Terraform 13,根据另一个值验证变量
Terraform 13, Validate variable base on the value of another
有没有办法实现下面的逻辑
variable "environment" {
description = "The environment this will be run in can only be set to [preprod|test|prod]"
type = string
default = "test"
validation {
condition = can(regex("^(prod|preprod|test)$", var.environment))
error_message = "The environment variable can only be set to [prod|preprod|test]."
}
}
variable "fet_code" {
description = "Set the feature code"
type = string
default = ""
validation {
condition = var.environment == "test" && length(var.fet_code) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
目前我收到以下错误:
Error: Invalid reference in variable validation
on variable.tf line 17, in variable "fet_code":
17: condition = var.environment == "fet" && length(var.fet_code) == 3
The condition for variable "fet_code" can only refer to the variable itself,
using var.fet_code.
我知道代码有什么问题,我只是想知道是否有办法绕过限制?
因为你不能引用特定变量之外的其他变量,你可以用不同的方式将它用作列表:
variable "fet_code" {
description = "Set the feature code"
type = list
default = ["test", ""]
validation {
condition = var.fet_code[0] == "test" && length(var.fet_code[1]) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
虽然有一个 Github issue 可以将其作为一项功能来实现,但针对多个变量进行验证的唯一方法是使用局部变量在运行时抛出错误:
variable "environment" {
description = "The environment this will be run in can only be set to [preprod|test|prod]"
type = string
default = "test"
validation {
condition = can(regex("^(prod|preprod|test)$", var.environment))
error_message = "The environment variable can only be set to [prod|preprod|test]."
}
}
variable "fet_code" {
description = "Set the feature code"
type = string
default = ""
}
locals {
validate_fet_code_cnd = var.environment == "test" && length(var.fet_code) != 3
validate_fet_code_msg = "The environment has been set to 'test' but the fet_code has not been defined."
validate_fet_code_chk = regex(
"^${local.validate_fet_code_msg}$",
( !local.validate_fet_code_cnd
? local.validate_fet_code_msg
: "" ) )
}
这是一个混乱、粗略的 hack,但它应该可以防止应用无效值。
我为自己找到的类似问题的最佳解决方案是将检查放在模块中。
然后仅当环境需要设置变量时才包含所述模块。
module input_validation {
source = "./modules/input_validation"
count = var.environment == "test" ? 1 : 0
fet_code = var.fet_code
}
然后在 modules/input_validation/input_validation.tf:
variable "fet_code" {
default = ""
type = string
validation {
condition = length(var.fet_code) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
在我看来,这两个变量密切相关。我会将它们更改为一个对象以实现您想要的。
variable "environment" {
type = object({
environment = string
fet_code = string
})
default = {
environment = "test"
fet_code = ""
}
validation {
condition = can(regex("^(prod|preprod|test)$", var.environment.environment))
error_message = "The environment variable can only be set to [prod|preprod|test]."
}
validation {
condition = var.environment.environment == "test" && length(var.environment.fet_code) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
然后您可以像这样传递变量:
environment = {
environment = "test"
fet_code = "1234"
}
有没有办法实现下面的逻辑
variable "environment" {
description = "The environment this will be run in can only be set to [preprod|test|prod]"
type = string
default = "test"
validation {
condition = can(regex("^(prod|preprod|test)$", var.environment))
error_message = "The environment variable can only be set to [prod|preprod|test]."
}
}
variable "fet_code" {
description = "Set the feature code"
type = string
default = ""
validation {
condition = var.environment == "test" && length(var.fet_code) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
目前我收到以下错误:
Error: Invalid reference in variable validation
on variable.tf line 17, in variable "fet_code":
17: condition = var.environment == "fet" && length(var.fet_code) == 3
The condition for variable "fet_code" can only refer to the variable itself,
using var.fet_code.
我知道代码有什么问题,我只是想知道是否有办法绕过限制?
因为你不能引用特定变量之外的其他变量,你可以用不同的方式将它用作列表:
variable "fet_code" {
description = "Set the feature code"
type = list
default = ["test", ""]
validation {
condition = var.fet_code[0] == "test" && length(var.fet_code[1]) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
虽然有一个 Github issue 可以将其作为一项功能来实现,但针对多个变量进行验证的唯一方法是使用局部变量在运行时抛出错误:
variable "environment" {
description = "The environment this will be run in can only be set to [preprod|test|prod]"
type = string
default = "test"
validation {
condition = can(regex("^(prod|preprod|test)$", var.environment))
error_message = "The environment variable can only be set to [prod|preprod|test]."
}
}
variable "fet_code" {
description = "Set the feature code"
type = string
default = ""
}
locals {
validate_fet_code_cnd = var.environment == "test" && length(var.fet_code) != 3
validate_fet_code_msg = "The environment has been set to 'test' but the fet_code has not been defined."
validate_fet_code_chk = regex(
"^${local.validate_fet_code_msg}$",
( !local.validate_fet_code_cnd
? local.validate_fet_code_msg
: "" ) )
}
这是一个混乱、粗略的 hack,但它应该可以防止应用无效值。
我为自己找到的类似问题的最佳解决方案是将检查放在模块中。 然后仅当环境需要设置变量时才包含所述模块。
module input_validation {
source = "./modules/input_validation"
count = var.environment == "test" ? 1 : 0
fet_code = var.fet_code
}
然后在 modules/input_validation/input_validation.tf:
variable "fet_code" {
default = ""
type = string
validation {
condition = length(var.fet_code) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
在我看来,这两个变量密切相关。我会将它们更改为一个对象以实现您想要的。
variable "environment" {
type = object({
environment = string
fet_code = string
})
default = {
environment = "test"
fet_code = ""
}
validation {
condition = can(regex("^(prod|preprod|test)$", var.environment.environment))
error_message = "The environment variable can only be set to [prod|preprod|test]."
}
validation {
condition = var.environment.environment == "test" && length(var.environment.fet_code) != 3
error_message = "The environment has been set to 'test' but the fet_code has not be defined."
}
}
然后您可以像这样传递变量:
environment = {
environment = "test"
fet_code = "1234"
}