Terraform-provider-local: Enable non-executable local files to be generated

Created on 17 Aug 2017  路  4Comments  路  Source: hashicorp/terraform-provider-local

Currently this provider only generates files with the permissions 0777.

Is there a way to parameterise this perhaps? It seems a little odd to make the files executable by default.

https://github.com/terraform-providers/terraform-provider-local/blob/8a97bc491e1e8a28197e40d40226d6748eb07ac6/local/resource_local_file.go#L71

enhancement

Most helpful comment

@brett-richardson @apparentlymart submitted a possible resolution for this with #12. I have allowed for the configuration of the file permissions instead of an executable boolean. Left the current behaviour intact.

All 4 comments

Hi @brett-richardson!

Right now the options for this resource are pretty limited to keep it simple. Being able to set permissions seems reasonable, and I expect we didn't do it just because that introduces some platform-specific considerations -- Terraform runs on Windows, and permissions don't work the same way there.

Perhaps we could side-step this by not over-generalizing and just addressing directly your concern here, with a new attribute executable that can be set to false. That flag would likely do absolutely nothing on Windows, since Windows doesn't conventionally make such a distinction (or rather, does it via filename conventions), but on POSIX-like systems could set just read/write permissions, rather than read/write/execute. (It should still respect the active umask of the process, so in practice the file on disk will usually _not_ be world-writable even though the mode here would suggest so.)

That makes a lot of sense. I'll see if I can put together a PR when I have time.

@brett-richardson @apparentlymart submitted a possible resolution for this with #12. I have allowed for the configuration of the file permissions instead of an executable boolean. Left the current behaviour intact.

This is similar to #19, so I will give the same suggestion.

While we don't have a multi-platform feature in place, I've been using the following workaround...

resource "local_file" "foo" {
  content = "contents"
  filename = "foo.txt"
  provisioner "local-exec" {
    command = "chmod 644 foo.txt"
}

Hope it helps!

Was this page helpful?
0 / 5 - 0 ratings