search

databricks / terraform-provider-databricks

Databricks Terraform Provider
https://registry.terraform.io/providers/databricks/databricks/latest
Other
445 stars 384 forks source link

[ISSUE] `databricks_mws_workspaces` refresh is failing when PAT is disabled #1960

Open rvolykh opened 1 year ago

rvolykh commented 1 year ago

When PersonalAccessTokens are disabled terraform refresh is failing as it tries verify that Workspace is Running

Configuration

resource "databricks_workspace_conf" "workspace_conf" {
  provider = databricks.workspace
  custom_config = {
    "enableTokensConfig" : true
  }
}

was switched to enableTokensConfig: false - this apply succeed. But next run fails.

Expected Behavior

Terraform successfully create workspace and/or refreshes state even if PAT is disabled

Actual Behavior

Retries happens like for 20min after which the error occurs:

2023-01-26 12:50:49 0fab2a41dcda root[261] INFO │ Error: cannot read mws workspaces: workspace https://dbc-xxxxxxxxxx.cloud.databricks.com is not yet reachable: Databricks API (/api/2.0/token/list) requires you to set `host` property (or DATABRICKS_HOST env variable) to result of `databricks_mws_workspaces.this.workspace_url`. This error may happen if you're using provider in both normal and multiworkspace mode. Please refactor your code into different modules. Runnable example that we use for integration testing can be found in this repository at https://registry.terraform.io/providers/databricks/databricks/latest/docs/guides/aws-workspace
2023-01-26 12:50:49 0fab2a41dcda root[261] INFO │ 
2023-01-26 12:50:49 0fab2a41dcda root[261] INFO │   with module.databricks.module.create_workspace[0].databricks_mws_workspaces.workspace,
2023-01-26 12:50:49 0fab2a41dcda root[261] INFO │   on _modules/databricks/create_workspace/databricks.tf line 78, in resource "databricks_mws_workspaces" "workspace":
2023-01-26 12:50:49 0fab2a41dcda root[261] INFO │   78: resource "databricks_mws_workspaces" "workspace" {
2023-01-26 12:50:49 0fab2a41dcda root[261] INFO │

Steps to Reproduce

Create Databricks Workspace with disabled PAT tokens or disable PAT token on existing Workspace and re-run terraform.

Terraform and provider versions

databricks/databricks 1.9.1

Debug Output

2023-01-26 13:36:54 edcaac82a5d5 root[260] INFO 2023-01-26T13:36:54.598Z [DEBUG] provider.terraform-provider-databricks_v1.9.1: GET /api/2.0/token/list: timestamp=2023-01-26T13:36:54.594Z
2023-01-26 13:36:55 edcaac82a5d5 root[260] INFO 2023-01-26T13:36:55.083Z [DEBUG] provider.terraform-provider-databricks_v1.9.1: 404 Not Found {
2023-01-26 13:36:55 edcaac82a5d5 root[260] INFO   "error_code": "FEATURE_DISABLED",
2023-01-26 13:36:55 edcaac82a5d5 root[260] INFO   "message": "Tokens are disabled."
2023-01-26 13:36:55 edcaac82a5d5 root[260] INFO }: timestamp=2023-01-26T13:36:55.083Z

Important Factoids

Probably issue is that WaitForRunning function is pinging list/token URL (while it should not depend on optional features) https://github.com/databricks/terraform-provider-databricks/blob/55345b339ee0b8a593c9edbfb771f6d0045317a4/mws/resource_mws_workspaces.go#L542

nfx commented 1 year ago

@rvolykh probably there's token {} block, right?..

rvolykh commented 1 year ago

@rvolykh probably there's token {} block, right?..

Unfortunately, no, I also had an assumption and double checked that I don't declare empty token block