hashicorp / terraform-provider-google

Terraform Provider for Google Cloud Platform
https://registry.terraform.io/providers/hashicorp/google/latest/docs
Mozilla Public License 2.0
2.37k stars 1.75k forks source link

Plan fails when using google_project_service data source with disabled APIs - API not found #16515

Closed d-costa closed 1 year ago

d-costa commented 1 year ago

Community Note

Terraform Version

Terraform v1.6.3
on linux_amd64
+ provider registry.terraform.io/hashicorp/google v5.5.0

Affected Resource(s)

Terraform Configuration Files

terraform {
  required_version = "1.6.3"

  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "5.5.0"
    }
  }
}

provider "google" {
  project = var.project_id
}

variable "project_id" {
  type = string
}

data "google_project_service" "compute" {
  service = "compute.googleapis.com"
}

data "google_project_service" "dataproc" {
  service = "dataproc.googleapis.com"
}

Debug Output

Panic Output

Expected Behavior

data.google_project_service.dataproc: Reading...
data.google_project_service.compute: Reading...
data.google_project_service.compute: Read complete after 5s [id=PROJECT_ID/compute.googleapis.com]
data.google_project_service.dataproc: Read complete after 5s

Changes to Outputs:
  + compute_enabled  = true
  + dataproc_enabled = false

You can apply this plan to save these new output values to the Terraform state, without changing any real infrastructure.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

Outputs:

compute_enabled = true
dataproc_enabled = false

Actual Behavior

data.google_project_service.compute: Reading...
data.google_project_service.dataproc: Reading...
data.google_project_service.compute: Read complete after 5s [id=PROJECT_ID/compute.googleapis.com]

Changes to Outputs:
  + compute_enabled = true

You can apply this plan to save these new output values to the Terraform state, without changing any real infrastructure.
╷
│ Error: PROJECT_ID/dataproc.googleapis.com not found
│ 
│   with data.google_project_service.dataproc,
│   on main.tf line 24, in data "google_project_service" "dataproc":
│   24: data "google_project_service" "dataproc" {
│ 
╵

Steps to Reproduce

  1. terraform apply

Important Factoids

References

I believe this change was not intended, because it prevents the requested use case.

edwardmedia commented 1 year ago

@d-costa you are right. The behavior has been updated on most data sources by this PR in v5.0.0

The original issue was https://github.com/hashicorp/terraform-provider-google/issues/12873

Please go through the links above to see if that make sense.

d-costa commented 1 year ago

Thank you for your response @edwardmedia

I understand the objective of the PR you mentioned, and I am not contesting its benefits, but this prevents the use case that even the documentation describes. We cannot check if the service is enabled if we can only use it with enabled services:

Verify the API service for the Google Cloud Platform project to see if it is enabled or not. (https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/google_project_service)

edwardmedia commented 1 year ago

@trodge what do you think about this?

trodge commented 1 year ago

It looks like this was an intended change for all data sources in 5.0.0 based on https://github.com/hashicorp/terraform-provider-google/issues/12873.

That being said, it's possible the behavior is not appropriate for this data source in particular, since the main use case for data_source_google_project_service would be determining whether a service is enabled.

@NickElliot might have more context having made the change in https://github.com/GoogleCloudPlatform/magic-modules/pull/8858.

NickElliot commented 1 year ago

I think it would make sense to remove it for this data source as an exception, as it is the intended usage case for this specific data source.

github-actions[bot] commented 11 months ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.