terraform-bin state rm ::debug::stdout:

[horvatic]

When running this code in a GitHub action:

    - name: Terraform Remove Permanent Resources From State
      env:
        TF_ACTION_WORKING_DIR: 'terraform'
        AWS_ACCESS_KEY_ID:  ${{ secrets.AWS_ACCESS_KEY_ID }}
        AWS_SECRET_ACCESS_KEY:  ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      run: |
          cd terraform
          cp terraform.tfstate tempstate
          ECSTASKS=$(terraform state list | grep "aws_ecs_task_definition")
          for ECSTASK in $ECSTASKS
          do
            terraform state rm $ECSTASK
          done

I get the following output

terraform-bin state rm aws_ecs_task_definition.task
Removed aws_ecs_task_definition.task
Successfully removed 1 resource instance(s).
terraform-bin state rm ::debug::stdout:

Error: Variable name required
on  line 1:
(source code not available)
Must begin with a variable name.

The removal of aws_ecs_task_definition.task is correct. This code has been tested outside of Github actions and works correctly. When I echo $ECSTASKS, I only get aws_ecs_task_definition.task showing the loop is running once with the correct info.

[horvatic]

The following code is a work around:

          ECSTASKSNAMES=$(cat terraform.tfstate | jq -r '.resources[] | select(.type=="aws_ecs_task_definition").name')
          for ECSTASKNAME in $ECSTASKSNAMES
          do
            terraform state rm "aws_ecs_task_definition.${ECSTASKNAME}"
          done

There is a bug or something where terraform state list will output a ::debug::stdout::

[danopia]

This looks like it's the extra output from the wrapper, you can either disable the wrapper via the flag (which affects the whole workflow) or run terraform-bin instead of terraform when you will be capturing the output (so the rest of the workflow can still benefit from the wrapper)

[horvatic]

Why is the wrapper outputting this, a bug? Most Devs would expect to run terraform on their local machine, and have the same output in a github action

[danopia]

I think the wrapper functions as originally intended, the authors just didn't account for the times that one would want to capture output from terraform. See also:

• Problem with stdout, from terraform output command #149
• Wrapper behavior is unexpected: please update log message #85
• Solution for Terraform Output Command #80
• Raw output when using wrapper with $() in bash #20
• Terraform plan produces invalid out file #42

[austinvalle]

Hi all 👋, resurrecting this old issue thread to note an upcoming fix for this in setup-terraform v3.0.0 that will be released early next week.

Context

As noted in this thread and others, the wrapper that is enabled by default was returning errant output in addition to the standard Terraform binary STDOUT (followed by some "hidden in GH actions" ::debug:: statements).

In v3.0.0, the terraform wrapper will now return the STDOUT from the Terraform binary without any additional characters/lines that needs to be filtered out. An example running terraform output -json on a simple Terraform config in GHA:

resource "random_pet" "pet" {}

output "pet" {
  value = random_pet.pet.id
}

Raw output before v3.0.0

/home/runner/work/temp/e33b51db-269a-4822-a8f3-b85eae79199c/terraform-bin output -json
{
  "pet_name": {
    "sensitive": false,
    "type": "string",
    "value": "balanced-marmot"
  }
}
::debug::Terraform exited with code 0.
::debug::stdout: {%0A  "pet_name": {%0A    "sensitive": false,%0A    "type": "string",%0A    "value": "balanced-marmot"%0A  }%0A}%0A
::debug::stderr: 
::debug::exitcode: 0

Raw output with v3.0.0

{
  "pet_name": {
    "sensitive": false,
    "type": "string",
    "value": "balanced-marmot"
  }
}

Action needed

When upgrading to v3.0.0, If you have the wrapper enabled and are consuming the STDOUT directly (i.e. not using a GH step output), you may need to adjust your GH workflows if they strip out the first/last lines of the output.

If you're not using the STDOUT directly or have disabled the wrapper, then no changes will need to be made.

Thanks to @OJFord for the contribution/fix!

[austinvalle]

v3.0.0 has just been released with this fix 🥳

[horvatic]

Thanks @austinvalle! I will test it out and let you know if I run into anything. Great work!

[github-actions]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.