CODEWITHSUNDEEP
terraformterraform-provider-awsterraform0.12+
Philipp Kyeck
Philipp Kyeck

Reputation: 18860

Terraform: ignore changes to a certain environment variable

I have an AWS Lambda function I created using terraform. Code-changes are auto-deployed from our CI-server and the commit-sha is passed as an environment variable (GIT_COMMIT_HASH) - so this changes the Lambda function outside of the Terraform-scope (because people were asking...).

This works good so far. But now I wanted to update the function's node-version and terraform tries to reset the env var to the initial value of "unknown".

I tried to use the ignore_changes block but couldn't get terraform to ignore the changes made elsewhere ...

resource "aws_lambda_function" "test" {
  filename      = data.archive_file.helloworld.output_path
  function_name = "TestName_${var.environment}"
  role          = aws_iam_role.test.arn
  handler       = "src/index.handler"

  runtime = "nodejs14.x"
  timeout = 1
  memory_size = 128

  environment {
    variables = {
      GIT_COMMIT_HASH = "unknown"
    }
  }

  lifecycle {
    ignore_changes = [
      environment.0.variables["GIT_COMMIT_HASH"],
    ]
  }
}

Is this possible? How do I have to reference the variable?

** edit **

Plan output looks like this:

# aws_lambda_function.test will be updated in-place
  ~ resource "aws_lambda_function" "test" {
        # ... removed some lines

        source_code_size               = 48012865
        tags                           = {}
        timeout                        = 1
        version                        = "12"

      ~ environment {
          ~ variables = {
              ~ "GIT_COMMIT_HASH" = "b7a77d0" -> "unknown"
            }
        }

        tracing_config {
            mode = "PassThrough"
        }
    }

Upvotes: 9

Views: 6037

Answers (1)

Marcin
Marcin

Reputation: 238957

I tried to replicate the issue and in my tests it works exactly as expected. I can only suspect that you are using an old version of TF, where this issue occurs. There has been numerous GitHub Issues reported regarding the limitations of ignore_changes. For example, here, here or here.

I performed tests using Terraform v0.15.3 with aws v3.31.0, and I can confirm that ignore_changes works as it should. Since this is a TF internal problem, the only way to rectify the problem, to the best of my knowledge, would be to upgrade your TF.

Upvotes: 5

Related Questions