search

cyrilgdn / terraform-provider-postgresql

Terraform PostgreSQL provider
https://www.terraform.io/docs/providers/postgresql/
Mozilla Public License 2.0
355 stars 180 forks source link

concurrency issue when granting privileges on tables with postgresql_grant #425

Closed vedata closed 2 months ago

vedata commented 3 months ago

Hi there,

We're encountering a persistent issue during the execution of Terraform apply, consistently receiving the error message: "Error: Could not execute revoke query: pq: tuple concurrently updated." Despite upgrading the provider to cyrilgdn/postgresql 1.18.0, the error remains unresolved

Terraform Version

Terraform v1.5.0

Affected Resource(s)

Terraform Configuration Files

resource "postgresql_grant" "rw_role_table_crud" {
  depends_on = [postgresql_schema.public]
  count      = var.create_rw_role ? 1 : 0

  database    = postgresql_database.service_database[0].name
  role        = postgresql_role.rw_role[0].name
  object_type = "table"
  schema      = "public"
  privileges  = ["INSERT", "SELECT", "UPDATE", "DELETE", "TRUNCATE"]
}

resource "postgresql_grant" "ro_role_table_crud" {
  depends_on = [postgresql_schema.public]
  count      = var.create_ro_role ? 1 : 0

  database    = postgresql_database.service_database[0].name
  role        = postgresql_role.ro_role[0].name
  object_type = "table"
  schema      = "public"
  privileges  = ["SELECT"]
}

Expected Behavior

resource "postgresql_grant" "rw_role_table_crud" { depends_on = [postgresql_schema.public] count = var.create_rw_role ? 1 : 0

database = postgresql_database.service_database[0].name role = postgresql_role.rw_role[0].name object_type = "table" schema = "public" privileges = ["INSERT", "SELECT", "UPDATE", "DELETE", "TRUNCATE"] }

resource "postgresql_grant" "ro_role_table_crud" { depends_on = [postgresql_schema.public] count = var.create_ro_role ? 1 : 0

database = postgresql_database.service_database[0].name role = postgresql_role.ro_role[0].name object_type = "table" schema = "public" privileges = ["SELECT"] }

Actual Behavior

│ Error: could not execute revoke query: pq: tuple concurrently updated │ │ with module.cp-database.postgresql_grant.rw_role_table_crud[0], │ on ../../modules/postgresql-db/main.tf line 155, in resource "postgresql_grant" "rw_role_table_crud": │ 155: resource "postgresql_grant" "rw_role_table_crud" { │ ╵ ╷ │ Error: could not execute revoke query: pq: tuple concurrently updated │ │ with module.cp-database.postgresql_grant.ro_role_table_crud[0], │ on ../../modules/postgresql-db/main.tf line 244, in resource "postgresql_grant" "ro_role_table_crud": │ 244: resource "postgresql_grant" "ro_role_table_crud" { │ ╵

Steps to Reproduce

  1. terraform apply

Important Factoids

The DB is running on AWS RDS with Engine version: 13.11

References

enricojonas commented 3 months ago

Same issue for us, need to apply several times.

vedata commented 2 months ago

Removed table lock in DB