https://infracost.io logo
Join Slack
Powered by
Hello there! I am trying to run infracost in a Lam...
# help
d
Hello there! I am trying to run infracost in a Lambda Golang function, using os.exec. However, when I execute 
infracost --version
the Lambda abruptly exits. 
infracost
binary exists in the Docker image, has the 755 permissions, and is in the path. What I just recently found out is the fact that when I execute 
infracost
for the very first time, it creates the file (and the folders) 
~/.config/infracost/.state.json
. I am thinking that the inability of Lambda to create these folders and file is what causes it to exit. WDYT?
w
Hi @damp-baker-46244 - try setting this env variable to see if that helps 
INFRACOST_SKIP_UPDATE_CHECK=true
AFAIK we use that file to check if the version being used is the latest and add an upgrade message in the output etc.
d
Unfortunately, it still creates that 
.state.json
file
Is there a way to point that file to a specific path?
w
the CLI uses https://github.com/mitchellh/go-homedir to get the home dir and create that file in there (like most other CLI tools), so depending on the OS that the lambda is using then maybe try setting the 
HOME
env to see if that helps?
btw, can you plz share more about your use-case on why you need to run infracost in a lambda? do the CI/CD integrations not work?
d
We are using TFE and we would like to run infracost on every workspace. We thought about using the existing TFE integration but that means that we would have to send JSON plans to your servers, which is a no go for our infosec policies. That is why we are trying to implement a Lambda TFE run task for infracost
the 
export HOME=/tmp
worked! I managed to execute 
infracost --version
. However, when I am running 
infracost breakdown --path plan.json
I get the same behaviour as before
w
Did you consider using one of the existing CI/CD integrations? those parse HCL code directly so a plan JSON isn’t needed at all
d
When I run infracost locally, I see that it creates 2 files: • ~/.config/infracost/configuration.yml • ~/.config/infracost/credentials.yml Do you know how I can change the directory of these 2 files as well? Are they any other files that infracost uses?
We did look at the options but I do not think any of them suits us. We would like to have a cost estimation output on every TFE run and not only on every PR
w
Aside from those 2 files, the price lookups are cached locally too but under the PWD where infracost is running from. So two options I can think of are: 1. copy infracost and the plan.json into /tmp and run it from there. And always run infracost like this 
HOME=/tmp infracost breakdown...
or 
HOME=/tmp infracost diff...
2. make the home dir and the PWD where infracost runs writable.
How are you appending the cost estimate to the TFE run? I’d love to jump on quick screenshare and see how that works!
d
I get the following output:
Copy code
$ls -lisah /tmp
total 24K    
      2    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 .
      2    4.0K drwxr-xr-x    1 root     root        4.0K Feb 29 12:53 ..
  29601    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 .config
     12    4.0K -rw-rw-r--    1 sbx_user 990         3.5K Feb 29 12:55 config.json
     11    8.0K -rw-rw-r--    1 sbx_user 990         5.7K Feb 29 12:55 plan.json
$ls -lisah /tmp/.config
total 12K    
  29601    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 .
      2    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 ..
     13    4.0K drwx------    2 sbx_user 990         4.0K Feb 29 12:54 infracost
$ls -lisah /tmp/.config/infracost
total 12K    
     13    4.0K drwx------    2 sbx_user 990         4.0K Feb 29 12:54 .
  29601    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 ..
     14    4.0K -rw-------    1 sbx_user 990          106 Feb 29 12:54 .state.json
when I try to execute 
infracost configure set currency EUR
, lambda just exits. Keep in mind that there is already an env var 
HOME=/tmp
I also tried to execute 
infracost configure set api_key {api_key_value}
but still fails. My guess is that it cannot create the necessary files
is there a way to not cache the price lookups? Lambdas are considered standalone executions and there is no need for a cache
w
Can you try using env vars for those? 
INFRACOST_API_KEY
and 
INFRACOST_CURRENCY
there’s also this. This is what our CI/CD integrations do to avoid needing to write those values in files.
d
I wanted to see where infracost creates the configuration files it needs
w
(the configure command is more designed for laptop use-case - they should be writing to the config.json file too)
d
I am going to try the env vars now and then execute 
infracost breakdown
w
The price lookup cache is useful even with 1 CLI run as in many cases the same price is needed by multiple resources in a run
d
Even after setting:
Copy code
environment {
    variables = {
      LOG_FORMAT                  = "json"
      INFRACOST_SKIP_UPDATE_CHECK = true
      INFRACOST_LOG_LEVEL         = "info"
      INFRACOST_CURRENCY          = "EUR"
      INFRACOST_API_KEY           = <api_key>
      HOME                        = "/tmp"
    }
  }
and run the following Go code
Copy code
cmd := exec.Command("infracost", "breakdown", "--path", "/tmp/plan.json")
	out, err := cmd.CombinedOutput()
	if err != nil {
		log.WithError(err).Error("could not run infracost breakdown")
		return resp, err
	}
	log.Info(strings.TrimSpace(string(out)))
I get a lambda timeout, which is set to 30 seconds...
What am I missing here? 🤔
w
can you plz set INFRACOST_LOG_LEVEL to 
debug
and see if that gives clues on what’s taking long?
d
Hey there! I added the following env vars to Lambda:
Copy code
HOME=/tmp
INFRACOST_API_KEY=ico-.....
INFRACOST_LOG_LEVEL=debug
INFRACOST_SKIP_UPDATE_CHECK=true
INFRACOST_ENABLE_CLOUD=false
INFRACOST_ENABLE_CLOUD_UPLOAD=false
INFRACOST_ENABLE_DASHBOARD=false
INFRACOST_TLS_INSECURE_SKIP_VERIFY=true
I created the following folders programmatically: • /tmp/.config/infracost -> stores 
state.json
, 
credentials,yml
, and 
configuration.yml
files • /tmp/.infracost -> stores the cache file 
pricing.gob
However, Lambda still freezes, produces no logs and eventually timeouts when it executes 
infracost breakdown --path /tmp/plan.json
sadpanda When I locally run the same Docker image with the same envs, everything runs as expected...
I made progress and made 
infracost configure set currency GBP
work! Still, breakdown is not working
Copy code
"message": "2024-03-01T10:42:44Z DBG IsCloudEnabled explicitly set through Config.EnabledCloud is_cloud_enabled=false",
"message": "Configured currency",
I will look at the code again and see if anything does not play along with running in a Lambda
w
It’s hard to debug without logs - does the lambda memory/cpu/network charts on cloudwatch show any spikes? Maybe give the lambda function 16GB of memory temporary to ensure it’s nothing funky with that. Also try this small plan.json file too.
d
I will try them and let you know. Thanks
w
One other thought, maybe run this before the Infracost CLI is run to ensure you get a HTTP 200 response, to rule-out any network issues 
curl -i -v <https://dashboard.infracost.io/>
d
I disabled the dashboard and cloud upload
Copy code
INFRACOST_ENABLE_CLOUD=false
INFRACOST_ENABLE_CLOUD_UPLOAD=false
INFRACOST_ENABLE_DASHBOARD=false
w
that’s ok, the curl just tests network connectivity to our domain infracost.io, you can test it like this: 
curl -i -v <https://pricing.api.infracost.io/health>
d
Hey there @white-airport-8778! Happy new week! I managed to make it work! SG did not allow any egress so it was timing out 🤦
But now it works! This is a comment with the debug output of 
infracost breakdown --no-color --path plan.json
command
without debug logs. Is there any way to make it more visually appealing?
w
@damp-baker-46244 sorry I missed the messages - that’s awesome! Here are some suggestions: 1. Try running 
infracost diff --path plan.json
as that shows the diff, not a breakdown, which is usually more useful as the engineer can review only the changes. 2. Does that view in TFC have a way to render markdown? If so, maybe try adding
Copy code
before and after the CLI output so it renders using code block with a better font for text output.
3. If they render markdown, you can also do this so you get the markdown for the same thing we put in GitHub comments:
```infracost diff --path plan.json --format json --out-file infracost.json

infracost output --path infracost.json --format github-comment
d
That is a great suggestion! I know that TFE comments box supports markdown text. I will try that and will let you know! I have also been working on TFE run task callback outcomes, which is a feature on the latest TFE version. This allows you to send elaborate outcomes which are way more beautiful and aesthetically pleasing
w
Sounds promising! Keep me posted on how it goes, or if you’d like a demo of the Infracost Cloud governance features like the tagging policies/finops policies/guardrails as those can give the TFE run task additional superpowers that FinOps teams really like
11 Views
Open in Slack
PreviousNext
Powered by