[v16] RFD 173 implementation: Terraform provider UX improvements #44690
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
🤖 Vercel preview here: https://docs-qv61vdk6s-goteleport.vercel.app/docs/ver/preview |
|
🤖 Vercel preview here: https://docs-95p6wp3z7-goteleport.vercel.app/docs/ver/preview |
hugoShaka
force-pushed
the
hugo/backport-rfd173-to-branch/v16
branch
from
e238e1a
to
7852fa3
Compare
|
🤖 Vercel preview here: https://docs-l458ncr1r-goteleport.vercel.app/docs/ver/preview |
hugoShaka
force-pushed
the
hugo/backport-rfd173-to-branch/v16
branch
from
7852fa3
to
63766c1
Compare
|
🤖 Vercel preview here: https://docs-eq3ilohu1-goteleport.vercel.app/docs/ver/preview |
|
🤖 Vercel preview here: https://docs-lkntynwc4-goteleport.vercel.app/docs/ver/preview |
|
@hugoShaka - this PR will require admin approval to merge due to its size. Consider breaking it up into a series smaller changes. |
github-actions
bot
added
backport
documentation
kubernetes-access
size/xl
tctl
tigrato
approved these changes
Aug 5, 2024
strideynet
approved these changes
Aug 5, 2024
r0mant
approved these changes
Aug 5, 2024
public-teleport-github-review-bot
bot
removed the request for review
from marcoandredinis
|
Requires: #45101 |
hugoShaka
force-pushed
the
hugo/backport-rfd173-to-branch/v16
branch
from
4e1236d
to
55dda2d
Compare
|
🤖 Vercel preview here: https://docs-hii4rfvgj-goteleport.vercel.app/docs/ver/preview |
* Introduce the `tctl terrafor env` command * fix tests * address marco's feedback + use correct b64 lib * add license * add created-by label as specified in the RFD * Update tool/tctl/common/terraform_command.go Co-authored-by: Roman Tkachenko <[email protected]> * Apply suggestions from code review Co-authored-by: Roman Tkachenko <[email protected]> * Have telpeort create the Terraform default role * rename use-existing-role -> role, and stop hijacking identity.SSHCACertBytes * Make the terraform provider role a real preset, rename to 'terraform-provider' * lint * Fix tbot's invocation after rebase --------- Co-authored-by: Roman Tkachenko <[email protected]>
* Refactor Terraform credential loading * Warn about expiry * kip expired credentials * fixup! kip expired credentials * Use constants everywhere + add godocs * fixup! Use constants everywhere + add godocs * Address marco's feedback * fixup! Address marco's feedback * tidy go mod * lint * re-render TF docs
* Add Terraform Provider native MachineID support * Reject 'token' join method * lint: fix imports * re-render TF docs * fix tests + add license * lint
marcoandredinis
force-pushed
the
hugo/backport-rfd173-to-branch/v16
branch
from
55dda2d
to
6371169
Compare
marcoandredinis
force-pushed
the
hugo/backport-rfd173-to-branch/v16
branch
from
6371169
to
62844ea
Compare
|
🤖 Vercel preview here: https://docs-q1qjkdkr6-goteleport.vercel.app/docs/ver/preview |
|
🤖 Vercel preview here: https://docs-9xwsadr1b-goteleport.vercel.app/docs/ver/preview |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
MERGE THIS BEFORE RELEASING 16.2
This PR backports the complete RFD 173 implementation to branch/v16.
Backported PRs are:
tctl terraform envcommand Introduce thetctl terraform envcommand #43664Changelog: Add a
tctl terraform envcommand to simplify running the Teleport Terraform provider locally.Changelog: Add native MachineID support to the Terraform provider. Environments with delegated joining methods such as GitHub Actions, GitLab CI, CircleCI, GCP, or AWS can run the Terraform provider without having to setup
tbot.Changelog: The Terraform Provider now sequentially tries every credential source and provide more actionable error messages if it cannot connect.
Changelog: When the Terraform provider finds expired credentials it will now fail fast with a clear error instead of hanging for 30 seconds and sending potentially misleading error about certificates being untrusted.