@DAlperin any word from the HashiCorp folks? |
I'm also running into the |
@mattste @jbarnette @hb9cwp I have a present for you. The machines API is now public, meaning it does not require any wireguard. If you set the env val FLY_HTTP_ENDPOINT or the provider setting fly_http_endpoint to https://api.machines.dev it should work :) |
@DAlperin It looks like Xmas is early this year! Do you still need to do other changes before cutting a new release? Actually, it's just |
@DAlperin I can confirm that your provider now works with remote Terraform using a workspace on HashiCorp Cloud Platform (HCP) as well (as long as I don't try to use |
I decided to go ahead and publish a fork of this provider that removes the Wireguard tunnel code until @DAlperin can resolve this issue as they see fit. You can access the fork here. To use the provider, configure it like this (if you're using cdktf):
|
@mattste thanks for this. I'll get a new version released today or tomorrow |
Thanks for looking into this! I can confirm changing the endpoint to just the hostname fixes it. I did not look carefully enough at this code to see that it's just a basic connection test not specific to WG. Also, is there a security concern with using |
I'll check to be sure but I'm fairly sure it gets upgraded to https automatically |
I created a post on the Hashicorp forums asking that my provider be unpublished to avoid potential confusion with the official provider. If you happen to have a support contact at Hashicorp then feel free to forward the request. |
I think we can close this :) |
This seems to assume an open WG tunnel during provisioning, I can't think of a way this could work in TF Cloud but might be missing something? Thanks!
The text was updated successfully, but these errors were encountered: