Creating fortios_firewall_object_service causes Terraform panic crash

yatanasov commented 4 years ago

Hi,

We are unable to create a fortios_firewall_object_service as per documentation examples:

resource "fortios_firewall_object_service" "v13" {
  name           = "servicetest2"
  category       = "AD/DC Auth & Connectivity"
  protocol       = "TCP/UDP/SCTP"
  iprange        = "1.1.1.1-2.2.2.2"
  tcp_portrange  = "22-33"
  udp_portrange  = "44-55"
  sctp_portrange = "66-88"
  comment        = "comment"
}

terraform plan:

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.services.fortios_firewall_object_service.v13 will be created
  + resource "fortios_firewall_object_service" "v13" {
      + category       = "AD/DC Auth & Connectivity"
      + comment        = "comment"
      + id             = (known after apply)
      + iprange        = "1.1.1.1-2.2.2.2"
      + name           = "servicetest2"
      + protocol       = "TCP/UDP/SCTP"
      + sctp_portrange = "66-88"
      + session_ttl    = "0"
      + tcp_portrange  = "22-33"
      + udp_portrange  = "44-55"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

The provider fails with:

terraform apply:

module.services.fortios_firewall_object_service.v13: Creating...

Error: rpc error: code = Unavailable desc = transport is closing

panic: interface conversion: interface {} is string, not float64
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios:
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios: goroutine 16 [running]:
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/fgtdev/fortios-sdk-go/sdkcore.(*FortiSDKClient).ReadFirewallObjectService(0xc000530450, 0xc0004f06a0, 0xc, 0xeb2b60, 0xc0000c38f0, 0xc0006075f0)
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/fgtdev/fortios-sdk-go/sdkcore/firewall_object_service.go:399 +0x1c2b
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/fortios.resourceFirewallObjectServiceRead(0xc0002a48c0, 0xe7b940, 0xc000532180, 0x0, 0x0)
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/fortios/resource_firewall_object_service.go:249 +0xed
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/fortios.resourceFirewallObjectServiceCreate(0xc0002a48c0, 0xe7b940, 0xc000532180, 0x2, 0x1af4480)
2020-06-10T14:21:08.673+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/fortios/resource_firewall_object_service.go:154 +0x84a
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/helper/schema.(*Resource).Apply(0xc000124d00, 0xc0004af400, 0xc0003fe5c0, 0xe7b940, 0xc000532180, 0xf05001, 0xc000482ae8, 0xc0000c77d0)
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/helper/schema/resource.go:286 +0x363
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/helper/schema.(*Provider).Apply(0xc000125780, 0xc0006079b8, 0xc0004af400, 0xc0003fe5c0, 0xc0000bef28, 0xc000532528, 0xf06f60)
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/helper/schema/provider.go:285 +0x9c
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/helper/plugin.(*GRPCProviderServer).ApplyResourceChange(0xc00000eae0, 0x122a8e0, 0xc0000c6930, 0xc0002fade0, 0xc00000eae0, 0xc0000c68a0, 0xf28c40)
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/helper/plugin/grpc_provider.go:851 +0x87a
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/internal/tfplugin5._Provider_ApplyResourceChange_Handler(0x1033960, 0xc00000eae0, 0x122a8e0, 0xc0000c6930, 0xc0004af130, 0x0, 0x0, 0x0, 0xc0001d6fc0, 0x22f)
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform/internal/tfplugin5/tfplugin5.pb.go:3217 +0x23e
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc.(*Server).processUnaryRPC(0xc000522600, 0x1230ae0, 0xc0004e3080, 0xc0000bd400, 0xc000134420, 0x1ac81a0, 0x0, 0x0, 0x0)
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:972 +0x4a2
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc.(*Server).handleStream(0xc000522600, 0x1230ae0, 0xc0004e3080, 0xc0000bd400, 0x0)
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:1252 +0xe02
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc000038290, 0xc000522600, 0x1230ae0, 0xc0004e3080, 0xc0000bd400)
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:691 +0x9f
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios: created by github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc.(*Server).serveStreams.func1
2020-06-10T14:21:08.674+0200 [DEBUG] plugin.terraform-provider-fortios:         /home/yat/go/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:689 +0xa1
2020-06-10T14:21:08.675+0200 [DEBUG] plugin: plugin process exited: path=/home/yat/.terraform.d/plugins/terraform-provider-fortios pid=16543 error="exit status 2"
2020/06/10 14:21:08 [DEBUG] module.services.fortios_firewall_object_service.v13: apply errored, but we're indicating that via the Error pointer rather than returning it: rpc error: code = Unavailable desc = transport is closing
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalMaybeTainted
2020/06/10 14:21:08 [TRACE] EvalMaybeTainted: module.services.fortios_firewall_object_service.v13 encountered an error during creation, so it is now marked as tainted
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalWriteState
2020/06/10 14:21:08 [TRACE] states.SyncState: pruning module.services because it is empty
2020/06/10 14:21:08 [TRACE] EvalWriteState: removing state object for module.services.fortios_firewall_object_service.v13
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalApplyProvisioners
2020/06/10 14:21:08 [TRACE] EvalApplyProvisioners: fortios_firewall_object_service.v13 has no state, so skipping provisioners
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalMaybeTainted
2020/06/10 14:21:08 [TRACE] EvalMaybeTainted: module.services.fortios_firewall_object_service.v13 encountered an error during creation, so it is now marked as tainted
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalWriteState
2020/06/10 14:21:08 [TRACE] states.SyncState: pruning module.services because it is empty
2020/06/10 14:21:08 [TRACE] EvalWriteState: removing state object for module.services.fortios_firewall_object_service.v13
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalIf
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalIf
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalWriteDiff
2020/06/10 14:21:08 [TRACE] module.services: eval: *terraform.EvalApplyPost
2020/06/10 14:21:08 [ERROR] module.services: eval: *terraform.EvalApplyPost, err: rpc error: code = Unavailable desc = transport is closing
2020/06/10 14:21:08 [ERROR] module.services: eval: *terraform.EvalSequence, err: rpc error: code = Unavailable desc = transport is closing
2020/06/10 14:21:08 [TRACE] [walkApply] Exiting eval tree: module.services.fortios_firewall_object_service.v13
2020/06/10 14:21:08 [TRACE] vertex "module.services.fortios_firewall_object_service.v13": visit complete
2020/06/10 14:21:08 [TRACE] dag/walk: upstream of "provider.fortios (close)" errored, so skipping
2020/06/10 14:21:08 [TRACE] dag/walk: upstream of "meta.count-boundary (EachMode fixup)" errored, so skipping
2020/06/10 14:21:08 [TRACE] dag/walk: upstream of "root" errored, so skipping
2020-06-10T14:21:08.884+0200 [DEBUG] plugin: plugin exited

!!!!!!!!!!!!!!!!!!!!!!!!!!! TERRAFORM CRASH !!!!!!!!!!!!!!!!!!!!!!!!!!!!

Terraform crashed! This is always indicative of a bug within Terraform.
A crash log has been placed at "crash.log" relative to your current
working directory. It would be immensely helpful if you could please
report the crash with Terraform[1] so that we can fix this.

When reporting bugs, please include your terraform version. That
information is available on the first line of crash.log. You can also
get it by running 'terraform --version' on the command line.

SECURITY WARNING: the "crash.log" file that was created may contain
sensitive information that must be redacted before it is safe to share
on the issue tracker.

[1]: https://github.com/hashicorp/terraform/issues

!!!!!!!!!!!!!!!!!!!!!!!!!!! TERRAFORM CRASH !!!!!!!!!!!!!!!!!!!!!!!!!!!!

The culprit seems to be:

panic: interface conversion: interface {} is string, not float64

We tested different ways - with/without - iprange, tcp/udp range etc. without success. Please note that the resource is created, but it is not stored successfully in the Terraform state, which makes it unusable.

Please look into this and follow up. Thank you :)

Terraform v0.12.20
provider.fortios (unversioned) - Using the build from the master branch due to unreleased functionality.

frankshen01 commented 4 years ago

hi @yatanasov Thanks for the issue and the details. According to the log you provided, you are using the outdated source code to compile the fortios provider. Can you please download the latest master branch source code and recompile it? Or you can directly use the latest release version * provider.fortios: version = "~> 1.2", its state is currently consistent with the master branch.

Latest release version validation:

FOSDEVM292# cat main.tf
provider "fortios" {
  hostname = "192.168.52.166"
  token    = "xxxxxxxxxxxxxxx"
  insecure = true
}

resource "fortios_firewall_object_service" "v13" {
  category       = "AD/DC Auth & Connectivity"
  comment        = "comment"
  iprange        = "1.1.1.1-2.2.2.2"
  name           = "servicetest2"
  protocol       = "TCP/UDP/SCTP"
  sctp_portrange = "66-88"
  session_ttl    = "0"
  tcp_portrange  = "22-33"
  udp_portrange  = "44-55"
}

FOSDEVM292# terraform init

Initializing the backend...

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "fortios" (terraform-providers/fortios) 1.2.0...

The following providers do not have any version constraints in configuration,
so the latest version was installed.
........................

FOSDEVM292# terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # fortios_firewall_object_service.v13 will be created
  + resource "fortios_firewall_object_service" "v13" {
      + category        = "AD/DC Auth & Connectivity"
      + comment         = "comment"
      + fqdn            = (known after apply)
      + icmpcode        = (known after apply)
      + icmptype        = (known after apply)
      + id              = (known after apply)
      + iprange         = "1.1.1.1-2.2.2.2"
      + name            = "servicetest2"
      + protocol        = "TCP/UDP/SCTP"
      + protocol_number = (known after apply)
      + sctp_portrange  = "66-88"
      + session_ttl     = "0"
      + tcp_portrange   = "22-33"
      + udp_portrange   = "44-55"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

FOSDEVM292# terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # fortios_firewall_object_service.v13 will be created
  + resource "fortios_firewall_object_service" "v13" {
      + category        = "AD/DC Auth & Connectivity"
      + comment         = "comment"
      + fqdn            = (known after apply)
      + icmpcode        = (known after apply)
      + icmptype        = (known after apply)
      + id              = (known after apply)
      + iprange         = "1.1.1.1-2.2.2.2"
      + name            = "servicetest2"
      + protocol        = "TCP/UDP/SCTP"
      + protocol_number = (known after apply)
      + sctp_portrange  = "66-88"
      + session_ttl     = "0"
      + tcp_portrange   = "22-33"
      + udp_portrange   = "44-55"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

fortios_firewall_object_service.v13: Creating...
fortios_firewall_object_service.v13: Creation complete after 2s [id=servicetest2]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Latest master branch validation:


# git clone  https://frankshen01@github.com/terraform-providers/terraform-provider-fortios.git
Cloning into 'terraform-provider-fortios'...
remote: Enumerating objects: 3301, done.
remote: Counting objects: 100% (3301/3301), done.
........................

# cd $GOPATH/src/github.com/terraform-providers/terraform-provider-fortios
# make build
........................

# cd ~/test/bin

# cat main.tf
provider "fortios" {
  hostname = "192.168.52.166"
  token    = "XXXXXXXXXXXXXXXXXXXXXX"
  insecure = true
}

resource "fortios_firewall_object_service" "v13" {
  category       = "AD/DC Auth & Connectivity"
  comment        = "comment"
  iprange        = "1.1.1.1-2.2.2.2"
  name           = "servicetest2"
  protocol       = "TCP/UDP/SCTP"
  sctp_portrange = "66-88"
  session_ttl    = "0"
  tcp_portrange  = "22-33"
  udp_portrange  = "44-55"
}

# terraform init

Initializing the backend...

Initializing provider plugins...

Terraform has been successfully initialized!

................

# terraform plan
Refreshing Terraform state in-memory prior to plan...
The refreshed state will be used to calculate this plan, but will not be
persisted to local or remote state storage.

------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # fortios_firewall_object_service.v13 will be created
  + resource "fortios_firewall_object_service" "v13" {
      + category        = "AD/DC Auth & Connectivity"
      + comment         = "comment"
      + fqdn            = (known after apply)
      + icmpcode        = (known after apply)
      + icmptype        = (known after apply)
      + id              = (known after apply)
      + iprange         = "1.1.1.1-2.2.2.2"
      + name            = "servicetest2"
      + protocol        = "TCP/UDP/SCTP"
      + protocol_number = (known after apply)
      + sctp_portrange  = "66-88"
      + session_ttl     = "0"
      + tcp_portrange   = "22-33"
      + udp_portrange   = "44-55"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

# terraform apply

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # fortios_firewall_object_service.v13 will be created
  + resource "fortios_firewall_object_service" "v13" {
      + category        = "AD/DC Auth & Connectivity"
      + comment         = "comment"
      + fqdn            = (known after apply)
      + icmpcode        = (known after apply)
      + icmptype        = (known after apply)
      + id              = (known after apply)
      + iprange         = "1.1.1.1-2.2.2.2"
      + name            = "servicetest2"
      + protocol        = "TCP/UDP/SCTP"
      + protocol_number = (known after apply)
      + sctp_portrange  = "66-88"
      + session_ttl     = "0"
      + tcp_portrange   = "22-33"
      + udp_portrange   = "44-55"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

fortios_firewall_object_service.v13: Creating...
fortios_firewall_object_service.v13: Creation complete after 0s [id=servicetest2]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Thanks!

yatanasov commented 4 years ago

Hi @frankshen01 ,

Thanks for you input, I have tried your suggestion with the same result:

 $ terraform init
Initializing modules...

Initializing the backend...

Initializing provider plugins...
- Checking for available provider plugins...
- Downloading plugin for provider "fortios" (terraform-providers/fortios) 1.2.0...

The following providers do not have any version constraints in configuration,
so the latest version was installed.

To prevent automatic upgrades to new major versions that may contain breaking
changes, it is recommended to add version = "..." constraints to the
corresponding provider blocks in configuration, with the constraint strings
suggested below.

* provider.fortios: version = "~> 1.2"
* provider.vault: version = "~> 2.11"

Terraform has been successfully initialized!

You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.

If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.

$terraform plan
------------------------------------------------------------------------

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # module.services.fortios_firewall_object_service.v13 will be created
  + resource "fortios_firewall_object_service" "v13" {
      + category        = "AD/DC Auth & Connectivity"
      + comment         = "comment"
      + fqdn            = (known after apply)
      + icmpcode        = (known after apply)
      + icmptype        = (known after apply)
      + id              = (known after apply)
      + iprange         = "1.1.1.1-2.2.2.2"
      + name            = "servicetest2"
      + protocol        = "TCP/UDP/SCTP"
      + protocol_number = (known after apply)
      + sctp_portrange  = "66-88"
      + session_ttl     = "0"
      + tcp_portrange   = "22-33"
      + udp_portrange   = "44-55"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

------------------------------------------------------------------------

Note: You didn't specify an "-out" parameter to save this plan, so Terraform
can't guarantee that exactly these actions will be performed if
"terraform apply" is subsequently run.

$ terraform apply

module.services.fortios_firewall_object_service.v13: Creating...

Error: rpc error: code = Unavailable desc = transport is closing

panic: interface conversion: interface {} is string, not float64
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: goroutine 82 [running]:
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: github.com/fortinetdev/forti-sdk-go/fortios/sdkcore.(*FortiSDKClient).ReadFirewallObjectService(0xc000135680, 0xc00056e160, 0xc, 0xee7480, 0xc00012d1e0, 0x10abe01)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/fortinetdev/forti-sdk-go/fortios/sdkcore/firewall_object_service.go:301 +0x1702
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: github.com/terraform-providers/terraform-provider-fortios/fortios.resourceFirewallObjectServiceRead(0xc0003ebe30, 0xeb7520, 0xc0004a1c60, 0x0, 0x0)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/fortios/resource_firewall_object_service.go:269 +0xeb
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: github.com/terraform-providers/terraform-provider-fortios/fortios.resourceFirewallObjectServiceCreate(0xc0003ebe30, 0xeb7520, 0xc0004a1c60, 0x2, 0x1a7c640)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/fortios/resource_firewall_object_service.go:159 +0x847
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Resource).Apply(0xc0003baa20, 0xc0000d67d0, 0xc0000d08c0, 0xeb7520, 0xc0004a1c60, 0xc0003b2701, 0xc0004fb1d0, 0xc0003b27f0)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/resource.go:310 +0x365
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Provider).Apply(0xc00015a980, 0xc0000b39c8, 0xc0000d67d0, 0xc0000d08c0, 0xc000154508, 0xc0001500e0, 0xf3c280)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform-plugin-sdk/helper/schema/provider.go:294 +0x99
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(*GRPCProviderServer).ApplyResourceChange(0xc0001505d8, 0x130ace0, 0xc0004fa1e0, 0xc0003eb960, 0xc0001505d8, 0xc0004fa1e0, 0xc0004edb30)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin/grpc_provider.go:885 +0x8b4
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ApplyResourceChange_Handler(0x1070c60, 0xc0001505d8, 0x130ace0, 0xc0004fa1e0, 0xc0000c47e0, 0x0, 0x130ace0, 0xc0004fa1e0, 0xc00013e480, 0x238)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5/tfplugin5.pb.go:3305 +0x217
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: google.golang.org/grpc.(*Server).processUnaryRPC(0xc0001fb980, 0x1316320, 0xc00055d200, 0xc00013c000, 0xc0004cd980, 0x1a50560, 0x0, 0x0, 0x0)
2020-06-11T10:38:15.031+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:1024 +0x4f4
2020-06-11T10:38:15.032+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: google.golang.org/grpc.(*Server).handleStream(0xc0001fb980, 0x1316320, 0xc00055d200, 0xc00013c000, 0x0)
2020-06-11T10:38:15.032+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:1313 +0xd97
2020-06-11T10:38:15.032+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc000158170, 0xc0001fb980, 0x1316320, 0xc00055d200, 0xc00013c000)
2020-06-11T10:38:15.032+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:722 +0xbb
2020-06-11T10:38:15.032+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4: created by google.golang.org/grpc.(*Server).serveStreams.func1
2020-06-11T10:38:15.032+0200 [DEBUG] plugin.terraform-provider-fortios_v1.2.0_x4:       /opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/terraform-providers/terraform-provider-fortios/vendor/google.golang.org/grpc/server.go:720 +0xa1
2020-06-11T10:38:15.032+0200 [DEBUG] plugin: plugin process exited: path=/mnt/c/Users/M84696/Desktop/workspace/gitlab/terraform-nuudazio/nuudazio/.terraform/plugins/linux_amd64/terraform-provider-fortios_v1.2.0_x4 pid=21534 error="exit status 2"
2020/06/11 10:38:15 [DEBUG] module.services.fortios_firewall_object_service.v13: apply errored, but we're indicating that via the Error pointer rather than returning it: rpc error: code = Unavailable desc = transport is closing
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalMaybeTainted
2020/06/11 10:38:15 [TRACE] EvalMaybeTainted: module.services.fortios_firewall_object_service.v13 encountered an error during creation, so it is now marked as tainted
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalWriteState
2020/06/11 10:38:15 [TRACE] states.SyncState: pruning module.services because it is empty
2020/06/11 10:38:15 [TRACE] EvalWriteState: removing state object for module.services.fortios_firewall_object_service.v13
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalApplyProvisioners
2020/06/11 10:38:15 [TRACE] EvalApplyProvisioners: fortios_firewall_object_service.v13 has no state, so skipping provisioners
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalMaybeTainted
2020/06/11 10:38:15 [TRACE] EvalMaybeTainted: module.services.fortios_firewall_object_service.v13 encountered an error during creation, so it is now marked as tainted
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalWriteState
2020/06/11 10:38:15 [TRACE] states.SyncState: pruning module.services because it is empty
2020/06/11 10:38:15 [TRACE] EvalWriteState: removing state object for module.services.fortios_firewall_object_service.v13
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalIf
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalIf
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalWriteDiff
2020/06/11 10:38:15 [TRACE] module.services: eval: *terraform.EvalApplyPost
2020/06/11 10:38:15 [ERROR] module.services: eval: *terraform.EvalApplyPost, err: rpc error: code = Unavailable desc = transport is closing
2020/06/11 10:38:15 [ERROR] module.services: eval: *terraform.EvalSequence, err: rpc error: code = Unavailable desc = transport is closing
2020/06/11 10:38:15 [TRACE] [walkApply] Exiting eval tree: module.services.fortios_firewall_object_service.v13
2020/06/11 10:38:15 [TRACE] vertex "module.services.fortios_firewall_object_service.v13": visit complete
2020/06/11 10:38:15 [TRACE] dag/walk: upstream of "meta.count-boundary (EachMode fixup)" errored, so skipping
2020/06/11 10:38:15 [TRACE] dag/walk: upstream of "provider.fortios (close)" errored, so skipping
2020/06/11 10:38:15 [TRACE] dag/walk: upstream of "root" errored, so skipping
2020-06-11T10:38:15.307+0200 [DEBUG] plugin: plugin exited

!!!!!!!!!!!!!!!!!!!!!!!!!!! TERRAFORM CRASH !!!!!!!!!!!!!!!!!!!!!!!!!!!!

Terraform crashed! This is always indicative of a bug within Terraform.
A crash log has been placed at "crash.log" relative to your current
working directory. It would be immensely helpful if you could please
report the crash with Terraform[1] so that we can fix this.

When reporting bugs, please include your terraform version. That
information is available on the first line of crash.log. You can also
get it by running 'terraform --version' on the command line.

SECURITY WARNING: the "crash.log" file that was created may contain
sensitive information that must be redacted before it is safe to share
on the issue tracker.

[1]: https://github.com/hashicorp/terraform/issues

!!!!!!!!!!!!!!!!!!!!!!!!!!! TERRAFORM CRASH !!!!!!!!!!!!!!!!!!!!!!!!!!!!

Looking at the error log, it seems to be pointing to conversion issue with: https://github.com/terraform-providers/terraform-provider-fortios/blob/master/vendor/github.com/fortinetdev/forti-sdk-go/fortios/sdkcore/firewall_object_service.go#L301

Quite strange.. Thank you for your assistance on this !

yatanasov commented 4 years ago

I can confirm that changing:

    if mapTmp["session-ttl"] != nil {
                        output.SessionTTL = strconv.Itoa(int(mapTmp["session-ttl"].(float64)))
     }

to:

    if mapTmp["session-ttl"] != nil {
                       output.SessionTTL = mapTmp["session-ttl"].(string)
   }

in https://github.com/terraform-providers/terraform-provider-fortios/blob/master/vendor/github.com/fortinetdev/forti-sdk-go/fortios/sdkcore/firewall_object_service.go#L301

fixes the issue for me and the resource is created/modified successfully:

Terraform will perform the following actions:

  # module.services.fortios_firewall_object_service.v13 will be created
  + resource "fortios_firewall_object_service" "v13" {
      + category        = "TDC AD/DC Auth & Connectivity"
      + comment         = "comment"
      + fqdn            = (known after apply)
      + icmpcode        = (known after apply)
      + icmptype        = (known after apply)
      + id              = (known after apply)
      + iprange         = "1.1.1.1-2.2.2.2"
      + name            = "servicetest2"
      + protocol        = "TCP/UDP/SCTP"
      + protocol_number = (known after apply)
      + sctp_portrange  = "66-88"
      + session_ttl     = "0"
      + tcp_portrange   = "22-33"
      + udp_portrange   = "44-55"
    }

Plan: 1 to add, 0 to change, 0 to destroy.

$terraform apply

module.services.fortios_firewall_object_service.v13: Creating...
module.services.fortios_firewall_object_service.v13: Creation complete after 0s [id=servicetest2]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Modifying with value bigger than 300 according to FortiOS API docs:

An execution plan has been generated and is shown below.
Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # module.services.fortios_firewall_object_service.v13 will be updated in-place
  ~ resource "fortios_firewall_object_service" "v13" {
        category       = "TDC AD/DC Auth & Connectivity"
        comment        = "comment"
        id             = "servicetest2"
        iprange        = "1.1.1.1-2.2.2.2"
        name           = "servicetest2"
        protocol       = "TCP/UDP/SCTP"
        sctp_portrange = "66-88"
      ~ session_ttl    = "0" -> "600"
        tcp_portrange  = "22-33"
        udp_portrange  = "44-55"
    }

Plan: 0 to add, 1 to change, 0 to destroy.

$terraform apply

module.services.fortios_firewall_object_service.v13: Modifying... [id=servicetest2]
module.services.fortios_firewall_object_service.v13: Modifications complete after 0s [id=servicetest2]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

I am not entirely confident that this is the right solution if it works for you, but the API expects a string.

frankshen01 commented 4 years ago

Wonderful! @yatanasov Thank you so much for your insightful feedback! Could you provide me your FortiGate firemware version? (GUI: Dashboard->Status->System Information->Fireware or CLI: get system status->Version) Thank you!

yatanasov commented 4 years ago

Of course ! Would be great if we can have this fixed in the next release :))

We are running version: FortiGate-3000D v6.2.3,build1066,191218 (GA)

Thank you !

frankshen01 commented 4 years ago

Thank you @yatanasov ! It will be fixed soon.

frankshen01 commented 4 years ago

The fix for this has been merged and will release with version 1.3.0 of the Terraform FortiOS Provider, later next week. Thanks @yatanasov

fortinetdev / terraform-provider-fortios

Creating fortios_firewall_object_service causes Terraform panic crash #67