feat: implement the file provider

examples/downstream/versions.tf

@@ -1,10 +1,6 @@
 terraform {
   required_version = ">= 1.5.0"
   required_providers {
-    local = {
-      source  = "hashicorp/local"
-      version = ">= 2.5"
-    }
     random = {
       source  = "hashicorp/random"
       version = ">= 3.5.1"

examples/downstream_splitrole/versions.tf

@@ -1,10 +1,6 @@
 terraform {
   required_version = ">= 1.5.0"
   required_providers {
-    local = {
-      source  = "hashicorp/local"
-      version = ">= 2.5"
-    }
     random = {
       source  = "hashicorp/random"
       version = ">= 3.5.1"

examples/one/versions.tf

@@ -1,10 +1,6 @@
 terraform {
   required_version = ">= 1.5.0"
   required_providers {
-    local = {
-      source  = "hashicorp/local"
-      version = ">= 2.5"
-    }
     random = {
       source  = "hashicorp/random"
       version = ">= 3.5.1"

examples/prod/versions.tf

@@ -1,10 +1,6 @@
 terraform {
   required_version = ">= 1.5.0"
   required_providers {
-    local = {
-      source  = "hashicorp/local"
-      version = ">= 2.5"
-    }
     random = {
       source  = "hashicorp/random"
       version = ">= 3.5.1"

examples/three/main.tf

@@ -64,20 +64,20 @@ locals {
       indirect_access = true
       initial         = true
     }
-    # "rancherB" = {
-    #   type            = "all-in-one"
-    #   size            = "xxl"
-    #   os              = local.os
-    #   indirect_access = true
-    #   initial         = false
-    # }
-    # "rancherC" = {
-    #   type            = "all-in-one"
-    #   size            = "xxl"
-    #   os              = local.os
-    #   indirect_access = true
-    #   initial         = false
-    # }
+    "rancherB" = {
+      type            = "all-in-one"
+      size            = "xxl"
+      os              = local.os
+      indirect_access = true
+      initial         = false
+    }
+    "rancherC" = {
+      type            = "all-in-one"
+      size            = "xxl"
+      os              = local.os
+      indirect_access = true
+      initial         = false
+    }
   }
   local_file_path      = var.file_path
   runner_ip            = chomp(data.http.myip.response_body) # "runner" is the server running Terraform

examples/three/modules/tls/versions.tf

@@ -1,10 +1,6 @@
 terraform {
   required_version = ">= 1.5.0"
   required_providers {
-    local = {
-      source  = "hashicorp/local"
-      version = ">= 2.5"
-    }
     tls = {
       source  = "hashicorp/tls"
       version = ">= 4.0.5"

modules/cluster/main.tf

@@ -136,10 +136,39 @@ module "deploy_initial_node" {
   depends_on = [
     data.aws_availability_zones.available,
   ]
-  for_each      = local.initial_node
-  deploy_path   = each.value.deploy_path
-  data_path     = each.value.deploy_path
-  template_path = "${path.module}/node_template"
+  for_each    = local.initial_node
+  deploy_path = each.value.deploy_path
+  data_path   = each.value.deploy_path
+  # if any of this changes, update/redeploy
+  deploy_trigger = md5(join("-", [
+    each.key,
+    md5(base64encode(jsonencode(each.value))),
+    local.identifier,
+    local.owner,
+    local.acme_server_url,
+    local.project_name,
+    local.ip_family,
+    md5(base64encode(jsonencode(data.aws_availability_zones.available.names))),
+    md5(base64encode(jsonencode(local.project_subnet_names))),
+    md5(base64encode(jsonencode(local.project_load_balancer_access_cidrs))),
+    local.domain,
+    local.zone,
+    local.skip_cert,
+    data.aws_availability_zones.available.names[0],
+    md5(base64encode(jsonencode(values(local.target_groups)))),
+    md5(base64encode(jsonencode(local.server_access_addresses))),
+    local.username,
+    local.ssh_key,
+    local.install_method,
+    local.download,
+    local.rke2_version,
+  ]))
+  template_files = [
+    join("/", [path.module, "node_template", "main.tf"]),
+    join("/", [path.module, "node_template", "outputs.tf"]),
+    join("/", [path.module, "node_template", "variables.tf"]),
+    join("/", [path.module, "node_template", "versions.tf"]),
+  ]
   inputs = <<-EOT
     identifier                          = "${local.identifier}"
     owner                               = "${local.owner}"
@@ -229,10 +258,39 @@ module "deploy_additional_nodes" {
     data.aws_availability_zones.available,
     module.deploy_initial_node,
   ]
-  for_each      = local.additional_nodes
-  deploy_path   = each.value.deploy_path
-  data_path     = each.value.deploy_path
-  template_path = "${path.module}/node_template"
+  for_each    = local.additional_nodes
+  deploy_path = each.value.deploy_path
+  data_path   = each.value.deploy_path
+  # if any of this changes, update/redeploy
+  deploy_trigger = md5(join("-", [
+    each.key,
+    md5(base64encode(jsonencode(each.value))),
+    local.identifier,
+    local.owner,
+    local.acme_server_url,
+    local.project_name,
+    local.ip_family,
+    md5(base64encode(jsonencode(data.aws_availability_zones.available.names))),
+    md5(base64encode(jsonencode(local.project_subnet_names))),
+    md5(base64encode(jsonencode(local.project_load_balancer_access_cidrs))),
+    local.domain,
+    local.zone,
+    local.skip_cert,
+    data.aws_availability_zones.available.names[0],
+    md5(base64encode(jsonencode(values(local.target_groups)))),
+    md5(base64encode(jsonencode(local.server_access_addresses))),
+    local.username,
+    local.ssh_key,
+    local.install_method,
+    local.download,
+    local.rke2_version,
+  ]))
+  template_files = [
+    join("/", [path.module, "node_template", "main.tf"]),
+    join("/", [path.module, "node_template", "outputs.tf"]),
+    join("/", [path.module, "node_template", "variables.tf"]),
+    join("/", [path.module, "node_template", "versions.tf"]),
+  ]
   inputs = <<-EOT
     identifier                  = "${local.identifier}"
     owner                       = "${local.owner}"
@@ -311,11 +369,12 @@ strcontains(each.value.type, "database") ? local.database_config :
   EOT
 }
 
-resource "local_sensitive_file" "kubeconfig" {
+resource "file_local" "kubeconfig" {
   depends_on = [
     module.deploy_initial_node,
     module.deploy_additional_nodes,
   ]
-  content  = local.ino.output.kubeconfig
-  filename = "${local.local_file_path}/kubeconfig"
+  name      = "kubeconfig"
+  directory = local.local_file_path
+  contents  = local.ino.output.kubeconfig
 }

modules/cluster/node_template/versions.tf

@@ -1,10 +1,6 @@
 terraform {
   required_version = ">= 1.5.0"
   required_providers {
-    local = {
-      source  = "hashicorp/local"
-      version = ">= 2.5"
-    }
     random = {
       source  = "hashicorp/random"
       version = ">= 3.5.1"

modules/cluster/versions.tf

@@ -1,9 +1,9 @@
 terraform {
   required_version = ">= 1.5.0"
   required_providers {
-    local = {
-      source  = "hashicorp/local"
-      version = ">= 2.5"
+    file = {
+      source  = "rancher/file"
+      version = ">= 1.1"
     }
     random = {
       source  = "hashicorp/random"

modules/deploy/create.sh.tpl

@@ -1,6 +1,5 @@
-${export_contents}
 cd ${deploy_path}
-export TF_DATA_DIR="${tf_data_dir}"
+source envrc
 TF_CLI_ARGS_init=""
 TF_CLI_ARGS_apply=""
 

modules/deploy/destroy.sh.tpl

@@ -1,8 +1,7 @@
-${export_contents}
 cd ${deploy_path}
+source envrc
 TF_CLI_ARGS_init=""
 TF_CLI_ARGS_apply=""
-export TF_DATA_DIR="${tf_data_dir}"
 if [ -z "${skip_destroy}" ]; then
   timeout -k 1m ${timeout} terraform init -upgrade -reconfigure
   timeout -k 1m ${timeout} terraform destroy -var-file="${deploy_path}/inputs.tfvars" -auto-approve -state="${deploy_path}/tfstate" || true