search

go-gandi / terraform-provider-gandi

Terraform provider for the Gandi Domain services
Mozilla Public License 2.0
152 stars 47 forks source link

resource gandi_nameserver hangs when setting records with trailing period. #120

Open Jackbennett opened 2 years ago

Jackbennett commented 2 years ago

The gandi api seems to strip trailing . periods from the nameserver record. Terraform times-out on retry thinking the nameserver hasn't been changed. tfstate has the correct trailing period for for azure and gandi, it's as if the api returns none-trailing records.

ns1.example.com. -> tf apply -> ns1.example.com == set but tf hangs expecting ns1.example.com. as if it isn't applied.

logs: 


Terraform will perform the following actions:

  # gandi_nameservers.example is tainted, so must be replaced
-/+ resource "gandi_nameservers" "example" {
      ~ id          = "example.com" -> (known after apply)
      ~ nameservers = [
          - "ns1-03.azure-dns.com",
          - "ns2-03.azure-dns.net",
          - "ns3-03.azure-dns.org",
          - "ns4-03.azure-dns.info",
          + "ns1-03.azure-dns.com.",
          + "ns2-03.azure-dns.net.",
          + "ns3-03.azure-dns.org.",
          + "ns4-03.azure-dns.info.",
        ]
        # (1 unchanged attribute hidden)
    }

Plan: 1 to add, 0 to change, 1 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

gandi_nameservers.example: Destroying... [id=example.com]
gandi_nameservers.example: Destruction complete after 2s
gandi_nameservers.example: Creating...
gandi_nameservers.example: Still creating... [10s elapsed]
gandi_nameservers.example: Still creating... [20s elapsed]
gandi_nameservers.example: Still creating... [30s elapsed]
gandi_nameservers.example: Still creating... [40s elapsed]
gandi_nameservers.example: Still creating... [50s elapsed]
gandi_nameservers.example: Still creating... [1m0s elapsed]
╷
│ Error: Nameservers on domain example.com have not been applied yet
│ 
│   with gandi_nameservers.example,
│   on domain.tf line 8, in resource "gandi_nameservers" "example":
│    8: resource "gandi_nameservers" "example" {
│ 
╵

The reason this came up is the azure resources have the period suffix;

resource "gandi_nameservers" "example" {
  domain      = "example.com"
  nameservers = azurerm_dns_zone.example.name_servers
}

trying to workaround, tf lifecycle to ingore changes. or postcheck the lists as equal but it keeps rewriting the nameservers and timing out.

New workaround, removed the resource from tfstate and tf import gandi_nameservers.example example.com which dropped the suffix.

will see how the lifecycle works for

  lifecycle {
    ignore_changes = [
      nameservers
    ]
    replace_triggered_by = [
      azurerm_dns_zone.example.name_servers
    ]
rawkode commented 2 years ago

I can confirm this is an issue with the Pulumi provider too, based on this Terraform provider.