I have a few resources deployed on Azure, when I import them (CDN profile & endpoints) locally to generate the state file, it shows No Changes, your infrastructure matches. I have a git Generate plans workflow, which only shows changes, not apply, it shows the creation of those resources even though I have placed the locally generated terraform state file in the folder from where it picks the changes. The terraform script is straightforward -
data "azurerm_resource_group" "prresourcegroup" {
name = local.rgname
}
data "azurerm_storage_account" "frontendappstorage" {
name = "fastorage"
resource_group_name = local.rgname
}
resource "azurerm_cdn_profile" "cdn-profile" {
name = "prcdnprofile"
resource_group_name = data.azurerm_resource_group.prresourcegroup.name
sku = "Premium_Verizon"
location = "global"
lifecycle {
prevent_destroy = true
ignore_changes = [
tags
]
}
}
resource "azurerm_cdn_endpoint" "frontend-endpoint" {
name = "eptpr"
profile_name = azurerm_cdn_profile.cdn-profile.name
resource_group_name = data.azurerm_resource_group.prresourcegroup.name
location = "global"
optimization_type = "GeneralWebDelivery"
querystring_caching_behaviour = "IgnoreQueryString" : "NotSet"
origin {
name = data.azurerm_storage_account.frontendappstorage.primary_web_host
host_name = data.azurerm_storage_account.frontendappstorage.primary_web_host
}
origin_host_header = data.azurerm_storage_account.frontendappstorage.primary_web_host
lifecycle {
ignore_changes = [
tags,
origin,
optimization_type,
is_compression_enabled,
global_delivery_rule
]
}
}
Github actions.yaml -
name: Plan terraform changes
description: Produces a plan of the changes to be made by Terraform
runs:
using: composite
steps:
- uses: cschleiden/replace-tokens@v1 # Replace tokens in TF files with environment variable values
with:
files: '["**/*.tf*","**/*.yaml*"]'
- uses: hashicorp/setup-terraform@v3
- name: Terraform Init Frontend
shell: bash
working-directory: terraform/frontend
run: terraform init
- name: Terraform Validate Frontend
shell: bash
working-directory: terraform/frontend
run: terraform validate
- name: Terraform Plan Frontend
shell: bash
working-directory: terraform/frontend
run: terraform plan --var-file=variables.tfvars -input=false -no-color >> ../../${{env.Environment-Name}}_plan.txt
- name: Save plan
uses: actions/upload-artifact@v4
with:
name: ${{env.Environment-Name}}_plan.txt
path: ${{env.Environment-Name}}_plan.txt
This is only to Plan changes not actual apply.
Github was referencing the wrong state file which was causing the difference on local & git workflow.