search

hashicorp / setup-terraform

Sets up Terraform CLI in your GitHub Actions workflow.
https://developer.hashicorp.com/terraform/tutorials/automation/github-actions
Mozilla Public License 2.0
1.34k stars 235 forks source link

Detect diff #422

Open dcfsc opened 1 month ago

dcfsc commented 1 month ago

We run Terraform pipelines in GitHub Actions to detect drift. Currently, you can either use the default return value or use the -extended-return option to return error code 2 when the plan detects a difference. Currently the code see code 2 and accepts that as a successful run. We want to see that as a failure (or warning if GHA ever supports a warning outcome).

Existing code: terraform plan -extended-return exit code pipeline result
no changes X 0 Green / Success
resources changed T 2 Green/Success
F 0 Red / Fail
error X >3 Red / Fail
ads fail_on_detected_diff result terraform plan -extended-return fail_on_detected_diff exit code pipeline result
no changes 0 false Green / Success
resources changed 2 false Green/Success
error >3 false Red / Fail
no changes 0 false Green / Success
resources changed 2 false Green/Success
error >3 false Red / Fail