[BUG] Update of btp_subaccount_environment_instance Kyma instance forces recreate

mpern commented 9 months ago

Is there an existing issue for this?

[X] I have searched the existing issues

What version of the Terraform provider are you using?

0.5.0-beta1

What version of the Terraform CLI are you using?

1.57

What type of issue are you facing

bug report

Describe the bug

Updating a Kyma instance forces a recreate because of a change to landscape_label

[2023-12-05T08:39:15.109Z]       + landscape_label  = (known after apply) # forces replacement

Expected Behavior

updating happens in-place

Steps To Reproduce

create a Kyma environment instance
update the instance with changes to the parameters (specifically: add a new administrator
Update forces a recreate because of a landscape_label change

User's Role Collections

No response

Add screenshots to help explain your problem

No response

Additional context

No response

lechnerc77 commented 9 months ago

Testscript for creation of setup:

locals {
  support_admins = {
    id = "firstname.lastname@sap.com"
  }
}

resource "btp_subaccount" "sa-with-kyma" {
  name      = "sa-with-kyma"
  subdomain = "sa-with-kyma"
  region    = "eu20"
}

resource "btp_subaccount_role_collection_assignment" "sa-with-kyma_admins" {
  for_each = local.support_admins
  subaccount_id        = btp_subaccount.sa-with-kyma.id
  role_collection_name = "Subaccount Administrator"
  user_name            = each.value
}

resource "btp_subaccount_entitlement" "sa-with-kyma-kyma" {
  subaccount_id = btp_subaccount.sa-with-kyma.id
  service_name  = "kymaruntime"
  plan_name     = "azure"
  amount        = 1
}
resource "btp_subaccount_environment_instance" "sa-with-kyma-kyma" {
  subaccount_id    = btp_subaccount.sa-with-kyma.id
  name             = "Kyma"
  environment_type = "kyma"
  service_name     = btp_subaccount_entitlement.sa-with-kyma-kyma.service_name
  plan_name        = btp_subaccount_entitlement.sa-with-kyma-kyma.plan_name
  parameters = jsonencode({
    name            = "sa-with-kyma"
    # https://help.sap.com/docs/btp/sap-business-technology-platform/regions-for-kyma-environment
    region          = "westeurope"
    machine_type    = "Standard_D4_v3"
    auto_scaler_min = 3
    auto_scaler_max = 5
    administrators  = [ for cid, email in local.support_admins : email ]
  })

  timeouts = {
    create = "1h"
    update = "35m"
    delete = "2h"
  }
}

lechnerc77 commented 9 months ago

Script for change that enforces replace (adding another admin):

locals {
  support_admins = {
    id = "firstname.lastname@sap.com",
    id2 = "firstname2.lastname2@sap.com",
  }
}

resource "btp_subaccount" "sa-with-kyma" {
  name      = "sa-with-kyma"
  subdomain = "sa-with-kyma"
  region    = "eu20"
}

resource "btp_subaccount_role_collection_assignment" "sa-with-kyma_admins" {
  for_each = local.support_admins
  subaccount_id        = btp_subaccount.sa-with-kyma.id
  role_collection_name = "Subaccount Administrator"
  user_name            = each.value
}

resource "btp_subaccount_entitlement" "sa-with-kyma-kyma" {
  subaccount_id = btp_subaccount.sa-with-kyma.id
  service_name  = "kymaruntime"
  plan_name     = "azure"
  amount        = 1
}
resource "btp_subaccount_environment_instance" "sa-with-kyma-kyma" {
  subaccount_id    = btp_subaccount.sa-with-kyma.id
  name             = "Kyma"
  environment_type = "kyma"
  service_name     = btp_subaccount_entitlement.sa-with-kyma-kyma.service_name
  plan_name        = btp_subaccount_entitlement.sa-with-kyma-kyma.plan_name
  parameters = jsonencode({
    name            = "sa-with-kyma"
    # https://help.sap.com/docs/btp/sap-business-technology-platform/regions-for-kyma-environment
    region          = "westeurope"
    machine_type    = "Standard_D4_v3"
    auto_scaler_min = 3
    auto_scaler_max = 5
    administrators  = [ for cid, email in local.support_admins : email ]
  })

  timeouts = {
    create = "1h"
    update = "35m"
    delete = "2h"
  }
}

lechnerc77 commented 9 months ago

@mpern, I tried t reproduce your setup with provider version 0.6.0-beta2 (you are using an outdated version, during beta phase we do not backport fixes). I could not reproduce the issue in my setup (BTP life landscape)

The result of the terraform plan:


Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create
  ~ update in-place

Terraform will perform the following actions:

  # btp_subaccount_environment_instance.sa-with-kyma-kyma will be updated in-place
  ~ resource "btp_subaccount_environment_instance" "sa-with-kyma-kyma" {
      ~ broker_id        = "XXX" -> (known after apply)
      ~ created_date     = "2023-12-05T10:58:27Z" -> (known after apply)
      ~ custom_labels    = {} -> (known after apply)
      ~ dashboard_url    = "https://dashboard.kyma.cloud.sap/?kubeconfigID=XXX" -> (known after apply)
      + description      = (known after apply)
        id               = "XXX"
      ~ labels           = jsonencode(
            {
              - KubeconfigURL = "XXX"
              - Name          = "sa-with-kyma"
            }
        ) -> (known after apply)
      ~ last_modified    = "2023-12-05T11:18:08Z" -> (known after apply)
        name             = "Kyma"
      ~ operation        = "XXX" -> (known after apply)
      ~ parameters       = jsonencode(
          ~ {
              ~ administrators  = [
                    "xxx@sap.com",
                  + "xxx@sap.com",
                ]
                name            = "sa-with-kyma"
                # (4 unchanged attributes hidden)
            }
        )
      ~ plan_id          = "XXX" -> (known after apply)
      ~ platform_id      = "XXX" -> (known after apply)
      ~ service_id       = "XXX" -> (known after apply)
      ~ state            = "OK" -> (known after apply)
      ~ tenant_id        = "XXX" -> (known after apply)
      ~ type             = "Provision" -> (known after apply)
        # (5 unchanged attributes hidden)
    }

  # btp_subaccount_role_collection_assignment.sa-with-kyma_admins["X"] will be created
  + resource "btp_subaccount_role_collection_assignment" "sa-with-kyma_admins" {
      + id                   = (known after apply)
      + origin               = "ldap"
      + role_collection_name = "Subaccount Administrator"
      + subaccount_id        = "XXX"
      + user_name            = "XXX@sap.com"
    }

Plan: 1 to add, 1 to change, 0 to destroy.

Can you update the provider version and re-evaluate

mpern commented 8 months ago

closing as update to 1.0.0-rc1 seems to solve it

SAP / terraform-provider-btp