https://infracost.io logo
Join Slack
Powered by
Hi guys!. How's it doing?. I'm trying to execute...
# general
f
Hi guys!. How's it doing?. I'm trying to execute an 
infracost diff
command following the instructions that we can find in the documentation (https://www.infracost.io/docs/features/cli_commands/#option-2-terraform-plan-json-1), but there's something that doesn't make sense for me. If the terraform plan says that it's going to change 1 resource, why the diff command is trying to estimate all the resources and the result is that the whole deployment is added and none is changed?.
c
Hi Aléxis, that is odd. The plan json contains the prior state and a list of resource changes. 
infracost diff
looks at the resource changes so I’m not sure why it would be showing something different than showing the terraform plan. You’re using the commands the same as in the docs, without any other flags or anything?
Copy code
terraform init
terraform plan -out tfplan.binary
terraform show -json tfplan.binary > plan.json

infracost diff --path plan.json
f
Yes, I did it
If you want, we can schedule a meeting to show you my workflow.
c
can you see what’s in the 
resource_changes
key of the plan.json? If you have 
jq
available you do something like: 
plan.json | jq .resource_changes
f
Let me I check it.
I see many resources under that key.
The only which has changes is this: module.azure_terraform_applications_aks_config.module.azure_terraform_applications_aks.kubernetes_secret.vault_token which is reported in the plan as an update-in place change
c
OK, hmmm. Let’s pick one resource that is unexpectedly showing in the diff and see how it shows up in the plan.json under the 
planned_values.root_module
and 
prior_state.values.root_module
keys.
f
Those are the commands I'm trying to run:
Copy code
terraform init && 
terraform plan -out 'tfplan.binary' && 
terraform show -json 'tfplan.binary' > 'pr-dev-onboarding-cloud-infrastructure-tfplan.json' && 
echo 'tf show: pr-dev-onboarding-cloud-infrastructure-tfplan.json' && 
cat 'pr-dev-onboarding-cloud-infrastructure-tfplan.json' && 
INFRACOST_VCS_PROVIDER='github' 
INFRACOST_VCS_REPOSITORY_URL='<https://github.com/xxxxxxxx/xxxxxxxxxxxxxxx>' 
INFRACOST_VCS_PULL_REQUEST_URL='<https://github.com/xxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxx/pull/20676>' 
INFRACOST_VCS_BASE_BRANCH='development' 
INFRACOST_VCS_PULL_REQUEST_AUTHOR='Alexis Mosquera' 
INFRACOST_VCS_COMMIT_AUTHOR_EMAIL='<mailto:XXXXXXXXXXXX@XXXXXXXXX.com|XXXXXXXXXXXX@XXXXXXXXX.com>' 
INFRACOST_VCS_PULL_REQUEST_TITLE='feat(infracost): enable multiprojects pr' 
INFRACOST_VCS_BRANCH='PR-20676' 
INFRACOST_VCS_COMMIT_SHA='XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX' 
INFRACOST_VCS_COMMIT_MESSAGE='feat(infracost): test special chars' 
INFRACOST_VCS_COMMIT_TIMESTAMP='1662731045' 
infracost diff --path 'pr-dev-onboarding-cloud-infrastructure-tfplan.json' && 
infracost output --format diff --path 'pr-dev-onboarding-cloud-infrastructure-tfplan.json'
Let me check the keys you requested.
But I'm getting this error:
Copy code
Error: could not load input file pr-dev-onboarding-cloud-infrastructure-tfplan.json err: invalid Infracost JSON file version. Supported versions are 0.2 ≤ x ≤ 0.2
I'm running terraform 0.12.31
c
infracost output
expects an infracost json, not the plan json so that is where the error is coming from
f
Ohh... ok. My bad 😄 . I will fix it and test
c
No that’s why it’s showing everything as being created.
f
hmmmm...... So how does tf know what are the changed resources?
For the other resources, those which doesnt change:
It's in every module inside the .resource_changes key.
Maybe, is infracost searching in the .prior_state key?
c
yeah for the diff we’re comparing the prior_state vs planned_state. (I was wrong when I said it looks at resource_changes, it only uses that in a special case)
f
Infracost is calculating according to the 0.2+ version of the json format, but I am using an older version the 0.1. It looks like in the 0.2+ the changes are populated in the .prior_state key
I'm using the 0.12.31 terraform version and it cannot be upgraded yet.
That version generates the 0.1 json terraform plan version
c
If I generate with tf 1.29 I get the plan json with 
{"format_version":"1.1","terraform_version":"1.2.9",
f
Yes, but if you try with the 0.12.31, you wont get the same infracost results.
Have you replicated it using tf 0.12.31?
c
Yeah I’m running 0.12.31 and I see the 
prior_state
populated and the infracost diff working correctly:
Copy code
...
  "prior_state": {
    "format_version": "0.1",
    "terraform_version": "0.12.31",
    "values": {
      "outputs": {
        "aws_instance_type": {
          "sensitive": false,
          "value": "t2.nano"
        }
      },
      "root_module": {
        "resources": [
          {
            "address": "aws_instance.web_app",
            "mode": "managed",
            "type": "aws_instance",
            "name": "web_app",
            "provider_name": "aws",
            "schema_version": 1,
            "values": {
              "ami": "ami-079ca844e323047c2",
              "arn": "arn:aws:ec2:us-east-1:186080867442:instance/i-0fd93ce246912900e",
f
hmm..... Maybe, the issue would be with azure and no with aws.
It's weird.
I'm setting this flag for terraform:
Copy code
TF_IN_AUTOMATION=true
Could you please try with it?
It's an environment variable
c
I still get prior_state with that set
f
hmmmm.... I'm going to test something else.
c
After conferring with the team, consensus is that infracost+terraform 0.12.31 should be fine, and it is odd that the prior_state doesn’t show up in plan json. Just to confirm, you’re not using a custom build of terraform or anything like that, right?
l
4 Views
Open in Slack
PreviousNext
Powered by