I’m looking to get a notification with a run reaches the PLANNED state. That is - a plan was run, and it’s waiting for a “Manual apply”.
However, based on the API documentation, it doesn’t seem like there’s a trigger for this? I can only see one for “planning” (before the plan is done).
I think you’re looking for run:needs_attention
, which is used when a plan has changes but needs a manual apply.
OK. Will needs_attention occur in any other circumstance, or only if plan was successful and has changes to make?
Also, is there a way to access the plan.out (what you’d get with “terraform plan -out”)? I only see a JSON output.
The only situations where this event will fire are after a plan successfully completes with changes, and does not automatically apply. The run may stop here because the workspace is in manual confirmation mode, or because a policy check soft fails.
Not as far as I’m aware. Only the JSON formatted plan output is available.
Is there a space for feature requests for TF Cloud?
@alisdair or @apparentlymart any thoughts on the above? We’re building a tool ( https://indeni.com/blog/identifying-security-violations-in-the-cloud-before-deployment/ ) and are having a hard time integrating it with TF Cloud. Our tool requires the binary format of the plan, not the JSON, because the binary format has the information we need to determine the potential ids of resources that are created (and reference one another).
I think you can send feature requests to tf-cloud@hashicorp.support. However, I believe that we don’t recommend integrating against the binary plan format, as it is intended only to be processed by Terraform itself.
What’s missing from the JSON plan that prevents you from implementing this feature?
The JSON format lacks identifier information. Specifically, it makes it difficult for us to understand the relationship between resources. Therefore, what we do, is we take the plan zip file, and run terraform show on it. We’ve modified the “show” a bit to include the missing information.
We plan on submitting a PR to the main terraform repo, hopefully that is something that will be accepted. But if not, we need some way to get the plan zip file (terraform plan -out=plan.out)
We’d be interested to hear your ideas, but I would not recommend submitting a pull request as the first step. Instead, please open a feature request ticket explaining what the use case is, and what you’d propose changing to make it possible. Thanks!
1 Like