-
-
Save justinclayton/01f349f66e908a243709 to your computer and use it in GitHub Desktop.
#!/bin/bash | |
module=$1 | |
for resource in `terraform show -module-depth=1 | grep module.${module} | tr -d ':' | sed -e 's/module.${module}.//'`; do | |
terraform taint -module ${module} ${resource} | |
done |
avoidik
commented
Mar 31, 2018
for I in $(terraform show -module-depth=1 | grep module. | grep -v "^ " | sed 's/://')
do
M=$(echo ${I} | cut -d. -f2)
R=$(echo ${I} | cut -d. -f3-)
terraform taint -module ${M} ${R}
done
Just a minor improvement to exclude data resources as well,
for resource in
terraform show -module-depth=1 | grep -v tainted | grep -v "data." | grep module.${module} | tr -d ':' | sed -e 's/module.${module}.//' do terraform taint -module ${module} ${resource} done
Did not work for me, as terraform taint
requires the local resource name without the module.xxxx
prefix. This worked:
#!/bin/bash
module=$1
id_regexp='[[:alnum:]_-]\{1,\}'
resource_regexp="module\\.${module}\\.\\(${id_regexp}\\.${id_regexp}\\)"
sed_program="s/^${resource_regexp}:.*/\\1/p"
for resource in $(terraform show | sed -n "${sed_program}"); do
terraform taint -module ${module} ${resource}
done
Version that also allows for exceptions to what gets taint and some helpers to make the cmd a little nicer to deal with
#!/bin/bash
array_contains () {
local array="$1[@]"
local seeking=$2
local in=1
for element in "${!array}"; do
if [[ ${seeking} == *"${element}"* ]]; then
in=0
break
fi
done
return $in
}
if [ -z "$1" ]; then
echo "Current modules"
terra state list | grep "\.module\." | cut -f 2 -d "." | sort | uniq
echo "----"
echo "Enter module to taint"
read module
else
module=$1
fi
#excluded_resources=('google_compute_address.ip_address')
excluded_resources=('google_compute_address.ip_address' 'google_compute_disk')
echo "Tainting all resources in ${module} excluding ${excluded_resources[*]}"
read -p "Press [Enter] key to start..."
for resource in $(terraform state list | # Get a list of all the 'resources'
grep "^module.${module}" | # Filter to the specific module
grep -v "\.module\." | # Ignore sub modules
sed "s/module\.${module}\.//g" | # replace the module.* to get resource sans module prefix
sed -E "s/\[(.*)\]/.\1/g" # replace the [#] suffix with .# (needed by taint command)
); do
if array_contains excluded_resources ${resource}; then
echo "<<< Skipping ${resource} >>>"
else
echo "--- Tainting ${resource} ---"
bash -c "terraform taint --module=${module} `echo ${resource} | tr -d '[:space:]'`"
fi
done
Invading this gist with 😱 POWERSHELL!
~\source\terraform show | Select-String -Pattern "module.ingress.([\-\.\w]+)" | %{ $_.Matches[0].Groups[1].Value } | ?{ -Not $_.StartsWith("data.") } | %{ ~\source\terraform.exe taint "module.ingress.$_" }
For the lazy 1 liner crowd
for x in $(terraform state list | grep module.name_to_search); do terraform taint $x; done
A bit late, but this still pops up on google:
terraform state list | grep module.module_name | xargs -n1 terraform taint
| xargs -n1 terraform taint
Very nice, just want I was looking for. Thanks
For those who needs a makefile recipe:
taint_module: ## Recreate entire module `MODULE="module.cassandra-cluster" make taint_module`
for resource in `terraform state list | grep module.${MODULE}`; do terraform taint $$resource; done
terraform state list|grep <MODULE_FULL_PATH> | xargs terraform taint ; terraform plan -out plan; terraform apply plan -auto-approve
atlantis plan -p infrastructure-stage
rm -f terraform.tfstate*