https://infracost.io logo
Join Slack
Powered by
Hey Guys! I'm trying to integrate Infracost into ...
# help
g
Hey Guys! I'm trying to integrate Infracost into a pipeline in a bit more complicated way than what the examples show. I'm pulling down Terraform Plans from the Terraform Cloud API but when I try to run Infracost against them, I get this: As far as I know, this plan json you can pull down from the TFC API should be the same format as one generated using terraform plan -out tfplan.binary and then terraform show -json tfplan.binary > plan.json
w
hey @gorgeous-island-10432, what’s the source control system you’re using? github? we recommend using those integrations as they’re much simpler to setup and require no CI/CD changes - and it lets you see the costs/issues of the main branch without waiting for a pull request. If the above is not an option for you, I’d suggest integration with Terraform Cloud RunTasks as again that’s simpler than modifying CI/CD pipelines, but note the limitations of not being able to see the status of all issues on the main branches.
g
Unfortunately I'm trying to use Infracost with a larger AI Integration for Change Requests and I would like to have all of the different tools I'm using amalgamated into a single solution. The Github App is working fine for us on it's own but I'm looking to do more with the json cost estimates that Infracost generates
Not quite looking to do runtasks either, they dont solve the problem we're working on
Copy code
PLAN_URL="<https://app.terraform.io/api/v2/runs/${run_id}/plan>"
            PLAN_JSON=$(curl -s -H "Authorization: Bearer ${TFC_TOKEN}" "${PLAN_URL}")
            redacted_url=$(echo "${PLAN_JSON}" | jq -r '.data.links."json-output-redacted"')
            if [[ -z "${redacted_url}" || "${redacted_url}" == "null" ]]; then
              continue
            fi
            debug_echo "Downloading redacted JSON for plan ${run_id}..."
            curl -s -L -H "Authorization: Bearer ${TFC_TOKEN}" "<https://app.terraform.io>${redacted_url}" -o "plan-${run_id}-redacted.json"
heres a small code snippet to pull down the json from the TFC API given an API Key and RunID
if you wanted to try to reproduce
w
I did a quick test with 
infracost breakdown --path=plan.json
using https://github.com/infracost/infracost/tree/master/examples/terraform and it worked fine, we also have many TFC RunTask users who don’t have this issue, so this might be related to the TFC plan JSON being different to what the TF CLI and RunTasks produces. Can you check the output of your file and compare it with the example plan.json in the above link, specially this part 
{"format_version":"0.2","terraform_version":"1.0.2","planned_values":{"root_module":{"resources":[{"address":
g
heres an example, dang, looks to be different.
Copy code
{
    "plan_format_version": "1.2",
    "output_changes": {},
    "resource_changes": [
        {
            "address": "azurerm_key_vault_secret.sql_admin_password",
            "mode": "managed",
            "type": "azurerm_key_vault_secret",
            "name": "sql_admin_password",
            "provider_name": "<http://registry.terraform.io/hashicorp/azurerm|registry.terraform.io/hashicorp/azurerm>",
            "change": {
                "actions": [
                    "no-op"
                ],
w
g
shakefist Hashicorp!
I wonder what exactly the redacted plan from the API is missing, the resource_changes seem correct
w
I suspect the JSON they return from the TFC API is different to what the TF CLI actually generates
g
nvm - it's completely different. Gah.
w
I hope/think TFC has an API where you can download the actual plan JSON file that the TF CLI uses too
g
I don't think so :(
@white-airport-8778 - I figured out the issue. Just for the future. The redacted json plan API endpoint from Terraform Cloud is very, very different from the normal json plan API endpoint.
Copy code
"links": {
            "self": "/api/v2/plans/plan-XXXXXXXXXXXXXX",
            "json-output": "/api/v2/plans/plan-XXXXXXXXXXXXXX/json-output",
            "json-output-redacted": "/api/v2/plans/plan-XXXXXXXXXXXXXX/json-output-redacted",
            "json-schema": "/api/v2/plans/plan-XXXXXXXXXXXXXX/json-schema"
        }
i was using json-output-redacted json-output gave me a json file that infracosts works with!
3 Views
Open in Slack
PreviousNext
Powered by