https://infracost.io logo
#help
Title
# help
d

damp-baker-46244

02/28/2024, 2:30 PM
Hello there! I am trying to run infracost in a Lambda Golang function, using os.exec. However, when I execute
infracost --version
the Lambda abruptly exits.
infracost
binary exists in the Docker image, has the 755 permissions, and is in the path. What I just recently found out is the fact that when I execute
infracost
for the very first time, it creates the file (and the folders)
~/.config/infracost/.state.json
. I am thinking that the inability of Lambda to create these folders and file is what causes it to exit. WDYT?
w

white-airport-8778

02/28/2024, 2:46 PM
Hi @damp-baker-46244 - try setting this env variable to see if that helps
INFRACOST_SKIP_UPDATE_CHECK=true
AFAIK we use that file to check if the version being used is the latest and add an upgrade message in the output etc.
d

damp-baker-46244

02/28/2024, 2:51 PM
Unfortunately, it still creates that
.state.json
file
Is there a way to point that file to a specific path?
w

white-airport-8778

02/28/2024, 2:55 PM
the CLI uses https://github.com/mitchellh/go-homedir to get the home dir and create that file in there (like most other CLI tools), so depending on the OS that the lambda is using then maybe try setting the
HOME
env to see if that helps?
btw, can you plz share more about your use-case on why you need to run infracost in a lambda? do the CI/CD integrations not work?
d

damp-baker-46244

02/29/2024, 12:03 PM
We are using TFE and we would like to run infracost on every workspace. We thought about using the existing TFE integration but that means that we would have to send JSON plans to your servers, which is a no go for our infosec policies. That is why we are trying to implement a Lambda TFE run task for infracost
the
export HOME=/tmp
worked! I managed to execute
infracost --version
. However, when I am running
infracost breakdown --path plan.json
I get the same behaviour as before
w

white-airport-8778

02/29/2024, 12:04 PM
Did you consider using one of the existing CI/CD integrations? those parse HCL code directly so a plan JSON isn’t needed at all
d

damp-baker-46244

02/29/2024, 12:05 PM
When I run infracost locally, I see that it creates 2 files: • ~/.config/infracost/configuration.yml • ~/.config/infracost/credentials.yml Do you know how I can change the directory of these 2 files as well? Are they any other files that infracost uses?
We did look at the options but I do not think any of them suits us. We would like to have a cost estimation output on every TFE run and not only on every PR
w

white-airport-8778

02/29/2024, 12:33 PM
Aside from those 2 files, the price lookups are cached locally too but under the PWD where infracost is running from. So two options I can think of are: 1. copy infracost and the plan.json into /tmp and run it from there. And always run infracost like this
HOME=/tmp infracost breakdown...
or
HOME=/tmp infracost diff...
2. make the home dir and the PWD where infracost runs writable.
How are you appending the cost estimate to the TFE run? I’d love to jump on quick screenshare and see how that works!
d

damp-baker-46244

02/29/2024, 1:06 PM
I get the following output:
Copy code
$ls -lisah /tmp
total 24K    
      2    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 .
      2    4.0K drwxr-xr-x    1 root     root        4.0K Feb 29 12:53 ..
  29601    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 .config
     12    4.0K -rw-rw-r--    1 sbx_user 990         3.5K Feb 29 12:55 config.json
     11    8.0K -rw-rw-r--    1 sbx_user 990         5.7K Feb 29 12:55 plan.json
$ls -lisah /tmp/.config
total 12K    
  29601    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 .
      2    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 ..
     13    4.0K drwx------    2 sbx_user 990         4.0K Feb 29 12:54 infracost
$ls -lisah /tmp/.config/infracost
total 12K    
     13    4.0K drwx------    2 sbx_user 990         4.0K Feb 29 12:54 .
  29601    4.0K drwx------    3 sbx_user 990         4.0K Feb 29 12:54 ..
     14    4.0K -rw-------    1 sbx_user 990          106 Feb 29 12:54 .state.json
when I try to execute
infracost configure set currency EUR
, lambda just exits. Keep in mind that there is already an env var
HOME=/tmp
I also tried to execute
infracost configure set api_key {api_key_value}
but still fails. My guess is that it cannot create the necessary files
is there a way to not cache the price lookups? Lambdas are considered standalone executions and there is no need for a cache
w

white-airport-8778

02/29/2024, 1:09 PM
Can you try using env vars for those?
INFRACOST_API_KEY
and
INFRACOST_CURRENCY
there’s also this. This is what our CI/CD integrations do to avoid needing to write those values in files.
d

damp-baker-46244

02/29/2024, 1:10 PM
I wanted to see where infracost creates the configuration files it needs
w

white-airport-8778

02/29/2024, 1:10 PM
(the configure command is more designed for laptop use-case - they should be writing to the config.json file too)
d

damp-baker-46244

02/29/2024, 1:11 PM
I am going to try the env vars now and then execute
infracost breakdown
w

white-airport-8778

02/29/2024, 1:12 PM
The price lookup cache is useful even with 1 CLI run as in many cases the same price is needed by multiple resources in a run
d

damp-baker-46244

02/29/2024, 1:34 PM
Even after setting:
Copy code
environment {
    variables = {
      LOG_FORMAT                  = "json"
      INFRACOST_SKIP_UPDATE_CHECK = true
      INFRACOST_LOG_LEVEL         = "info"
      INFRACOST_CURRENCY          = "EUR"
      INFRACOST_API_KEY           = <api_key>
      HOME                        = "/tmp"
    }
  }
and run the following Go code
Copy code
cmd := exec.Command("infracost", "breakdown", "--path", "/tmp/plan.json")
	out, err := cmd.CombinedOutput()
	if err != nil {
		log.WithError(err).Error("could not run infracost breakdown")
		return resp, err
	}
	log.Info(strings.TrimSpace(string(out)))
I get a lambda timeout, which is set to 30 seconds...
What am I missing here? 🤔
w

white-airport-8778

02/29/2024, 1:40 PM
can you plz set INFRACOST_LOG_LEVEL to
debug
and see if that gives clues on what’s taking long?
d

damp-baker-46244

03/01/2024, 10:33 AM
Hey there! I added the following env vars to Lambda:
Copy code
HOME=/tmp
INFRACOST_API_KEY=ico-.....
INFRACOST_LOG_LEVEL=debug
INFRACOST_SKIP_UPDATE_CHECK=true
INFRACOST_ENABLE_CLOUD=false
INFRACOST_ENABLE_CLOUD_UPLOAD=false
INFRACOST_ENABLE_DASHBOARD=false
INFRACOST_TLS_INSECURE_SKIP_VERIFY=true
I created the following folders programmatically: • /tmp/.config/infracost -> stores
state.json
,
credentials,yml
, and
configuration.yml
files • /tmp/.infracost -> stores the cache file
pricing.gob
However, Lambda still freezes, produces no logs and eventually timeouts when it executes
infracost breakdown --path /tmp/plan.json
sadpanda When I locally run the same Docker image with the same envs, everything runs as expected...
I made progress and made
infracost configure set currency GBP
work! Still, breakdown is not working
Copy code
"message": "2024-03-01T10:42:44Z DBG IsCloudEnabled explicitly set through Config.EnabledCloud is_cloud_enabled=false",
"message": "Configured currency",
I will look at the code again and see if anything does not play along with running in a Lambda
w

white-airport-8778

03/01/2024, 11:19 AM
It’s hard to debug without logs - does the lambda memory/cpu/network charts on cloudwatch show any spikes? Maybe give the lambda function 16GB of memory temporary to ensure it’s nothing funky with that. Also try this small plan.json file too.
d

damp-baker-46244

03/01/2024, 11:20 AM
I will try them and let you know. Thanks
w

white-airport-8778

03/01/2024, 11:28 AM
One other thought, maybe run this before the Infracost CLI is run to ensure you get a HTTP 200 response, to rule-out any network issues
curl -i -v <https://dashboard.infracost.io/>
d

damp-baker-46244

03/01/2024, 11:29 AM
I disabled the dashboard and cloud upload
Copy code
INFRACOST_ENABLE_CLOUD=false
INFRACOST_ENABLE_CLOUD_UPLOAD=false
INFRACOST_ENABLE_DASHBOARD=false
w

white-airport-8778

03/01/2024, 11:31 AM
that’s ok, the curl just tests network connectivity to our domain infracost.io, you can test it like this:
curl -i -v <https://pricing.api.infracost.io/health>
d

damp-baker-46244

03/04/2024, 9:04 AM
Hey there @white-airport-8778! Happy new week! I managed to make it work! SG did not allow any egress so it was timing out 🤦
But now it works! This is a comment with the debug output of
infracost breakdown --no-color --path plan.json
command
without debug logs. Is there any way to make it more visually appealing?
w

white-airport-8778

03/06/2024, 10:49 AM
@damp-baker-46244 sorry I missed the messages - that’s awesome! Here are some suggestions: 1. Try running
infracost diff --path plan.json
as that shows the diff, not a breakdown, which is usually more useful as the engineer can review only the changes. 2. Does that view in TFC have a way to render markdown? If so, maybe try adding
Copy code
before and after the CLI output so it renders using code block with a better font for text output.
3. If they render markdown, you can also do this so you get the markdown for the same thing we put in GitHub comments:
```infracost diff --path plan.json --format json --out-file infracost.json

infracost output --path infracost.json --format github-comment
d

damp-baker-46244

03/06/2024, 2:28 PM
That is a great suggestion! I know that TFE comments box supports markdown text. I will try that and will let you know! I have also been working on TFE run task callback outcomes, which is a feature on the latest TFE version. This allows you to send elaborate outcomes which are way more beautiful and aesthetically pleasing
w

white-airport-8778

03/06/2024, 2:33 PM
Sounds promising! Keep me posted on how it goes, or if you’d like a demo of the Infracost Cloud governance features like the tagging policies/finops policies/guardrails as those can give the TFE run task additional superpowers that FinOps teams really like
2 Views