Terraform graph doesn't care about workspace

[sdouche]

Terraform Version

v0.11.11

Expected Behavior

Generating a graph with only resources of the actual workspace.

Actual Behavior

The graph takes all resources:

$ terraform state list
$ terraform graph | wc -l
1051

Steps to Reproduce

1. Create a new workspace.
2. Create resources.
3. Go back to the default workspace.
4. Create a graph.

[apparentlymart]

Hi @sdouche!

Sorry that apparently nobody responded to you here before. I'm sure this was long enough ago that you don't remember the full details of what you were trying here, but from your description it sounds like you were expecting terraform graph to contain only objects that are in the state of the current workspace.

That is not actually the intended behavior of terraform graph, though. Instead, this command returns the dependencies represented by the combination of the current configuration and the state. Unless your configuration was totally empty at step 4, it's correct that Terraform produced a graph showing the relationships between objects in the configuration. It would be incorrect only if it was showing resources that exist only in the state, e.g. because you'd previously applied them but have now removed them from the configuration and not applied the new configuration yet.

With all of that said then, my instinct is to say that Terraform was working as intended here, but before I jump to that conclusion I wanted to check with you to see if you remember what the scenario was when you tested this, and whether what I described above would explain what you saw.

If so, my plan would be to close this since Terraform is working as designed, but we could also potentially transform it into an enhancement request if we can reframe it as a problem statement where we can evaluate potential solutions to address it. (Adopting exactly the behavior you were expecting would not be appropriate, because it would prevent people from using this command in the way it's currently designed to be used.)

Thanks!

[sdouche]

Hi @apparentlymart :)

it sounds like you were expecting terraform graph to contain only objects that are in the state of the current workspace.

I think it's correct.

With all of that said then, my instinct is to say that Terraform was working as intended here

Not sure to fully understand your explanation but I have no solid arguments to counter this explanation. But to me, I don't see the usefulness of this command if can't show only resources created on a specific workspace. Generating a graph with 1000 objects is basically unusable but apparently, I didn't understand this command.

Regards.

[apparentlymart]

Hi @sdouche,

It is indeed not a particularly useful command for everyday use. Its two main use-cases have been:

• Visualizing the graph of small, contrived test cases when trying to understand why Terraform is behaving a particular way. This use-case is therefore primarily relevant to those of us who develop Terraform rather than those who use it.
• In earlier incarnations of the official Terraform training program (e.g. at HashiConfs) the presenters would sometimes use specifically-tailored configurations with this command to help explain the idea of dependencies being implied by expression references by showing a visual of the result.

What both of these have in common is that they are done only with "contrived" configurations that are minimized as much as possible to allow the result to be intelligible.

I think the problem in your case was not anything to do with showing objects from other workspaces and instead a result of your configuration being of typical real-world complexity and therefore containing too many resources and references for it to be possible to draw a reasonable graph using only an automatic graph layout algorithm. Diagramming a real system will typically require some human intuition to decide which nodes are most relevant and emphasize those, eliminate any content that isn't relevant to whatever the goal is, etc. Since our focus is on the core use-case of planning and applying changes, we can't justify spending time on a built-in infrastructure visualization toolkit, because that's a product of at least equivalent complexity to Terraform Core itself.

As mentioned in my last comment, since you confirmed I had understood correctly what you observed I'm going to close this with the justification that what you were aiming to achieve here isn't in the intended scope of this rather limited graph generation command. If that command were not already in Terraform today I suspect we would not choose to add it now, so it remains as a weird artifact of early Terraform development when the team was still developing an understanding of how Terraform graphs should behave, and not something very useful outside of that niche need.

Thanks!

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.