Workspace creation error: invalid attribute..Name has already been taken

[nabadger]

Operator Version, Kind and Kubernetes Version

• Operator version: v2.4.0
• Kind: Workspace
• Kubernetes version: 1.27

YAML Manifest File

n/a 

During testing of v1 to v2 operator upgrade, I have a Workspace which is not being reconciled with the v2 operator.

This particular workspace already exists in terraform-cloud and was created by the v1 operator. Potentially this workspace was in a bad state with the v1 operator (in that maybe it also didn't have a status set at that point, but that's just a guess).

I don't see this issue on other workspaces...

In the current state, there's 2 concerns I have:

1. The operator knows that the workspace exists on tf-cloud since it reports the name-clash issue, so why would attempt to re-create it?
2. The operator is not setting the status.workspaceID field. There is no status field at all when I inspect this with kubectl get workspace <name> -o yaml

Some of this sounds similar to https://github.com/hashicorp/terraform-cloud-operator/issues/214

tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z      INFO    Workspace Controller    {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "new reconciliation event"} 
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     INFO    Spec Validation {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "validating instance object spec"}
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     INFO    Spec Validation {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "spec is valid"} 
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     INFO    Reconcile Workspace     {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "reconciling workspace"}
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     INFO    Reconcile Workspace     {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "status.WorkspaceID is empty, creating a new workspace"}
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     INFO    Reconcile Agent Pool    {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "getting agent pool ID from the spec.AgentPool.ID"}
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     INFO    Reconcile Workspace     {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "agent pool ID apool-ARFKgcQQcY3T91bk will be used"}
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     ERROR   Reconcile Workspace     {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "failed to create a new workspace", "error": "invalid attribute\n\nName has already been taken"} 
tfc-test-app-terraform-cloud-operator-7bfc54d997-9t6fd manager 2024-05-24T12:59:14Z     ERROR   Workspace Controller    {"workspace": {"name":"dev-eu-west-1-nb2-test-app-external-secrets-irsa","namespace":"test-app"}, "msg": "reconcile workspace", "error": "invalid attribute\n\nName has already been taken"} 

Expected Behavior

I think I would expect it to set the status and not error.

Actual Behavior

It's not setting the status and it's throwing an error.

Additional Context

References

Community Note

• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.
• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.

[arybolovlev]

Hi @nabadger,

I think the main reason here is that the pre-migration CR didn't have status.workspaceID. Could you please check your backup file(I hope you made it)?

The workaround here would be to patch the status with the workspace ID and let the operator reconcile it:

$ kubectl patch workspace <NAME> --subresource='status' --type='merge' -p '{"status":{"workspaceID": "ws-XXX"}}'

ws-XXX is your target workspace. Heads up(!!), once the operator reconciles the workspace it will overwrite all changes that do not match the manifest.

Please let me know if that helps.

Thanks!

[nabadger]

Ah perfect, that worked - thanks @arybolovlev

I did try a similar fix with kubectl edit but I think status cannot be set that way (kubectl patch did the trick) :)