search

FlexibleEngineCloud / terraform-provider-flexibleengine

Terraform flexibleengine provider
https://www.terraform.io/docs/providers/flexibleengine/
Mozilla Public License 2.0
30 stars 53 forks source link

Incompatibility between fe provider and terraform 1.6.X #1074

Closed xfrancois closed 8 months ago

xfrancois commented 9 months ago

Hello, It seems that flexible-engine provider is broken with terraform 1.6.X

Tested with : 

backend "s3" {
    bucket                      = "terraform-bucket-cce-tools-ext-itg"
    key                         = "terraform-itg.tfstate"
    region                      = "eu-west-0"
    endpoint                    = "https://oss.eu-west-0.prod-cloud-ocb.orange-business.com"
    skip_region_validation      = true
    skip_credentials_validation = true
    skip_metadata_api_check     = true
  }

A terraform init with terraform 1.6.X is failing with the following error : 

Initializing the backend...
│ Warning: Deprecated Parameter
│ 
│   on required_providers.tf line 9, in terraform:
│    9:     endpoint                    = "https://oss.eu-west-0.prod-cloud-ocb.orange-business.com"
│ 
│ The parameter "endpoint" is deprecated. Use parameter "endpoints.s3" instead.
╵

│ Error: Retrieving AWS account details: AWS account ID not previously found and failed retrieving via all available methods.
│ 
│ See https://www.terraform.io/docs/providers/aws/index.html#skip_requesting_account_id for workaround and implications.
│ Errors: 2 errors occurred:
│       * retrieving caller identity from STS: operation error STS: GetCallerIdentity, https response error StatusCode: 0, RequestID: , request send failed, Post "https://sts.eu-west-0.amazonaws.com/": dial tcp: lookup sts.eu-west-0.amazonaws.com on <ip>:53: no such host
│       * retrieving account information via iam:ListRoles: operation error IAM: ListRoles, https response error StatusCode: 403, RequestID: 3206fee4-1f32-4d09-9b55-c29b9a165a18, api error InvalidClientTokenId: The security token included in the request is invalid.

Steps to Reproduce

  1. Install terraform 1.6.4
  2. Use flexibleengine provider with version 1.43.0
  3. Do a terraform init
xfrancois commented 9 months ago

It seems to be related to this issue : https://github.com/hashicorp/terraform/issues/33981 A workaround is to have this configuration : 

backend "s3" {
    bucket                      = "terraform-bucket-cce-tools-ext-itg"
    key                         = "terraform-itg.tfstate"
    region                      = "eu-west-0"
    endpoints                   = { s3 = "https://oss.eu-west-0.prod-cloud-ocb.orange-business.com" }
    skip_requesting_account_id  = true
    skip_s3_checksum            = true
    skip_region_validation      = true
    skip_credentials_validation = true
    skip_metadata_api_check     = true
  }

After more investigation, it seems to be related to evolution on s3 backend since terraform 1.6.X more than flexible engine provider. Feel free to close this issue in this case.

ShiChangkuo commented 8 months ago

@xfrancois Thank you for reporting, we will update the backend guide according to terraform 1.6.X.

irishgordo commented 8 months ago

@xfrancois thank you so much for linking that work-around - I was struggling to get this to work but with that workaround it seems to be good - ty!