Open garoplin opened 1 year ago
I have a interesting log from terraform apply
in debug mode:
{"id":"/subscriptions/…”,”name":"metadata","type":"Microsoft.Web/sites/config","location":"East US 2","tags”:{…},”properties":{"CURRENT_STACK":"java"}}: timestamp=2023-08-14T11:20:39.392Z 2023-08-14T11:20:39.395Z [WARN] Provider "provider[\"registry.terraform.io/hashicorp/azurerm\"]" produced an unexpected new value for module.some-name.azurerm_windows_web_app.default[0], but we are tolerating it because it is using the legacy plugin SDK. The following problems may be the cause of any confusing errors from downstream operations: - .site_config[0].cors: block count changed from 1 to 0 - .site_config[0].application_stack[0].java_version: was cty.StringVal("17.0.2"), but now cty.StringVal("") - .site_config[0].application_stack[0].tomcat_version: was cty.StringVal("9.0.62"), but now cty.StringVal("") [0m[1mmodule.some-name.azurerm_windows_web_app.default[0]: Modifications complete after 23s [id=…][0m 2023-08-14T11:20:39.397Z [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = error reading from server: EOF" 2023-08-14T11:20:39.401Z [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/hashicorp/azurerm/3.48.0/linux_amd64/terraform-provider-azurerm_v3.48.0_x5 pid=2483 2023-08-14T11:20:39.402Z [DEBUG] provider: plugin exited 2023-08-14T11:20:39.402Z [DEBUG] states/remote: state read serial is: 5; serial is: 5 2023-08-14T11:20:39.402Z [DEBUG] states/remote: state read lineage is: 2023-08-14T11:20:39.405Z [DEBUG] Azure Backend Request:
Adding some information here that might help for this issue. I did some tests directly with the REST API for web Apps and I was able to find that whenever there is a request to the endpoint PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}?api-version=2022-03-01
and the properties passed don't include And the property is also not included the values of the javaContainer, javaContainerVersion, javaVersion are kept. On the other hand every time that javaContainer, javaContainerVersion, javaVersion is not passed to the payload and use32BitWorkerProcess is passed, independent if is true or false, the javaContainer, javaContainerVersion, javaVersion will be reset to null on the config/web.
My suggestion that might fix this is to, whenever you have use32BitWorkerProcess in the body of that request, you should also include the value of the javaContainer, javaContainerVersion, javaVersion Just keep in mind that the value of these 3 properties will not be visible on the web/sites but instead it will be on the config/web, endpoint: GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/config/web?api-version=2022-03-01
Hope this helps solve the issue through the azurerm module.
Link to the REST API docs: https://learn.microsoft.com/en-us/rest/api/appservice/web-apps/create-or-update https://learn.microsoft.com/en-us/rest/api/appservice/web-apps/get-configuration
@myc2h6o if you can help checking this it would be great.
Hi Hugo, thank you for the analysis. I'm just wondering how can I enforce this. I do not have control over the request body that is being sent. The fact that PUT request does not include javaVersion and the rest of the parameters seem to be the problem in the first place. All I could do was to change use32BitWorkerProcess parameter to false but this didn't help. So is one think to call api explicitly but the other to enforce this body underneath terraform.
Best regards, Pawel
From: Hugo Ribeiro @.> Sent: Thursday, September 7, 2023 18:40 To: hashicorp/terraform-provider-azurerm @.> Cc: Pawel Zych @.>; Author @.> Subject: Re: [hashicorp/terraform-provider-azurerm] azurerm_windows_web_app resets java stack settings (Issue #22855)
Adding some information here that might help for this issue. I did some tests directly with the REST API for web Apps and I was able to find that whenever there is a request to the endpoint PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}?api-version=2022-03-01https://management.azure.com/subscriptions/%7BsubscriptionId%7D/resourceGroups/%7BresourceGroupName%7D/providers/Microsoft.Web/sites/%7Bname%7D?api-version=2022-03-01
and the properties passed don't include [image]https://user-images.githubusercontent.com/80255927/266383354-81b5fe0c-b148-43af-8efe-a887751998f8.png And the property [image]https://user-images.githubusercontent.com/80255927/266383519-663832ff-fa44-4477-87c9-90b2edcd9343.png is also not included the values of the javaContainer, javaContainerVersion, javaVersion are kept. On the other hand every time that javaContainer, javaContainerVersion, javaVersion is not passed to the payload and use32BitWorkerProcess is passed, independent if is true or false, the javaContainer, javaContainerVersion, javaVersion will be reset to null on the config/web.
My suggestion that might fix this is to, whenever you have use32BitWorkerProcess in the body of that request, you should also include the value of the javaContainer, javaContainerVersion, javaVersion Just keep in mind that the value of these 3 properties will not be visible on the web/sites but instead it will be on the config/web, endpoint: GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Web/sites/{name}/config/web?api-version=2022-03-01https://management.azure.com/subscriptions/%7BsubscriptionId%7D/resourceGroups/%7BresourceGroupName%7D/providers/Microsoft.Web/sites/%7Bname%7D/config/web?api-version=2022-03-01
Hope this helps solve the issue.
Link to the REST API docs: https://learn.microsoft.com/en-us/rest/api/appservice/web-apps/create-or-update https://learn.microsoft.com/en-us/rest/api/appservice/web-apps/get-configuration
— Reply to this email directly, view it on GitHubhttps://github.com/hashicorp/terraform-provider-azurerm/issues/22855#issuecomment-1710470926, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AS4OJFHU2KCW3K7OBHABXRLXZH2G3ANCNFSM6AAAAAA3H7THHE. You are receiving this because you authored the thread.Message ID: @.***>
I am adding the repro code and steps for reproduce this issue to help the azurerm team to investigate:
1) Deploy this code with terraform apply
` terraform {
required_version = ">=0.12"
required_providers { azurerm = { source = "hashicorp/azurerm" version = "~>3.24" } } }
provider "azurerm" { features {} }
resource "azurerm_resource_group" "HSR-WebApp-0" { location = "eastus" name = "HSR-WebApp-01" } resource "azurerm_service_plan" "HSR-WebApp-1" { location = "eastus" name = "HSR-ASP-B1" os_type = "Windows" resource_group_name = azurerm_resource_group.HSR-WebApp-0.name sku_name = "B1" tags = { displayName = "HostingPlan" } depends_on = [ azurerm_resource_group.HSR-WebApp-0, ] }
resource "azurerm_windows_web_app" "HSR-WebApp-3" { client_affinity_enabled = true https_only = true location = azurerm_service_plan.HSR-WebApp-1.location name = "HSR-JavaTomcat-B1" resource_group_name = azurerm_resource_group.HSR-WebApp-0.name service_plan_id = azurerm_service_plan.HSR-WebApp-1.id
site_config { ftps_state = "FtpsOnly" http2_enabled = true application_stack { current_stack = "java" java_version = "17.0.2" tomcat_version = "9.0.62" java_embedded_server_enabled = null } }
depends_on = [ azurerm_service_plan.HSR-WebApp-1, ] }
`
2) check the stack on the config, you should see something like: "javaVersion": "17.0.2", "javaContainer": "TOMCAT", "javaContainerVersion": "9.0.62",
3)Change one property for instance http2_enabled = false and run terraform apply again.
4) check the stack on the config, you should see something like: "javaVersion": null, "javaContainer": null, "javaContainerVersion": null,
@xiaxyi let us know if something can be done about this from azurerm side. Thank you
@xiaxyi, is there any update on this?
@xiaxyi, following up on that
Is there an existing issue for this?
Community Note
Terraform Version
1.4.6
AzureRM Provider Version
3.390/3.48.0
Affected Resource(s)/Data Source(s)
azurerm_windows_web_app
Terraform Configuration Files
Debug Output/Panic Output
Expected Behaviour
I have already configured and running app service for a long time, but I've imported the app service under terraform. When running
terraform plan after successful
import it doesn't show any changes. However, afterapply
terraform resets stack settings, from Java 17 to Java 11 and disables tomcat:Then, when the app is in this incorrect state and i run
terraform plan
once again, it sees that the change needs to be done (11 -> 17 and tomcat -> 9.0.62) and theapply
fixes the issue. I've tried running it many times and each time the apply which doesn't show any changes deletes stack settings. I've tried this both on 3.39.0 and 3.48.0 azurerm versionActual Behaviour
Terraform plan doesn't resets stack settings in application
Steps to Reproduce
No response
Important Factoids
No response
References
No response