Bug report-application gateway v1 module endless apply when error happened

[amadkamal]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Version of the module you are using

5.6.0

Rover Version

aztfmod/rover:1.2.3-2207.1907

Terraform Version

1.3.0

AzureRM Provider Version

3.0.0

Affected Resource(s)/Data Source(s)

azurerm_application_gateway

Terraform Configuration Files

application_gateway_platforms = {
  agw_platform = {
    resource_group_key = "agw_region1"
    name               = "agw_platform"
    lz_key             = "networking_spoke_agw"
    vnet_key           = "agw_region1"
    subnet_key         = "agw1_private"
    sku_name           = "WAF_v2"
    sku_tier           = "WAF_v2"
    capacity = {
      autoscale = {
        minimum_scale_unit = 0
        maximum_scale_unit = 5
      }
    }
    zones        = ["1"]
    enable_http2 = true

    identity = {
      remote = {
        launchpad = {
          managed_identity_keys = [
            "level3"
          ]
        }
      }
    }

    front_end_ip_configurations = {
      public = {
        name          = "public"
        public_ip_key = "agw_v1_pip"
      }
      private = {
        name                          = "private"
        lz_key                        = "networking_spoke_agw"
        vnet_key                      = "agw_region1"
        subnet_key                    = "agw1_private"
        subnet_cidr_index             = 0 # It is possible to have more than one cidr block per subnet
        private_ip_offset             = 21 # e.g. cidrhost(10.10.0.0/25,4) = 10.10.0.4 => AGW private IP address
        private_ip_address_allocation = "Static"
      }
    }
    front_end_ports = {
      80 = {
        name     = "http"
        port     = 80
        protocol = "Http"
      }
      443 = {
        name     = "https"
        port     = 443
        protocol = "Https"
      }
    }

    #default: wont be able to change after creation as this is required for agw tf resource
    default = {
      frontend_port_key             = "80"
      frontend_ip_configuration_key = "public"
      backend_address_pool_name     = "default-beap"
      http_setting_name             = "default-be-htst"
      listener_name                 = "default-httplstn"
      request_routing_rule_name     = "default-rqrt"
      cookie_based_affinity         = "Disabled"
      request_timeout               = "60"
      rule_type                     = "Basic"
    }

  }
}
application_gateway_applications_v1 = {
  app01 = {
    name                    = "app01"
    application_gateway_key = "agw_platform"

    backend_pools = {
      app01 = {
        name  = "app01"
        fqdns = ["app01.petcafsandpit.com"]

        # ip_addresses = ["10.0.0.4", "10.0.0.5"]

        # app_services = {
        #   lz_key = ""
        #   key = ""
        # }
      }
    }

    http_settings = {
      http_80 = {
        name                        = "http_80"
        front_end_port_key          = "80"
        host_name_from_backend_pool = true
        timeout                     = 45
      }
    }

    http_listeners = {
      // Cannot have two same port listener. Default already use port 80
      //  public = {
      //    name                           = "http_listener01"
      //    front_end_ip_configuration_key = "public"
      //    front_end_port_key             = "80"
      //    # host_name                      = "demo1.app1.com" //for multisite listener
      //  }
      public_ssl = {
        name                           = "https_listener01"
        front_end_ip_configuration_key = "public"
        front_end_port_key             = "443"
        # host_name                      = "demo1.app1.com" //for multisite listener
        ssl_cert_key = "app01_ssl"
      }
    }

    ssl_certs = {
      app01_ssl = {
        name = "app01_ssl"
        keyvault = {
          certificate_key = "demoapp1.cafsandpit.com"

          # lz_key                  = "" #remote keyvault

          # certificate_request_key = "" #for cert request

          # manual cert
          lz_key           = "ssl-cert-ca"             #remote keyvault
          key              = "certificates"            #keyvault key
          certificate_name = "app01-petcafsandpit-com" #manual cert name
        }
      }
    }

    request_routing_rules = {
      default = {
        name              = "default_demo_app1"
        rule_type         = "PathBasedRouting"
        http_listener_key = "public"
        backend_pool_key  = "app01"
        http_settings_key = "http_80"
        url_path_map_key  = "demo"
      }
    }

    url_path_rules = {
      rule1 = {
        name             = "rule1-demo"
        url_path_map_key = "test_path_map"
        paths            = "/test/rule1/*"
      }
      rule2 = {
        name             = "rule2-demo"
        url_path_map_key = "test_path_map"
        paths            = "/test/rule2/*"
      }
    }

    url_path_maps = {
      demo = {
        name              = "test_path_map"
        paths             = "/test/*"
        rule_name         = "rule1"
        backend_pool_key  = "app01"
        http_settings_key = "http_80"
      }
    }

    probes = {
      test = {
        name                         = "test-http"
        protocol                     = "Http"     # Http or Https
        host                         = "test.com" // multisite agw - single site use 127.0.0.1
        host_name_from_http_settings = false
        # port                                    = "" # Leave not set if pick port from backend http settings
        path               = "/api/health"
        interval           = "60"
        timeout            = "60"
        threshold          = "3"
        min_servers        = "0"
        match_status_codes = "200-499"
      }
    }
  }
}

Expected Behaviour

application gateway and application gateway application created successfully

Actual Behaviour

endless apply when there is error occurred due to misconfiguration

refer here below: endless apply when there is error occurred due to misconfiguration

refer here below: module.solution.module.application_gateway_applications["demo_app1"].null_resource.set_http_listener["public"]: Still creating... [3h34m8s elapsed] module.solution.module.application_gateway_applications["demo_app1"].null_resource.set_http_listener["public"]: Still creating... [3h34m18s elapsed] module.solution.module.application_gateway_applications["demo_app2"].null_resource.set_backend_pools["demo"]: Still creating... [3h35m28s elapsed] module.solution.module.application_gateway_applications["demo_app2"].null_resource.set_backend_pools["demo"]: Still creating... [3h35m38s elapsed] module.solution.module.application_gateway_applications["demo_app1"].null_resource.set_http_listener["public"]: Still creating... [3h34m28s elapsed] module.solution.module.application_gateway_applications["demo_app1"].null_resource.set_http_listener["public"]: Still creating... [3h34m38s elapsed] module.solution.module.application_gateway_applications["demo_app2"].null_resource.set_backend_pools["demo"]: Still creating... [3h35m48s elapsed]

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[Lowprophyle]

Might be related to #937. Alternative fix is to export ATTEMPTS=1 before running the apply.