Hello Infracost team, Recently we have started us...
# help
f
Hello Infracost team, Recently we have started using infracost for cost estimation. We are running infracost using Github action. if i create a branch from master and just change the instance type for one of the project, the cost estimation comment shows more projects even if only one file has changed.. we are running cost estimation for the complete mono repo using below command.
Copy code
#master
infracost breakdown --path=. \
                              --exclude-path='.dev/**' \
                              --exclude-path='new-account-template/**' \
                              --format=json \
                              --out-file=/tmp/infracost-base.json
#against the PR branch
 infracost diff --path=. \
                          --exclude-path='.dev/**' \
                          --exclude-path='new-account-template/**' \
                          --format=json \
                          --compare-to=/tmp/infracost-base.json \
                          --out-file=/tmp/infracost.json
# Adding a comment in the PR using:
infracost comment github --path=/tmp/infracost.json \
                                   --repo=$GITHUB_REPOSITORY \
                                   --github-token=${{ github.token }} \
                                   --pull-request=${{ github.event.pull_request.number }} \
                                   --behavior=update
When i was testing it on a test repo before moving it to out production it was working fine. I donโ€™t understand what happened suddenly or i am missing something. Can someone please help here?
b
Hello! Are you able to share the full workflow? Have you followed this example? https://github.com/infracost/actions?tab=readme-ov-file#quick-start
Asking mainly to ensure that the workflow switches branches correctly
f
This is the workflow:
Copy code
# Infracost runs on pull requests (PR) and posts PR comments.
on:
  pull_request:
    types: [opened, synchronize, reopened]
  pull_request_review:
    types: [submitted]

jobs:
  infracost-pull-request-checks:
    name: Infracost Pull Request Checks
    runs-on: ubuntu-latest
    permissions:
      contents: read
      pull-requests: write # Required to post comments

    steps:
      - name: Checkout PR branch
        uses: actions/checkout@v4
        with:
          # fetch-depth: 0 to fetch all history for all branches and tags.
          fetch-depth: 0

      - name: Check if PR is approved
        run: |
          reviews=$(curl -sSL \
            -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
            -H "Accept: application/vnd.github.v3+json" \
            "<https://api.github.com/repos/${{> github.repository }}/pulls/${{ github.event.pull_request.number }}/reviews")
          if echo "$reviews" | grep -q '"state": "APPROVED"'; then
            echo "approved=true" >> $GITHUB_ENV
          else
            echo "approved=false" >> $GITHUB_ENV
          fi
        
      - name: Check in the PR branch is up to date with master
        if: env.approved == 'true'
        run: |
          if ! git merge-base --is-ancestor origin/master ${{ github.event.pull_request.head.sha }};
          then 
            echo "This branch is not up to date with master";
            echo "update-with-master=false" >> $GITHUB_ENV
          else
            echo "update-with-master=true" >> $GITHUB_ENV
          fi

        # If you use private modules, add an environment variable or secret
        # called GIT_SSH_KEY with your private key, so Infracost CLI can access
        # private repositories (similar to how Terraform/Terragrunt does).
      - name: add TF_TESTABLE_MODULE_SSH_KEY key
        if: env.approved == 'true' && env.update-with-master == 'true'
        run: |
          mkdir -p "${HOME}/.ssh" \
            && echo "${{secrets.TF_TESTABLE_MODULE_SSH_KEY}}" > "${HOME}/.ssh/id_rsa" \
            && chmod 400 "${HOME}/.ssh/id_rsa"
          ls -l "${HOME}/.ssh/id_rsa"
          ssh-keyscan <http://github.com|github.com> >> ~/.ssh/known_hosts

      - name: Setup Infracost
        if: env.approved == 'true' && env.update-with-master == 'true'
        uses: infracost/actions/setup@v3
        # See <https://github.com/infracost/actions/tree/master/setup> for other inputs
        # If you can't use this action, use Docker image infracost/infracost:ci-0.10
        with:
          api-key: ${{ secrets.INFRACOST_API_KEY }}

      # Checkout the base branch of the pull request (e.g. main/master).
      - name: Checkout base branch
        if: env.approved == 'true' && env.update-with-master == 'true'
        uses: actions/checkout@v4
        with:
          ref: "${{ github.event.pull_request.base.ref }}"

      # Generate Infracost JSON file as the baseline.
      - name: Generate Infracost cost estimate baseline
        if: env.approved == 'true' && env.update-with-master == 'true'
        run: |
          infracost breakdown --path=. \
                              --exclude-path='.dev/**' \
                              --exclude-path='new-account-template/**' \
                              --format=json \
                              --out-file=/tmp/infracost-base.json
      # Checkout the current PR branch so we can create a diff.
      - name: Checkout PR branch
        if: env.approved == 'true' && env.update-with-master == 'true'
        uses: actions/checkout@v4

      # Generate an Infracost diff and save it to a JSON file.
      - name: Generate Infracost diff
        if: env.approved == 'true' && env.update-with-master == 'true'
        run: |
          infracost diff --path=. \
                          --exclude-path='.dev/**' \
                          --exclude-path='new-account-template/**' \
                          --format=json \
                          --compare-to=/tmp/infracost-base.json \
                          --out-file=/tmp/infracost.json

      - name: Post Infracost comment
        if: env.approved == 'true' && env.update-with-master == 'true'
        run: |
          infracost comment github --path=/tmp/infracost.json \
                                   --repo=$GITHUB_REPOSITORY \
                                   --github-token=${{ github.token }} \
                                   --pull-request=${{ github.event.pull_request.number }} \
                                   --behavior=update
b
Yep, switch is there. My followup question is if you can remove these
if
conditions and check if it works without them ๐Ÿ™‚ Trying to figure out which part causes the issue
f
I can try that out. When i moved that to main production repository it was working fine. From last night we are seeing issues.
b
That's odd ๐Ÿ˜•
f
yes, if statement will not any impact on run i think but i can try that and let you know.
b
Thanks ๐Ÿ‘
BTW, do you get a correct list of projects? I assume, a project is a directory in the monorepo, right?
f
yes itโ€™s a directory I have shared the screenshot.
@busy-agent-35515 The problem was with the PR branch switch it works fine if the PR branch is up to date with master but in cases like if the PR branch is not up to date with master the action given as an example
Checkout PR branch
step will not point to HEAD commit after the update. The scenario will look like this(see attached screenshot) to fix it we need to specify the PR branch while doing the checkout in
Checkout PR branch
step. i have created a PR to fix this in README, please take a look. https://github.com/infracost/actions/pull/195
b
Great that you found the solution! This is pretty odd. I would expect
actions/checkout
to checkout the correct commit. Please give us some time to test it. Thank you for creating the PR! ๐Ÿ™
f
Thank you for the help! I agree, it is quite unusual.