search

OpenVPN / terraform-provider-cloudconnexa

OpenVPN Terraform CloudConnexa provider
https://registry.terraform.io/providers/OpenVPN/cloudconnexa
Apache License 2.0
2 stars 1 forks source link

New crash on openvpncloud_user resource #3

Closed pickgr closed 6 days ago

pickgr commented 1 week ago

Please note this is on the old version of the provider:

terraform-provider-openvpn-cloud_v0.0.11

I haven't had the time to migrate our code base yet. However, this just showed up recently and we haven't made any changes, so perhaps there was an API change that caused this and it may be an issue in this repo/codebase as well.

$ terraform plan -target 'module.openvpn-cloud.openvpncloud_user.this["gpick"]'
.
.
.
module.openvpn-cloud.openvpncloud_user.this["gpick"]: Refreshing state... [id=8b6fb41f-2377-4c27-8316-82baadac0f08]

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Warning: Resource targeting is in effect
│
│ You are creating a plan with the -target option, which means that the result of this plan may not represent all of the changes requested by
│ the current configuration.
│
│ The -target option is not for routine use, and is provided only for exceptional situations such as recovering from errors or mistakes, or
│ when Terraform specifically suggests to use it as part of an error message.
╵
╷
│ Error: Plugin did not respond
│
│   with module.openvpn-cloud.openvpncloud_user.this["gpick"],
│   on ../../modules/openvpn-cloud/users.tf line 1, in resource "openvpncloud_user" "this":
│    1: resource "openvpncloud_user" "this" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The plugin logs may contain more
│ details.
╵

Stack trace from the terraform-provider-openvpn-cloud_v0.0.11 plugin:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x70 pc=0x10528e438]

goroutine 203 [running]:
github.com/OpenVPN/terraform-provider-openvpn-cloud/openvpncloud.resourceUserRead({0x105720400?, 0x1400039a3c0?}, 0x14000990780, {0x10570ab80?, 0x140002bb710})
    github.com/OpenVPN/terraform-provider-openvpn-cloud/openvpncloud/resource_user.go:154 +0x128
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).read(0x140003b27e0, {0x105720400, 0x1400039a3c0}, 0xd?, {0x10570ab80, 0x140002bb710})
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.27.0/helper/schema/resource.go:750 +0xe8
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).RefreshWithoutUpgrade(0x140003b27e0, {0x105720400, 0x1400039a3c0}, 0x140000acb60, {0x10570ab80, 0x140002bb710})
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.27.0/helper/schema/resource.go:1044 +0x490
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadResource(0x1400043cb28, {0x105720400?, 0x1400039a2a0?}, 0x14000096740)
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.27.0/helper/schema/grpc_provider.go:616 +0x400
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0x140003145a0, {0x105720400?, 0x140001a4420?}, 0x14000718420)
    github.com/hashicorp/terraform-plugin-go@v0.16.0/tfprotov5/tf5server/server.go:751 +0x3e8
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0x1056eb0c0?, 0x140003145a0}, {0x105720400, 0x140001a4420}, 0x140001a8c40, 0x0)
    github.com/hashicorp/terraform-plugin-go@v0.16.0/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:386 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0x14000456000, {0x105723fe0, 0x140000036c0}, 0x14000157d40, 0x14000458db0, 0x105bab470, 0x0)
    google.golang.org/grpc@v1.56.0/server.go:1337 +0xc64
google.golang.org/grpc.(*Server).handleStream(0x14000456000, {0x105723fe0, 0x140000036c0}, 0x14000157d40, 0x0)
    google.golang.org/grpc@v1.56.0/server.go:1714 +0x82c
google.golang.org/grpc.(*Server).serveStreams.func1.1()
    google.golang.org/grpc@v1.56.0/server.go:959 +0x84
created by google.golang.org/grpc.(*Server).serveStreams.func1
    google.golang.org/grpc@v1.56.0/server.go:957 +0x16c

Error: The terraform-provider-openvpn-cloud_v0.0.11 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.
sahaqaa commented 1 week ago

Hello, Could you please check and verify that you use https://registry.terraform.io/providers/OpenVPN/cloudconnexa/latest ?

terraform {
  required_providers {
    cloudconnexa = {
      source = "OpenVPN/cloudconnexa"
      version = "0.1.0"
    }
  }
}

provider "cloudconnexa" {
  # Configuration options
}

If no - i would encourage you to migrate to it.

https://registry.terraform.io/providers/OpenVPN/openvpn-cloud/latest is no longer supported, all future improvements and development will be happening here: https://registry.terraform.io/providers/OpenVPN/cloudconnexa/latest

sahaqaa commented 1 week ago

Migration from https://registry.terraform.io/providers/OpenVPN/openvpn-cloud/latest to https://registry.terraform.io/providers/OpenVPN/cloudconnexa/latest is manual process and could be frustrating.

If the issues will be still happening after you will migrate to https://registry.terraform.io/providers/OpenVPN/cloudconnexa/latest - feel free to post message and we will try to help you.

PS. I understand that it is not probably what you had expected to see as a reply, but we only support new provider moving forward

pickgr commented 1 week ago

@sahaqaa thank you for the response. As I mentioned, I haven't had time to migrate to the new provider yet, but I'll do that soon and report back if the crash still exists there.

pickgr commented 1 week ago

@sahaqaa

I'm not having much luck trying to migrate to the new provider. I'm assuming the best way to do this is to import existing resources into the terraform state. I have some simple code:

resource "cloudconnexa_user" "foo" {
  email      = "garret.pick@farmwise.io"
  first_name = "Foo"
  last_name  = "Bar"
  role       = "ADMIN"
  username   = "foo"
}

data "cloudconnexa_user" "foo" {
  role     = "ADMIN"
  username = "gpick"
}

I'm unable to import this resource and the data source doesn't appear to be able to look up my user either:

$ terraform import module.connexa.cloudconnexa_user.foo gpick@farmwise
module.connexa.cloudconnexa_user.foo: Importing from ID "gpick@farmwise"...
module.connexa.cloudconnexa_user.foo: Import prepared!
  Prepared cloudconnexa_user for import
module.connexa.cloudconnexa_user.foo: Refreshing state... [id=gpick@farmwise]
╷
│ Error: user with ID gpick@farmwise not found
│
│
╵

$ terraform plan
module.connexa.data.cloudconnexa_user.foo: Reading...

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform planned the following actions, but then encountered a problem:

  # module.connexa.cloudconnexa_user.foo will be created
  + resource "cloudconnexa_user" "foo" {
      + email      = "garret.pick@farmwise.io"
      + first_name = "Foo"
      + id         = (known after apply)
      + last_name  = "Bar"
      + role       = "ADMIN"
      + username   = "foo"
    }

Plan: 1 to add, 0 to change, 0 to destroy.
╷
│ Error: user with ID gpick not found
│
│   with module.connexa.data.cloudconnexa_user.foo,
│   on ../../modules/connexa/user-test.tf line 9, in data "cloudconnexa_user" "foo":
│    9: data "cloudconnexa_user" "foo" {
│

image

Can you please confirm this should work?

Note that I have been able to successfully import cloudconnexa_user_group resources.

sahaqaa commented 1 week ago

I will try to test and reply back

sahaqaa commented 1 week ago

It was bug in provider, more specifically we can create user, but when we run terraform plan we get error.

It is because in https://github.com/OpenVPN/cloudconnexa-go-client/blob/main/cloudconnexa/users.go#L89 we start count from page =1, but it should be from page 0 instead.

Going to submit PR to get this fixed.

https://github.com/OpenVPN/cloudconnexa-go-client/pull/13

pickgr commented 1 week ago

Just FYI - I reproduced the crash on the latest version of the provider:

│ Error: Plugin did not respond
│
│   with module.connexa.cloudconnexa_user.this["gpick"],
│   on ../../modules/connexa/users.tf line 1, in resource "cloudconnexa_user" "this":
│    1: resource "cloudconnexa_user" "this" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The plugin logs may contain more details.
╵

Stack trace from the terraform-provider-cloudconnexa_v0.1.0 plugin:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x2 addr=0x70 pc=0x1009e7c60]

goroutine 249 [running]:
github.com/OpenVPN/terraform-provider-cloudconnexa/cloudconnexa.resourceUserRead({0x100e83090?, 0x140004da5d0?}, 0x140006b5000, {0x100d7df40?, 0x140003fd0e0})
    github.com/OpenVPN/terraform-provider-cloudconnexa/cloudconnexa/resource_user.go:155 +0x140
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).read(0x140000d95e0, {0x100e83090, 0x140004da5d0}, 0xd?, {0x100d7df40, 0x140003fd0e0})
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.33.0/helper/schema/resource.go:795 +0xe8
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).RefreshWithoutUpgrade(0x140000d95e0, {0x100e83090, 0x140004da5d0}, 0x1400016b040, {0x100d7df40, 0x140003fd0e0})
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.33.0/helper/schema/resource.go:1089 +0x430
github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadResource(0x14000362348, {0x100e83090?, 0x140004da330?}, 0x140005a0c80)
    github.com/hashicorp/terraform-plugin-sdk/v2@v2.33.0/helper/schema/grpc_provider.go:667 +0x3e4
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0x14000276b40, {0x100e83090?, 0x14000447b00?}, 0x14000414a80)
    github.com/hashicorp/terraform-plugin-go@v0.22.2/tfprotov5/tf5server/server.go:775 +0x3c4
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0x100e54ba0?, 0x14000276b40}, {0x100e83090, 0x14000447b00}, 0x140006b4d00, 0x0)
    github.com/hashicorp/terraform-plugin-go@v0.22.2/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:482 +0x164
google.golang.org/grpc.(*Server).processUnaryRPC(0x14000195000, {0x100e83090, 0x14000447a70}, {0x100e871f8, 0x140003fa000}, 0x1400071f680, 0x14000366a80, 0x10136a568, 0x0)
    google.golang.org/grpc@v1.63.2/server.go:1369 +0xba0
google.golang.org/grpc.(*Server).handleStream(0x14000195000, {0x100e871f8, 0x140003fa000}, 0x1400071f680)
    google.golang.org/grpc@v1.63.2/server.go:1780 +0xc80
google.golang.org/grpc.(*Server).serveStreams.func2.1()
    google.golang.org/grpc@v1.63.2/server.go:1019 +0x8c
created by google.golang.org/grpc.(*Server).serveStreams.func2 in goroutine 23
    google.golang.org/grpc@v1.63.2/server.go:1030 +0x150

Error: The terraform-provider-cloudconnexa_v0.1.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.
sahaqaa commented 1 week ago

@pickgr New version of provider was released: https://registry.terraform.io/providers/OpenVPN/cloudconnexa/0.1.1

Could you please try to do next:

1/ Create simple user:

resource "cloudconnexa_user" "this" { username = "test" email = "xxx@xxx.com" first_name = "AAAAA" last_name = "BBBBB" }

If it will be created - try to run "terraform plan". Expected result: "No changes. Your infrastructure matches the configuration."

2/ After that please try your code

If step /1 will be successful it will mean that bug was fixed (this one: https://github.com/OpenVPN/terraform-provider-cloudconnexa/issues/3#issuecomment-2182729997 )

Also it will show that TF provider is working in simple scenarios.

If step /2 will faill - please provide me with all required code to reproduce it.

I don't have much experience with TF providers, so i may assume that there is a chance that provider may fail when using iteration.

Looking forward to your reply

pickgr commented 1 week ago

@sahaqaa everything appears to be fixed with version 0.1.1. I'm able to create and manage users and also use terraform import to bring our existing users under terraform management after abandoning the state for the new provider migration.

One small issue is that after importing the user:

terraform import 'module.connexa.cloudconnexa_user.this["foo"]' foo@organization

drift is seen on the group_id

Terraform will perform the following actions:

  # module.connexa.cloudconnexa_user.this["foo"] will be updated in-place
  ~ resource "cloudconnexa_user" "this" {
      + group_id   = "abcdefgh-ijkl-nopq-rstu-vwxyz1234567"
        id         = "foo@organization"
        # (5 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

However, this can be applied and the drift goes away without affecting the user's group membership.

That bug could be tracked separately if you want to close this.

Thanks for all your help and releasing the new version!

sahaqaa commented 6 days ago

@pickgr yes, it is small bug, i've opened issue for it here: https://github.com/OpenVPN/terraform-provider-cloudconnexa/issues/10

For now i propose to close this one :-)