Several small issues blocked my attempt to deploy this sample per directions...

[ChrisRus]

Hello, thanks for the work on this sample.

I just tried to run through the Deploy A Sample Web Application Using Terraform sample but ran into several errors w/Terraform that were a bit confusing (to me). Posting the details here as it may help improve the docs and/or sample.

Setup

Env

$ hostnamectl
   Static hostname: alpental
         Icon name: computer-desktop
           Chassis: desktop
        Machine ID: d8553155f203455282470d58a205c056
           Boot ID: 4c45216f127d44bfa280439daa52ef70
  Operating System: Debian GNU/Linux 10 (buster)
            Kernel: Linux 5.10.0-0.bpo.5-amd64
      Architecture: x86-64

Terraform

$ terraform --version
Terraform v1.0.0
on linux_amd64
+ provider registry.terraform.io/digitalocean/digitalocean v2.9.0

Setup and init of Terraform in my environment was verified w/out issue by following How to Configure Terraform for DigitalOcean tutorial instructions.

Problems

SSH public key algorithm

I ran through the How to Configure Terraform for DigitalOcean tutorial instructions reusing an SSH key I had previously generated for use on my GitHub account using the ED25519. This worked w/out issue.

However, I could not get terraform plan to accept my ED25519 public key (via changes to the nyc3.tf file).

To work-around this I created a new SSH public/private key pair via $ ssh-keygen -f ~/.ssh/digital-ocean and replaced my registered ED25519 public key in DO | Account | Settings | Security web console w/the new ssh-rsa

The new ssh-rsa key works as expected.

It's odd that the ED25519 public key worked while configuring Terraform and running through a trivial plan/appy/destroy cycle to confirm. But, then the same public key would not work for this specific example.

Output refers to sensitve values

Once I switch to ssh-rsa public key then the next issue is a pair of errors from terraform plan:

terraform plan -var-file=nyc3.tfvars -out=infra.out
╷
│ Error: Output refers to sensitive values
│ 
│   on outputs.tf line 22:
│   22: output "database_private_uri" {
│ 
│ To reduce the risk of accidentally exporting sensitive data that was intended to be only internal, Terraform requires that any root module output containing sensitive data be explicitly marked as sensitive, to confirm your intent.
│ 
│ If you do intend to export this data, annotate the output value as sensitive by adding the following argument:
│     sensitive = true
╵
╷
│ Error: Output refers to sensitive values
│ 
│   on outputs.tf line 37:
│   37: output "database_password" {
│ 
│ To reduce the risk of accidentally exporting sensitive data that was intended to be only internal, Terraform requires that any root module output containing sensitive data be explicitly marked as sensitive, to confirm your intent.
│ 
│ If you do intend to export this data, annotate the output value as sensitive by adding the following argument:
│     sensitive = true
╵

This problem is mitigated by adding the indicated annotations:

Here are the diffs:

$ git diff outputs.tf
diff --git a/01-minimal-web-db-stack/outputs.tf b/01-minimal-web-db-stack/outputs.tf
index a846e0c..fc5b48b 100644
--- a/01-minimal-web-db-stack/outputs.tf
+++ b/01-minimal-web-db-stack/outputs.tf
@@ -20,6 +20,7 @@ output "database_port" {
 
 # The URI for connecting to the database
 output "database_private_uri" {
+    sensitive = true
     value = digitalocean_database_cluster.postgres-cluster.private_uri
 }
 
@@ -35,5 +36,6 @@ output "database_user" {
 
 # The default user password
 output "database_password" {
+    sensitive = true
     value = digitalocean_database_cluster.postgres-cluster.password
-}
\ No newline at end of file
+}

Not entirely clear to me yet what the implication of sensitive = true is yet. Should I worry about having to add these declarations?

Thanks.