Comments (28)
I want the old ones deleted and the "updated" plan at the very bottom if it makes sense.
Imagine doing 10 commits after your initial commit where the plan is actually located.
from terraform-github-actions.
damn formatting
from terraform-github-actions.
In a perfect world i'd like to:
- Have one workflow that runs validate and makes a plan to see if it works. If it works, i should be able to comment "terraform apply" but ONLY if the PR is approved by someone..
from terraform-github-actions.
Removing the if statement and the name "apply terraform plan" makes it work...
from terraform-github-actions.
Hello @MatiasNielsen, do you no longer get an TERRAFORM_HTTP_CREDENTIALS error?
from terraform-github-actions.
No. Thanks for the answer though @dflook.
I'm having another issue right now..
Do you know if its possible to get the "state" of the review? i only want it to apply terraform IF the pull rquest is approved by someone AND the text should be "terraform apply"
I've tried with a bunch of different if statements.
if: github.event.review.state == 'approved'
but it seems to be ignored or not working correctly...
from terraform-github-actions.
It looks like you could use this action to get the number of approving reviews.
Edit: That only works for pull_request & pull_request_review events, not issue_comment, so that won't work for you
from terraform-github-actions.
Exactly.. I'm kinda lost and confused why i'm the only one who seems to be needing this.
I want this due to the team being used to running atlantis
from terraform-github-actions.
I made a workaround using labels on pullrequests... Seems to work fine.
why doesn't it post my plans in my pull request?
name: Terraform Plan
on: [pull_request]
jobs:
plan:
runs-on: ubuntu-latest
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_ACCESS_KEY_ID: ${{ secrets.ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.SECRET_ACCESS_KEY }}
steps:
- name: Checkout
uses: actions/checkout@v2
- name: terraform plan
uses: dflook/terraform-plan@v1
env:
TERRAFORM_HTTP_CREDENTIALS: github.com/somecredentials
with:
path: .
add_github_comment: true
from terraform-github-actions.
I don't see any problems with that workflow, what happens when it runs? Do you see the plan in the workflow log, or does the job fail entirely?
from terraform-github-actions.
The only time it actually posts the plan is when you create the pull request.
commits after are not posted as messages even though "add_github_comment" is set to true..
from terraform-github-actions.
Any existing comment is updated with the new plan. If the plan hasn't changed it may be hard to tell - check the build number in the comment and the edit history.
from terraform-github-actions.
Isn't it possible adding a new plan for every commit?
from terraform-github-actions.
guess i could try using the json_plan_path
from terraform-github-actions.
neither of the outputs available from the terraform plan module is as nice as the one being updated...
Mine looks like this:
which is very lenghty in the long run.. i'd love if all messages would look like the first pic
from terraform-github-actions.
The comment is always kept up to date with an accurate plan. I'm not sure how useful keeping outdated plans around would be.
from terraform-github-actions.
i found a solution. simply removing the comments from the bot in the plan workflow, it will create a new comment.
from terraform-github-actions.
Shouldnt it post a new comment with this?
from terraform-github-actions.
I would expect the existing comment to be updated to say 'Plan applied in Job #xxx'
from terraform-github-actions.
Can you please enlighten me as to why the destroy doesn't post anything?
from terraform-github-actions.
I am btw using this one from your examples;
name: Cleanup
on:
pull_request:
types: [closed]
jobs:
destroy_workspace:
runs-on: ubuntu-latest
name: Destroy terraform workspace
steps:
- name: Checkout
uses: actions/checkout@v2
- name: terraform destroy
uses: dflook/terraform-destroy@v1
with:
path: my-terraform-config
workspace: ${{ github.head_ref }}
from terraform-github-actions.
dflook/terraform-destroy
just does it. A comment isn't created as the plan isn't interesting.
from terraform-github-actions.
Perhaps dflook/terraform-destroy
and dflook/terraform-destroy-workspace
could get a add_github_comment
input too, and post the result of the destroy.
from terraform-github-actions.
that is a really good idea
from terraform-github-actions.
@dflook would know why my TF apply doesn't work? I get this error
Plan: 1 to add, 1 to change, 1 to destroy. Plan not found on PR Generate the plan first using the dflook/terraform-plan action. Alternatively set the auto_approve input to 'true' If dflook/terraform-plan was used with add_github_comment set to changes-only, this may mean the plan has since changed to include changes
also on merge, the `Terraform plan in . in the dev workspace
With var files: dev.tfvars
Plan: 1 to add, 1 to change, 1 to destroy.
memo Plan generated in Prepare Terraform-plan #179 doesn't change to
TF apply`
from terraform-github-actions.
@MatiasNielsen how did you accomplish your "Atlantis" type workflow? I have everything working but I still don't understand how you prevent someone entering "terraform apply" in comments before a Approval is done. Could you explain or show how you did it with labels?
from terraform-github-actions.
@Oaluyi1 Late answer, but you may want to double-check that the inputs to the terraform-apply
step match exactly with the inputs to the terraform-plan
step, as described in the readme. I accidentally broke the deployment workflow by just changing the label
in the PR workflow. Making the labels match solved it for me.
from terraform-github-actions.
In v1.33.0 the dflook/terraform-plan and dflook/terraform-apply actions now have a destroy
input which can be used for generating and applying plans that destroy all resources, while adding the plan to a PR comment.
The dflook/terraform-destroy action is unchanged and will still immediately destroy all resources.
from terraform-github-actions.
Related Issues (20)
- Cannot run plan with S3 backend HOT 4
- Inability to trigger the action due to an alleged missing file HOT 5
- Terraform Plan action fails due to Unknown token: 15:19 IDENT confluent_service_account.app-producer.id error HOT 10
- "terraform-plan" fails with an error while using "terraform plan" succeeds HOT 2
- backend_config read as file in apply
- Ability to Share Plan Outputs Between Runs HOT 6
- Resources are not removed despite the action claiming otherwise HOT 2
- Issues in terraform version 1.6.0 HOT 1
- Support for Terraform 1.6 test framework HOT 1
- Terraform Cloud deploy with hard-coded workspace fails
- Add option to create new comments on following execution of a terraform operation HOT 3
- OpenTofu support HOT 5
- Terraform Plan Action failing on tf version 1.6.x showing S3 403 permission error
- terraform-plan error: The process '/usr/bin/git' failed with exit code 128 HOT 2
- Terraform Plan Fails on self-hosted runner - ls: cannot access '/github/home': No such file or directory HOT 12
- .tool-versions at workspace level doesn't work HOT 1
- Terraform Cloud backend requires manual "Confirm & Apply" for Terraform >= 1.6.0 HOT 6
- Add option for multiple SSH keys (GH deploy keys)
- auto apply if no resources changed HOT 1
- Impossible to update to a newer terraform version if only the GitHub Action is allowed to execute terraform HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-github-actions.