Open
Description
One issue with the module.codebuild.local_file.php_ini resource, whenever Terraform executes on a new machine it will trigger a replacement as the file does not exist.
It's a known thing as per https://registry.terraform.io/providers/hashicorp/local/latest/docs/resources/file
Note about resource behaviour
When working with local files, Terraform will detect the resource as having been deleted each time a configuration is applied on a new machine where the file is not present and will generate a diff to re-create it. This may cause "noise" in diffs in environments where configurations are routinely applied by many different users or within automation systems.
When using ephemeral machines to run terraform this causes the terraform to detect this as a change every time. In one side is a nuisance to have TF reporting changes when they actully there are none.
The biggest issue however is that when this resource changes, it triggers the following resource updates:
- module.codebuild.local_file.php_ini
- module.codebuild.data.archive_file.code_build_package
- module.codebuild.aws_s3_object.wordpress_dockerbuild
- null_resource.trigger_build
So images are being build and stored in ECR with no changes, which is an unecessary cost.
2 things come to my mind that we could consider:
- An alternative implementation to the
local_fileresource - A mechanism to define retention for ECR images