terraformgithub-actionsterraform-cloud

Deployments to with Terraform Cloud via GitHub actions suddenly failing with "Invalid workspaces configuration"

I use the TF_WORKSPACE environment variable in combination with tags to allow me to use the same Terraform code with multiple Terraform Cloud Workspaces.

$env:TF_WORKSPACE="name-of-workspace"
terraform -chdir=deploy/bucket init

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
    }
  }
  cloud {
    hostname     = "app.terraform.io"
    organization = "My-Org"

    workspaces {
      tags = [
        "payment-service",
        "infrastructure",
      ]
    }
  }
}

This has been working fine up until about a week ago, and now I am getting the following error in GitHub Actions.

Run terraform -chdir=deploy/bucket init
  terraform -chdir=deploy/bucket init
  shell: /usr/bin/bash -e {0}
  env:
    TF_WORKSPACE: payment-service-infrastructure-dev
    TF-DIRECTORY: deploy/bucket
    TERRAFORM_CLI_PATH: /home/runner/work/_temp/976ebbc9-6810-4e00-b2e9-aec8919f4485
/home/runner/work/_temp/976ebbc9-6810-4e00-b2e9-aec8919f4485/terraform-bin -chdir=deploy/bucket init

Initializing Terraform Cloud...
Initializing modules...
Downloading app.terraform.io/My-Org/lambda-deploy-bucket/aws 0.1.0 for app_bucket...
- app_bucket in .terraform/modules/app_bucket
╷
│ Error: Invalid workspaces configuration
│ 
│   on main.tf line 7, in terraform:
│    7:   cloud {
│ 
│ Only one of workspace "tags" or "name" is allowed.
│ 
│ The 'workspaces' block configures how Terraform CLI maps its workspaces for
│ this single
│ configuration to workspaces within a Terraform Cloud organization. Two
│ strategies are available:
│ 
│ tags - A set of tags used to select remote Terraform Cloud
│ workspaces to be used for this single
│ configuration. New workspaces will automatically be tagged with these tag
│ values. Generally, this
│ is the primary and recommended strategy to use.  This option conflicts with
│ "name".
│ 
│ name - The name of a single Terraform Cloud workspace to be
│ used with this configuration.
│ When configured, only the specified workspace can be used. This option
│ conflicts with "tags".
╵

Error: Terraform exited with code 1.

This MUST be down to some change in either Terraform Cloud or GitHub actions as I cannot seem to replicate it locally. Also, I can take a previous Action run that worked and if I rerun it I get this error.

I am really stuck and would appreciate some pointers as to what to do.

Solution

  • It turns out it is a known issue with version 1.60 of Terraform.

    I was not pinning my version with the hashicorp/setup-terraform@v2 GitHub Action. So the solution is to pin to a different working version:-

    steps:
- uses: hashicorp/setup-terraform@v2
  with:
    terraform_version: <desired>.<version>.<number>