Crash Report for google_dns_record_set

obanby commented 1 year ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v1.5.7
on darwin_amd64
+ provider registry.terraform.io/hashicorp/google v4.81.0

Affected Resource(s)

google_dns_record_set

Terraform Configuration Files

terraform {
  required_providers {
    google = {
      source = "hashicorp/google"
      version = "4.81.0"
    }
  }
}

provider "google" {
  project = "..." # Add your project here
  region = "us-east1"
}

Debug Output

Panic Output

https://gist.github.com/obanby/a71bccdaa2b764752186a4963cbfa387

Expected Behavior

When running terraform plan I should be able to generate a plan without plugin panic.

Actual Behavior

When I ran terrafrom plan the plugin crashed (crash.log attached).

Steps to Reproduce

Add a data source for the record set


data "google_dns_managed_zone" "dns-zone" {
project = "..." # Add your project name here
name = "..." # Add your managed zone name here 
}

data "google_dns_record_set" "record" { project = "...." managed_zone = data.google_dns_managed_zone.dns-zone.name name = "..." # Add an existing DNS record FQDN type = "A" }



2. Run `terrafrom plan`

### Important Factoids

<!--- Are there anything atypical about your accounts that we should know? For example: authenticating as a user instead of a service account? --->

I am authenticated using `gcloud auth application-default login`

### References

<!---
Information about referencing Github Issues: https://help.github.com/articles/basic-writing-and-formatting-syntax/#referencing-issues-and-pull-requests

Are there any other GitHub issues (open or closed) or pull requests that should be linked here? Vendor documentation? For example:
--->

* #0000

<!---
Note Google Cloud customers who are working with a dedicated Technical Account Manager / Customer Engineer: to expedite the investigation and resolution of this issue, please refer to these instructions: https://github.com/hashicorp/terraform-provider-google/wiki/Customer-Contact#raising-gcp-internal-issues-with-the-provider-development-team
--->

b/317497166

edwardmedia commented 1 year ago

@obanby how did you create the resource of google_dns_record_set? Do you have the config of it? Basically I want a config that I can repro the issue

shuyama1 commented 1 year ago

I suspect the issue is probably due to the datasource google_dns_managed_zone is not found (we currently set the resource id to "" instead of throwing errors if a Read function returns 404 error for datasources)

@obanby Could you double check if your have the correct input for your datasource variables. You can also verify if your datasource is read correctly by checking the debug log.

obanby commented 1 year ago

@edwardmedia The record is not created by terrafrom. It was manually created.

@shuyama1 The managed zone is reachable. I tested by using

output "dns_zone" {
  value = data.google_dns_managed_zone.dns-zone
}

shuyama1 commented 1 year ago

@obanby Do you have the debug log that contains the call requests and responses so that I can take a look?

obanby commented 1 year ago

@shuyama1 Thanks for looking into it. Here is the debug log https://gist.github.com/obanby/c712ad87496cfb8734e1db7bdee5ee1e

And here is the terrafrom snippet.

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "4.81.0"
    }
  }
}

provider "google" {
  # Configuration options
  project = "<obfescated>"
  region  = "us-east1"
  zone = "us-east1-b"
}

data "google_dns_managed_zone" "dns-zone" {
  project = "<obfescated>"
  name    = "<obfescated>"
}

data "google_dns_record_set" "entry" {
  project = "<obfescated>"
  managed_zone = data.google_dns_managed_zone.dns-zone.name
  name         = "<obfescated>"
  type         = "A"
}

output "dns_out" {
  value = data.google_dns_managed_zone.dns-zone
}

melinath commented 10 months ago

I'm able to reproduce this error in 5.9.0 using the example at https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/dns_managed_zone combined with the example from https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/dns_record_set.

The error is coming from this line: https://github.com/hashicorp/terraform-provider-google-beta/blob/3dc9cd44ce8659541ab19f4f062ffe30e9589a9a/google-beta/services/dns/data_source_dns_record_set.go#L147

The line assumes that there will be at least one value in Rrsets, so if there's not, it will crash.

We have one test for this data source (TestAccDataSourceDnsRecordSet_basic) which is passing in our nightlies. It doesn't currently cover this case. I don't see an obvious difference between the test and the failure mode I've reproduced. So there are a couple issues here:

There might be a docs issue that's causing users to end up making a bad query that results in an empty list when it should be non-empty.
There's a bug in the resource where an empty list causes a panic.

marcelobern commented 8 months ago

Documentation definitely does not indicate the record should exist and is unclear on the expected behavior of data google_dns_record_set attributes in case the record does not exist.

Honestly a provider plugin crashed message on a read query to an element that does not exist is a very bad behavior.

As the resource google_dns_record_set is authoritative: "The provider treats this resource as an authoritative record set" a useful use case for the resource / data google_dns_record_set pair would be to support the query before creation, something like:

variable "project_id" {
  description = "The project ID"
  type        = string
}

locals {
  dns_zone_name   = "my_zone"
  dns_zone_domain = "not_abc.com."
  subdomain       = "my.${local.dns_zone_domain}"
}

resource "google_dns_managed_zone" "main" {
  project  = var.project_id
  name     = local.dns_zone_name
  dns_name = local.dns_zone_domain
}

data "google_dns_record_set" "main" {
  project      = var.project_id
  managed_zone = google_dns_managed_zone.main.name
  name         = local.subdomain
  type         = "A"
}

resource "google_dns_record_set" "main" {
  count = data.google_dns_record_set.main.rrdatas != null ? 0 : 1

  project      = var.project_id
  managed_zone = google_dns_managed_zone.main.name
  name         = local.subdomain
  type         = "A"
  ttl          = 300
  rrdatas      = ["192.168.0.1"]
}

Samir-Cit commented 2 months ago

Hello you all. This is still an issue?

I saw that on Apr/15/2024 a code was merged fixing this. You can view the change here)

And this change was merged on GA on April 22, 2024

hashicorp / terraform-provider-google