search

hashicorp / terraform-provider-aws

The AWS Provider enables Terraform to manage AWS resources.
https://registry.terraform.io/providers/hashicorp/aws
Mozilla Public License 2.0
9.83k stars 9.18k forks source link

Diffs don't match when using s3_bucket_object.version_id as lambda_function.s3_object_version #1696

Closed dstaley closed 6 years ago

dstaley commented 7 years ago

When running terraform apply after making modifications to the my application's source, I receive an error that "diffs don't match." This occurs only after having run terraform apply at least once.

Terraform Version

Terraform v0.10.4

Affected Resource(s)

Please list the resources as a list, for example:

Terraform Configuration Files

provider "aws" {
  region = "us-west-2"
}

resource "aws_s3_bucket" "s3_deployment_packages" {
  bucket = "terraform-s3-object-version-lambda-deployment-packages"
  acl    = "private"

  versioning {
    enabled = true
  }
}

data "archive_file" "lambda" {
  type        = "zip"
  source_file = "index.js"
  output_path = "/tmp/lambda_function.zip"
}

resource "aws_s3_bucket_object" "lambda_deployment_package" {
  bucket = "${aws_s3_bucket.s3_deployment_packages.bucket}"
  key    = "lambda_function.zip"
  source = "${data.archive_file.lambda.output_path}"
  etag   = "${data.archive_file.lambda.output_md5}"
}

resource "aws_iam_role" "iam_for_lambda" {
  name = "iam_for_lambda"

  assume_role_policy = <<EOF
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": "sts:AssumeRole",
      "Principal": {
        "Service": [
          "lambda.amazonaws.com"
        ]
      },
      "Effect": "Allow",
      "Sid": ""
    }
  ]
}
EOF
}

resource "aws_lambda_function" "test_lambda" {
  s3_bucket         = "${aws_s3_bucket.s3_deployment_packages.bucket}"
  s3_key            = "lambda_function.zip"
  s3_object_version = "${aws_s3_bucket_object.lambda_deployment_package.version_id}"
  function_name     = "test_lambda_function"
  role              = "${aws_iam_role.iam_for_lambda.arn}"
  handler           = "index.handler"
  source_code_hash  = "${data.archive_file.lambda.output_base64sha256}"
  runtime           = "nodejs6.10"
  publish           = true
}

Debug Output

https://gist.github.com/dstaley/403dc0e001ea8fd3acde234dad36f4a4

Expected Behavior

The newest version of index.js is uploaded to S3, and deployed to the Lambda function.

Actual Behavior

The apply fails, resulting in diffs didn't match during apply.

Steps to Reproduce

  1. Using the provided config, run terraform apply in a directory containing a file named index.js.
  2. Make a change to index.js.
  3. Run terraform apply again.

Important Factoids

Running terraform apply immediately after receiving the error works as intended, with the latest version being deployed.

mdlavin commented 6 years ago

I've started to his this problem as well, so I'm going to start working on a fix today.

mdlavin commented 6 years ago

If anybody is interested in testing out this feature in a patched v1.21.0 version, I've made some Alpine Linux x64 binaries available here: https://github.com/lifeomic/terraform-provider-aws/releases/tag/v1.21.0_patched_5f7d0def

mdlavin commented 6 years ago

@paddycarver is there anything I can do to help this get merged into an official release?

mdlavin commented 6 years ago

If anybody is interested in testing out this feature in a patched v1.36.0 version, I've made some Alpine Linux x64 binaries available here: https://github.com/lifeomic/terraform-provider-aws/releases/tag/v1.36.0_patched_f2d0f833c

bflad commented 6 years ago

The fix for this has been merged into master and will release with version 1.39.0 of the AWS provider, likely tomorrow.

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!