fenech
commented
3 years ago I guess that this behaviour was inadvertently added as a consequence of #146
Open fenech opened 3 years ago
fenech
commented
3 years ago I guess that this behaviour was inadvertently added as a consequence of #146
ljfranklin
commented
3 years ago It would be useful to prevent the imports from being persisted until after the apply.
That's not how Terraform works unfortunately. Running terraform import immediately updates the statefile to include IDs for those resources, although it does not modify the actual resources. When generating a Plan, you have to run the import prior to generating the plan so that the plan includes "update" operations for those existing imported resources rather than "create" operations. I don't think Terraform supports the workflow you're describing where you generate a plan with a list of imports but don't want to actually add the imports to the statefile until later.
fenech
commented
3 years ago My problem isn't that the state file is updated; as you say, that makes sense. The problem is that the updated state file ends up being pushed to S3.
ljfranklin
commented
3 years ago Again, that's something Terraform does automatically. When you have a backend configured and run terraform import, Terraform will immediately update your statefile in that storage backend like S3. The import command is mostly intended for one-off surgeries on your statefile like initially migrating your stack to Terraform. Relying on import as part of your normal workflow is likely to cause friction like you're seeing, Terraform really wants to create its resources directly.
The only workaround I can think of is to add a task to download the existing statefile from S3 then configure the plan step to use a local backend pointing to that file rather than using the S3 backend directly, although I'm not positive if that will work either.
When
plan_onlyis used, the state is updated with any resources that were imported. This can lead of inconsistencies if the resource definitions change before the plan is applied.In our use case, we run using
plan_onlyduring a Pull Request and may make changes before merging/applying. It would be useful to prevent the imports from being persisted until after the apply.