can't update argocd from 2.6.6 to any newer version while using oboukili/argocd provider

[Maiass]

Terraform Version, ArgoCD Provider Version and ArgoCD Version

Terraform version: 3.104.2
ArgoCD provider version: 6.1.1
ArgoCD version: 2.6.6

update to
Terraform version: 3.104.2
ArgoCD provider version: 6.1.1
ArgoCD version: (any newer version than 2.6.6)

Affected Resource(s)

Terraform Configuration Files

terraform {
  required_providers {
    azurerm = {
        source  = "hashicorp/azurerm"
        version = "3.104.2"
    }
    argocd = {
        source  = "oboukili/argocd"
        version = "6.1.1"
    }
  }
}

provider "argocd" {
  server_addr  = var.argocd_admin_host
  username     = var.argocd_admin_username
  password     = var.argocd_admin_password
  insecure       = true
}

########argocd values.yaml###########
global:
  image:
    # -- Overrides the global Argo CD image tag whose default is the chart appVersion
    tag: "v2.8.20"

server:
  extraArgs:
  - --insecure

  ingress:
      enabled: true
    annotations:
      kubernetes.io/ingress.class: nginx
    hostname: "argocd-servername"
    extraTls:
      - hosts:
          - argocd-dns-name
        secretName: argocd-secret-name

Debug Output

Panic Output

Steps to Reproduce

I have argocd 2.6.6 running and exposed by oboukili/argocd verion 6.1.1 but when modifying the versions of argocd helm chart and argocd tag in its values.yaml file (as shown above), terraform runs into error complaining about invalid provider configurations. Worth to be mentioned, these the same provider configurations being used for deploy argocd version 2.6.6

Expected Behavior

Terraform should be able to update argocd from 2.6.6 to a newer version

Actual Behavior

it runs into the following error complaining about invalid argocd provider configurations even these are configurations being working in case of the old argocd version (2.6.6) . Here is the error message :

Important Factoids

References

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[mkilchhofer]

Terraform version: 3.104.2

Can you recheck please? There is no TF version with >3.x. Can you paste the output of terraform version please?

$ terraform version
Terraform v1.9.5
on darwin_amd64

Your version of Terraform is out of date! The latest version
is 1.9.7. You can update by downloading from https://www.terraform.io/downloads.html

ArgoCD version: 2.6.6

So since you are using Argo CD 2.6.6, I assume that you're on Helm chart version 5.27.1?

You cannot update to 2.8.x by only updating the global.image.tag value. You need to update the helm chart also.

[mkilchhofer]

But it still seems to work (for now - still it doesn't make sense). I tried to reproduce your issue without luck 😞.

1. Bootstrap an empty cluster with an Ingress controller installed

   $ cat kind.yaml
   kind: Cluster
   apiVersion: kind.x-k8s.io/v1alpha4
   name: issue-456
   nodes:
   - role: control-plane
    kubeadmConfigPatches:
    - |
      kind: InitConfiguration
      nodeRegistration:
        kubeletExtraArgs:
          node-labels: "ingress-ready=true"
    extraPortMappings:
    - containerPort: 80
      hostPort: 80
      protocol: TCP
    - containerPort: 443
      hostPort: 443
      protocol: TCP
   
   $ kind create cluster --config kind.yaml
   Creating cluster "issue-456" ...
   ✓ Ensuring node image (kindest/node:v1.31.0) 🖼
   ✓ Preparing nodes 📦
   ✓ Writing configuration 📜
   ✓ Starting control-plane 🕹️
   ✓ Installing CNI 🔌
   ✓ Installing StorageClass 💾
   Set kubectl context to "kind-issue-456"
   You can now use your cluster with:
   
   kubectl cluster-info --context kind-issue-456
   
   Have a nice day! 👋
   
   $ kubectl apply -f https://raw.githubusercontent.com/kubernetes/   ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
   namespace/ingress-nginx created
   serviceaccount/ingress-nginx created
   serviceaccount/ingress-nginx-admission created
   role.rbac.authorization.k8s.io/ingress-nginx created
   role.rbac.authorization.k8s.io/ingress-nginx-admission created
   clusterrole.rbac.authorization.k8s.io/ingress-nginx created
   clusterrole.rbac.authorization.k8s.io/ingress-nginx-admission created
   rolebinding.rbac.authorization.k8s.io/ingress-nginx created
   rolebinding.rbac.authorization.k8s.io/ingress-nginx-admission created
   clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx created
   clusterrolebinding.rbac.authorization.k8s.io/ingress-nginx-admission    created
   configmap/ingress-nginx-controller created
   service/ingress-nginx-controller created
   service/ingress-nginx-controller-admission created
   deployment.apps/ingress-nginx-controller created
   job.batch/ingress-nginx-admission-create created
   job.batch/ingress-nginx-admission-patch created
   ingressclass.networking.k8s.io/nginx created
   validatingwebhookconfiguration.admissionregistration.k8s.io/   ingress-nginx-admission created
   

2. Bootstrap Argo CD

   $ cat issue-456_values.yaml
   global:
    image:
      # -- Overrides the global Argo CD image tag whose default is the    chart appVersion
      tag: "v2.8.20"
   
   server:
    extraArgs:
    - --insecure
   
    ingress:
      enabled: true
      annotations:
        kubernetes.io/ingress.class: nginx
      hostname: "argocd-servername"
      extraTls:
        - hosts:
            - argocd-dns-name
          secretName: argocd-secret-name
   
   $ helm install argocd argo/argo-cd \
    --namespace argocd \
    --create-namespace \
    --version 5.27.1 \
    --values issue-456_values.yaml \
    --wait

3. Prepare for Terraform

   $ export TF_VAR_argocd_admin_password=$(kubectl -n argocd get secret    argocd-initial-admin-secret -o jsonpath="{.data.password}" | base64 -d)
   
   $ cat main.tf
   terraform {
    required_providers {
      argocd = {
          source  = "oboukili/argocd"
          version = "6.1.1"
      }
    }
   }
   
   provider "argocd" {
    server_addr  = var.argocd_admin_host
    username     = var.argocd_admin_username
    password     = var.argocd_admin_password
    insecure       = true
   }
   
   variable "argocd_admin_host" {
    type    = string
    default = "localhost"
   }
   variable "argocd_admin_username" {
    type    = string
    default = "admin"
   }
   variable "argocd_admin_password" {}
   
   resource "argocd_project" "example" {
    metadata {
      name      = "example"
    }
   
    spec {
      description  = "An example project"
      source_repos = ["*"]
   
      destination {
        server    = "https://kubernetes.default.svc"
        namespace = "*"
      }
    }
   }

4. Now fire up Terraform

   $ terraform init
   
   $ terraform apply -auto-approve
   
   Terraform used the selected providers to generate the following    execution plan. Resource actions are indicated with the following    symbols:
    + create
   
   Terraform will perform the following actions:
   
    # argocd_project.example will be created
    + resource "argocd_project" "example" {
        + id = (known after apply)
   
        + metadata {
            + generation       = (known after apply)
            + name             = "example"
            + namespace        = (known after apply)
            + resource_version = (known after apply)
            + uid              = (known after apply)
          }
   
        + spec {
            + description  = "An example project"
            + source_repos = [
                + "*",
              ]
   
            + destination {
                  name      = null
                + namespace = "*"
                + server    = "https://kubernetes.default.svc"
              }
          }
      }
   
   Plan: 1 to add, 0 to change, 0 to destroy.
   argocd_project.example: Creating...
   argocd_project.example: Creation complete after 1s [id=example]
   
   Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

[Maiass]

i was trying to update the already existing argocd release to newer helm chart version and image version. as follows

current running argocd setup: argocd version: v2.6.6 argocd helm chart version: 6.9.2 ArgoCD provider version: 6.1.1

to these versions: argocd version: v2.8.20 argocd helm chart version: 7.6.8 ArgoCD provider version: 6.1.1

The following is azurerm provider not the terraform version (sorry my bad): azurerm provider version: 3.104.2

I use Terragrunt version v0.58.12 and Terraform v1.4.7

so, will the example you implemented be upgraded to reproduce the behaviour