Terraform destroy from GitHub Action is not working

Question

I have setup terraform for Azure infrastructure but was not able to set a workflow where I can trigger destroying of the infrastructure created using Terraform Plan/Apply.

After trigger git action job terraform apply , resources has been created. But It doesn't destroy the resources. below is the error message:

Run terraform destroy -auto-approve /home/runner/actions-runner/_work/_temp/5ea6e56c-8668-4081-8f1c-0dede09ee5a2/terraform-bin destroy -auto-approve No changes. No objects need to be destroyed. Either you have not created any objects yet or the existing objects were already deleted outside of Terraform

name: infrastructure-setup

on:
  workflow_dispatch:
  
jobs:
  AKS-Cluster-Deployment:
    runs-on: runner1

    defaults:
      run:
        working-directory: terraform

    steps:
      - uses: actions/checkout@v3.1.0
      - uses: actions/setup-node@v2
        with:
          node-version: '14'
      - uses: hashicorp/setup-terraform@v2.0.2
        with:
          terraform_version: latest
 #         cli_config_credentials_token: ${{ secrets.TFC_TOKEN_ID }}

      - name: Azure login
        run: |
         echo "logging into Azure ..."
          az login --service-principal -u ${{ secrets.AZURE_CLIENT_ID  }} -p ${{ secrets.AZURE_CLIENT_SECRET }} --tenant ${{ secrets.AZURE_TENANT_ID }}
          echo "setting subscription ..."
          az account set -s ${{ secrets.AZURE_SUBSCRIPTION_ID }}
 

      - name: Terraform Init
        id: init
        run: terraform init
      
      - name: Terraform Validate
        id: validate
        run: terraform validate

      - name: Terraform Plan
        id: plan
        run: terraform plan
        continue-on-error: true

      - name: Terraform Plan Status
        if: steps.plan.outcome == 'failure'
        run: exit 1

      - name: Terraform Destroy
        run: terraform destroy -auto-approve
  
   #   - name: Terraform Apply
    #    run: terraform apply -auto-approve

#      - name: Terraform Output
#        run: terraform output

I am trying to delete the resources from a GitHub Action via the terraform destroy command.

Answer 1

I believe you're not using terraform backend to save the terraform state in Azure specifically in Azure Storage Blob.

If you don't have terraform backend you need to set a step import the state of the object you have created previously.

If you don't know how to import the objects created, I will show a quick demonstration on how to import Azure resources to your state file.

Example:

1. You need to identify the objects that you have created in the previous executed workflows. For the sake of this demonstration we will suppose that you have created previously an Azure resource group and you use it this code to create it:

   resource "azurerm_resource_group" "example" { name = "test-rg" location = "West Europe" }

2. You need to go to Azure portal and find your resource group created

3. You need to get the ResourceID of that resource group created. Just go Settings section and choose properties

4. Copy the ResourceID

5. Import the resource to terraform state. You need to a add section that will help you to import the resource created Go to your repo and add this block to your Github workflow before the Terraform plan step

   - name: Terraform Import
     id: import
     run: terraform import azurerm_resource_group.example/subscriptions/your-own-subscription/resourceGroups/test-rg
   

6. Save the file and run the workflow again

When running the workflow, you will see the new resource imported in Terrafom plan step and will be destroyed in Terraform Destroy step

Please note: After running all these commands, don't forget to add terraform backend. It will help you to mitigate these type of error in the future