False terraform change / plan detection

[lerlacher-haylix]

Describe the bug

268 has been closed, long live #268!

There is another edge case for terraform plan detection.

If the plan has no changes to apply, but would update terraform state / output, it prints this:

You can apply this plan to save these new output values to the Terraform state, without changing any real infrastructure.

The terraform plan exit code is 2 (terraformPlanOkHasChanges), but the const planHasNoChangesRe = /^No changes./ regex will not match and so we get back to the same old failure state of "there should be a plan uploaded but there isn't one" which breaks the terraform plan view because of an unexpected unhandled 404.

To Reproduce Steps to reproduce the behavior:

1. Set up a terraform pipeline with two terraform plan invocations with plan publishing
2. change something in the state / on the infrastructure that causes the output to change but no infrastructure changes for the first plan invocation
3. change something that causes a real change in the second plan invocation
4. run the pipeline
5. Observe that there is a 404 on the plan view and no plans are shown

Sample pipeline output:

2023-03-08T03:13:28.3721191Z state, without changing any real infrastructure.
2023-03-08T03:13:28.3721661Z ╷
2023-03-08T03:13:28.3722147Z │ Warning: Argument is deprecated
2023-03-08T03:13:28.3722680Z │ 
2023-03-08T03:13:28.3723278Z │   with module.base.module.logbucket.aws_s3_bucket.public-lb-log-bucket,
2023-03-08T03:13:28.3724119Z │   on .terraform/modules/base.logbucket/aws/elb_log_bucket/S3.tf line 2, in resource "aws_s3_bucket" "public-lb-log-bucket":
2023-03-08T03:13:28.3724890Z │    2: resource "aws_s3_bucket" "public-lb-log-bucket" {
2023-03-08T03:13:28.3725535Z │ 
2023-03-08T03:13:28.3726099Z │ Use the aws_s3_bucket_lifecycle_configuration resource instead
2023-03-08T03:13:28.3726559Z │ 
2023-03-08T03:13:28.3727062Z │ (and 3 more similar warnings elsewhere)
2023-03-08T03:13:28.3727527Z ╵
2023-03-08T03:13:28.3727856Z 
2023-03-08T03:13:28.3728404Z ─────────────────────────────────────────────────────────────────────────────
2023-03-08T03:13:28.3728536Z 
2023-03-08T03:13:28.3728931Z Saved the plan to: /home/vsts/work/1/s/clients/kantarnebu/kantarnebu.tfplan
2023-03-08T03:13:28.3729144Z 
2023-03-08T03:13:28.3729611Z To perform exactly these actions, run the following command to apply:
2023-03-08T03:13:28.3730041Z     terraform apply "/home/vsts/work/1/s/clients/kantarnebu/kantarnebu.tfplan"
2023-03-08T03:13:28.3731553Z ##[debug]Exit code 2 received from tool '/usr/local/bin/terraform'
2023-03-08T03:13:28.3732440Z ##[debug]STDIO streams have closed for tool '/usr/local/bin/terraform'
2023-03-08T03:13:28.3733187Z ##[debug]set TERRAFORM_PLAN_HAS_CHANGES=true
2023-03-08T03:13:28.3742175Z ##[debug]Processed: ##vso[task.setvariable variable=TERRAFORM_PLAN_HAS_CHANGES;isOutput=false;issecret=false;]true
2023-03-08T03:13:28.3743394Z ##[debug]Publish plan results requested. Parsing plan output first...
2023-03-08T03:13:28.3744422Z ##[debug]publishPlanResults=kantarnebu-stage.planout
2023-03-08T03:13:28.3745153Z ##[debug]workingDirectory=/home/vsts/work/1/s/clients/kantarnebu
2023-03-08T03:13:28.3746049Z ##[debug]publishPlanResults=kantarnebu-stage.planout
2023-03-08T03:13:28.3747051Z ##[debug]Absolute path for pathSegments: /home/vsts/work/1/s/clients/kantarnebu,kantarnebu-stage.planout = /home/vsts/work/1/s/clients/kantarnebu/kantarnebu-stage.planout
2023-03-08T03:13:28.3765771Z ##[debug]Processed: ##vso[task.addattachment type=terraform-plan-results;name=kantarnebu-stage.planout;]/home/vsts/work/1/s/clients/kantarnebu/kantarnebu-stage.planout

Expected behavior

The case where there is no real infrastructure change in the plan should be handled

Screenshots

N/A

Pipeline Logs

See above

Agent Configuration

• OS: ubuntu
• Hosted
• Terraform version used (Default for hosted agent is acceptable)
• AzureCLI version used (Default for hosted agent is acceptable or N/A)

Additional context

This is very similar to #268