Terraform: Copy file to GCP Compute Instance

3
votes

This can't be that complicated, surely? I've tried and failed with a number of methods.

Simply using the file provisioner would have been the simplest option, but to no avail. The problem is, the Compute Instance doesn't have a password configured as standard and has no keys present.

Thus this led me to trying something like this:

resource "google_compute_instance" "test-build" {
...
  metadata {
    ssh-keys = "jon:${file("./gcloud_instance.pub")}"
  }
...

provisioner "file" {
  source      = "test/test_file"
  destination = "/tmp/test_file.txt"

  connection {
    type     = "ssh"
    private_key = "${file("./gcloud_instance")}"
    agent = "false"
  }
}

Again, to no avail. (FYI the key pair is one I created, and I confirmed that the public key is getting pushed to the compute instance)

I've even tried splitting it down into modules, to then run one after another.. but it seems we can't use the file provider inside a null_resource. So that won't work either.

Has anyone found a way to do this effectively?

1
google-cloud-platformterraformdevops

1 Answers

4
votes

Cancel that, I worked it out.. it helps if I add the user! Answering this, as opposed to deleting it as I couldn't find much else online with an example like this so it may come in handy for others.

resource "google_compute_instance" "test-build" {
  project                   = "artifactory-staging"
  name                      = "file-transfer-test"
  machine_type              = "n1-standard-2"
  zone = "europe-west3-b"
  allow_stopping_for_update = "true"

  boot_disk {
    initialize_params {
      image = "centos-7-v20181210"
    }
  }
  network_interface {
    subnetwork         = "default"
    subnetwork_project = "artifactory-staging"
    access_config      = {}
  }
  metadata {
    ssh-keys = "jon:${file("./creds/gcloud_instance.pub")}"
  }

provisioner "file" {
  source = "creds/test_file"
  destination = "/tmp/test_file"

  connection {
    type = "ssh"
    user = "jon"
    private_key = "${file("./creds/gcloud_instance")}"
    agent = "false"
  }
}
}