search

fortinetdev / terraform-provider-fortios

Terraform Fortios provider
https://www.terraform.io/docs/providers/fortios/
Mozilla Public License 2.0
68 stars 50 forks source link

Reordering of dns_entry for fortios_system_dnsdatabase #259

Open simonliska opened 1 year ago

simonliska commented 1 year ago

Sandbox: Fortigate 100D v6.2.10 build1263, fortinetdev/fortios 1.16.0 Similar to #256 . Reordering of the dns_entry inside fortios_system_dnsdatabase fails. When dns_entry is removed:

resource "fortios_system_dnsdatabase" "trname" {
  authoritative = "enable"
  contact       = "hostmaster"
  domain        = "s.com"
  ip_master     = "0.0.0.0"
  name          = "1"
  primary_name  = "dns"
  source_ip     = "0.0.0.0"
  status        = "enable"
  ttl           = 86400
  type          = "master"
  view          = "shadow"
  dynamic_sort_subtable = true

  dns_entry {
    type     = "A"
    hostname = "sghsgh6.com"
    ip       = "192.168.99.1"
  }
  # dns_entry {
  #   type     = "MX"
  #   ttl      = 3
  #   hostname = "sghsgh7.com"
  # }
  dns_entry {
    canonical_name = "sghsgh6.com"
    type           = "CNAME"
    hostname       = "fsec1"
  }
  dns_entry {
    canonical_name = "sghsgh6.com"
    type           = "CNAME"
    hostname       = "fsec2"
  }
}

terraform plan is reordering all dns_entries after the removed one:

# fortios_system_dnsdatabase.trname will be updated in-place
  ~ resource "fortios_system_dnsdatabase" "trname" {
        id                    = "1"
        name                  = "1"
        # (12 unchanged attributes hidden)

      ~ dns_entry {
          + canonical_name = "sghsgh6.com"
          ~ hostname       = "sghsgh6.com" -> "fsec1"
            id             = 2
          ~ type           = "MX" -> "CNAME"
            # (5 unchanged attributes hidden)
        }
      ~ dns_entry {
          ~ hostname       = "fsec1" -> "fsec2"
            id             = 3
            # (7 unchanged attributes hidden)
        }
      - dns_entry {
          - canonical_name = "sghsgh6.com" -> null
          - hostname       = "fsec2" -> null
          - id             = 4 -> null
          - ip             = "0.0.0.0" -> null
          - ipv6           = "::" -> null
          - preference     = 10 -> null
          - status         = "enable" -> null
          - ttl            = 0 -> null
          - type           = "CNAME" -> null
        }

        # (1 unchanged block hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy

terraform apply -auto-approve

2023-01-09T10:48:43.615+0100 [INFO]  Terraform version: 1.3.6
2023-01-09T10:48:43.616+0100 [DEBUG] using github.com/hashicorp/go-tfe v1.9.0
2023-01-09T10:48:43.616+0100 [DEBUG] using github.com/hashicorp/hcl/v2 v2.15.0
2023-01-09T10:48:43.616+0100 [DEBUG] using github.com/hashicorp/terraform-config-inspect v0.0.0-20210209133302-4fd17a0faac2
2023-01-09T10:48:43.616+0100 [DEBUG] using github.com/hashicorp/terraform-svchost v0.0.0-20200729002733-f050f53b9734
2023-01-09T10:48:43.616+0100 [DEBUG] using github.com/zclconf/go-cty v1.12.1
2023-01-09T10:48:43.616+0100 [INFO]  Go runtime version: go1.19.3
2023-01-09T10:48:43.616+0100 [INFO]  CLI args: []string{"terraform", "apply", "-auto-approve"}
2023-01-09T10:48:43.616+0100 [DEBUG] Attempting to open CLI config file: /home/ubuntu/.terraformrc
2023-01-09T10:48:43.616+0100 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /home/ubuntu/.terraform.d/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /home/ubuntu/.local/share/terraform/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /usr/share/ubuntu/terraform/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /home/ubuntu/.local/share/flatpak/exports/share/terraform/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /var/lib/flatpak/exports/share/terraform/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /usr/local/share/terraform/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /usr/share/terraform/plugins
2023-01-09T10:48:43.616+0100 [DEBUG] ignoring non-existing provider search directory /var/lib/snapd/desktop/terraform/plugins
2023-01-09T10:48:43.616+0100 [INFO]  CLI command args: []string{"apply", "-auto-approve"}
2023-01-09T10:48:43.617+0100 [DEBUG] New state was assigned lineage "adaee63b-af31-ce12-88aa-62a6761fbc60"
2023-01-09T10:48:43.727+0100 [DEBUG] checking for provisioner in "."
2023-01-09T10:48:43.731+0100 [DEBUG] checking for provisioner in "/usr/bin"
2023-01-09T10:48:43.731+0100 [INFO]  backend/local: starting Apply operation
2023-01-09T10:48:43.732+0100 [DEBUG] created provider logger: level=debug
2023-01-09T10:48:43.732+0100 [INFO]  provider: configuring client automatic mTLS
2023-01-09T10:48:43.752+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 args=[.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0]
2023-01-09T10:48:43.752+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64851
2023-01-09T10:48:43.752+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0
2023-01-09T10:48:43.756+0100 [INFO]  provider.terraform-provider-fortios_v1.15.0: configuring server automatic mTLS: timestamp=2023-01-09T10:48:43.756+0100
2023-01-09T10:48:43.800+0100 [DEBUG] provider: using plugin: version=5
2023-01-09T10:48:43.800+0100 [DEBUG] provider.terraform-provider-fortios_v1.15.0: plugin address: address=/tmp/plugin401023203 network=unix timestamp=2023-01-09T10:48:43.800+0100
2023-01-09T10:48:43.902+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-01-09T10:48:43.904+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64851
2023-01-09T10:48:43.904+0100 [DEBUG] provider: plugin exited
2023-01-09T10:48:43.904+0100 [DEBUG] Building and walking validate graph
2023-01-09T10:48:43.904+0100 [DEBUG] ProviderTransformer: "fortios_system_dnsdatabase.trname" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/fortinetdev/fortios"]
2023-01-09T10:48:43.904+0100 [DEBUG] ReferenceTransformer: "fortios_system_dnsdatabase.trname" references: []
2023-01-09T10:48:43.904+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/fortinetdev/fortios\"]" references: []
2023-01-09T10:48:43.905+0100 [DEBUG] Starting graph walk: walkValidate
2023-01-09T10:48:43.905+0100 [DEBUG] created provider logger: level=debug
2023-01-09T10:48:43.905+0100 [INFO]  provider: configuring client automatic mTLS
2023-01-09T10:48:43.911+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 args=[.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0]
2023-01-09T10:48:43.912+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64870
2023-01-09T10:48:43.912+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0
2023-01-09T10:48:43.915+0100 [INFO]  provider.terraform-provider-fortios_v1.15.0: configuring server automatic mTLS: timestamp=2023-01-09T10:48:43.915+0100
2023-01-09T10:48:43.968+0100 [DEBUG] provider: using plugin: version=5
2023-01-09T10:48:43.968+0100 [DEBUG] provider.terraform-provider-fortios_v1.15.0: plugin address: address=/tmp/plugin395669381 network=unix timestamp=2023-01-09T10:48:43.968+0100
2023-01-09T10:48:44.128+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-01-09T10:48:44.131+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64870
2023-01-09T10:48:44.131+0100 [DEBUG] provider: plugin exited
2023-01-09T10:48:44.131+0100 [INFO]  backend/local: apply calling Plan
2023-01-09T10:48:44.131+0100 [DEBUG] Building and walking plan graph for NormalMode
2023-01-09T10:48:44.131+0100 [DEBUG] ProviderTransformer: "fortios_system_dnsdatabase.trname (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/fortinetdev/fortios"]
2023-01-09T10:48:44.131+0100 [DEBUG] ReferenceTransformer: "fortios_system_dnsdatabase.trname (expand)" references: []
2023-01-09T10:48:44.131+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/fortinetdev/fortios\"]" references: []
2023-01-09T10:48:44.131+0100 [DEBUG] Starting graph walk: walkPlan
2023-01-09T10:48:44.132+0100 [DEBUG] created provider logger: level=debug
2023-01-09T10:48:44.132+0100 [INFO]  provider: configuring client automatic mTLS
2023-01-09T10:48:44.139+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 args=[.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0]
2023-01-09T10:48:44.139+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64888
2023-01-09T10:48:44.139+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0
2023-01-09T10:48:44.143+0100 [INFO]  provider.terraform-provider-fortios_v1.15.0: configuring server automatic mTLS: timestamp=2023-01-09T10:48:44.143+0100
2023-01-09T10:48:44.184+0100 [DEBUG] provider.terraform-provider-fortios_v1.15.0: plugin address: address=/tmp/plugin489032037 network=unix timestamp=2023-01-09T10:48:44.184+0100
2023-01-09T10:48:44.184+0100 [DEBUG] provider: using plugin: version=5
2023-01-09T10:48:44.346+0100 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/fortinetdev/fortios\"]" changed the config value, but that value is unused
2023-01-09T10:48:44.377+0100 [DEBUG] ReferenceTransformer: "fortios_system_dnsdatabase.trname" references: []
fortios_system_dnsdatabase.trname: Refreshing state... [id=1]
2023-01-09T10:48:44.386+0100 [INFO]  provider.terraform-provider-fortios_v1.15.0: 2023/01/09 10:48:44 FOS-fortios reading response: {
  "http_method":"GET",
  "revision":"86025413b939069a56df1dcd4ebcff76",
  "results":[
    {
      "name":"1",
      "q_origin_key":"1",
      "status":"enable",
      "domain":"s.com",
      "allow-transfer":"",
      "type":"master",
      "view":"shadow",
      "ip-master":"0.0.0.0",
      "primary-name":"dns",
      "contact":"hostmaster",
      "ttl":86400,
      "authoritative":"enable",
      "forwarder":"",
      "source-ip":"0.0.0.0",
      "dns-entry":[
        {
          "id":1,
          "q_origin_key":1,
          "status":"enable",
          "type":"A",
          "ttl":3,
          "preference":10,
          "ip":"192.168.99.1",
          "ipv6":"::",
          "hostname":"sghsgh6.com",
          "canonical-name":""
        },
        {
          "id":2,
          "q_origin_key":2,
          "status":"enable",
          "type":"MX",
          "ttl":3,
          "preference":10,
          "ip":"0.0.0.0",
          "ipv6":"::",
          "hostname":"sghsgh6.com",
          "canonical-name":""
        },
        {
          "id":3,
          "q_origin_key":3,
          "status":"enable",
          "type":"CNAME",
          "ttl":3,
          "preference":10,
          "ip":"0.0.0.0",
          "ipv6":"::",
          "hostname":"fsec1",
          "canonical-name":"sghsgh6.com"
        },
        {
          "id":4,
          "q_origin_key":4,
          "status":"enable",
          "type":"CNAME",
          "ttl":0,
          "preference":10,
          "ip":"0.0.0.0",
          "ipv6":"::",
          "hostname":"fsec2",
          "canonical-name":"sghsgh6.com"
        }
      ]
    }
  ],
  "vdom":"root",
  "path":"system",
  "name":"dns-database",
  "mkey":"1",
  "status":"success",
  "http_status":200,
  "serial":"BLABLA",
  "version":"v6.2.10",
  "build":1263
}: timestamp=2023-01-09T10:48:44.386+0100
2023-01-09T10:48:44.391+0100 [WARN]  Provider "registry.terraform.io/fortinetdev/fortios" produced an invalid plan for fortios_system_dnsdatabase.trname, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .dynamic_sort_subtable: planned value cty.StringVal("false") for a non-computed attribute
2023-01-09T10:48:44.392+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-01-09T10:48:44.395+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64888
2023-01-09T10:48:44.395+0100 [DEBUG] provider: plugin exited
2023-01-09T10:48:44.395+0100 [DEBUG] building apply graph to check for errors
2023-01-09T10:48:44.395+0100 [DEBUG] ProviderTransformer: "fortios_system_dnsdatabase.trname" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/fortinetdev/fortios"]
2023-01-09T10:48:44.395+0100 [DEBUG] ProviderTransformer: "fortios_system_dnsdatabase.trname (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/fortinetdev/fortios"]
2023-01-09T10:48:44.395+0100 [DEBUG] ReferenceTransformer: "fortios_system_dnsdatabase.trname (expand)" references: []
2023-01-09T10:48:44.395+0100 [DEBUG] ReferenceTransformer: "fortios_system_dnsdatabase.trname" references: []
2023-01-09T10:48:44.395+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/fortinetdev/fortios\"]" references: []

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the
following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # fortios_system_dnsdatabase.trname will be updated in-place
  ~ resource "fortios_system_dnsdatabase" "trname" {
        id                    = "1"
        name                  = "1"
        # (12 unchanged attributes hidden)

      ~ dns_entry {
          + canonical_name = "sghsgh6.com"
          ~ hostname       = "sghsgh6.com" -> "fsec1"
            id             = 2
          ~ type           = "MX" -> "CNAME"
            # (5 unchanged attributes hidden)
        }
      ~ dns_entry {
          ~ hostname       = "fsec1" -> "fsec2"
            id             = 3
            # (7 unchanged attributes hidden)
        }
      - dns_entry {
          - canonical_name = "sghsgh6.com" -> null
          - hostname       = "fsec2" -> null
          - id             = 4 -> null
          - ip             = "0.0.0.0" -> null
          - ipv6           = "::" -> null
          - preference     = 10 -> null
          - status         = "enable" -> null
          - ttl            = 0 -> null
          - type           = "CNAME" -> null
        }

        # (1 unchanged block hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.
2023-01-09T10:48:44.398+0100 [INFO]  backend/local: apply calling Apply
2023-01-09T10:48:44.398+0100 [DEBUG] Building and walking apply graph for NormalMode plan
2023-01-09T10:48:44.399+0100 [DEBUG] ProviderTransformer: "fortios_system_dnsdatabase.trname (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/fortinetdev/fortios"]
2023-01-09T10:48:44.399+0100 [DEBUG] ProviderTransformer: "fortios_system_dnsdatabase.trname" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/fortinetdev/fortios"]
2023-01-09T10:48:44.399+0100 [DEBUG] ReferenceTransformer: "fortios_system_dnsdatabase.trname (expand)" references: []
2023-01-09T10:48:44.399+0100 [DEBUG] ReferenceTransformer: "fortios_system_dnsdatabase.trname" references: []
2023-01-09T10:48:44.399+0100 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/fortinetdev/fortios\"]" references: []
2023-01-09T10:48:44.399+0100 [DEBUG] Starting graph walk: walkApply
2023-01-09T10:48:44.399+0100 [DEBUG] created provider logger: level=debug
2023-01-09T10:48:44.399+0100 [INFO]  provider: configuring client automatic mTLS
2023-01-09T10:48:44.408+0100 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 args=[.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0]
2023-01-09T10:48:44.408+0100 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64904
2023-01-09T10:48:44.409+0100 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0
2023-01-09T10:48:44.414+0100 [INFO]  provider.terraform-provider-fortios_v1.15.0: configuring server automatic mTLS: timestamp=2023-01-09T10:48:44.414+0100
2023-01-09T10:48:44.463+0100 [DEBUG] provider.terraform-provider-fortios_v1.15.0: plugin address: address=/tmp/plugin607826160 network=unix timestamp=2023-01-09T10:48:44.463+0100
2023-01-09T10:48:44.463+0100 [DEBUG] provider: using plugin: version=5
2023-01-09T10:48:44.634+0100 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/fortinetdev/fortios\"]" changed the config value, but that value is unused
2023-01-09T10:48:44.690+0100 [WARN]  Provider "registry.terraform.io/fortinetdev/fortios" produced an invalid plan for fortios_system_dnsdatabase.trname, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .dynamic_sort_subtable: planned value cty.StringVal("false") for a non-computed attribute
fortios_system_dnsdatabase.trname: Modifying... [id=1]
2023-01-09T10:48:44.691+0100 [INFO]  Starting apply for fortios_system_dnsdatabase.trname
2023-01-09T10:48:44.692+0100 [DEBUG] fortios_system_dnsdatabase.trname: applying the planned Update change
2023-01-09T10:48:44.712+0100 [ERROR] provider.terraform-provider-fortios_v1.15.0: Response contains error diagnostic: tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-go@v0.12.0/tfprotov5/internal/diag/diagnostics.go:56 @module=sdk.proto diagnostic_detail= diagnostic_severity=ERROR tf_provider_addr=provider diagnostic_summary="Error updating SystemDnsDatabase resource: Internal Server Error - Internal error when processing the request (500)" tf_proto_version=5.3 tf_req_id=3f0a2c20-e663-555a-2ab9-55e2308ead23 tf_resource_type=fortios_system_dnsdatabase timestamp=2023-01-09T10:48:44.712+0100
2023-01-09T10:48:44.718+0100 [ERROR] vertex "fortios_system_dnsdatabase.trname" error: Error updating SystemDnsDatabase resource: Internal Server Error - Internal error when processing the request (500)
╷
│ Error: Error updating SystemDnsDatabase resource: Internal Server Error - Internal error when processing the request (500)
│ 
│   with fortios_system_dnsdatabase.trname,
│   on hq-forti-dns-local.tf line 97, in resource "fortios_system_dnsdatabase" "trname":
│   97: resource "fortios_system_dnsdatabase" "trname" {
│ 
╵
2023-01-09T10:48:44.724+0100 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF"
2023-01-09T10:48:44.730+0100 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/fortinetdev/fortios/1.15.0/linux_amd64/terraform-provider-fortios_v1.15.0 pid=64904
2023-01-09T10:48:44.730+0100 [DEBUG] provider: plugin exited
MaxxLiu22 commented 1 year ago

Hi @simonliska

Thank you for raising this issue, I can reproduce this issue on my side and have reported it to the development team. We will let you know if there is any update.

Thanks, Maxx

nemcikjan commented 1 year ago

Hi @MaxxLiu22,

any update on this?