19 tfplan gha bug2

.github/workflows/terraform-plan.yml

@@ -198,19 +198,58 @@ jobs:
       - name: Terraform Plan
         id: plan
         run: |
+          # Run terraform plan and capture both stdout and stderr
           terraform plan -no-color -input=false -out=tfplan > plan_output.txt 2>&1
           PLAN_EXIT_CODE=$?
-          PLAN_OUTPUT=$(cat plan_output.txt)
+
+          # Robust output capture with error handling
+          echo "Checking for plan output file..."
+          if [ -f plan_output.txt ] && [ -s plan_output.txt ]; then
+            # File exists and has content - capture the actual output
+            echo "plan_output.txt exists and has content, capturing..."
+            PLAN_OUTPUT=$(cat plan_output.txt)
+            echo "Plan output captured successfully (${#PLAN_OUTPUT} characters)"
+            echo "First 200 chars of captured output:"
+            echo "${PLAN_OUTPUT:0:200}..."
+          else
+            # File doesn't exist or is empty
+            PLAN_OUTPUT="No terraform plan output was generated"
+            echo "Warning: plan_output.txt is missing or empty"
+            echo "File exists: $([ -f plan_output.txt ] && echo 'YES' || echo 'NO')"
+            echo "File size: $(wc -c < plan_output.txt 2>/dev/null || echo '0')"
+          fi
+
+          # Set step outputs
           echo "stdout<<EOF" >> $GITHUB_OUTPUT
           echo "$PLAN_OUTPUT" >> $GITHUB_OUTPUT
           echo "EOF" >> $GITHUB_OUTPUT
+          # Also write to a file for the failure step to read
+          echo "$PLAN_OUTPUT" > plan_output_for_failure.txt
+          echo "exit_code=$PLAN_EXIT_CODE" >> $GITHUB_OUTPUT
+
+          # Exit with original code
           exit $PLAN_EXIT_CODE
         working-directory: ${{ matrix.directory }}
         continue-on-error: true
         env:
           TF_VAR_infisical_client_id: ${{ secrets.INFISICAL_CLIENT_ID }}
           TF_VAR_infisical_client_secret: ${{ secrets.INFISICAL_CLIENT_SECRET }}
 
+      - name: Show Terraform Plan Output in Workflow
+        if: always()
+        run: |
+          echo "=== Terraform Plan Output (${{ matrix.directory }}) ==="
+          cd "${{ matrix.directory }}"
+          if [ -f plan_output.txt ]; then
+            echo "File exists, showing content:"
+            cat plan_output.txt
+          else
+            echo "No plan output file found in $(pwd)"
+            echo "Files in directory:"
+            ls -la
+          fi
+          echo "=== End Terraform Plan Output ==="
+
       - name: Delete old plan comments
         uses: actions/github-script@v7
         if: github.event_name == 'pull_request'
@@ -276,13 +315,23 @@ jobs:
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |
+            console.log('Debug: PLAN env var length:', process.env.PLAN ? process.env.PLAN.length : 'undefined');
+            console.log('Debug: PLAN env var preview:', process.env.PLAN ? process.env.PLAN.substring(0, 100) + '...' : 'undefined');
+
+            const planOutput = process.env.PLAN || 'No plan output captured';
             const output = `#### Terraform Plan Failed ❌ \`${{ matrix.directory }}\`
             #### Terraform Initialization ⚙️\`${{ steps.init.outcome }}\`
             #### Terraform Validation 🤖\`${{ steps.validate.outcome }}\`
 
-            *Pushed by: @${{ github.actor }}, Action: \`${{ github.event_name }}\`*
+            <details><summary>Show Error Details</summary>
+
+            \`\`\`terraform
+            ${planOutput}
+            \`\`\`
+
+            </details>
 
-            Check the workflow logs for more details.`;
+            *Pushed by: @${{ github.event.pull_request.user.login }}, Action: \`${{ github.event_name }}\`*`;
 
             github.rest.issues.createComment({
               issue_number: context.issue.number,

infrastructure/test/README.md

@@ -22,12 +22,15 @@ No modules.
 | Name | Type |
 |------|------|
 | [aws_instance.example](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/instance) | resource |
+| [aws_ami.nonexistent](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/ami) | data source |
 
 ## Inputs
 
 No inputs.
 
 ## Outputs
 
-No outputs.
+| Name | Description |
+|------|-------------|
+| <a name="output_nonexistent_ami_id"></a> [nonexistent\_ami\_id](#output\_nonexistent\_ami\_id) | n/a |
 <!-- END_TF_DOCS -->

infrastructure/test/main.tf

@@ -5,4 +5,21 @@ resource "aws_instance" "example" {
   tags = {
     Name = "HelloWorld"
   }
-}
+}
+
+# Intentionally cause plan to fail while keeping syntax valid:
+# This data source queries a non-existent AMI ID, which will make
+# terraform plan error out with a provider lookup failure.
+data "aws_ami" "nonexistent" {
+  owners      = ["self"]
+  most_recent = true
+  filter {
+    name   = "image-id"
+    values = ["ami-0000000000000000"]
+  }
+}
+
+output "nonexistent_ami_id" {
+  value = data.aws_ami.nonexistent.id
+}
+