search

Azure / terraform-provider-azapi

Terraform provider for Azure Resource Manager Rest API
https://registry.terraform.io/providers/Azure/azapi/latest
Mozilla Public License 2.0
187 stars 48 forks source link

Compute Gallery support #183

Closed Tbohunek closed 1 year ago

Tbohunek commented 2 years ago

I can't create Compute Gallery with Azapi. Schema validation fails:

Error: embedded schema validation failed: the type is invalid. │ resource type Microsoft.Compute/galleries can't be found. │ You can try to update azapi provider to the latest version or disable the validation using the feature flag schema_validation_enabled = false within the resource block │ │ with gallery, │ on .main.tf line 17, in resource "azapi_resource" "gallery": │ 137: resource "azapi_resource" "gallery" {

Disabling validation results in the body not parsed properly:

  ~ resource "azapi_resource" "gallery" {
      ~ body                      = jsonencode(
          ~ {
              - id         = "/subscriptions/ssss/resourceGroups/rg/providers/Microsoft.Compute/galleries/gallery" -> null
              - location   = "westeurope" -> null
              - name       = "gallery" -> null
              ~ properties = {
                  - identifier        = {
                      - uniqueName = "ssss-GALLERY"
                    } -> null
                  - provisioningState = "Succeeded" -> null
                    # (1 unchanged element hidden)
                }
              - tags       = {
                  - Environment    = "Development"
                } -> null
              - type       = "Microsoft.Compute/galleries" -> null
            }
        )
        id                        = "/subscriptions/ssss/resourceGroups/rg/providers/Microsoft.Compute/galleries/gallery"
        name                      = "gallery"
      ~ output                    = jsonencode({}) -> (known after apply)
      ~ schema_validation_enabled = true -> false
      ~ tags                      = {
          + "Orchestrator"   = "terraform"
            # (1 unchanged elements hidden)
        }
        # (5 unchanged attributes hidden)

        # (1 unchanged block hidden)
    }

Import worked. Config is minimal for the moment.

resource "azapi_resource" "gallery" {
  type      = "Microsoft.Compute/galleries@2021-10-01"
  name      = "gallery"
  parent_id = azurerm_resource_group.rg.id

  location = azurerm_resource_group.rg.location
  tags     = azurerm_resource_group.rg.tags

  schema_validation_enabled = false

  body = jsonencode({
    properties = {
      sharingProfile = {
        permissions = "Groups"
      }
    }
  })
}
ms-henglu commented 2 years ago

Hi @Tbohunek ,

Thank you for taking time to report this issue!

Yes, it seems Microsoft.Compute/galleries@2021-10-01 is not embedded in this release, so it can't provide schema validation, I'll look into this and add it in the next release.

And it's not recommended to define id, name, identity, tags and type inside the body, because there're top-level fields for these properties. Also, it seems that identifier is not returned from the response, to disable the plan-diff, you can add ignore_missing_property=true to the resource block.

  - identifier        = {
                      - uniqueName = "ssss-GALLERY"
                    } -> null
Tbohunek commented 2 years ago

Cool, thanks @ms-henglu! ignore_missing_property=true didn't make a difference to the plan output.

Note that I didn't define id,name etc in body(), but I created the resource via az sig create and then imported into terraform. I think the diff comes from how azapi unaware of compute/galleries.

I thought azapi was completely universal for any resource type. Is that not the case? Is there a list somewhere of the supported types?

ms-henglu commented 2 years ago

Hi @Tbohunek ,

ignore_missing_property=true didn't make a difference to the plan output.

I guess you need to run terraform apply again, then azapi will update the state.

I thought azapi was completely universal for any resource type. Is that not the case? Is there a list somewhere of the supported types?

azapi can work without resource type schema, but some features can't be used, for example body validation, remove the unnecessary field when import the resource. We update the embedded schema every month, ideally it will have every resource type that you want to use.

If you want to see the list, you can check the changelog, for example, v0.5.0: https://github.com/ms-henglu/bicep-types-az/tree/813d8bbc9ecf432a2a0ff2769627592fae34369f/generated. And strongly recommended to install AzApi VSCode Extension, it provides a rich authoring experience to help you use the AzApi provider.

Tbohunek commented 2 years ago

Thank you @ms-henglu for explanations. Clear. Looking forward to new provider release. :) I didn't run terraform apply yet as I don't want to break things. I'll wait for provider update.

Tbohunek commented 2 years ago

I tried the azapi extension, however it's not usable now because it breaks the color-coding from terraform extension from Anton Kulikov. Check that out to see if you can adjust your extension to work together.

ms-henglu commented 1 year ago

I'll close this issue since it's resolved, please feel free to reopen it, thanks!