Closed Otimun closed 9 months ago
Hi @Otimun, I am unable to reproduce issue.
➜ terraform-provider-bigip git:(devel) ✗ terraform apply
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# bigip_waf_policy.this will be created
+ resource "bigip_waf_policy" "this" {
+ application_language = "utf-8"
+ case_insensitive = false
+ description = (known after apply)
+ enable_passivemode = false
+ enforcement_mode = "blocking"
+ id = (known after apply)
+ name = "scenario2"
+ partition = "Common"
+ policy_export_json = (known after apply)
+ policy_id = (known after apply)
+ server_technologies = [
+ "Apache Tomcat",
+ "MySQL",
+ "Unix/Linux",
]
+ template_name = "POLICY_TEMPLATE_RAPID_DEPLOYMENT"
+ type = "security"
}
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
bigip_waf_policy.this: Creating...
bigip_waf_policy.this: Still creating... [10s elapsed]
bigip_waf_policy.this: Still creating... [20s elapsed]
bigip_waf_policy.this: Still creating... [30s elapsed]
bigip_waf_policy.this: Still creating... [40s elapsed]
bigip_waf_policy.this: Creation complete after 41s [id=EdchwjSqo9cFtYP-iWUJmw]
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
➜ terraform-provider-bigip git:(devel) ✗ terraform apply
bigip_waf_policy.this: Refreshing state... [id=EdchwjSqo9cFtYP-iWUJmw]
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
Apply complete! Resources: 0 added, 0 changed, 0 destroyed.
Modification in server technologies:
➜ terraform-provider-bigip git:(devel) ✗ terraform apply
bigip_waf_policy.this: Refreshing state... [id=EdchwjSqo9cFtYP-iWUJmw]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# bigip_waf_policy.this will be updated in-place
~ resource "bigip_waf_policy" "this" {
id = "EdchwjSqo9cFtYP-iWUJmw"
name = "scenario2"
~ server_technologies = [
# (2 unchanged elements hidden)
"Unix/Linux",
+ "MongoDB",
]
# (9 unchanged attributes hidden)
}
Plan: 0 to add, 1 to change, 0 to destroy.
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Enter a value: yes
bigip_waf_policy.this: Modifying... [id=EdchwjSqo9cFtYP-iWUJmw]
bigip_waf_policy.this: Still modifying... [id=EdchwjSqo9cFtYP-iWUJmw, 10s elapsed]
bigip_waf_policy.this: Still modifying... [id=EdchwjSqo9cFtYP-iWUJmw, 20s elapsed]
bigip_waf_policy.this: Modifications complete after 28s [id=EdchwjSqo9cFtYP-iWUJmw]
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.
Hi @RavinderReddyF5,
Thank you for following up. Ive tried again and the problem persists. Ive also tried to apply it to another F5 under the same circumstances and it remains a problem:
~ policy_id = "yJGcupcKlFiUO9d_aD-z6A" -> (known after apply)
~ server_technologies = [
# (3 unchanged elements hidden)
"Unix/Linux",
+ "MongoDB",
]
~ template_name = "POLICY_TEMPLATE_BLANK" -> "POLICY_TEMPLATE_RAPID_DEPLOYMENT" # forces replacement
# (6 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Plan: 1 to add, 0 to change, 1 to destroy.
Changes to Outputs:
~ policyId = "yJGcupcKlFiUO9d_aD-z6A" -> (known after apply)
Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.
Perhaps it is a problem with the specific F5 version. I will try to replicate it with version 16.1.
hi @Otimun, please do open new issue if the problem still persist
Environment
Summary
When creating a policy and then updating the policy, a terraform apply first deletes the policy before recreating it.
Cause mentioned by terraform is: ~ template_name = "POLICY_TEMPLATE_BLANK" -> "POLICY_TEMPLATE_RAPID_DEPLOYMENT" # forces replacement
It seems the template_name is not saved properly after use.
Steps To Reproduce
Steps to reproduce the behavior:
terraform apply
Adjust server_technologies:
terraform apply
Expected Behavior
The object gets modified with the new server technology.
Actual Behavior
After the second terraform apply, terraform wants to recreate the object instead of modifying it. The cause in the logs seem to indicate that this is due to a change in template_name, however this has not been changed.
Most probable cause is that the template_name is not properly saved.
Logs:
When adding an extra server technology like MongoDB, and rerunning terraform apply the following logs are shown: ~ policy_id = "EdchwjSqo9cFtYP-iWUJmw" -> (known after apply) ~ server_technologies = [
(2 unchanged elements hidden)
Plan: 1 to add, 0 to change, 1 to destroy.