jason-johnson / azure-pipelines-tasks-terraform

Azure Pipelines extension for Terraform
MIT License
127 stars 55 forks source link

`terraform apply [plan]` gives an error when used together with `publishPlanResults` #249

Closed gdespoulain closed 1 year ago

gdespoulain commented 2 years ago

Bug Description

Hello! :)

I'm using terraform plan -out="terraform.tfplan" in one stage, and then applying said plan using the plan text file (passed as an artifact) in another stage: terraform apply terraform.tfplan. During the plan task I use the publishPlanResults as option.

The plan is valid and shown properly in the Terraform Plan tab. However, I get this error during apply:

Error: Failed to load "terraform.tfplan" as a plan file
Error: zip: not a valid zip file

I researched a bit and found out it seems to be a problem for Terraform to process the plan after it has been used by publishPlanResults. At least it's the theory that has been discussed at the end of this thread: https://github.com/hashicorp/terraform/issues/22396 where they could also reproduce the problem.

To Reproduce

Steps to reproduce the behavior:

1. Setup pipeline as:

stages:
  - stage: Plan
    jobs:
      - job: Plan
        steps:
          - task: TerraformCLI@0
            ...
            inputs:
              command: plan
              publishPlanResults: plan.tfplan
              ...
          - publish:
              artifact: plan
              ...

  - stage: Apply
    ...
    jobs:
      - job: Apply
        ...
        steps:
          - download: ...
          - task: TerraformCLI@0
            inputs:
              command: apply
              commandOptions: '--input=false $(Pipeline.Workspace)/plan/plan.tfplan'

2. Execute pipeline

Let both stages run. The plan is saved accordingly and available in apply stage.

  1. See error

The error appears in the log. It's gone when I remove the publishPlanResults option.

Error: Failed to load "terraform.tfplan" as a plan file
Error: zip: not a valid zip file

Expected behavior

I would like to use both the publishPlanResults option and a saved plan :)

Agent Configuration

Thank you!

rolanddb commented 2 years ago

I can confirm this issue.

Dranaxel commented 2 years ago

I have the same issue using gitlab ci !

Morksen commented 1 year ago

I can also confirm this issue. Any plan, when it will be fixed?

ricklahaye commented 1 year ago

Hi. I was facing same issue, but I was using publishPlanResults: tfplan (tfplan was same as my -out) After changing publishPlanResults to something random, it worked. Somewhere in documentation it states you should not use the same file as the output plan. If yuo do this, the output plan gets overwritten with text file, and it is not binary anymore, and hence it fails to apply.

So change publishPlanResults: plan.tfplan to publishPlanResults: plan

jason-johnson commented 1 year ago

Hi, the "publishPlanResults" is meant to be the name of the tab in Azure Devops web page which shows the plan output, not the name of the terraform plan used to store terraform data. As @ricklahaye says, naming these the same will cause issues.

Not a bug, but we can take a look if the documentation can make this situation clearer.

gdespoulain commented 1 year ago

Thank you! :)

Va55ago commented 1 year ago

I just got bitten by this today (wasted 4 hours before finding this issue). Something in the docs would be great!

jason-johnson commented 1 year ago

Will be resolved by #339.