While running Terraform 1.0, -destroy issues or confusion

While running in a CI/CD pipeline I have experienced an oddity where “-destroy” option no longer works in conjunction of the command “terraform plan -destroy”. How to replicate:

  • terraform plan -destroy -out=tfplan -input=false -lock=false
  • terraform apply -input=false -auto-approve -lock=false tfplan
    OR vice versa,
  • terraform plan -out=tfplan -input=false -lock=false
  • terraform apply -destroy -input=false -auto-approve -lock=false tfplan

Since we are utilizing the -out=tfplan, we thought this was the best option, while creating a conditional bool in our pipeline tfvars of to destroy true/false?

Is this a correct assumption per the documentation from “Planning Mode” -note midway down the page at:

That the above commands should still work. So far we are stuck on v0.15.5 otherwise. Should this be a reported bug?

Hi @blakemeisenheimer,

When you run terraform apply with a plan file argument, it skips all of the steps related to creating a plan because it just uses the plan you passed it. Therefore your second example of creating a normal plan (without -destroy) and then trying to apply that same plan with -destroy doesn’t make sense: it’s too late by the apply step to turn it into a destroy plan.

However, your first example seems plausible to me: you’ve created a destroy plan, saved it to a file, and then applied that plan.

I ran those first two commands you shared against a test configuration I happened to be using for something else (where I had some objects already existing) and indeed it worked as I expected:

$ terraform plan -destroy -out=tfplan -input=false -lock=false
(details omitted)

Plan: 0 to add, 0 to change, 2 to destroy.

───────────────────────────────────────────────────────

Saved the plan to: tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "tfplan"
$ terraform apply -input=false -auto-approve -lock=false tfplan
(details omitted)

Apply complete! Resources: 0 added, 0 changed, 2 destroyed.

I then ran terraform show to confirm that indeed my state is no longer tracking any objects.

So it sounds like something else is going on with your configuration. It would help if you could say a little more about what you mean by “no longer works”; if Terraform reported an error, please include the full text of that error message exactly as Terraform printed it, because that’ll typically allow me to track down exactly which part of Terraform reported the error.

Thank you @apparentlymart,

I retested our commands and it all works based on your advise. Thanks again for rapid response and so this is resolved.