Search code examples
githubterraformgithub-actionsterraform-provider-azure

Terraform plan on local shows No Changes after import but shows creation on github actions


I have a few resources deployed on Azure, when I import them (CDN profile & endpoints) locally to generate the state file, it shows No Changes, your infrastructure matches. I have a git Generate plans workflow, which only shows changes, not apply, it shows the creation of those resources even though I have placed the locally generated terraform state file in the folder from where it picks the changes. The terraform script is straightforward -

     data "azurerm_resource_group" "prresourcegroup" {
        name                                      = local.rgname
     }


    data "azurerm_storage_account" "frontendappstorage" {
        name                                      = "fastorage"
        resource_group_name                       = local.rgname
     }


    resource "azurerm_cdn_profile" "cdn-profile" {
      name                                              = "prcdnprofile"
      resource_group_name                               = data.azurerm_resource_group.prresourcegroup.name
      sku                                               = "Premium_Verizon"
      location                                          = "global"
      lifecycle {
        prevent_destroy = true
        ignore_changes = [
          tags
        ]
      }
    }

     resource "azurerm_cdn_endpoint" "frontend-endpoint" {
       name                                              = "eptpr"
       profile_name                                      = azurerm_cdn_profile.cdn-profile.name
       resource_group_name                               = data.azurerm_resource_group.prresourcegroup.name
       location                                          = "global"
       optimization_type                                 = "GeneralWebDelivery"
       querystring_caching_behaviour                     = "IgnoreQueryString" : "NotSet"
       origin {
         name      = data.azurerm_storage_account.frontendappstorage.primary_web_host
         host_name = data.azurerm_storage_account.frontendappstorage.primary_web_host
       }

       origin_host_header = data.azurerm_storage_account.frontendappstorage.primary_web_host

       lifecycle {
         ignore_changes = [
           tags,
           origin,
           optimization_type,
           is_compression_enabled,
           global_delivery_rule
         ]
       }
     }

Github actions.yaml -

     name: Plan terraform changes
     description: Produces a plan of the changes to be made by Terraform
     
     runs:
       using: composite

       steps:
         - uses: cschleiden/replace-tokens@v1 # Replace tokens in TF files with environment variable values
           with:
             files: '["**/*.tf*","**/*.yaml*"]'

         - uses: hashicorp/setup-terraform@v3

         - name: Terraform Init Frontend
               shell: bash
               working-directory: terraform/frontend
               run: terraform init

             - name: Terraform Validate Frontend
               shell: bash
               working-directory: terraform/frontend
               run: terraform validate

             - name: Terraform Plan Frontend
               shell: bash
               working-directory: terraform/frontend
               run: terraform plan --var-file=variables.tfvars -input=false -no-color >> ../../${{env.Environment-Name}}_plan.txt

             - name: Save plan
                   uses: actions/upload-artifact@v4
                   with:
                     name: ${{env.Environment-Name}}_plan.txt
                     path: ${{env.Environment-Name}}_plan.txt  

This is only to Plan changes not actual apply.


Solution

  • Github was referencing the wrong state file which was causing the difference on local & git workflow.