Plan can never be applied because we always have different plans #254
Description
Problem description
Hello,
I am trying to use terraform-apply once the PR is merged in develop. I am getting the error below, because the two plan are different. The one generated in the PR says Plan: 2 to add, 1 to change, 2 to destroy, instead the one after the merge says Plan: 5 to add, 2 to change, 5 to destroy.
This is kind of normal for us because when a deployment has to happen some variable change and then also the resource that will be modified. For example the git short sha will be attached to the docker image name and that will always make terraform generate a different plan.
I would prefer to run apply without -auto-approve, I remember when I was working with Jenkins that we were receiving a notification in case of infrastructure changes, we could then review the plan and confirm it by clicking a link in the console.
Is it possible to do something similar with GitHub actions too?
Thank you
Terraform version
1.3.7
Backend
s3
Workflow YAML
- name: Terraform pull request apply
if: github.event_name == 'push' && env.TF_VAR_ACTION_BRANCH_NAME == 'develop'
uses: dflook/terraform-apply@v1
with:
path: terraform
backend_config: |
region=${{ env.TF_VAR_AWS_REGION }}
bucket=${{ env.TF_VAR_TERRAFORM_BACKEND_BUCKET }}
var_file: terraform/${{ env.ENVIRONMENT_NAME }}.tfvarsWorkflow log
> (and one more similar warning elsewhere)
\ No newline at end of file
Performing diff between the pull request plan and the plan generated at execution time.
> are lines from the plan in the pull request
< are lines from the plan generated at execution
Plan differences:
Compare with the plan generated by the dflook/terraform-plan action in Job *** #151 at https://github.com/***-io/***/actions/runs/4528954848