terraform-example-foundation icon indicating copy to clipboard operation
terraform-example-foundation copied to clipboard

Published 20 hours ago verified publisher icon terraform-google-modules

CloudBuild Plan 1-org failed

Open hadi-alnehlawi opened this issue 2 years ago • 4 comments

TL;DR

The plan step for validation is failed at TERRAFORM VALIDATION


1 - "tf plan validate all": WARNING: This command is using service account impersonation. All API calls will be executed as [[email protected]].
Step #1 - "tf plan validate all": WARNING: This command is using service account impersonation. All API calls will be executed as [[email protected]].
Step #1 - "tf plan validate all": WARNING: This command is using service account impersonation. All API calls will be executed as [[email protected]].
Step #1 - "tf plan validate all": Cloning into '/workspace/policy-library'...
Step #1 - "tf plan validate all": WARNING: This command is using service account impersonation. All API calls will be executed as [[email protected]].
Step #1 - "tf plan validate all": warning: remote HEAD refers to nonexistent ref, unable to checkout.
Step #1 - "tf plan validate all": 
Step #1 - "tf plan validate all": Project XXXXX] repository [gcp-policies] was cloned to [/workspace/policy-library].
Step #1 - "tf plan validate all": /workspace/1-org/shared /workspace/1-org/shared
Step #1 - "tf plan validate all": Switched to a new branch 'main'
Step #1 - "tf plan validate all": Branch 'main' set up to track remote branch 'main' from 'origin'.
Step #1 - "tf plan validate all": /workspace/1-org/shared
Step #1 - "tf plan validate all": Pausing command execution:
Step #1 - "tf plan validate all": 
Step #1 - "tf plan validate all": This command requires the `terraform-tools` component to be installed. Would you
Step #1 - "tf plan validate all":  like to install the `terraform-tools` component to continue command execution? 
Step #1 - "tf plan validate all": (Y/n)?  
Step #1 - "tf plan validate all": ERROR: (gcloud.beta.terraform.vet) 
Step #1 - "tf plan validate all": You cannot perform this action because the Google Cloud CLI component manager 
Step #1 - "tf plan validate all": is disabled for this installation. You can run the following command 
Step #1 - "tf plan validate all": to achieve the same result for this installation: 
Step #1 - "tf plan validate all": 
Step #1 - "tf plan validate all": sudo apt-get install google-cloud-sdk-terraform-tools
Step #1 - "tf plan validate all": 
Step #1 - "tf plan validate all": 
Finished Step #1 - "tf plan validate all"
ERROR
ERROR: build step 1 "us-central1-docker.pkg.dev/prj1-b-cicd-xxxxxxxx/prj1-tf-runners/terraform" failed: step exited with non-zero status: 33

Expected behavior

No response

Observed behavior

No response

Terraform Configuration

N/A

Terraform Version

ersion 0.13.7

Additional information

No response

hadi-alnehlawi avatar Aug 05 '22 23:08 hadi-alnehlawi

@hadi-alnehlawi Also got the same error...Did you get any fix on this?

Atul7696 avatar Aug 07 '22 05:08 Atul7696

Hi @Atul7696 , unfortunately no, I have to comment tf-validate step. We are waiting the team feedback.

hadi-alnehlawi avatar Aug 07 '22 15:08 hadi-alnehlawi

Hi @Atul7696 , unfortunately no, I have to comment tf-validate step. We are waiting the team feedback.

Thanks @hadi-alnehlawi were you able to generate the terraform plan in cloud bucket and build after commenting the entire block

[START tf-plan_validate_all]

  • id: 'tf plan validate all' name: $_DEFAULT_REGION-docker.pkg.dev/$PROJECT_ID/$_GAR_REPOSITORY/terraform entrypoint: /bin/bash args:
    • -c
    • | ./tf-wrapper.sh plan_validate_all ${BRANCH_NAME} ${_POLICY_REPO} ${PROJECT_ID} CLOUDSOURCE

I did not work for me though. Showed error ERROR: bucket "gs://prj-cloudbuild-artifacts-xxxx" does not exist. However the bucket was present in the cicd project.

Theni commented the below step in tf-wrapper.sh

tf_validate "$env_path" "$env" "$policysource" "$component"

The result was same in reference to

Step #1 - "tf plan validate all": Step #1 - "tf plan validate all": This plan was saved to: /workspace/tmp_plan/envs-shared.tfplan Step #1 - "tf plan validate all": Step #1 - "tf plan validate all": To perform exactly these actions, run the following command to apply: Step #1 - "tf plan validate all": terraform apply "/workspace/tmp_plan/envs-shared.tfplan" Step #1 - "tf plan validate all": Step #1 - "tf plan validate all": .git/info doesn't match ^(development|non-production|production|shared)$; skipping Step #1 - "tf plan validate all": .git/branches doesn't match ^(development|non-production|production|shared)$; skipping Step #1 - "tf plan validate all": .git/refs doesn't match ^(development|non-production|production|shared)$; skipping Step #1 - "tf plan validate all": .git/logs doesn't match ^(development|non-production|production|shared)$; skipping Step #1 - "tf plan validate all": .git/hooks doesn't match ^(development|non-production|production|shared)$; skipping Step #1 - "tf plan validate all": .git/objects doesn't match ^(development|non-production|production|shared)$; skipping Finished Step #1 - "tf plan validate all" PUSH ERROR ERROR: bucket "gs://prj-cloudbuild-artifacts-a35a" does not exist

Atul7696 avatar Aug 07 '22 15:08 Atul7696

Hi @Atul7696 ,

you need also to comment the below line as validate seems not working with the docker image of the terraform used in cloudbuild:

https://github.com/terraform-google-modules/terraform-example-foundation/blob/56002c991cebdca6aaa2ca3daf535b9c2295daa7/build/tf-wrapper.sh#L95

hadi-alnehlawi avatar Aug 07 '22 21:08 hadi-alnehlawi

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

github-actions[bot] avatar Oct 06 '22 23:10 github-actions[bot]