templatefile function accept content and not just file path

[Justin-DynamicD]

Terraform Version

Terraform v1.4.6
on linux_amd64

Use Cases

TLDR: The "end goal" is to be able to use template files stored in locations external to the module/workspace consuming them.

The idea here is to be able to store and share templates outside of a terraform solution. one team would like to place template files in a repository that is accessible by multiple team members and the module in question would consume from that location.

Currently, templatefile() requires a file-path to a file co-located with the code. In contrast, the deprecated template_file provider resource allows for content which is more flexible as one can now use multiple data resources to get that template data from local files, to github repository files, to templates stored in a K/V system like paramstore.

"why not a heredoc string"?
Main reason here is heredoc, when interpreted, will accept any variable in the runtime, whereas use of templatefile() will let me set a map of vars that will be interpreted against, allowing one to protect vars I don't wish to expose.

Attempted Solutions

Below snippet is a sterilized example where repositories are setup with circleci config.yaml files based on a template in a different repository. Some of the locals block is

locals {
  repo_list = [
    {
      name          = "example-repo"
      template_ci = "circleci/main.tpl"
    }
  ]

  repos = {
    for repo in local.repo_list : repo.name => repo
  }
}

data "github_repository_file" "pipeline" {
  for_each   = local.repos
  repository = "pipeline-templates"
  branch     = "main"
  file       = each.value.template_ci
}


data "template_file" "pipeline" {
  for_each   = local.repos
  template = data.github_repository_file.pipeline[each.key].content
  vars = {
    foo   = "bar"
  }
}

resource "github_repository_file" "circleci_config" {
  for_each   = local.repos

  repository          = each.value.name
  branch              = "main"
  file                = ".circleci/config.yml"
  overwrite_on_create = true
  content             = data.template_file.pipeline[each.key].rendered
  commit_message      = "Create config.yml for circleci integration"
  commit_author       = "That DevOps Guy"
  commit_email        = "donotreply@fakeaddress.com"
}

The above works perfectly except for one detail: template provider is deprecated so there is preasure from my company to remove it in favor of templatefile() function. HOWEVER ... how? It doesnt seem possible to pass content to that function, hence the ask.

I attempted to replace template_file with local_file but 1: this is not compatible with the function (it appears to ignore resource order when funning), 2: would mean a change would be detected every apply even if no change occurred (creating a temporary file),

Proposal

Rather than assuming a path string is being passed in the first var, allow a keyword for content, such as:

templatefile(content:data.github_repository_file.pipeline[each.key].content, {})

Alternatively, add a new function called template(content, varsmap{}) that behaves otherwise identical to tempaltefile().

References

No response

[crw]

Duplicate of #33335

Edit: Actually a duplicate of #30616

Thanks for this great write-up, though!

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.