Unable to Discover with Terraform Cloud

Go to solution
Brent Langdon
Tera Contributor

‎02-26-2020 03:23 PM

I am quite new to ServiceNow.  I am working with a developer instance to develop a proof of concept to integrate ServiceNow with Terraform.  I got it working with a "Terraform Environment" (a Linux vm with Terraform installed).  I could not get Discovery to work with Terraform Cloud.  I am looking for any tips on what I might be doing wrong.

I created a Config Provider with the following settings:

  • Provider: Terraform Enterprise
  • Server Type: Cloud
  • Organization: my organization in Terraform Cloud
  • URL: https://app.terraform.io/api/v2/
  • Credentials: (created using API Token from Terraform Cloud)


Based on some trial and error, I think the URL is correct.  I have tried using an API Token for the User, Group and Organization without any luck.

When I run this, I see some lines in my MID Server log that look valid and don't report any errors.

I don't understand what "Ensure that you create a credential alias with Type > Connection." from this page:
https://docs.servicenow.com/bundle/orlando-it-operations-management/page/product/cloud-management-v2-setup/task/terraform-enterprise-config-provider.html

Not sure if that is supposed to say "Type > Credential".  I added an alias of type Credential, but I don't really know what that does.  Adding an Alias of Type "Connection and Credential" generates a validation message: "Alias X is not of type Credential"

I tried upgrading my dev instance to Orlando to see if that would make a difference, but it did not.

I see the following entries in my ServiceNow System Log each time I run Discovery (messages at the bottle are generated first).

==========
Failure while processing chunk : ChunkedStepResult{correlationId='68afdebfdbcf00102655d426ca961901', error='
Outbound REST call to get TFE VCS failed StatusCode:401, ErrorCode:3, Message:Method failed: (/api/v2/organizations/ngc-cssg/oauth-clients) with code: 401 - Invalid username/password combo', output='[]', chunkNumber=1, totalChunks=1, isRouteComplete=true, exception=null}:
==========
Failure to handle chunked result: com.snc.cloud.mgmt.modules.svccatalog.orchestration.BPOException:
Outbound REST call to get TFE VCS failed StatusCode:401, ErrorCode:3, Message:Method failed: (/api/v2/organizations/ngc-cssg/oauth-clients) with code: 401 - Invalid username/password combo:
==========
Failed to parse the output of new CMPCIRelationshipUtil().getLdcAndServiceAccount('<param value removed>'), exception: : com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
==========
Failed to parse the output of new CMPCIRelationshipUtil().getLdcAndServiceAccount('<param value removed>'), exception: : com.fasterxml.jackson.databind.exc.MismatchedInputException: No content to map due to end-of-input
==========

I am able to call /api/v2/organizations/ngc-cssg/oauth-clients using curl (from a command prompt on my Linux based MID Server) and passing in any of the 3 API Tokens (User, Group or Org) following the Terraform Cloud API. (example here: https://www.terraform.io/docs/cloud/api/oauth-clients.html)

Any tips appreciated!  Thanks!!

  • 5,269 Views
1 ACCEPTED SOLUTION

Go to solution
aniket_singh
ServiceNow Employee
ServiceNow Employee

‎02-26-2020 08:40 PM

Hi Brent,

    Here are steps to create credentials for Terraform Enterprise:

  • TFE Credential key must start with Bearer<SPACE><GENERATED-KEY>. (Bearer mg20XBGc7unMUw.atlasv1.03as07OX4PbTT9WFIP8QMVbt4h8z…)

 

  • TFE credential must have alias associated to it.find_real_file.png
  • New alias should be type of credential.find_real_file.png

 

  • Key for vcs system should be like this token<SPACE>< GENERATED-KEY >. (token f59f323ae7db8bf2aa64aa6437…)
  • url for Terraform Cloud: https://app.terraform.io/api/v2

 

View solution in original post

Preview file
61 KB
Preview file
99 KB
36 REPLIES 36

Go to solution
Vivektietsood
Tera Guru
Tera Guru

‎05-19-2020 05:04 PM

I checked the script includes installed and it seems that the "TerraformExecutor" script include is not installed.

 

find_real_file.png

Preview file
40 KB
0 Helpfuls

Go to solution
AH6
Tera Contributor
In response to Vivektietsood

‎05-18-2021 07:49 PM

Did you solved your issue? I'm looking for help as I also have a similar issue and here is the error message I got:

2021-05-18 13:55:07 : Failed to execute API - The term 'terraform' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. (script_include:TerraformExecutor; line 95)

 

 

0 Helpfuls