Closed qrilka closed 3 years ago
In this particular case I just applied the change including certificate reorder.
@qrilka ,
Looks like issuance_info
is not resulting force creation of order
~ issuance_info = {
- "ordered_on" = "1618403611429"
- "status" = "valid"
} -> (known after apply)
check if certificate_manager_instance_id
or domains
are been changed..
change in these two attributes can only result in forcenew replacement of cms order resource
@kavya498 that was my first thought also but the change shown above was the only one and when I comment it out TF plan shows no changes.
Can you share your plan output and template
I'm not sure what "template" is but here are the output and the related parts of TF code - https://gist.github.com/qrilka/4e576b41f1e2579cdb93c02f50a0eefa
looks like forcereplacement is happening due to
~ certificate_manager_instance_id = "crn:v1:bluemix:public:cloudcerts:us-south:a/XXXX:c8fd61fa-9a4f-45b7-8d53-8fdc528b46e4::" -> (known after apply) # forces replacement
We suggest you to not use depends_on on a datasource.
Oh, thanks that makes sense. Removing depends_on
resolves this problem but it will remove the dependency which is needed because of cert manager autocreation.
In any case this looks to be solved. Thank you. Closing.
@kavya498 I've tried commenting out depends_on
on a different env (with the same code) and cert replacement is still present in the plan so I'm not convinced that it is the reason
can you share the plan and tf files for new env?
The plan is https://gist.github.com/qrilka/ebc65736d1069ce8974d95e5c8849ab5 and the files are basically the same with depends_on
commented out and some orthogonal changes
@qrilka Looks like data source is trying refresh again Plan should not see any change in resource_instance data source.. Is there any dependency on that data source or are you changing anything? and what do you mean by different env?
The same code gets deployed to different environments (dev/staging) in different resource groups. No other changes. We applied this so won't plan to dig into this further, feel free to close if you see it as necessary. In any case thanks for spending your time on this.
Closing this issue.. Thanks.
Community Note
Terraform CLI and Terraform IBM Provider Version
Affected Resource(s)
Terraform Configuration Files
I was adding
kms_config
to k8s_cluster usingPreviously enabling KMS was done using IMB Cloud CLI
Expected Behavior
KMS config gets updated for the cluster resource
Actual Behavior
TF plan insists on recreating
ibm_certificate_manager_order
resource saying thatissuance_info
forces replacement:Steps to Reproduce
Unfortunately I don't have a minimal reproduciton scenario at the moment