Plan links should link to GHA directly like applies do - Githubissues

getsentry / tacos-gha

Terraform Automation & Collaboration Software (TACOS) help organizations to scale the use of Terraform by enabling collaboration through governance, access controls, and automation of Terraform runs.

Apache License 2.0

1 stars 0 forks source link

Plan links should link to GHA directly like applies do #255

Open mwarkentin opened 2 months ago

mwarkentin commented 2 months ago

          # [Terraform Plan](https://github.com/getsentry/ops/actions/runs/10854543131)

TACOS generated a terraform plan for 14 slices:

1 slices failed to plan
12 slices have pending changes to apply
1 slices are unaffected

Errors

terragrunt/regions/single-tenant/db/default/test-control

time=2024-09-13T18:53:13Z level=error msg=Error: Error in function call Commands: (error code 1)

$ cd terragrunt/regions/single-tenant/db/default/test-control
direnv: loading $repo/.envrc
tenv missing, please install via devenv sync
./.envrc:54: brew: command not found
kube-linter missing, please install via devenv sync
direnv: export +DATADOG_API_KEY +DATADOG_APP_KEY +GETSENTRY_SAC_DEPLOY_ENVIRON +HOMEBREW_PREFIX +SENTRY_DEVENV_HOME +TF_VAR_datadog_api_key +TF_VAR_datadog_app_key ~PATH
direnv: loading $repo/tacos-gha/.envrc
direnv: export ~PATH ~PS1_PREFIX ~PYTHONPATH

$ env GETSENTRY_SAC_VERB=state-admin sudo-gcp tf-lock-acquire
You are authenticated for the next hour as: team-sre-tf-state-admin@sac-prod-sa.iam.gserviceaccount.com
time=2024-09-13T18:53:13Z level=error msg=Error: Error in function call

time=2024-09-13T18:53:13Z level=error msg=  on $repo/terragrunt/terragrunt.hcl line 7, in locals:

time=2024-09-13T18:53:13Z level=error msg=   7:   service_config = read_terragrunt_config(find_in_parent_folders("service.hcl"), { inputs = {}, locals = {} })

time=2024-09-13T18:53:13Z level=error msg=

time=2024-09-13T18:53:13Z level=error msg=Call to function "read_terragrunt_config" failed: Error reading file at path
$repo/terragrunt/regions/single-tenant/snapshot-schedule/test-control:
open
$repo/terragrunt/regions/single-tenant/snapshot-schedule/test-control:
no such file or directory.

time=2024-09-13T18:53:13Z level=error msg=Encountered error while evaluating locals in file $repo/terragrunt/terragrunt.hcl
time=2024-09-13T18:53:13Z level=error msg=$repo/terragrunt/terragrunt.hcl:7,20-43: Error in function call; Call to function "read_terragrunt_config" failed: Error reading file at path $repo/terragrunt/regions/single-tenant/snapshot-schedule/test-control: open $repo/terragrunt/regions/single-tenant/snapshot-schedule/test-control: no such file or directory.
time=2024-09-13T18:53:13Z level=error msg=Unable to determine underlying exit code, so Terragrunt will exit with error code 1

Changes

terragrunt/regions/single-tenant/db/metrics/disney

Plan: 5 to add, 2 to change, 0 to destroy.

```hcl module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution ... ( 4.0KB, 109 lines skipped ) ... }, ] } ) + project = "sentry-st-disney" + zone = "us-east4-b" } Plan: 5 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/metrics/goldmansachs

Plan: 5 to add, 2 to change, 0 to destroy.

```hcl module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution ... ( 4.0KB, 108 lines skipped ) ... + role = "roles/compute.osLogin" }, ] } ) + project = "sentry-st-goldmansachs" + zone = "us-east4-b" } Plan: 5 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/metrics/geico

Plan: 5 to add, 2 to change, 0 to destroy.

```hcl module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ... ( 3.9KB, 107 lines skipped ) ... + role = "roles/compute.osLogin" }, ] } ) + project = "sentry-st-geico" + zone = "us-east4-b" } Plan: 5 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/default/disney

Plan: 3 to add, 2 to change, 0 to destroy.

```hcl module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place ... ( 2.4KB, 60 lines skipped ) ... "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/metrics/s4s

Plan: 5 to add, 2 to change, 0 to destroy.

```hcl module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: ... ( 3.8KB, 101 lines skipped ) ... ] + role = "roles/compute.osLogin" }, ] } ) + project = "mattrobenolt-kube" + zone = "us-west1-b" } Plan: 5 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/default/goldmansachs

Plan: 3 to add, 2 to change, 0 to destroy.

```hcl module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: ... ( 2.3KB, 54 lines skipped ) ... } name = "db-default-2" tags = [ "db-default-2", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/default/geico

Plan: 3 to add, 2 to change, 0 to destroy.

```hcl module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # google_compute_disk_resource_policy_attachment.data_daily_attachment[0] will be created ... ( 2.1KB, 52 lines skipped ) ... # (11 unchanged elements hidden) } name = "db-default-2" tags = [ "db-default-2", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/default/test-region

Plan: 3 to add, 1 to change, 0 to destroy.

```hcl module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # google_compute_disk_resource_policy_attachment.data_daily_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_daily_attachment" { + disk = "db-default-1-pgdata" + id = (known after apply) + name = "data-daily-snapshot" + project = (known after apply) ... ( 1.1KB, 24 lines skipped ) ... ~ labels = { - "cogs_category" = "shared" -> null # (11 unchanged elements hidden) } name = "db-default-1" tags = [ "db-default-1", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 1 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/metrics/ly

Plan: 3 to add, 2 to change, 0 to destroy.

```hcl module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # google_compute_disk_resource_policy_attachment.data_daily_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_daily_attachment" { + disk = "db-metrics-1-pgdata" + id = (known after apply) + name = "data-daily-snapshot" + project = (known after apply) ... ( 1.7KB, 44 lines skipped ) ... id = "projects/sentry-st-ly/zones/asia-northeast1-b/instances/db-metrics-2" ~ labels = { - "cogs_category" = "sessions" -> null # (11 unchanged elements hidden) } name = "db-metrics-2" tags = [ "db-metrics-2", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/metrics/test-region

Plan: 3 to add, 2 to change, 0 to destroy.

```hcl module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # google_compute_disk_resource_policy_attachment.data_daily_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_daily_attachment" { + disk = "db-metrics-1-pgdata" + id = (known after apply) + name = "data-daily-snapshot" + project = (known after apply) + zone = "europe-west3-c" } # google_compute_disk_resource_policy_attachment.data_hourly_attachment[0] will be created ... ( 1.3KB, 32 lines skipped ) ... ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } # module.instance["2"].google_compute_instance.salt_instance will be updated in-place ~ resource "google_compute_instance" "salt_instance" { id = "projects/sentry-test-region/zones/europe-west3-b/instances/db-metrics-2" ~ labels = { - "cogs_category" = "sessions" -> null # (11 unchanged elements hidden) } name = "db-metrics-2" tags = [ "db-metrics-2", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/seer/s4s

Plan: 3 to add, 2 to change, 0 to destroy.

```hcl module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["2"].data.google_iam_policy.os_login: Read complete after 1s [id=1708961782] module.instance["1"].data.google_iam_policy.os_login: Read complete after 1s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # google_compute_disk_resource_policy_attachment.data_daily_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_daily_attachment" { + disk = "db-seer-1-pgdata" + id = (known after apply) + name = "data-daily-snapshot" + project = (known after apply) + zone = "us-west1-c" } # google_compute_disk_resource_policy_attachment.data_hourly_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_hourly_attachment" { + disk = "db-seer-1-pgdata" + id = (known after apply) + name = "data-hourly-snapshot" + project = (known after apply) + zone = "us-west1-c" } # google_compute_disk_resource_policy_attachment.data_weekly_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_weekly_attachment" { + disk = "db-seer-1-pgdata" + id = (known after apply) + name = "data-weekly-snapshot" + project = (known after apply) + zone = "us-west1-c" } # module.instance["1"].google_compute_instance.salt_instance will be updated in-place ~ resource "google_compute_instance" "salt_instance" { id = "projects/mattrobenolt-kube/zones/us-west1-c/instances/db-seer-1" ~ labels = { - "cogs_category" = "shared" -> null # (10 unchanged elements hidden) } name = "db-seer-1" tags = [ "db-seer-1", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } # module.instance["2"].google_compute_instance.salt_instance will be updated in-place ~ resource "google_compute_instance" "salt_instance" { id = "projects/mattrobenolt-kube/zones/us-west1-b/instances/db-seer-2" ~ labels = { - "cogs_category" = "shared" -> null # (10 unchanged elements hidden) } name = "db-seer-2" tags = [ "db-seer-2", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

terragrunt/regions/single-tenant/db/default/ly

Plan: 3 to add, 2 to change, 0 to destroy.

```hcl module.instance["2"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Reading... module.instance["1"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] module.instance["2"].data.google_iam_policy.os_login: Read complete after 0s [id=1708961782] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + create ~ update in-place Terraform will perform the following actions: # google_compute_disk_resource_policy_attachment.data_daily_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_daily_attachment" { + disk = "db-default-1-pgdata" + id = (known after apply) + name = "data-daily-snapshot" + project = (known after apply) + zone = "asia-northeast1-c" } # google_compute_disk_resource_policy_attachment.data_hourly_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_hourly_attachment" { + disk = "db-default-1-pgdata" + id = (known after apply) + name = "data-hourly-snapshot" + project = (known after apply) + zone = "asia-northeast1-c" } # google_compute_disk_resource_policy_attachment.data_weekly_attachment[0] will be created + resource "google_compute_disk_resource_policy_attachment" "data_weekly_attachment" { + disk = "db-default-1-pgdata" + id = (known after apply) + name = "data-weekly-snapshot" + project = (known after apply) + zone = "asia-northeast1-c" } # module.instance["1"].google_compute_instance.salt_instance will be updated in-place ~ resource "google_compute_instance" "salt_instance" { id = "projects/sentry-st-ly/zones/asia-northeast1-c/instances/db-default-1" ~ labels = { - "cogs_category" = "shared" -> null # (11 unchanged elements hidden) } name = "db-default-1" tags = [ "db-default-1", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } # module.instance["2"].google_compute_instance.salt_instance will be updated in-place ~ resource "google_compute_instance" "salt_instance" { id = "projects/sentry-st-ly/zones/asia-northeast1-b/instances/db-default-2" ~ labels = { - "cogs_category" = "shared" -> null # (11 unchanged elements hidden) } name = "db-default-2" tags = [ "db-default-2", "firewall-allow-health-check-and-proxy", "internal", "postgres", "salt", "use-nat", ] # (18 unchanged attributes hidden) # (6 unchanged blocks hidden) } Plan: 3 to add, 2 to change, 0 to destroy. ───────────────────────────────────────────────────────────────────────────── Saved the plan to: tfplan To perform exactly these actions, run the following command to apply: terraform apply "tfplan" ```

Clean

These slices are in scope of your PR, but Terraform found no infra changes are currently necessary. Hooray! :cookie:

terragrunt/regions/single-tenant/db/default/s4s

Originally posted by @github-actions[bot] in https://github.com/getsentry/ops/issues/12101#issuecomment-2349907673