Terraform 不断报告更改 - Codepipeline
Terraform keeps reporting changes - Codepipeline
尽管计划已正确应用,但我的 Terraform 代码在应用后仍报告更改。
Terraform 和提供商版本:
Terraform v1.1.7
on darwin_amd64
+ provider registry.terraform.io/hashicorp/aws v4.6.0
resource "aws_codepipeline" "this" {
name = "${lookup(var.tags, "Environment", "")}-terraform-pipeline"
role_arn = aws_iam_role.this.arn
artifact_store {
location = data.aws_s3_bucket.codepipeline_bucket.bucket
type = "S3"
}
dynamic "stage" {
for_each = local.stages
content {
name = stage.value.name
dynamic "action" {
for_each = stage.value.action
content {
name = action.value.name
category = action.value.category
owner = action.value.owner
provider = action.value.provider
version = action.value.version
run_order = action.value.run_order
input_artifacts = action.value.input_artifacts
output_artifacts = action.value.output_artifacts
configuration = action.value.configuration
}
}
}
}
}
locals {
stages = [{
name = "Source"
action = [{
run_order = "1"
category = "Source"
name = "Source"
owner = "AWS"
provider = "CodeCommit"
version = "1"
input_artifacts = []
output_artifacts = ["SourceArtifacts"]
configuration = {
BranchName = "master"
OutputArtifactFormat = "CODEBUILD_CLONE_REF"
RepositoryName = local.repo_name
ProjectName = null
}
}]
}, {
name = "dev"
action = [{
run_order = "2"
category = "Build"
name = "InitAndPlan"
owner = "AWS"
provider = "CodeBuild"
version = "1"
input_artifacts = ["SourceArtifacts"]
output_artifacts = ["PlanArtifacts"]
configuration = {
BranchName = null
OutputArtifactFormat = null
RepositoryName = null
ProjectName = module.codebuild_tf_init_plan.name
}
}, {
run_order = "3"
category = "Approval"
name = "Approve"
owner = "AWS"
provider = "Manual"
version = "1"
input_artifacts = []
output_artifacts = []
configuration = {
BranchName = null
OutputArtifactFormat = null
RepositoryName = null
ProjectName = null
}
}]
}]
}
当我更改 run_order(Approval 和 InitAndPlan 阶段分别为 2 和 2)时,问题就消失了。然而,这不是我想要的。
Approve 个阶段需要在 InitAndPlan 个阶段之后执行。
我错过了什么?
应要求,这是TF计划
Terraform will perform the following actions:
# module.codepipeline.aws_codepipeline.this will be updated in-place
~ resource "aws_codepipeline" "this" {
id = "sandbox-terraform-pipeline"
name = "sandbox-terraform-pipeline"
tags = {}
# (3 unchanged attributes hidden)
~ stage {
name = "dev"
~ action {
~ category = "Build" -> "Approval"
~ configuration = {
- "ProjectName" = "sandbox-terraform-init-plan" -> null
}
~ input_artifacts = [
- "SourceArtifacts",
]
~ name = "InitAndPlan" -> "Approve"
~ output_artifacts = [
- "PlanArtifacts",
]
~ provider = "CodeBuild" -> "Manual"
~ run_order = 2 -> 3
# (2 unchanged attributes hidden)
}
~ action {
~ category = "Approval" -> "Build"
~ configuration = {
+ "ProjectName" = "sandbox-terraform-init-plan"
}
~ input_artifacts = [
+ "SourceArtifacts",
]
~ name = "Approve" -> "InitAndPlan"
~ output_artifacts = [
+ "PlanArtifacts",
]
~ provider = "Manual" -> "CodeBuild"
~ run_order = 3 -> 2
# (2 unchanged attributes hidden)
}
}
# (2 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
尽管计划已正确应用,但我的 Terraform 代码在应用后仍报告更改。
Terraform 和提供商版本:
Terraform v1.1.7
on darwin_amd64
+ provider registry.terraform.io/hashicorp/aws v4.6.0
resource "aws_codepipeline" "this" {
name = "${lookup(var.tags, "Environment", "")}-terraform-pipeline"
role_arn = aws_iam_role.this.arn
artifact_store {
location = data.aws_s3_bucket.codepipeline_bucket.bucket
type = "S3"
}
dynamic "stage" {
for_each = local.stages
content {
name = stage.value.name
dynamic "action" {
for_each = stage.value.action
content {
name = action.value.name
category = action.value.category
owner = action.value.owner
provider = action.value.provider
version = action.value.version
run_order = action.value.run_order
input_artifacts = action.value.input_artifacts
output_artifacts = action.value.output_artifacts
configuration = action.value.configuration
}
}
}
}
}
locals {
stages = [{
name = "Source"
action = [{
run_order = "1"
category = "Source"
name = "Source"
owner = "AWS"
provider = "CodeCommit"
version = "1"
input_artifacts = []
output_artifacts = ["SourceArtifacts"]
configuration = {
BranchName = "master"
OutputArtifactFormat = "CODEBUILD_CLONE_REF"
RepositoryName = local.repo_name
ProjectName = null
}
}]
}, {
name = "dev"
action = [{
run_order = "2"
category = "Build"
name = "InitAndPlan"
owner = "AWS"
provider = "CodeBuild"
version = "1"
input_artifacts = ["SourceArtifacts"]
output_artifacts = ["PlanArtifacts"]
configuration = {
BranchName = null
OutputArtifactFormat = null
RepositoryName = null
ProjectName = module.codebuild_tf_init_plan.name
}
}, {
run_order = "3"
category = "Approval"
name = "Approve"
owner = "AWS"
provider = "Manual"
version = "1"
input_artifacts = []
output_artifacts = []
configuration = {
BranchName = null
OutputArtifactFormat = null
RepositoryName = null
ProjectName = null
}
}]
}]
}
当我更改 run_order(Approval 和 InitAndPlan 阶段分别为 2 和 2)时,问题就消失了。然而,这不是我想要的。
Approve 个阶段需要在 InitAndPlan 个阶段之后执行。
我错过了什么?
应要求,这是TF计划
Terraform will perform the following actions:
# module.codepipeline.aws_codepipeline.this will be updated in-place
~ resource "aws_codepipeline" "this" {
id = "sandbox-terraform-pipeline"
name = "sandbox-terraform-pipeline"
tags = {}
# (3 unchanged attributes hidden)
~ stage {
name = "dev"
~ action {
~ category = "Build" -> "Approval"
~ configuration = {
- "ProjectName" = "sandbox-terraform-init-plan" -> null
}
~ input_artifacts = [
- "SourceArtifacts",
]
~ name = "InitAndPlan" -> "Approve"
~ output_artifacts = [
- "PlanArtifacts",
]
~ provider = "CodeBuild" -> "Manual"
~ run_order = 2 -> 3
# (2 unchanged attributes hidden)
}
~ action {
~ category = "Approval" -> "Build"
~ configuration = {
+ "ProjectName" = "sandbox-terraform-init-plan"
}
~ input_artifacts = [
+ "SourceArtifacts",
]
~ name = "Approve" -> "InitAndPlan"
~ output_artifacts = [
+ "PlanArtifacts",
]
~ provider = "Manual" -> "CodeBuild"
~ run_order = 3 -> 2
# (2 unchanged attributes hidden)
}
}
# (2 unchanged blocks hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.