Closed andrea-migliaccio closed 1 week ago
I've just run a test for this resource and it all worked fine.
Source: https://github.com/Kong/terraform-provider-konnect/blob/main/tests/e2e/system-accounts.tf#L1-L5
The name resolution failed
error indicates that it's a DNS/connectivity issue on your end. Is it still happening?
It still fails with the same 503. It's just this resource so far... I'll make further tests and provide more info next Monday
I'm provisioning several resources now (control plane, control plane groups, control plane group membership, vault, open telemetry plugin, file-log plugin). But every time I try to provision the Service Account resource I get that "name resolution failed".
I tried to set the TF_LOG variable to TRACE but no details of the API call are logged. I've also took a look at the provider source code but I could find any debug print about the API urls. BTW, it should be using the "server_url" variable of the provider config, just like any other resource. I really can't figure out what's may be wrong..
This is very strange. Let me try and dig in
@andrea-migliaccio Are you using the US, EU or AU region for Konnect?
@andrea-migliaccio Are you using the US, EU or AU region for Konnect?
EU Region in my case.
Thank you - I've managed to reproduce. I'll have a fix up for this today
I confirm that the issues is now solved! Thanks @mheap !
Now I just need to setup a proper pat-token renewal process, since we can't just update the expiration date of the PAT-token once we have created them.
The only way I've figured out so far is to rename the TF konnect_system_account_access_token resource once in a while... That should cause the deletion of the old resource and the creation of a new one with a new token (then I'd save it into an azure key vault for being used by the ci/cd processes afterwards)
Hi, after successfully provisioned several other resoruces (control plan groups, control plane, cp membership and key vaults) I moved to Service Account but I'm getting this weird error while trying to provision a System Account defined as follow:
resource "konnect_system_account" "dev-cicd-system-account" {
name = "DEV CI/CD System Account"
description = "CI/CD System Account for DEV"
konnect_managed = false
}
Is something I made wrong in the above 4 lines or is the resource provisioner failing for other reasons?
│ }