我让terraform和cloudfront在本地工作。既然我已经尝试添加github操作,我无法成功运行"地形计划"。它在本地传递,在github操作中失败。
│ Error: credentials are not set correctly
│
│ with provider["registry.terraform.io/cloudflare/cloudflare"],
│ on main.tf line 29, in provider "cloudflare":
│ 29: provider "cloudflare" {
修改前的主文件是这样的:
provider "aws" {
region = var.aws_region
}
provider "cloudflare" {
api_token = var.cloudflare_api_token
}
resource "aws_s3_bucket" "site" {
bucket = var.site_domain
acl = "public-read"
website {
index_document = "index.html"
error_document = "index.html"
}
}
resource "aws_s3_bucket" "www" {
bucket = "www.${var.site_domain}"
acl = "private"
policy = ""
website {
redirect_all_requests_to = "https://${var.site_domain}"
}
}
resource "aws_s3_bucket_policy" "public_read" {
bucket = aws_s3_bucket.site.id
policy = jsonencode({
Version = "2012-10-17"
Statement = [
{
Sid = "PublicReadGetObject"
Effect = "Allow"
Principal = "*"
Action = "s3:GetObject"
Resource = [
aws_s3_bucket.site.arn,
"${aws_s3_bucket.site.arn}/*",
]
},
]
})
}
data "cloudflare_zones" "domain" {
filter {
name = var.site_domain
}
}
resource "cloudflare_record" "site_cname" {
zone_id = data.cloudflare_zones.domain.zones[0].id
name = var.site_domain
value = aws_s3_bucket.site.website_endpoint
type = "CNAME"
ttl = 1
proxied = true
}
resource "cloudflare_record" "www" {
zone_id = data.cloudflare_zones.domain.zones[0].id
name = "www"
value = var.site_domain
type = "CNAME"
ttl = 1
proxied = true
}
我起程拓殖。Tfvars文件如下所示:
aws_region = "us-east-1"
aws_access_key_id = <my awsaccesskeyid>
aws_secret_key = <my awssecretkey>
site_domain = <my domain name>
cloudflare_api_token=<mytoken>
我的变量。它看起来像:
variable "aws_region" {
type = string
description = "The AWS region to put the bucket into"
default = "us-east-1"
}
variable "site_domain" {
type = string
description = "The domain name to use for the static site"
default = "<my website name>.net"
}
variable "cloudflare_api_token" {
type = string
description = "The cloudflare Api key"
default = null
}
我运行CLOUDFLARE_API_TOKEN=<my token>
一切工作,直到我尝试以下hashicorps教程在这里。当我的第一个github操作运行时,地形计划失败,出现以下错误:
Error: credentials are not set correctly
with provider["registry.terraform.io/cloudflare/cloudflare"],
on main.tf line 29, in provider "c
为了克服cloudflare错误,我尝试了:
- 添加cloudflare api令牌到terra .tfvar
- 设置我的电子邮件,令牌主要在cloudflare_provider阻止各种方式,包括调用地形。li>添加我的cloudflare令牌到variables.tf
- 将我的cloudflare令牌添加到我的地形云中的环境变量
- 添加我的cloudflare令牌,aws密钥到github作为秘密
任何时候我试图在提供程序{}
块中传递任何新内容,我得到'unsupported argument'
错误
找到修复:我在我的github工作流/terraform中添加了一个额外的块。yml文件:
ENV_NAME: prod
AWS_ACCESS_KEY_ID: $${{secrets.AWSACCESSKEY}}
AWS_SECRET_ACCESS_KEY: $${{secrets.AWSSECRETACCESSKEY}}
CLOUDFLARE_API_TOKEN: $${{secrets.CLOUDFLARE_API_TOKEN}}