Schedule Terraform Drift Detection With Teamcity

In this post, we’ll see how we can schedule a weekly job using Teamcity to send Terraform drift detection.

Note: We are using Terragrunt in the script. if you are using Terraform,change terragrunt to terraform in the init and plan command.

Pre-requisite: Execute Step1 and Step2 of https://vinayakpandey-7997.medium.com/send-terraform-drift-status-to-slack-channel-f08eb5a99873

Step1: Create a script named terraform_drfit_check.sh in the repo where your Terraform code is. We’ll checkout this repo in our Teamcity job configuration.

#!/bin/bash
export AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY
export AWS_SECRET_ACCESS_KEY=$AWS_SECRET_KEY
export terraform_provider_platform='linux_amd64'
export slack_url=$SLACK_URL
MESSAGE=''
basedir=$(pwd)
for dir in $(find environments/qa -type d -maxdepth 2 -mindepth 2); do
 cd $basedir/$dir
 rm -rf /tmp/tf.plan
 printf  '\nChecking Directory: %s \n' "$dir"
 terragrunt init
 terragrunt plan -out=/tmp/tf.plan
 if [ $? -ne 0 ];then
     MESSAGE="Terragrunt plan for $dir exited with non zero exit code.Please check for code or permission related issues by executing terragrunt plan manually."
 else
  if terragrunt show -no-color /tmp/tf.plan| grep "#";then
      MESSAGE="Drift detected for $dir."
            
  fi
 fi
 [[ ! -z "$MESSAGE" ]] && curl -X POST -H 'Content-type: application/json' --data "{'text':'$MESSAGE'}" $slack_url || echo "No changes detected"…