search

SAP / terraform-provider-btp

Terraform provider for SAP BTP
https://registry.terraform.io/providers/SAP/btp/latest
Apache License 2.0
88 stars 18 forks source link

[BUG] Unexpected update of a btp_subaccount_service_binding resource. #936

Closed dimitrij-afonitschkin closed 1 week ago

dimitrij-afonitschkin commented 2 weeks ago

Is there an existing issue for this?

What version of the Terraform provider are you using?

1.7.0

What version of the Terraform CLI are you using?

OpenTofu v1.8.1

What type of issue are you facing

bug report

Describe the bug

I'm implementing a service binding rotation.

resource "btp_subaccount_service_binding" "service_manager_service_binding" {
  provider            = btp
  subaccount_id       = btp_subaccount.subscription_test.id
  service_instance_id = btp_subaccount_service_instance.service_manager.id
  name                = local.service_manager_binding_name
  depends_on          = [btp_subaccount_service_instance.service_manager]
  labels = {
    rotationVersion = [local.expected_credentials_rotation_version]
  }
  lifecycle {
    replace_triggered_by = [null_resource.trigger_rotation]
  }
}

Because local.expected_credentials_rotation_version is changed, the provider tries to update the service binding and fails with the following error. The instance recreation would be triggered by lifecycle/replace_triggered_by, so there is no need for update of old service binding. 

24-10-29T09:24:29.700Z] module.cloudci.module.subscription-test-subaccount[0].btp_subaccount_service_binding.service_manager_service_binding: Modifying... [id=f5b880c4-2800-4fd6-933e-39e0388e1757]

[2024-10-29T09:24:29.700Z] 2024-10-29T09:24:29.594Z [ERROR] provider.terraform-provider-btp_v1.7.0: Response contains error diagnostic: @module=sdk.proto diagnostic_detail="This resource is not supposed to be updated" diagnostic_severity=ERROR tf_provider_addr=registry.terraform.io/sap/btp @caller=github.com/hashicorp/terraform-plugin-go@v0.24.0/tfprotov6/internal/diag/diagnostics.go:58 diagnostic_summary="API Error Updating Resource Service Binding (Subaccount)" tf_proto_version=6.6 tf_req_id=a7db2a09-8e83-ca0d-d019-fcefac3d49be tf_resource_type=btp_subaccount_service_binding tf_rpc=ApplyResourceChange timestamp=2024-10-29T09:24:29.594Z
[2024-10-29T09:24:29.700Z] 2024-10-29T09:24:29.596Z [ERROR] vertex "module.cloudci.module.subscription-test-subaccount[0].btp_subaccount_service_binding.service_manager_service_binding" error: API Error Updating Resource Service Binding (Subaccount)
[2024-10-29T09:24:30.273Z] ╷
[2024-10-29T09:24:30.273Z] │ Error: API Error Updating Resource Service Binding (Subaccount)
[2024-10-29T09:24:30.273Z] │ 
[2024-10-29T09:24:30.273Z] │   with module.cloudci.module.subscription-test-subaccount[0].btp_subaccount_service_binding.service_manager_service_binding,
[2024-10-29T09:24:30.273Z] │   on .terraform/modules/cloudci/modules/subscription-test-subaccount/main.tf line 176, in resource "btp_subaccount_service_binding" "service_manager_service_binding":
[2024-10-29T09:24:30.273Z] │  176: resource "btp_subaccount_service_binding" "service_manager_service_binding" {
[2024-10-29T09:24:30.273Z] │ 
[2024-10-29T09:24:30.273Z] │ This resource is not supposed to be updated

Expected Behavior

I expect the provider not try to update some properties of binding if it is not supported. It should just try to recreate the binging in cases some property can not be updated. Cloud foundry service keys resources behave in such way.

Steps To Reproduce

  1. Execute apply creating a service binding resource
  2. Change name or add a label of the resource in configuration
  3. Execute apply again

User's Role Collections

No response

Add screenshots to help explain your problem

No response

Additional context

No response

vipinvkmenon commented 1 week ago

Hi @dimitrij-afonitschkin Thanks for bringing it up. We will look into this issue and bring the fix for it. In the meantime as you rightly mentioned you can use replace_triggered_by lifecycle to update the resource