4.39.0 to 4.41.0: the `cloudflare_record` no longer has the `value` argument and results in all of these resources needing to add it back

[nitrocode]

Confirmation

• [X] This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
• [X] I have searched the issue tracker and my issue isn't already found.
• [X] I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

terraform 1.9.5 provider 4.41.0

Affected resource(s)

cloudflare_record

Terraform configuration files

resource "cloudflare_record" "default"
  # ...
  value = "bananas"
  # ...
}

Link to debug output

N/A

Panic output

N/A

Expected output

No changes

Also I would have expected this deprecation to be in a major version i.e. 5.x instead of a minor version 4.39.0.

Actual output

  # module.cloudflare_records.cloudflare_record.default["snip"] will be updated in-place
! resource "cloudflare_record" "default" {
        id              = "snip"
        name            = "snip"
        tags            = [
            "snip",
        ]
+       value           = "bananas"
        # (11 unchanged attributes hidden)
    }

Steps to reproduce

1. Run terraform plan with the latest provider

Additional factoids

Our workaround is to pin the provider until we're ready to migrate

terraform {
  required_version = "> 1.0.0"

  required_providers {
    cloudflare = {
      source = "cloudflare/cloudflare"
      # TODO: the <=4.38.0 is because in 4.39.x and higher they deprecated "value" for "content" argument.
      # This now results in all the records show up as changing "value" or "content".
      version = "> 4, <=4.38.0"
    }
  }
}

References

No response

[github-actions[bot]]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[github-actions[bot]]

Thank you for reporting this issue! For maintainers to dig into issues it is required that all issues include the entirety of TF_LOG=DEBUG output to be provided. The only parts that should be redacted are your user credentials in the X-Auth-Key, X-Auth-Email and Authorization HTTP headers. Details such as zone or account identifiers are not considered sensitive but can be redacted if you are very cautious. This log file provides additional context from Terraform, the provider and the Cloudflare API that helps in debugging issues. Without it, maintainers are very limited in what they can do and may hamper diagnosis efforts.

This issue has been marked with triage/needs-information and is unlikely to receive maintainer attention until the log file is provided making this a complete bug report.

[jacobbednarz]

value has not been removed from the schema. only a deprecation notice is being issued at the moment.

[nitrocode]

We do not see a deprecation notice in our plan.

Instead, we see 100s of our cloudflare records trying to re-add the value argument. This doesn't seem to be API related since downgrading our cloudflare provider allows us to see No changes as expected.

This is likely a provider bug and gives us far less confidence in keeping a ~> 4 provider pin. For now we have downgraded to =4.38.0 until we're ready to upgrade.

I know open source can be difficult, grueling, and thankless. While I appreciate all of your work (thank you!) and others who contribute to this repo, closing this issue with a terse response and without a conversation, at the very least, is not the most helpful approach in community engagement. Please at least acknowledge the issue and if this is not a provider bug, perhaps offer a path forward for myself and others who may be in the same predicament.

[jacobbednarz]

the issue is closed as there isn't anything actionable for maintainers. it doesn't stop discussion or questions of there are still ones outstanding. if an issue is discovered, the issue can always be re-opened and actions assigned.

as for your specific issue, the reproduction case is based on HCL dynamics which we call out in the issue template to avoid as not something we are able to reproduce/debug due to potentially having it's own logic bugs so i would start with a reproduction case that isn't using the module and go from there.

worth noting as well, you haven't provided required debug logs which really hampers what anyone can do to help you here. when issues are raised lacking context, it's the equivalent looking for a light switch, in someone else's house in the pitch black of night. any discovery done is based on assumptions and best guesses which wastes a lot of time which is not a good use of anyone's time.

fwiw, we have 4.41.0 running internally with value in the DNS record resource (and showing the deprecation) without issue so there is something else to factor in here.

[nitrocode]

If you close the issue, most people will take that as a sign to no longer continue the discussing, even if technically we can have a discussion as the issue is not locked. Closing an issue is akin to someone coming to your house to let you know that a part of your home has a hole in it, and you say "okay but I need more information" and then immediately close the door with your ear to the door to continue the chat. :)

Technically I can still yell from outside so you can hear me but most people would probably just walk away. That's why I referenced community engagement. As trivial as it is, if you want to continue to discuss the issue, it's best to keep the issue open or at the very least, close it and provide next steps without prompt.

---

I get your point so to continue the discussion, here is a far smaller hcl without a module to reproduce the issue with debug logs and necessary redactions.

Please let me know if more information is needed.

hcl

```hcl terraform { required_version = "> 1.0.0" required_providers { cloudflare = { source = "cloudflare/cloudflare" version = "> 4" } } } resource "cloudflare_record" "default" { zone_id = "snip" name = "meetup" value = "snip" # content = "snip" comment = "snip" type = "CNAME" proxied = true tags = ["terraform"] } ```

Version command

```bash ✗ terraform version Terraform v1.9.5 on darwin_arm64 + provider registry.terraform.io/cloudflare/cloudflare v4.41.0 ```

Import command

```bash ✗ terraform import cloudflare_record.default snip/snip ```

With `content`, I see this

```hcl # cloudflare_record.default will be updated in-place ~ resource "cloudflare_record" "default" { + allow_overwrite = false + content = "snip" id = "snip" name = "snip" tags = [ "terraform", ] # (10 unchanged attributes hidden) } Plan: 0 to add, 1 to change, 0 to destroy. ```

With `value`, I see this (with deprecation)

```hcl # cloudflare_record.default will be updated in-place ~ resource "cloudflare_record" "default" { + allow_overwrite = false id = "snip" name = "snip" tags = [ "terraform", ] + value = "snip" # (10 unchanged attributes hidden) } Plan: 0 to add, 1 to change, 0 to destroy. ╷ │ Warning: Argument is deprecated │ │ with cloudflare_record.default, │ on main.tf line 15, in resource "cloudflare_record" "default": │ 15: value = "snip" │ │ `value` is deprecated in favour of `content` and will be removed in the next major release. │ │ (and one more similar warning elsewhere) ```

terraform plan with debug

``` ✗ TF_LOG=DEBUG terraform plan 2>&1 2024-09-06T17:09:18.689-0500 [INFO] Terraform version: 1.9.5 2024-09-06T17:09:18.689-0500 [DEBUG] using github.com/hashicorp/go-tfe v1.58.0 2024-09-06T17:09:18.689-0500 [DEBUG] using github.com/hashicorp/hcl/v2 v2.20.0 2024-09-06T17:09:18.689-0500 [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.1 2024-09-06T17:09:18.689-0500 [DEBUG] using github.com/zclconf/go-cty v1.14.4 2024-09-06T17:09:18.689-0500 [INFO] Go runtime version: go1.22.5 2024-09-06T17:09:18.689-0500 [INFO] CLI args: []string{"/Users/user/.asdf/installs/terraform/1.9.5/bin/terraform", "plan"} 2024-09-06T17:09:18.689-0500 [DEBUG] Attempting to open CLI config file: /Users/user/.terraformrc 2024-09-06T17:09:18.689-0500 [DEBUG] File doesn't exist, but doesn't need to. Ignoring. 2024-09-06T17:09:18.689-0500 [DEBUG] checking for credentials in "/Users/user/.terraform.d/plugins" 2024-09-06T17:09:18.689-0500 [DEBUG] checking for credentials in "/Users/user/.terraform.d/plugins/darwin_arm64" 2024-09-06T17:09:18.689-0500 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins 2024-09-06T17:09:18.689-0500 [DEBUG] will search for provider plugins in /Users/user/.terraform.d/plugins 2024-09-06T17:09:18.690-0500 [DEBUG] ignoring non-existing provider search directory /Users/user/Library/Application Support/io.terraform/plugins 2024-09-06T17:09:18.690-0500 [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins 2024-09-06T17:09:18.690-0500 [INFO] CLI command args: []string{"plan"} 2024-09-06T17:09:18.719-0500 [DEBUG] checking for provisioner in "." 2024-09-06T17:09:18.719-0500 [DEBUG] checking for provisioner in "/Users/user/.asdf/installs/terraform/1.9.5/bin" 2024-09-06T17:09:18.719-0500 [DEBUG] checking for provisioner in "/Users/user/.terraform.d/plugins" 2024-09-06T17:09:18.720-0500 [DEBUG] checking for provisioner in "/Users/user/.terraform.d/plugins/darwin_arm64" 2024-09-06T17:09:18.720-0500 [INFO] backend/local: starting Plan operation 2024-09-06T17:09:18.723-0500 [DEBUG] created provider logger: level=debug 2024-09-06T17:09:18.723-0500 [INFO] provider: configuring client automatic mTLS 2024-09-06T17:09:18.729-0500 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 args=[".terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0"] 2024-09-06T17:09:18.732-0500 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 pid=86194 2024-09-06T17:09:18.732-0500 [DEBUG] provider: waiting for RPC address: plugin=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 2024-09-06T17:09:18.747-0500 [INFO] provider.terraform-provider-cloudflare_v4.41.0: configuring server automatic mTLS: timestamp=2024-09-06T17:09:18.746-0500 2024-09-06T17:09:18.753-0500 [DEBUG] provider: using plugin: version=6 2024-09-06T17:09:18.753-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: plugin address: address=/var/folders/rm/2vzkm4c15ygf4s4qkqbttpqh0000gn/T/plugin2126714153 network=unix timestamp=2024-09-06T17:09:18.753-0500 2024-09-06T17:09:18.773-0500 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" 2024-09-06T17:09:18.774-0500 [INFO] provider: plugin process exited: plugin=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 id=86194 2024-09-06T17:09:18.774-0500 [DEBUG] provider: plugin exited 2024-09-06T17:09:18.774-0500 [DEBUG] Building and walking validate graph 2024-09-06T17:09:18.774-0500 [DEBUG] ProviderTransformer: "cloudflare_record.default" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"] 2024-09-06T17:09:18.774-0500 [DEBUG] ReferenceTransformer: "cloudflare_record.default" references: [] 2024-09-06T17:09:18.774-0500 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: [] 2024-09-06T17:09:18.774-0500 [DEBUG] Starting graph walk: walkValidate 2024-09-06T17:09:18.774-0500 [DEBUG] created provider logger: level=debug 2024-09-06T17:09:18.774-0500 [INFO] provider: configuring client automatic mTLS 2024-09-06T17:09:18.777-0500 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 args=[".terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0"] 2024-09-06T17:09:18.780-0500 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 pid=86195 2024-09-06T17:09:18.780-0500 [DEBUG] provider: waiting for RPC address: plugin=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 2024-09-06T17:09:18.795-0500 [INFO] provider.terraform-provider-cloudflare_v4.41.0: configuring server automatic mTLS: timestamp=2024-09-06T17:09:18.794-0500 2024-09-06T17:09:18.801-0500 [DEBUG] provider: using plugin: version=6 2024-09-06T17:09:18.801-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: plugin address: address=/var/folders/rm/2vzkm4c15ygf4s4qkqbttpqh0000gn/T/plugin1550740208 network=unix timestamp=2024-09-06T17:09:18.800-0500 2024-09-06T17:09:18.807-0500 [WARN] provider.terraform-provider-cloudflare_v4.41.0: Response contains warning diagnostic: @caller=github.com/hashicorp/terraform-plugin-go@v0.23.0/tfprotov6/internal/diag/diagnostics.go:60 diagnostic_detail="`value` is deprecated in favour of `content` and will be removed in the next major release." diagnostic_severity=WARNING diagnostic_summary="Argument is deprecated" tf_proto_version=6.6 tf_rpc=ValidateResourceConfig @module=sdk.proto diagnostic_attribute="AttributeName(\"value\")" tf_provider_addr=registry.terraform.io/cloudflare/cloudflare tf_resource_type=cloudflare_record tf_req_id=faa30ac7-43d8-4bbd-7f7e-b4fedef418cf timestamp=2024-09-06T17:09:18.807-0500 2024-09-06T17:09:18.808-0500 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" 2024-09-06T17:09:18.808-0500 [INFO] provider: plugin process exited: plugin=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 id=86195 2024-09-06T17:09:18.808-0500 [DEBUG] provider: plugin exited 2024-09-06T17:09:18.808-0500 [INFO] backend/local: plan calling Plan 2024-09-06T17:09:18.808-0500 [DEBUG] Building and walking plan graph for NormalMode 2024-09-06T17:09:18.809-0500 [DEBUG] ProviderTransformer: "cloudflare_record.default (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"] 2024-09-06T17:09:18.809-0500 [DEBUG] ReferenceTransformer: "cloudflare_record.default (expand)" references: [] 2024-09-06T17:09:18.809-0500 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: [] 2024-09-06T17:09:18.809-0500 [DEBUG] Starting graph walk: walkPlan 2024-09-06T17:09:18.809-0500 [DEBUG] created provider logger: level=debug 2024-09-06T17:09:18.809-0500 [INFO] provider: configuring client automatic mTLS 2024-09-06T17:09:18.813-0500 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 args=[".terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0"] 2024-09-06T17:09:18.816-0500 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 pid=86196 2024-09-06T17:09:18.816-0500 [DEBUG] provider: waiting for RPC address: plugin=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 2024-09-06T17:09:18.830-0500 [INFO] provider.terraform-provider-cloudflare_v4.41.0: configuring server automatic mTLS: timestamp=2024-09-06T17:09:18.830-0500 2024-09-06T17:09:18.837-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: plugin address: address=/var/folders/rm/2vzkm4c15ygf4s4qkqbttpqh0000gn/T/plugin492382234 network=unix timestamp=2024-09-06T17:09:18.837-0500 2024-09-06T17:09:18.837-0500 [DEBUG] provider: using plugin: version=6 2024-09-06T17:09:18.844-0500 [INFO] provider.terraform-provider-cloudflare_v4.41.0: cloudflare Client configured for user: : tf_provider_addr=registry.terraform.io/cloudflare/cloudflare tf_req_id=2d80e237-b0b3-fedd-62a5-e66532809cab @module=cloudflare tf_rpc=ConfigureProvider @caller=github.com/cloudflare/terraform-provider-cloudflare/internal/sdkv2provider/config.go:39 tf_mux_provider=tf5to6server.v5tov6Server timestamp=2024-09-06T17:09:18.844-0500 2024-09-06T17:09:18.844-0500 [INFO] provider.terraform-provider-cloudflare_v4.41.0: cloudflare Client configured for user: : tf_mux_provider="*proto6server.Server" tf_req_id=2d80e237-b0b3-fedd-62a5-e66532809cab tf_rpc=ConfigureProvider @caller=github.com/cloudflare/terraform-provider-cloudflare/internal/framework/provider/config.go:38 @module=cloudflare tf_provider_addr=registry.terraform.io/cloudflare/cloudflare timestamp=2024-09-06T17:09:18.844-0500 2024-09-06T17:09:18.844-0500 [DEBUG] ReferenceTransformer: "cloudflare_record.default" references: [] cloudflare_record.default: Refreshing state... [id=snip] 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: 2024/09/06 17:09:18 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: GET /client/v4/zones/snip/dns_records/snip HTTP/1.1 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Host: api.cloudflare.com 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: User-Agent: terraform-provider-cloudflare/4.41.0 terraform-plugin-sdk/2.34.0 terraform/1.9.5 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Authorization: Bearer [redacted] 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Content-Type: application/json 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Accept-Encoding: gzip 2024-09-06T17:09:18.847-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: 2024/09/06 17:09:19 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: HTTP/2.0 200 OK 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Cf-Auditlog-Id: 0191c962-7672-7d56-b3a2-bcf0412c82a5 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Cf-Cache-Status: DYNAMIC 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Cf-Ray: 8bf1c85d6df71127-ORD 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Content-Type: application/json 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Date: Fri, 06 Sep 2024 22:09:19 GMT 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Server: cloudflare 2024-09-06T17:09:19.133-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Set-Cookie: __cflb=0H28vgHxwvgAQtjUGUFqYFDiSDreGJnUsfG5bLrb36V; SameSite=Lax; path=/; expires=Sat, 07-Sep-24 00:39:20 GMT; HttpOnly 2024-09-06T17:09:19.134-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Set-Cookie: __cf_bm=dBEe64bcwxAuAxgMUU_EO7JWBhh8K.gS8ZaaD8w5ogc-1725660559-1.0.1.1-9mXyJ8VY3Xmr395JUHD5YKod0Rt1ZI2y77_OpSud2WDFj8Nv_gLVpjBXOfmgAPR.aiCF4DPK0VG8safX7ivb2A; path=/; expires=Fri, 06-Sep-24 22:39:19 GMT; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None 2024-09-06T17:09:19.134-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Set-Cookie: __cfruid=bf1109c6dd07e9cc3b3331f8e27a5dd3f295668c-1725660559; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None 2024-09-06T17:09:19.134-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Vary: Accept-Encoding 2024-09-06T17:09:19.134-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0 2024-09-06T17:09:19.134-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: {"result":{"id":"snip","zone_id":"snip","zone_name":"snip","name":"snip","type":"CNAME","content":"snip","proxiable":true,"proxied":true,"ttl":1,"meta":{"auto_added":false,"managed_by_apps":false,"managed_by_argo_tunnel":false},"comment":"snip","tags":["terraform"],"created_on":"2024-08-01T21:26:56.626781Z","modified_on":"2024-08-01T21:26:56.626781Z","comment_modified_on":"2024-08-01T21:26:56.626781Z","tags_modified_on":"2024-08-01T21:26:56.626781Z"},"success":true,"errors":[],"messages":[]} 2024-09-06T17:09:19.135-0500 [DEBUG] provider.terraform-provider-cloudflare_v4.41.0: Data found in config: : @module=cloudflare tf_mux_provider=tf5to6server.v5tov6Server tf_provider_addr=registry.terraform.io/cloudflare/cloudflare tf_resource_type=cloudflare_record @caller=github.com/cloudflare/terraform-provider-cloudflare/internal/sdkv2provider/resource_cloudflare_record.go:218 tf_req_id=d737dbfb-6436-a3fe-0921-f2619c9124d5 tf_rpc=ReadResource timestamp=2024-09-06T17:09:19.134-0500 2024-09-06T17:09:19.138-0500 [WARN] provider.terraform-provider-cloudflare_v4.41.0: Response contains warning diagnostic: @caller=github.com/hashicorp/terraform-plugin-go@v0.23.0/tfprotov6/internal/diag/diagnostics.go:60 diagnostic_severity=WARNING tf_proto_version=6.6 tf_rpc=ValidateResourceConfig @module=sdk.proto tf_req_id=c6fffa50-54be-ab8f-6283-6fc7a1bea4f3 diagnostic_summary="Argument is deprecated" tf_resource_type=cloudflare_record diagnostic_attribute="AttributeName(\"value\")" diagnostic_detail="`value` is deprecated in favour of `content` and will be removed in the next major release." tf_provider_addr=registry.terraform.io/cloudflare/cloudflare timestamp=2024-09-06T17:09:19.138-0500 2024-09-06T17:09:19.140-0500 [WARN] Provider "registry.terraform.io/cloudflare/cloudflare" produced an invalid plan for cloudflare_record.default, but we are tolerating it because it is using the legacy plugin SDK. The following problems may be the cause of any confusing errors from downstream operations: - .allow_overwrite: planned value cty.False for a non-computed attribute 2024-09-06T17:09:19.141-0500 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" 2024-09-06T17:09:19.142-0500 [INFO] provider: plugin process exited: plugin=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/4.41.0/darwin_arm64/terraform-provider-cloudflare_v4.41.0 id=86196 2024-09-06T17:09:19.142-0500 [DEBUG] provider: plugin exited 2024-09-06T17:09:19.142-0500 [DEBUG] building apply graph to check for errors 2024-09-06T17:09:19.142-0500 [DEBUG] ProviderTransformer: "cloudflare_record.default (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"] 2024-09-06T17:09:19.142-0500 [DEBUG] ProviderTransformer: "cloudflare_record.default" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/cloudflare/cloudflare"] 2024-09-06T17:09:19.142-0500 [DEBUG] ReferenceTransformer: "cloudflare_record.default (expand)" references: [] 2024-09-06T17:09:19.142-0500 [DEBUG] ReferenceTransformer: "cloudflare_record.default" references: [] 2024-09-06T17:09:19.142-0500 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: [] 2024-09-06T17:09:19.143-0500 [INFO] backend/local: plan operation completed Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # cloudflare_record.default will be updated in-place ~ resource "cloudflare_record" "default" { + allow_overwrite = false id = "snip" name = "snip" tags = [ "terraform", ] + value = "snip" # (10 unchanged attributes hidden) } Plan: 0 to add, 1 to change, 0 to destroy. ╷ │ Warning: Argument is deprecated │ │ with cloudflare_record.default, │ on main.tf line 15, in resource "cloudflare_record" "default": │ 15: value = "snip" │ │ `value` is deprecated in favour of `content` and will be removed in the next major release. │ │ (and one more similar warning elsewhere) ╵ ──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now. ```

[jacobbednarz]

if you've taken a closed issue that way, i'm sorry but it's your perception. this project along with many others like Homebrew don't operate that way.

as for your reproduction, are you only seeing the issue when importing first? or is this only an issue when creating them directly (actually running apply, not plan)

[nitrocode]

I see this value/content drift issue for our existing root dirs without importing a record.

The reproduction case required the import to make it small enough to share.

Thank you for looking into this

[jacobbednarz]

i'm afraid i'm unable to reproduce this one (without the import which i'm still unsure why it's needed).

using your configuration and the following steps

$ terraform init -upgrade

Initializing the backend...

Initializing provider plugins...
- Finding cloudflare/cloudflare versions matching "4.38.0"...
- Installing cloudflare/cloudflare v4.38.0...
- Installed cloudflare/cloudflare v4.38.0 (self-signed, key ID C76001609EE3B136)

Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html

Terraform has made some changes to the provider dependency selections recorded
in the .terraform.lock.hcl file. Review those changes and commit them to your
version control system if they represent changes you intended to make.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

$ terraform apply -auto-approve

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # cloudflare_record.default will be created
  + resource "cloudflare_record" "default" {
      + allow_overwrite = false
      + comment         = "snip"
      + created_on      = (known after apply)
      + hostname        = (known after apply)
      + id              = (known after apply)
      + metadata        = (known after apply)
      + modified_on     = (known after apply)
      + name            = "meetup"
      + proxiable       = (known after apply)
      + proxied         = true
      + tags            = [
          + "terraform",
        ]
      + ttl             = (known after apply)
      + type            = "CNAME"
      + value           = "example.com"
      + zone_id         = "0da42c8d2132a9ddaf714f9e7c920711"
    }

Plan: 1 to add, 0 to change, 0 to destroy.
cloudflare_record.default: Creating...
cloudflare_record.default: Creation complete after 0s [id=a5d305f65b3c1f3e72d138b9c109fbda]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

$ terraform apply -auto-approve
cloudflare_record.default: Refreshing state... [id=a5d305f65b3c1f3e72d138b9c109fbda]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

$ sd -s 'version = "4.38.0"' 'version = "4.41.0"' terraform.tf 

$ terraform init -upgrade

Initializing the backend...

Initializing provider plugins...
- Finding cloudflare/cloudflare versions matching "4.41.0"...
- Installing cloudflare/cloudflare v4.41.0...
- Installed cloudflare/cloudflare v4.41.0 (self-signed, key ID C76001609EE3B136)

Partner and community providers are signed by their developers.
If you'd like to know more about provider signing, you can read about it here:
https://www.terraform.io/docs/cli/plugins/signing.html

Terraform has made some changes to the provider dependency selections recorded
in the .terraform.lock.hcl file. Review those changes and commit them to your
version control system if they represent changes you intended to make.

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

$ terraform apply -auto-approve
cloudflare_record.default: Refreshing state... [id=a5d305f65b3c1f3e72d138b9c109fbda]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
╷
│ Warning: Argument is deprecated
│ 
│   with cloudflare_record.default,
│   on terraform.tf line 601, in resource "cloudflare_record" "default":
│  601:   value    = "example.com"
│ 
│ `value` is deprecated in favour of `content` and will be removed in the next major release.
│ 
│ (and one more similar warning elsewhere)
╵

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

what i would recommend is instead of terraform plan, run terraform apply which may correct any drift in the state file. it's a noop given value and content point to the same API value anyway. 4.39.0 did have a bug and if you've attempted to use it in the past, perhaps that is playing into your repro here.

[scott-doyland-burrows]

Could the documentation for the cloudflare_record resource be updated and also include some examples please.

It says:

and

snipped the output of the entire ``data``` block options.

It isn't obvious what is used/needed in the data block.

It used to be:

data {
  algorithm = ""
  altitude = ""
  digest_type = ""
  key_tag =""
  ...
  ...
}

But how does it work now?

It says we can now only have inside the data block data (doesn't mention this in the nested list, is it a map itself inside the data block) content (string) value (string)

The documentation doesn't make sense now.

[joeltheiconic]

I'm affected by this issue too. Here's how to repeat this issue. I'm using TF 1.2.9 for whatever reason

terraform {
  required_providers {
    cloudflare = {
      source  = "cloudflare/cloudflare"
      version = "4.38.0"
    }
  }
}

locals {
  zone_name = "example.com"
}

provider "cloudflare" {}

data "cloudflare_zone" "this" {
  name = local.zone_name
}

resource "cloudflare_record" "this" {
  name     = "mytest.${local.zone_name}"
  priority = 5
  proxied  = false
  ttl      = 1
  type     = "TXT"
  value    = "this-is-a-test"
  zone_id  = data.cloudflare_zone.this.id
}

1. terraform init
2. terraform apply -auto-approve
3. Update provider to 4.41.0
4. terraform init -upgrade
5. terraform plan

Plan results

  # cloudflare_record.this will be updated in-place
  ~ resource "cloudflare_record" "this" {
        id              = "6553e8exxxxxxc4f2f02ccfa22fd0"
        name            = "mytest.example.com"
        tags            = []
      + value           = "this-is-a-test"
        # (10 unchanged attributes hidden)
    }

Observations:

• Same result if upgrading to 4.42.0
• state file once upgraded shows a schema_version increment, additional content parameter
• although v4.41.0+ shows that value needs to be set I can't detect any changes are actually made. So it looks like a "safe" upgrade if you have already accounted for any drift

Workaround seems to be

• upgrade to 4.40.0
• then upgrade to 4.42 (or latest 4.0 ~> 4.0)

So people will need to pin at 4.40, tf apply, before unpinning and tf applying again. Or blindly upgrade and fingers cross there's no drift or other changes to check for.