hashicorp / tfc-workflows-tooling Goto Github PK
View Code? Open in Web Editor NEWTooling to automate Terraform Cloud API Runs
License: Mozilla Public License 2.0
Tooling to automate Terraform Cloud API Runs
License: Mozilla Public License 2.0
This is a feature request to add support for CircleCI.
Preferably exposed through a re-usable orb.
Edit: Please let me know if there is an issue template I should be following for feature requests.
On Friday last week, I had a GitHub workflow using tf cloud to do a plan etc from the guide below
https://developer.hashicorp.com/terraform/tutorials/automation/github-actions
It was working all ok. Nothing has changed, and I have checked API keys expiration and now it does not work.
Run hashicorp/tfc-workflows-github/actions/[email protected]
with:
workspace: learn-terraform-github-actions
directory: ./
speculative: true
env:
TF_CLOUD_ORGANIZATION: PLOT1[3](https://github.com/mpr555/learn-terraform-github-actions/actions/runs/5241610510/jobs/9464248028#step:4:3)
TF_API_TOKEN: ***
TF_WORKSPACE: learn-terraform-github-actions
CONFIG_DIRECTORY: ./
/usr/bin/docker run --name hashicorptfciv100_abc991 --label ed8[6](https://github.com/mpr555/learn-terraform-github-actions/actions/runs/5241610510/jobs/9464248028#step:4:6)6e --workdir /github/workspace --rm -e "TF_CLOUD_ORGANIZATION" -e "TF_API_TOKEN" -e "TF_WORKSPACE" -e "CONFIG_DIRECTORY" -e "INPUT_WORKSPACE" -e "INPUT_DIRECTORY" -e "INPUT_SPECULATIVE" -e "INPUT_HOSTNAME" -e "INPUT_TOKEN" -e "INPUT_ORGANIZATION" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/learn-terraform-github-actions/learn-terraform-github-actions":"/github/workspace" hashicorp/tfci:v1.0.0 "tfci" "-hostname=" "-token=" "-organization=" "upload" "-workspace=learn-terraform-github-actions" "-directory=./" "-speculative=true"
error uploading configuration version to Terraform Cloud: unauthorized
{
"status": "Error"
}
Kind regards,
Max
As a consumer of these actions, I need a detailed plan output including a detailed view of changes. Today I only have a summary view using the outputs of the standard actions.
I need this data to be able to understand what is, created, changed or destroyed beyond a count, this is a critical part of the review process.
As an example to understand what changes are in a plan, I can review the structured plan output in the TFC UI, whilst it's possible to provide a link to the plan detail in the UI for review this breaks the review process flow. It would be preferable to have the JSON data of this view so I can format and summarize in a PR comment
Issues I encountered:
tfci run
should list available sub-commands of run
, but only apply
is listed in the first section of the output.Reproduce the output with this command:
docker run -it --rm \
-e "TF_API_TOKEN" \
-e "TF_CLOUD_ORGANIZATION" \
hashicorp/tfci:v1.0.0 \
tfci run
Is there any interest in having the ability to create/delete workspaces with this tooling? We have a use case to create a ephemeral workspace for testing and would like to use this cli.
Hello,
I just proposed PR -91 in order to be able to support tfci upload -auto-queue-runs=true .
configuration-versions API doc specifies that auto-queue-runs should default to true. tfci defaults to false, and option is not accessible. I added the option with default to false (to avoid breaking changes ).
Thanks,
Julien
As a consumer of these actions, I need to easily fetch the workspace terraform outputs after an apply run.
As an example, I need to pass a tf output to subsequent action in my pipeline.
Terraform outputs are in Go-tfe https://github.com/hashicorp/go-tfe/blob/main/state_version_output.go#L22
This issue applies to a build I created from branch main
on commit f0abf3b740ca3635db3ea03e75215d03bb6456d4
(commit).
I have a workspace set to auto-apply. I used tfci run create
to trigger a run. The plan was applied, but tfci
got stuck.
I built the container like this.
docker buildx build -t kentest . --load
I ran it like this.
docker run -it --rm \
-e "TF_API_TOKEN" \
-e "TF_CLOUD_ORGANIZATION" \
kentest \
tfci run create -workspace myworkspace
The symptom was that stdin was never released, and tfci
kept on printing:
Run Status: 'applied'
Run Status: 'applied'
Run Status: 'applied'
Run Status: 'applied'
Run Status: 'applied'
Run Status: 'applied'
...for 1/2 hour after the successful apply showed completed in TF Cloud. I eventually pressed Ctrl-C to release stdin. The workspace had already been unlocked and other runs triggered.
I am seeing a case where the create-run
command (I use it as a GHA action) will bail out early with auto-apply enabled. This isn't consistent because the loop that does run completion checking can be sleeping when the run transitions from planning
-> planned
-> apply_queued
-> etc...
See https://github.com/hashicorp/tfc-workflows-tooling/blob/main/internal/cloud/run.go#L172
I am not sure what the best fix is here, but here are the options I see:
planned
as a a desired status if auto-apply is enabledHi,
I'd like to report an issue I started having with the create-run in v1.0.3 (it wasn't there in v1.0.2), so I hope we can get it fixed. I assume the following change in v1.0.3 is causing the issue (unfortunately, I'm not familiar with Go, so I can't really tell)
v1.0.2...v1.0.3#diff-081ffb9fc91bc673b661fe6e89423940f04d5b809bc666a0a4f8eb1f7d7d39e7R104-R108
Here's some more detail:
apply-run
, the payload
property in https://github.com/hashicorp/tfc-workflows-github/blob/b5ae00d6ff4f940fc11ec6e70346e9c693590b5e/workflow-templates/terraform-cloud.apply-run.workflow.yml#L58C26-L58C58 seems to be empty, and that's why fromJson
is throwing an error.Whenever I try to execute something with tfci, I get the following error reported: /usr/local/bin/tfci: line 1: syntax error: unexpected "("
It works on my Mac Air M2 which also has ARM architecture but apparently does not work on Ubuntu with ARM architecture.
Example call:
docker run -it hashicorp/tfci tfci --help
Hi there,
I've been experiencing an issue with hashicorp/tfc-workflows-github/actions/[email protected]
where my apply completes in Terraform Cloud, but the Github action does not complete and continues to be 'pending'. This is occurring when being run with TF 1.6.4
Support for saves plans has been added to the Terraform cloud API
This functionality has been added to go-tfe which the tfc-workflow-tooling utilises.
An initial look at this
To support this would need to expose an option for provisional configuration versions as a boolean to the upload command. Provisional configuration versions are utilised only when referenced on apply.
configuration_version.go Provisional
Update run command to support saved plan boolean
run.go SavePlan
Handle new plan run plan status RunPlannedAndSaved
run.go RunPlannedAndSaved
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.