HDInsight ScriptActions -> why `ForceNew`

[jrauschenbusch]

Is there an existing issue for this?

• [X] I have searched the existing issues

Community Note

• Please vote on this issue by adding a :thumbsup: reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment and review the contribution guide to help.

Terraform Version

1.6.3

AzureRM Provider Version

3.79.0

Affected Resource(s)/Data Source(s)

azurerm_hdinsight_kafka_cluster

Terraform Configuration Files

resource "azurerm_resource_group" "example" {
  name     = "example-resources"
  location = "West Europe"
}

resource "azurerm_storage_account" "example" {
  name                     = "hdinsightstor"
  resource_group_name      = azurerm_resource_group.example.name
  location                 = azurerm_resource_group.example.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

resource "azurerm_storage_account" "extra" {
  name                     = "hdinsightextra"
  resource_group_name      = azurerm_resource_group.example.name
  location                 = azurerm_resource_group.example.location
  account_tier             = "Standard"
  account_replication_type = "LRS"
}

resource "azurerm_storage_container" "example" {
  name                  = "hdinsight"
  storage_account_name  = azurerm_storage_account.example.name
  container_access_type = "private"
}

resource "azurerm_hdinsight_kafka_cluster" "example" {
  name                = "example-hdicluster"
  resource_group_name = azurerm_resource_group.example.name
  location            = azurerm_resource_group.example.location
  cluster_version     = "4.0"
  tier                = "Standard"

  component_version {
    kafka = "2.1"
  }

  gateway {
    username = "acctestusrgw"
    password = "TerrAform123!"
  }

  storage_account {
    storage_container_id = azurerm_storage_container.example.id
    storage_account_key  = azurerm_storage_account.example.primary_access_key
    is_default           = true
  }

  roles {
    head_node {
      vm_size  = "Standard_D3_V2"
      username = "acctestusrvm"
      password = "AccTestvdSC4daf986!"

      script_action {
        name  = "add-storage-account-01"
        uri   = "https://hdiconfigactions.blob.core.windows.net/linuxaddstorageaccountv01/add-storage-account-v01.sh"
        parameters = format("%s %s", azurerm_storage_account.extra.name, azurerm_storage_account.extra.primary_access_key)
      }
    }

    worker_node {
      vm_size                  = "Standard_D3_V2"
      username                 = "acctestusrvm"
      password                 = "AccTestvdSC4daf986!"
      number_of_disks_per_node = 3
      target_instance_count    = 3
    }

    zookeeper_node {
      vm_size  = "Standard_D3_V2"
      username = "acctestusrvm"
      password = "AccTestvdSC4daf986!"
    }
  }
}

Debug Output/Panic Output

roles {
          ~ head_node {
              + script_actions { # forces replacement
                  + name = "add-storage-account-02"
                  + uri  = (known after apply)
                }
           }
}

Expected Behaviour

tf plan should not "force a replacement" when adding additional script actions to HDI clusters

I'm not sure if the tf-provider-azurerm schema definition of HDInsight w/ respect to script actions is correct. It defines a ForceNew on script actions. Via the Azure portal it is possible to run script actions all the time after cluster creation.

see schema

Actual Behaviour

tf plan logs that the cluster must be replaced

Steps to Reproduce

No response

Important Factoids

No response

References

No response

[jiaweitao001]

Hi @jrauschenbusch , thanks for opening this issue! It's indeed a bug on TF side, we will fix it ASAP.

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.