We've ran into an issue where our CI checks run TF plans across all workspaces in our org, and whenever a TF plan fails in our workspace, flows are published from the version it was last deployed in our main branch (even after having done manual changes in the UI to said flows). Not entirely sure what we can share to try and troubleshoot why this is happening?
Hi Ivan,
Did you take a look and see if there are any Terraform hooks being invoked in your Terraform cloud environment? When I looked at the logs George had sent me the week before last I saw the plan taking place, but then after the plan completes, I saw what looks like a terraform hook executing. Terraform cloud allows you to define pre and post-hooks on things like terraform plan.
Here is the documentation on a Terraform hook. The other thing to look at is whether or not your CI/CD pipeline might be kicking off a terraform execute as a pre/post hook.
I know from experience that CI/CD pipelines can get pretty complex and it is easy to lose track of what's getting invoked.
A terraform plan only compares the contents of the state file with the current content of your .tf files and then does a diff between the two and spits out the difference. It does not execute anything on the provider. I have been working with both Archy and the Terraform Flow resource and have never seen the behavior you are describing. (Not saying this is happening. Just I have never seen this behavior in its current context).
I would avoid posting any of your logs directly on the forum. I am working with George and another PS resource (Jeremy) to help figure out the best way to get this sorted out.
Thanks,
John Carnell
Manager, Developer Engagement