Setup Terraform Github action fails during init before while managing workspaces in Terraform Cloud

We’re trying to setup a Github Actions pipeline to deploy infrastructure on a per-branch basis. Our attempt based on this article is failing during terraform init with

Initializing the backend...

Successfully configured the backend "remote"! 

Terraform will automatically use this backend unless the backend configuration changes.

│ Error: No existing workspaces.
│
│ Use the "terraform workspace" command to create and select a new workspace.
│ If the backend already contains existing workspaces, you may need to update
│ the backend configuration.
│
│

Error: Terraform exited with code 1.

Error: Process completed with exit code 1.

Here is our Github Action workflow

name: main
on: [push]
concurrency:
  group: ${{ github.ref }}
  cancel-in-progress: true
jobs:
  infrastructure:
    name: Setup Infrastructure
    runs-on: ubuntu-latest
    defaults:
      run:
        working-directory: ./infrastructure
    env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_REGION: "us-east-1"
    steps:
      - uses: actions/checkout@v2
      - uses: hashicorp/setup-terraform@v1
        with:
          cli_config_credentials_token: ${{ secrets.TERRAFORM_API_TOKEN }}
      - name: Set branch name environment variable.
        run: |
          branch_name=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}
          echo "branch_name=$branch_name" >> $GITHUB_ENV
      - run: terraform init
      - run: terraform workspace new ${{ env.branch_name }}
      # - run: terraform workspace select ${{ env.branch_name }}
      # - run: terraform plan -var="branch_name=${{ env.branch_name }}"
      # - run: terraform apply -var="branch_name=${{ env.branch_name }}" -auto-approve

and our Terraform config

terraform {
  backend "remote" {
    hostname = "app.terraform.io"
    organization = "ORGANIZATION"

    workspaces {
      prefix = "ORGANIZATION-"
    }
  }
}

provider "aws" {
  region = var.aws_region
}

variable "aws_region" {
  description = "The AWS region to create resources in."
  default     = "us-east-1"
}

variable "branch_name" {
  description = "The name of the branch that's being deployed"
}

resource "aws_s3_bucket" "client_assets" {
  bucket        = "organization-${var.branch_name}"
  force_destroy = true
  policy        = <<POLICY
{
  "Id": "bucket_policy_site",
  "Version":"2012-10-17",
  "Statement": [
    {
      "Sid": "PublicRead",
      "Action": ["s3:GetObject"],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::organization-${var.branch_name}/*",
      "Principal": "*"
    }
  ]
}
POLICY

  website {
    index_document = "index.html"
    error_document = "index.html"
  }
}

What ideas should we try next to debug this error?

Hello, welcome to the forum!

You’re receiving No existing workspaces there are no existing workspaces with the prefix ORGANIZATION- in your Terraform Cloud organization; outside of automation, you would normally use terraform workspace to then create a workspace to use.

You can fix this by using name in the workspaces {} block instead, which will use the particular workspace you specify and create it if it does not exist yet.

As an aside, the example you posted uses S3 + GitHub Actions, but Terraform Cloud can replace both of these. You can deploy infrastructure on a per-branch, per directory basis by connecting GitHub directly to your workspace, rather than using the remote backend within the GitHub Actions pipeline. Unless there’s some part of your workflow that doesn’t account for?

Cheers!

Is there a way for terraform init to create the remote workspace if it’s not found? We have a similar problem where we cannot run terraform init because the workspace isn’t found, but when doing a terraform workspace new $env we get an error telling us that we need to run terraform init first.

@bernat Yes; when specifying name = like I mentioned above, if the remote workspace does not exist it will be automatically created for you upon terraform init.