search

PaloAltoNetworks / terraform-provider-panos

Terraform Panos provider
https://www.terraform.io/docs/providers/panos/
Mozilla Public License 2.0
87 stars 70 forks source link

provider 1.10.0 crashes if EDL's are used #330

Closed rory-gmi closed 2 years ago

rory-gmi commented 2 years ago

Describe the bug

Plugin Crashes after upgrade to 1.10.0 if config contains EDL's

Expected behavior

plugin should not crash

Current behavior

plugin crashing while running terraform plan

Possible solution

not sure, works on environment without EDL's configured.

Steps to reproduce

set version of plugin to 1.10.0 run terraform plan

Screenshots

Stack trace from the terraform-provider-panos_v1.10.0 plugin:

panic: runtime error: index out of range [2] with length 2

goroutine 82 [running]:
github.com/terraform-providers/terraform-provider-panos/panos.parseEdlId(0xc00015e540, 0x1e, 0x139fb20, 0x0, 0x15, 0x153fc1a, 0xb, 0x139fb20)
github.com/terraform-providers/terraform-provider-panos/panos/edl.go:433 +0xd7
github.com/terraform-providers/terraform-provider-panos/panos.readEdl(0xc000beef50, 0x1530300, 0xc00000a1e0, 0xc000beef50, 0x0)
github.com/terraform-providers/terraform-provider-panos/panos/edl.go:203 +0xb7
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Resource).RefreshWithoutUpgrade(0xc0002f9220, 0xc00090a000, 0x1530300, 0xc00000a1e0, 0xc0008f9178, 0x0, 0x0)
github.com/hashicorp/terraform-plugin-sdk@v1.17.2/helper/schema/resource.go:470 +0x12e
github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(*GRPCProviderServer).ReadResource(0xc000131528, 0x17723d0, 0xc000096c00, 0xc000715260, 0xc000131528, 0xc000096c00, 0xc000c52ba0)
github.com/hashicorp/terraform-plugin-sdk@v1.17.2/internal/helper/plugin/grpc_provider.go:535 +0x3dd
github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ReadResource_Handler(0x14ea840, 0xc000131528, 0x17723d0, 0xc000096c00, 0xc000715200, 0x0, 0x17723d0, 0xc000096c00, 0xc000902000, 0x1a0)
github.com/hashicorp/terraform-plugin-sdk@v1.17.2/internal/tfplugin5/tfplugin5.pb.go:3269 +0x214
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0009921c0, 0x177b938, 0xc00031ad80, 0xc000ab8a00, 0xc0006fa510, 0x1e97af0, 0x0, 0x0, 0x0)
google.golang.org/grpc@v1.32.0/server.go:1194 +0x52b
google.golang.org/grpc.(*Server).handleStream(0xc0009921c0, 0x177b938, 0xc00031ad80, 0xc000ab8a00, 0x0)
google.golang.org/grpc@v1.32.0/server.go:1517 +0xd0c
google.golang.org/grpc.(*Server).serveStreams.func1.2(0xc00055c540, 0xc0009921c0, 0x177b938, 0xc00031ad80, 0xc000ab8a00)
google.golang.org/grpc@v1.32.0/server.go:859 +0xab
created by google.golang.org/grpc.(*Server).serveStreams.func1
google.golang.org/grpc@v1.32.0/server.go:857 +0x1fd

Error: The terraform-provider-panos_v1.10.0 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

Context

trying to update to latest version to take advantage of 10.1.x PanOS features

Your Environment

panos-provider - 1.10.0 ( coming from 1.8.3) terraform version - 1.0.3

Jamie-Leon commented 2 years ago

@shinmog

In our case we are experiencing the same error, when checking the EDL ID on 10.1.3 it contains only 1 :

In provider version 1.10.0 it is expecting 2 :

This is seen here in the following file for v1.10.0

https://github.com/PaloAltoNetworks/terraform-provider-panos/blob/2598357ab1327fb726c5c9de9f6660cdd47fdf32/panos/edl.go#L433

In the previous provider v1.8.3

https://github.com/PaloAltoNetworks/terraform-provider-panos/blob/f311e3bea717316599009f5708e865ec77b2358c/panos/resource_edl.go#L117

On PANOS 10.1.3 we had this working using v1.8.3 and terraform state show module.main.panos_edl.whitelists["ul-shared-dev-ip"] displays the ID with the 1 :

# module.main.panos_edl.whitelists["ul-shared-dev-ip"]:
resource "panos_edl" "whitelists" {
    description         = "list of ip egress for shared-dev"
    exceptions          = []
    id                  = "vsys1:whitelist-shared-dev-ip"
    name                = "whitelist-shared-dev-ip"
    repeat              = "every five minutes"
    repeat_day_of_month = 0
    source              = "http://XXXXXXX"
    type                = "ip"
    vsys                = "vsys1"
}

How do we convert this to the new format or fix this? We are putting the EDL onto a fresh instance running PANOS 10.1.5.h1