Making JSON plan file available

Question

Making JSON plan file available

Closed this issue 5 years ago · 6 comments

Hi,

I'm currently thinking about the best way to get access to the JSON representation of the Terraform plan file. Ultimately I would like to use the JSON plan to decide whether a terraform apply is allowed or not.

I understood that:

plan_only: true stores the plan as binary as part of a Terraform state file on the defined backend
this tfstate will be retrieved as part of an plan_run: true put step before terraform apply

I believe the most efficient way to get the JSON plan would be as part of a get step. This way it would be available for the next resource as file. In order to implement it my idea was the following:

once the plan has been created the JSON representation will be stored along the binary version as output in the tfstate object (e.g. as stateful_string.plan_json_output). This way the size of the state object increases a bit but a later processing of the binary file depends on the Terraform provider definition etc. which I would like to avoid.
the JSON file will be stored on the filesystem as part of the get step. Technically it can be done the same way it is for the binary plan right now as part of the plan_run. However as part of the in logic instead.

Would you think this makes sense or do I miss something here? Is there maybe a better/easier way to achieve the same result?

Thanks in advance,
Jan

Answer 1 · 2020-04-14T21:32:56.000Z

Use case makes sense, I'd be open to a PR that outputs the planfile in JSON format during the get step. Your description of the current implementation is correct. I was really hoping you could run terraform show -json <plan> during the get, but Terraform wants to download all the providers for some reason. Given that, I'm on board with the implementation you proposed. The only tweak I would make is that by default the plan is not downloaded since it contains secrets, and require the user to enable with get.params.output_planfile: true.

Answer 2 · 2020-04-15T18:17:20.000Z

Opened #114. Please tell me what you think.

Answer 3 · 2020-04-22T21:17:03.000Z

This feature is now present in the images ljfranklin/terraform-resource:latest and ljfranklin/terraform-resource:0.12.24. Thanks for the contribution!

Answer 4 · 2020-04-24T13:22:00.000Z

I had to revert this change in the latest and 0.12.24 images due to #115 (comment). First guess is that the JSON plan flow doesn't correctly handle the no-op case.

Answer 5 · 2020-04-24T15:07:34.000Z

@ljfranklin I had a quick look but did not found terraform plan causing any error. I'll check later today and keep you posted.

Answer 6 · 2020-04-28T11:58:27.000Z

Re-enabled this feature after adding compression on the JSON plan: #115 (comment).