How to run rover -a destroy with -p tfplan artifact?

aztfmod / rover

The rover is a docker container in charge of the deployment of the Terraform platform engineering for Azure

MIT License

175 stars 146 forks source link

How to run rover -a destroy with -p tfplan artifact? #332

Closed khaman-pet closed 1 year ago

khaman-pet commented 1 year ago

How to run plan for destroy and output the tfplan so the destroy can use tfplan artifact to destroy it.

As of now, the -a destroy it immediately without having the plan (in pipeline) to decide whether to proceed or not.

khaman-pet commented 1 year ago

@arnaudlh Do you have any idea?

arnaudlh commented 1 year ago

hi @khaman-pet, I believe this is what you are looking for:

rover -lz /tf/caf/examples \
-var-folder /tf/caf/examples/networking/virtual_network/100-simple-vnet-subnets-nsgs \
-env contoso-sandpit -level level1 -tfstate test-pr1638-10.tfstate \
-a plan -destroy

You can then apply the delete using:

rover ... -apply -p <path to the delete plan file>

Let me know how it goes!

khaman-pet commented 1 year ago

Thanks @arnaudlh

it works on my AzDO multi-stage pipeline.

Plan stage (as above), publish the artifact. Then ran Destroy stage with approval.

/tf/rover/rover.sh -lz ${BUILD_REPOSITORY_LOCALPATH}$(LANDINGZONE_PATH) \
                      -tfstate $(tfstateName) \
                      -var-folder ${BUILD_REPOSITORY_LOCALPATH}$(configPath) \
                      -tfstate_subscription_id $(SUBSCRIPTION_ID) \
                      -target_subscription $(SUBSCRIPTION_ID) \
                      -parallelism=30 \
                      -level $(level) \
                      -env $(ENVIRONMENT) \
                      -p $(Pipeline.Workspace)/drop/$(tfstateName).tfplan \
                      -a destroy