https://infracost.io logo
Join Slack
Powered by
This message was deleted.
# general
b
This message was deleted.
l
Hi Kasper. Which version of Terraform are you using?
n
we’re on 
1.0.5
l
hmm, I remember there being an issue with GH actions and redirecting command output. In our README we use an extra step for writing the plan JSON file: https://github.com/marketplace/actions/infracost#2-terraform-plan-json
So maybe something like this will work:
Copy code
- name: Terraform show
      if: github.ref != 'refs/heads/master' && steps.tfplan.outcome == 'success'
      id: show
      run: terraform show -json plan.tfplan > plan.json
      env:
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

    - name: "Save Plan JSON"
      run: echo '${{ steps.show.outputs.stdout }}' > plan.json
n
I tried having that last step in the first iteration, but I ran into this error from GH actions:
Copy code
Error: The template is not valid. System.InvalidOperationException: Maximum object size exceeded
   at GitHub.DistributedTask.ObjectTemplating.TemplateMemory.AddBytes(Int32 bytes)
   at GitHub.DistributedTask.ObjectTemplating.TemplateMemory.AddBytes(LiteralToken literal)
   at GitHub.DistributedTask.ObjectTemplating.TemplateUnraveler.LiteralState..ctor(ReaderState parent, LiteralToken literal, TemplateContext context, Int32 removeBytes)
   at GitHub.DistributedTask.ObjectTemplating.TemplateUnraveler.ReaderState.CreateState(ReaderState parent, TemplateToken value, TemplateContext context, Int32 removeBytes)
   at GitHub.DistributedTask.ObjectTemplating.TemplateUnraveler.BasicExpressionState.Next(TemplateToken value, Int32 removeBytes)
   at GitHub.DistributedTask.ObjectTemplating.TemplateUnraveler.MappingValueBasicExpression()
   at GitHub.DistributedTask.ObjectTemplating.TemplateUnraveler.Unravel(Boolean expand)
   at GitHub.DistributedTask.ObjectTemplating.TemplateUnraveler.AllowScalar(Boolean expand, ScalarToken& scalar)
   at GitHub.DistributedTask.ObjectTemplating.TemplateEvaluator.Evaluate(DefinitionInfo definition)
   at GitHub.DistributedTask.ObjectTemplating.TemplateEvaluator.HandleMappingWithAllLooseProperties(DefinitionInfo mappingDefinition, DefinitionInfo keyDefinition, DefinitionInfo valueDefinition, MappingToken mapping)
   at GitHub.DistributedTask.ObjectTemplating.TemplateEvaluator.Evaluate(DefinitionInfo definition)
   at GitHub.DistributedTask.ObjectTemplating.TemplateEvaluator.Evaluate(TemplateContext context, String type, TemplateToken template, Int32 removeBytes, Nullable`1 fileId, Boolean omitHeader)
plan.json is 7.6M from the “terraform show” step
l
ah, can we check if this is actually the issue by adding something like below to see if it writes the file or not
Copy code
- name: "Check if plan JSON exists"
      run: ls -lah plan.json
n
plan.json is in the working directory yes:
Copy code
0s
Run ls -lha
  ls -lha
  shell: /usr/bin/bash -e {0}
  env:
    AWS_DEFAULT_REGION: eu-central-1
    TERRAFORM_CLI_PATH: /home/runner/work/_temp/d6ceddc9-582a-43b5-aa21-ebdec5ea32e5
total 8.1M
drwxr-xr-x 8 runner docker 4.0K Oct 12 13:26 .
drwxr-xr-x 3 runner docker 4.0K Oct 12 13:24 ..
drwxr-xr-x 2 runner docker 4.0K Oct 12 13:24 .devcontainer
drwxr-xr-x 8 runner docker 4.0K Oct 12 13:24 .git
drwxr-xr-x 3 runner docker 4.0K Oct 12 13:24 .github
-rw-r--r-- 1 runner docker  861 Oct 12 13:24 .gitignore
drwxr-xr-x 4 runner docker 4.0K Oct 12 13:25 .terraform
-rw-r--r-- 1 runner docker 1.2K Oct 12 13:24 .terraform.lock.hcl
drwxr-xr-x 2 runner docker 4.0K Oct 12 13:24 .vscode
-rw-r--r-- 1 runner docker  190 Oct 12 13:24 README.md
drwxr-xr-x 5 runner docker 4.0K Oct 12 13:24 aws
-rw-r--r-- 1 runner docker  547 Oct 12 13:24 <http://core.tf|core.tf>
-rw-r--r-- 1 runner docker  15K Oct 12 13:24 <http://external.tf|external.tf>
-rw-r--r-- 1 runner docker 1.6K Oct 12 13:24 <http://main.tf|main.tf>
-rw-r--r-- 1 runner docker 7.6M Oct 12 13:26 plan.json
-rw-r--r-- 1 runner docker 385K Oct 12 13:26 plan.tfplan
^ this was from when I just wrote to plan.json directly from 
terraform show
looks like the workspace dir is also mounted into the infracost container with 
-v "/home/runner/work/terraform/terraform":"/github/workspace"
l
Can you check if plan.json has the following keys? 
format_version
and 
planned_values
. That's what we use to detect a plan JSON file.
n
It does
format_version is set to 0.2
Hmm, just trying to debug a bit, trying to parse 
plan.json
with 
json_pp
and that returns “malformed JSON string”, so there is probably something about the output redirection as you mentioned before, but then we’re back to 
Maximum object size exceeded
😕
l
I'm just building a test docker image that should add some more logging, will let you know when it's ready
👍 1
Okay that's pushed if you run with 
infracost/infracost-gh-action@test
. And set the env 
INFRACOST_LOG_LEVEL: debug
then you should see some more output when we're trying to detect the file type
n
Thanks a lot, that gave me:
Copy code
Running infracost breakdown using:
  $ infracost breakdown --no-color --format json --path plan.json
time="2021-10-12T14:19:13Z" level=debug msg="File not detected as Terraform Plan JSON. Error unmarshaling file: invalid character 'c' looking for beginning of value"
time="2021-10-12T14:19:13Z" level=debug msg="File not detected as Terraform State JSON. Error unmarshaling file: invalid character 'c' looking for beginning of value"
time="2021-10-12T14:19:13Z" level=debug msg="File not detected as Terraform Plan. Error opening file: zip: not a valid zip file"
Error: Could not detect path type for plan.json
In the meantime I was able to get the plan that github generated to have a look at it, and I see what the problem is now
l
what's the issue?
n
The first line of the artifact is not valid json, and there are a few lines at the end of the file that are also github action output. I’ll see about adding a step that cleans up the file since using 
${{ steps.show.outputs.stdout }}
fails
l
Ah interesting
Would be good to see your solution when you have it - we might want to add a workaround for this in the docs if anyone else has the issue.
n
Definitely. I’m trying to come up with something, but getting worried doing anything might end up with the same garbage that github provides because of redirection
l
Another option is just passing in the code path to 
infracost
and it will handle the generating of the plan JSON internally, e.g:
Copy code
- name: Run infracost diff
      if: github.ref != 'refs/heads/master'
      uses: infracost/infracost-gh-action@master
      env:
        INFRACOST_API_KEY: ${{ secrets.INFRACOST_API_KEY }}
        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      with:
        path: .
n
Here’s what I ended up with:
Copy code
- name: Terraform show
      if: github.ref != 'refs/heads/master' && steps.tfplan.outcome == 'success'
      id: show
      run: terraform show -json plan.tfplan 1> plan.json
      env:
        AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

    - name: Extract only plan info from plan.json
      run: sed -i '2q;d' plan.json
l
Awesome, thanks!
n
You’re welcome, thanks for helping out!
🙌 1
23 Views
Open in Slack
PreviousNext
Powered by