问题

I'm learning currently terraform and I found a situation which is not clear to me.

I've configured my TF project to use TF cloud to store state file. Obviously this is a good practice as I don't want to store the file locally. I have a couple of variables which I would like to declare as environment variables; i.e. TF_VAR_region="xyz".

The problem is that when I want to use this variable tf plan is saying that the variable is unknown (even if it is set locally). When I set the variable in the TF cloud workspace or as a variable set assigned to the workspace, it works, but it shows me:

│ Warning: Value for undeclared variable
│
│ The root module does not declare a variable named "region," but a value was
│ found in file
│ "/home/tfc-agent/.tfc-agent/component/terraform/runs/run-XXXX/terraform.tfvars."
│ If you meant to use this value, add a "variable" block to the
│ configuration.
│
│ To silence these warnings, use TF_VAR_... environment variables to provide
│ certain "global" settings to all configurations in your organization. To
│ reduce the verbosity of these warnings, use the -compact-warnings option.

I don't want to set variables in variables.tf file because one of those variables is sensitive, and I don't want to commit it into the repository. Also, I kind of don't want to declare manually variables in TF cloud since... well, it's a manual activity where I can just forget that I have set something somewhere. It would be better for me to have everything in "one place," so to speak (i.e. in readme, I would have a description that I have to set env variables for the process to work).

Is there a way I can use TF cloud to store the state file but at the same time be able to use local variables? i.e. when running locally, Terraform apply.

│ Warning: Value for undeclared variable
│ 
│ The root module does not declare a variable named "region" but a value was
│ found in file
│ "/home/tfc-agent/.tfc-agent/component/terraform/runs/run-XXXX/terraform.tfvars".
│ If you meant to use this value, add a "variable" block to the
│ configuration.
│ 
│ To silence these warnings, use TF_VAR_... environment variables to provide
│ certain "global" settings to all configurations in your organization. To
│ reduce the verbosity of these warnings, use the -compact-warnings option.

答案1

得分: 1

不需要在`variables.tf`文件中设置变量**values**。

```terraform
variable "var_name" {
  description = "Secret variable"
  type        = string
  sensitive   = true
}

如果没有在其他地方设置变量值，terraform将提示您设置变量值：

$ terraform plan

var.var_name
  Secret variable

  Enter a value:

另一种定义变量的方式在配置内是一种良好的风格，可以清楚地告诉terraform在执行plan或apply之前应该设置哪些变量。

好吧，这是手动操作，我可能会忘记在某个地方设置了什么

这也是在配置内定义变量的另一个原因。如果忘记在配置“某处”中描述的设置“某事”，terraform会引发错误。因为错误比静默更容易调试。

这里有一篇文章关于可能有帮助的变量。

<details>
<summary>英文:</summary>

You don&#39;t have to set variable **values** inside `variables.tf` file

```terraform
variable &quot;var_name&quot; {
  description = &quot;Secret variable&quot;
  type        = string
  sensitive   = true
}

terraform will prompt you to set variable value if it didn't set else where:

$ terraform plan

var.var_name
  Secret variable

  Enter a value:

In other way defining of variable inside configuration is a good style and clearly describing terraform what variables should be set before plan or apply

> well it's manual activity where I can just forget that I have set something somewhere

And that is one more reason to define variable inside configuration. terraform will raise error if you forget to set something that is describing in configuration somewhere. Because error is easier to debug than silence

Here is an article about variables that may be helpful