search

civo / terraform-provider-civo

Terraform Civo provider
https://www.civo.com
Mozilla Public License 2.0
71 stars 56 forks source link

[BUG] Terraform state manipulation with `terraform state rm` and then `terraform import` causes firewall error #328

Open rytswd opened 1 month ago

rytswd commented 1 month ago

Description

When a firewall is created using create_default_rules = true flag, the firewall can be created using terraform apply, and any subsequent terraform plan will take that flag into account.

However, once the Terraform state is manually adjusted, such as using terraform state rm and then terraform import, this flag will not be imported (I'm assuming there is no inferring happen, though it is probably technically possible), causing the firewall adjustment will throw an error unless you specifically set create_default_rules = false.

Steps to reproduce:

  1. Create network with something like below 
    
provider "civo" {
// NOTE: Requires CIVO_TOKEN env variable
region = var.civo_region
}

resource "civo_network" "network" { label = var.civo_cluster_name region = var.civo_region }

resource "civo_firewall" "firewall" { name = var.civo_cluster_name network_id = civo_network.network.id region = var.civo_region create_default_rules = true }


2. Check `terraform plan` works without any error, and no change needed

3. Check the ID for the created network
```bash
__firewall_id=$(terraform show -json | jq -r '.values.root_module.resources | map(select(.type == "civo_firewall").values.id)[]')
echo $__firewall_id

  1. Remove the state for firewall

    terraform state rm civo_firewall.firewall

  2. Import the state

    terraform import civo_firewall.firewall $__firewall_id

  3. Try terraform plan, and get error related to create_default_rules and Egress error

I think there is a way to set the create_default_rules to true when we can see the default rule sets.

Acceptance Criteria

sundaram2021 commented 1 week ago

hey i have added the fix in this pull request

can you please review into it

thanks