Comments (5)
dflook
commented on June 2, 2024
I haven't been able to reproduce this. Can you post the terraform backend config you are using and the workflow? Where do you see this output? in the workflow log, PR comment, or both?
from terraform-github-actions.
DanyC97
commented on June 2, 2024
Sure, give me some time to dig up all the logs, will get back to you shortly π
from terraform-github-actions.
DanyC97
commented on June 2, 2024
And found it.
Where do you see this output? in the workflow log, PR comment, or both?
in the workflow log it looks okay which match what is shown in TFC UI. However in PR comment is as per the report with the special chars
###Β backend
cat examples/backend_partial_example.tf
terraform {
cloud {
organization = "dani-free-org"
}
}
Reusable workflow
name: π€ Reusable Terraform Plan
on:
workflow_call:
inputs:
tf_workspace:
description: "Name of the terraform workspace"
required: false
type: string
tf_path:
description: "Path to the terraform configuration"
required: false
default: .
type: string
tf_variables:
description: "Variable definitions"
required: false
type: string
tf_var_file:
description: "List of var file paths, one per line"
required: false
type: string
tf_backend_config:
description: "List of backend config values to set, one per line"
required: false
type: string
tf_backend_config_file:
description: "Path to a backend config file"
required: false
type: string
secrets:
tf_api_token:
description: "Terraform Cloud API token."
required: true
gcp_project_id:
description: "Google Cloud Project id"
required: false
gcp_project_number:
description: "Google Cloud Project number"
required: false
gcp_wif_sa_id:
description: "Google Cloud Workload Identity Federation Service Account id"
required: false
gcp_wif_pool_name:
description: "Google Cloud Workload Identity Federation pool name"
required: false
# Allow only one of this workflow to run at a time per branch.
concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }}
cancel-in-progress: false
# Allow read repository contents, write deployments and pull requests.
permissions:
contents: read
id-token: write
pull-requests: write
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
jobs:
tf-plan-run:
runs-on: ubuntu-latest
steps:
- name: β€΅οΈ Check out code from GitHub
uses: actions/[email protected] # v3.5.2
# unfortunately Github Action interpreter currently doesn't identify
# the secrets key word when used in an if conditional expression
- name: Check for input secret availability
id: secret-check
# perform secret check & put boolean result as an output
shell: bash
run: |
if [ "${{ secrets.gcp_project_id }}" != '' ] && [ "${{ secrets.gcp_project_number }}" != '' ] && [ "${{ secrets.gcp_wif_sa_id }}" != '' ] && [ "${{ secrets.gcp_wif_pool_name }}" != '' ]; then
echo "available=true" >> $GITHUB_OUTPUT;
else
echo "available=false" >> $GITHUB_OUTPUT;
fi
# only if an input param is provided we run otherwise skip
- name: Setup Google Auth
if: ${{ steps.secret-check.outputs.available == 'true' }}
uses: google-github-actions/[email protected] # v1.1.1
with:
service_account: ${{ secrets.gcp_wif_sa_id }}@${{ secrets.gcp_project_id }}.iam.gserviceaccount.com
workload_identity_provider: "projects/${{ secrets.gcp_project_number }}/locations/global/workloadIdentityPools/${{ secrets.gcp_wif_pool_name }}/providers/github-provider"
token_format: access_token
access_token_lifetime: 300s
# we need only the minimum config, in our case we have also baked in
# the org although we could have pass in as env variable
- name: Render the terraform backend_partial_example.tf file
shell: bash
run: |
cp examples/backend_partial_example.tf backend.tf
- name: Terraform plan
uses: dflook/[email protected] # v1.35.0
env:
TERRAFORM_CLOUD_TOKENS: app.terraform.io=${{ secrets.tf_api_token }}
TFE_TOKEN: ${{ secrets.tf_api_token }}
with:
workspace: ${{ inputs.tf_workspace }}
path: ${{ inputs.tf_path }}
variables: ${{ inputs.tf_variables }}
var_file: ${{ inputs.tf_var_file }}
Caller workflow
name: π€ CI/CD Terraform
on:
pull_request:
types: [labeled, opened, synchronize]
jobs:
get-pr-labels:
runs-on: ubuntu-latest
outputs:
pr-details: ${{ steps.get-pull-request.outputs.pr_labels }}
steps:
- name: Fetch pull request labels details
id: get-pull-request
uses: 8BitJonny/[email protected] # v2.2.0
with:
# Verbose setting SHA when using Pull_Request event trigger to fix #16. (For push even trigger this is not necessary.)
sha: ${{ github.event.pull_request.head.sha }}
# Only return if PR is still open. (By default it returns PRs in any state.)
filterOutClosed: true
ci-terraform-plan:
needs: get-pr-labels
if: |-
${{
!(contains(needs.get-pr-labels.outputs.pr-details, 'tf:apply') ||
contains(needs.get-pr-labels.outputs.pr-details, 'tf:auto-apply') )
}}
uses: ./.github/workflows/reusable-terraform-plan-run.yml
with:
# hardcoded as is different than the repo name
tf_workspace: tfc-mgmt
tf_var_file: ./config-tfvars/tfc-config.tfvars
secrets:
tf_api_token: ${{ secrets.TFC_API_TOKEN }}
cd-terraform-apply:
needs: get-pr-labels
if: |-
${{
contains(needs.get-pr-labels.outputs.pr-details, 'tf:apply') ||
contains(needs.get-pr-labels.outputs.pr-details, 'tf:auto-apply')
}}
uses: ./.github/workflows/reusable-terraform-apply-run.yml
with:
# hardcoded as is different than the repo name
tf_workspace: tfc-mgmt
tf_var_file: ./config-tfvars/tfc-config.tfvars
secrets:
tf_api_token: ${{ secrets.TFC_API_TOKEN }}
from terraform-github-actions.
dflook
commented on June 2, 2024
Thanks, I think I've tracked this down to a setting in the Terraform Cloud workspace.
In the "Workspace Settings", in the "General" page there is an option for "User Interface". When this is set to "Structured Run Output" everything works as expected. When this is set to "Console UI", it tries to use colours.
When I create a new workspace, this is set to "Structured Run Output". Can you check what your workspace is set to?
from terraform-github-actions.
DanyC97
commented on June 2, 2024
Arrrrgghhh, how silly from my side to not check that setting, i completely forgot i've changed the default setting. Indeed that is the case.
i'll leave it with you if you want to have an extra note in the docs to mention it but for now i'll close this issue as is nothing to fix.
thanks @dflook !
from terraform-github-actions.
Related Issues (20)
- Improve the cloud backend type by supporting envs vars HOT 7
- Support repository_dispatch event type to allow advance workflows to take place HOT 2
- unable to comment on PR with github token HOT 11
- Cosmetic - missing the selected workspace name HOT 3
- Cannot run plan with S3 backend HOT 4
- Inability to trigger the action due to an alleged missing file HOT 5
- Terraform Plan action fails due to Unknown token: 15:19 IDENT confluent_service_account.app-producer.id error HOT 10
- "terraform-plan" fails with an error while using "terraform plan" succeeds HOT 2
- backend_config read as file in apply
- Ability to Share Plan Outputs Between Runs HOT 6
- Resources are not removed despite the action claiming otherwise HOT 2
- Issues in terraform version 1.6.0 HOT 1
- Support for Terraform 1.6 test framework
- Terraform Cloud deploy with hard-coded workspace fails
- Add option to create new comments on following execution of a terraform operation HOT 3
- OpenTofu support HOT 5
- Terraform Plan Action failing on tf version 1.6.x showing S3 403 permission error
- terraform-plan error: The process '/usr/bin/git' failed with exit code 128 HOT 2
- Terraform Plan Fails on self-hosted runner - ls: cannot access '/github/home': No such file or directory HOT 12
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-github-actions.