Why doesn't my destroy command see my var-file arguments in Spacelift?

Last updated: September 9, 2025

When using environment variables to pass arguments to Terraform/OpenTofu commands in Spacelift, it's important to understand how variable scoping works across different phases of execution.

Understanding Variable Scoping

Variables prefixed with ro_ (read-only) are only available during read-only phases like plan. When a run switches to write phases (apply or destroy), these variables are dropped for security reasons.

For example, if you set:

ro_TF_CLI_ARGS = -var-file env/production.tfvars

This will work for plan but not for destroy operations.

Solutions

There are several ways to ensure your var-file is available during destroy operations:

  1. Use unscoped variables: Remove the ro_ prefix to make the variable available in all phases:

    TF_CLI_ARGS = -var-file env/production.tfvars

  2. Use phase-specific variables: Set variables specifically for destroy operations:

    TF_CLI_ARGS_destroy = -var-file env/production.tfvars

    or 

    wo_TF_CLI_ARGS = -var-file env/production.tfvars

  3. Use auto-loaded tfvars files: Rename your variables file to either:

    • terraform.tfvars

    • *.auto.tfvars

    These files are automatically loaded for all commands (init, plan, destroy, etc.)

If using the tfvars file approach, ensure the file is either in your repository or properly mounted in Spacelift.