How to run `terraform destroy` in TF Cloud

Integralist · February 19, 2024, 1:51pm

I’m trying to run terraform destroy when a PR is merged. The purpose is to clean up a dev environment created during the PR phase.

I’m not sure if I just need the create-run action with is_destroy: true or if I also need the apply-run action (which, looking at the source code, would run terraform apply). I’m presuming I don’t need the apply-run, but wanted to double check with people here.

Thanks.

  dev-cleanup:
    name: "Cleanup Dev Environment"
    runs-on: ubuntu-latest
    if: github.event.pull_request.merged == true
    steps:
      - name: Checkout
        uses: actions/checkout@v4

      - name: Upload Configuration
        uses: hashicorp/tfc-workflows-github/actions/upload-configuration@v1.0.0
        id: apply-upload
        with:
          workspace: ${{ env.TF_WORKSPACE }}
          directory: ${{ env.CONFIG_DIRECTORY }}

      - name: Create Apply Run
        uses: hashicorp/tfc-workflows-github/actions/create-run@v1.0.0
        id: apply-run
        with:
          workspace: ${{ env.TF_WORKSPACE }}
          configuration_version: ${{ steps.apply-upload.outputs.configuration_version_id }}
          is_destroy: true

      - name: Apply
        uses: hashicorp/tfc-workflows-github/actions/apply-run@v1.0.0
        if: fromJSON(steps.apply-run.outputs.payload).data.attributes.actions.IsConfirmable
        id: apply
        with:
          run: ${{ steps.apply-run.outputs.run_id }}
          comment: "Apply Run from GitHub Actions CI ${{ github.sha }}"

Integralist · February 21, 2024, 10:29am

Apologies for pinging directly, but @apparentlymart you’re usually floating around on this forum maybe you can let me know about this

Thanks.

bschaatsbergen · April 17, 2024, 10:03pm

Hey @Integralist, thanks for taking the time to put this question out. Judging by the hardcoded ‘-apply’ in the ‘apply-run’ action: tfc-workflows-github/actions/apply-run/action.yml at 34866d21f6856cca1fbca7c09c5644203aa83890 · hashicorp/tfc-workflows-github · GitHub I’m going to assume that you should not be needing this, and only require ‘create-run’ with ‘is_destroy’ set to ‘true’: tfc-workflows-github/actions/create-run/action.yml at 34866d21f6856cca1fbca7c09c5644203aa83890 · hashicorp/tfc-workflows-github · GitHub as you already concluded correctly.

The ‘apply-run’ really seems like a roll-forward action, and you would only be able to destroy resources in an apply if you had removed them from your Terraform configuration.

Let me know if this works for you

Topic		Replies	Views
With Terraform cloud can I have Terraform state that behaves more like cloudformation stacks? HCP Terraform	1	621	March 31, 2020
Terraform Cloud/Github integration HCP Terraform hcp-terraform	1	401	July 10, 2023
GitHub Actions workflow w/multiple environments Terraform	7	7065	May 28, 2022
How to use terraform setup github action with config files in non-root directory Terraform hcp-terraform	1	4759	January 11, 2021
Using GitHub Actions to deploy my code using Terraform Terraform	0	285	August 9, 2021

How to run `terraform destroy` in TF Cloud

Related topics