Scheduled Drift Detection — ORM Stack

If you are not familiar with Oracle Resource Manager Stack please refer doc

In Terraform drift detection is used to find if the real-world state of your infrastructure differs from the state defined in your configuration.

If you are using Oracle Resource Manager stack to manage your Oracle cloud infrastructure and want to find if there is a drift you can run the drift detection any time via the console or API.

If you want to run this automatically to make sure there is no drift happened and get a report if any of the stack is out of sync.

The bash script mentioned in this article does that and you can run it via a cron or other scheduling tool to schedule it as per your requirement.

Replace the placeholder for compartmentocid with the compartment id where the stack resides.

The script is used to check stack in a single compartment if you want to check in multiple compartment you can loop through the compartments as well or run multiple script in parallel with the respective compartment details mentioned that will reduce time.

#!/bin/bash
compartment_id=<placeholder for compartmentocid>
stack_list=`oci resource-manager stack list --all -c $compartment_id --lifecycle-state ACTIVE --query 'data[*].id'|grep -i ocid|tr -d '"'|tr -d ','`
final_stack_list=`echo $stack_list |tr -d "'"`
for stack in $final_stack_list
do
    oci resource-manager stack detect-drift --stack-id $stack --wait-for-state SUCCEEDED --wait-for-state FAILED --wait-interval-seconds 10
    sync_status=`oci resource-manager stack get --stack-id $stack|grep "stack-drift-status"| awk '{print $2}'|tr -d ','`
    if [ $sync_status != '"IN_SYNC"' ]
    then
        echo "Stack id ${stack} is out of sync" > ORMstackdriftreport.txt
    fi
done