Closed AMKamel closed 2 years ago
I think the same can be applied with terraformsh -E "CMDS=(destroy) DESTROY_ARGS=(-auto-approve)"
Actually that didn't work
Hi @AMKamel , can you tell me a little more about the issue you're having? Which version of Terraform are you using? Can you tell me what the use case is? I haven't used workspaces much.
Particularly I'm curious what the implication of switching from apply to destroy is, in terms of preserving the behavior where using destroy requires the use of a plan file. By that I mean, terraformsh destroy
should by default try to use a plan file. In the past I found that I could only do that by using 'terraform apply' on a plan file that had been prepared with terraform plan -destroy -out=destroy.plan
and then running terraform apply destroy.plan
.
Is what you're trying to do different than this? Or is the above method causing a problem in some way?
If you are using terraform cloud as a remote backend, it doesn't allow you to save the plan into a file, which is the default behavior of terraformsh command.
In order to be able to overcome this you need to do a command like terraform destroy -auto-approve
directly and since the destroy function at terraformsh is hard coding apply
command with a destroy plan, it makes terraformsh never able to run a destroy command when using terraform backend.
an optimum solution in my opinion could be when passing the option -P
the destroy function should use terraform destroy
directly and not terraform apply
since passing -P
option to terraformsh destroy
now is just like doing terraform apply
I added a screenshot of this behavior in a pull request.
Something like this maybe
_cmd_destroy () {
[ "${NO_DEP_CMDS:-0}" = "0" ] && _cmd_init
([ "${USE_PLANFILE:-0}" = "0" ] && _runcmd "$TERRAFORM" destroy "${DESTROY_ARGS[@]}") || _runcmd "$TERRAFORM" plan "${DESTROY_ARGS[@]}" && rm -f "$TF_DESTROY_PLANFILE"
}
Thanks for the info!
So, to recap:
-P
option to disable use of plan files, terraformsh is erroneously running 'terraform apply' rather than 'terraform destroy'
-P
option avoids 'terraformsh destroy' from running terraform apply
, since with the -P
option it would never work as intended.I like your suggestion, but I'll add a requested change to the PR
Sorry I haven't replied / merged this change yet - I wanted to do a little testing just to make sure I didn't miss anything before merging. Hopefully tonight or tomorrow I'll have time to throw together some tests
Of course, thanks.
Take your time
Thanks so much for your contribution @AMKamel ! I have added some tests and merged the code :partying_face:
In order to avoid executing and apply command to remote
terraform
cloud workspace when trying to destroy resources, changing the destroy function to use destroy sub command instead of apply will avoid this issue when trying to destroy with-P
flag which is the only way to deal with the remote backend since it currently does not support saving plan files which is the default behavior forterraformsh
right now.