New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
plan -detailed-exitcode -destroy return "2" when nothing to destroy #23387
Comments
Hey @danieldreier I'm a new contributor and I'm willing to contribute on this. Please advise if I can proceed to start working on it. Thanks |
I'm experiencing the same issue on
|
Hello same issue
|
I can confirm this bug is still present on terraform v0.13.0. |
I can confirm it is present in terraform v0.13.5. We had one check that flagged a change in a datasource which caused exit code 2 |
Same here with Terraform v.0.15.0. |
I haven't been able to reproduce this on any of the stated versions, or latest, with trivial config. I'd be grateful if someone could provide a reproduction case. Terraform is returning 2 from We can construct a case like this with config based on #16055. Here a destroy plan with output changes is being rendered to the user as an empty plan, but detected by Terraform as applyable. Configdata "external" "foo" {
depends_on = [null_resource.test]
program = ["bash", "${path.module}/test.sh"]
}
resource "null_resource" "test" {
}
output "foo" {
value = data.external.foo.result["foo"]
} Steps
ResultExit code 2. Output:
(Note the dangling newline at the beginning of this output - the plan renderer does not anticipate the case in which an applyable plan has no initial segment describing resource changes.) Plan{
"format_version": "1.1",
"terraform_version": "1.3.0-dev",
"planned_values": {
"root_module": {}
},
"output_changes": {
"foo": {
"actions": [
"delete"
],
"before": null,
"after": null,
"after_unknown": false,
"before_sensitive": false,
"after_sensitive": false
}
},
"configuration": {
"provider_config": {
"external": {
"name": "external",
"full_name": "registry.terraform.io/hashicorp/external"
},
"null": {
"name": "null",
"full_name": "registry.terraform.io/hashicorp/null"
}
},
"root_module": {
"outputs": {
"foo": {
"expression": {
"references": [
"data.external.foo.result[\"foo\"]",
"data.external.foo.result",
"data.external.foo"
]
}
}
},
"resources": [
{
"address": "null_resource.test",
"mode": "managed",
"type": "null_resource",
"name": "test",
"provider_config_key": "null",
"schema_version": 0
},
{
"address": "data.external.foo",
"mode": "data",
"type": "external",
"name": "foo",
"provider_config_key": "external",
"expressions": {
"program": {
"references": [
"path.module"
]
}
},
"schema_version": 0,
"depends_on": [
"null_resource.test"
]
}
]
}
},
"relevant_attributes": [
{
"resource": "data.external.foo",
"attribute": [
"result",
"foo"
]
}
]
} In this case, however, it's not clear to me whether the output action should exist at all and whether this plan should be considered applyable. Opened #31471 to try to deal with this side of the issue. |
I created a simple test case at https://github.com/jmnavarrol/terraform-issue-23387. Some things to note:
$ terraform destroy
Changes to Outputs:
- hello_world = "Hello from project terraform-issue-23387" -> null
You can apply this plan to save these new output values to the Terraform state, without changing any real infrastructure.
Do you really want to destroy all resources?
Terraform will destroy all your managed infrastructure, as shown above.
There is no undo. Only 'yes' will be accepted to confirm.
Enter a value: yes
Destroy complete! Resources: 0 destroyed.
$ The case above aligns with the findings from @kmoe: since there's a (fake) output change, it's no wonder rc is 2 instead of the expected 0. Just like @kmoe, if I comment in the output directive, So, my impression is that all these cases using 0.x.x versions with no visible output did in fact change the state in non-obvious ways, just like @kmoe has discovered; it's only that now at least in some of the cases the (unexpected/fake change) became obvious. |
Thanks for the test case, @jmnavarrol. I believe this is fixed in #31471, which was released in |
Didn't get in time to test your alpha release but I can say this seems fixed on current Terraform 1.3.4 version (I updated my test case at https://github.com/jmnavarrol/terraform-issue-23387). Both a simple (second time) Thanks a lot for this great job!!! |
I think this issue could be closed. I tested again on my repository with Terraform version 1.6.2 and I couldn't reproduce this bug anymore. |
@jmnavarrol Thank you! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Terraform Version
Expected Behavior
as per help, terraform plan -detailed-exitcode should return:
Actual Behavior
terraform plan -detailed-exitcode -destroy
returns '2' on already destroyed infra.Steps to Reproduce
On an already destroyed infra (I'm using shared state/lock on S3/DynamoDB):
terraform init
terraform plan -detailed-exitcode -destroy -out=./planfile
$?
. It returns 2 code, and the following message to stdout:Then, upon acting on the plan...
Additional Context
This behaviour has changed a bit since Terraform v0.12.10: while the plan step produced the same stdout, and exit code,
terraform show
offered a different message:References
This behaviour is neither the first, nor the second, nor the third time it gets described:
The text was updated successfully, but these errors were encountered: