Drift detection customisation

AzBuilder / terrakube

Open source IaC Automation and Collaboration Software.

https://docs.terrakube.io

Apache License 2.0

529 stars 47 forks source link

Drift detection customisation #1548

Closed BenjaminDecreusefond closed 6 days ago

BenjaminDecreusefond commented 1 week ago

Feedback

Hi !

We would like to customise the default drift_detection provided on the Terrakube documentation. In its current state the template exec a plan and returns a slack message depending on the changes. However, if the plan fails for some reason the drift template returns nothing and we have no information about that. I see that the plan is triggered by the lines

flow:
  - type: "terraformPlan"
    step: 100
    name: "Running Terraform Plan with Drift Detection and Slack Notification"

But I wonder if this is a kind of shortcut for Terrakube itself ? Also, if the plan if failing during those lines the rest of the code will never execute and we have no options catch the error. Do you know if there's a way to bypass that behavior ?

Regards ! Benjamin

alfespa17 commented 1 week ago

Hello @BenjaminDecreusefond I dont think that will be possible because when Terrakube is running the terraform plan here it takes the exit code of the operation.

https://github.com/AzBuilder/terrakube/blob/a06994657607155604e83f419e54c75991372c59/executor/src/main/java/org/terrakube/executor/service/terraform/TerraformExecutorServiceImpl.java#L118

Based on the exit code it updates the following flag

https://github.com/AzBuilder/terrakube/blob/a06994657607155604e83f419e54c75991372c59/executor/src/main/java/org/terrakube/executor/service/terraform/TerraformExecutorServiceImpl.java#L125

That is later used to run the script after the terraform plan.

https://github.com/AzBuilder/terrakube/blob/a06994657607155604e83f419e54c75991372c59/executor/src/main/java/org/terrakube/executor/service/terraform/TerraformExecutorServiceImpl.java#L130

In this validation

https://github.com/AzBuilder/terrakube/blob/a06994657607155604e83f419e54c75991372c59/executor/src/main/java/org/terrakube/executor/service/terraform/TerraformExecutorServiceImpl.java#L290

BenjaminDecreusefond commented 1 week ago

Hi @alfespa17 !

Ahh I see ! Is there a way to avoid this behavior ? Because not having error displayed from the drift check makes it kind of hard to manage many workspaces ? In this case, allowing the rest of the script to run is not an issue as we mainly want to return slack messages. Do you see a case where it would not be preferable to keep it running ?

alfespa17 commented 1 week ago

Hi @alfespa17 !

Ahh I see ! Is there a way to avoid this behavior ? Because not having error displayed from the drift check makes it kind of hard to manage many workspaces ? In this casing allowing the rest of the script to run is not an issue as we mainly want to return slack messages. Do you see a case where it would not be preferable to keep it running ?

At least for now the is no way to keep the execution running, that will require some code change I guess

For now maybe you can create some script using the Api that validates the job status and create some message in slack

BenjaminDecreusefond commented 1 week ago

Ok, I'll try to propose you a PR and see if you're okay with it :)

alfespa17 commented 1 week ago

Ok, I'll try to propose you a PR and see if you're okay with it :)

Sounds good

alfespa17 commented 6 days ago

I think this was fixed by this

https://github.com/AzBuilder/terrakube/pull/1550

I am closing this issue