search

diggerhq / digger

Digger is an open source IaC orchestration tool. Digger allows you to run IaC in your existing CI pipeline ⚡️
https://digger.dev
Apache License 2.0
2.86k stars 132 forks source link

Drift detection is reporting non-drifting modules #1667

Open noisyscanner opened 4 weeks ago

noisyscanner commented 4 weeks ago

See notifications posted to our Slack below:

image

Workfow:

name: Digger Drift Detection

on:
  # workflow_dispatch:
  # schedule: ## 12am daily.
  #   - cron: '0 0 * * *'
  push:
    branches:
      - drift

permissions:
  contents: read
  id-token: write # for aws oidc

jobs:
  detect-drift:
    runs-on: ubuntu-latest
    steps:
    - name: digger drift detection
      uses: diggerhq/digger@vLatest
      with:
        mode: drift-detection
        no-backend: true
        cache-dependencies: true
        setup-aws: true
        aws-role-to-assume: <my-role-arn>
        aws-region: eu-west-2
        drift-detection-slack-notification-url: ${{ secrets.DRIFT_DETECTION_SLACK_NOTIFICATION }}

        setup-opentofu: true
        opentofu-version: v1.6.2

        setup-terragrunt: true
        terragrunt-version: 0.66.3
      env:
        GITHUB_CONTEXT: ${{ toJson(github) }}
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

CC @motatoes

motatoes commented 4 weeks ago

Hi @noisyscanner thanks for reporting, looks like a bug in our cleanup functino that needs to be addressed