hashicorp / terraform-provider-google

Terraform Provider for Google Cloud Platform
https://registry.terraform.io/providers/hashicorp/google/latest/docs
Mozilla Public License 2.0
2.33k stars 1.73k forks source link

Permadiff for google_container_cluster #17914

Open AndreasBergmeier6176 opened 6 months ago

AndreasBergmeier6176 commented 6 months ago

Community Note

Terraform Version

Terraform v1.4.7
on linux_amd64
+ provider registry.terraform.io/hashicorp/google v5.24.0
+ provider registry.terraform.io/hashicorp/google-beta v5.24.0

Affected Resource(s)

google_container_cluster

Terraform Configuration

resource "google_container_cluster" "main" {
  id       = "projects/foo/locations/europe-west1/clusters/default"
  name = "default"

  node_pool_auto_config {

    network_tags {
      tags = []
    }
  }
}

Debug Output

No response

Expected Behavior

There should not be an update.

Actual Behavior

The update output is:

  ~ resource "google_container_cluster" "main" {
        id                                       = "projects/foo/locations/europe-west1/clusters/default"
        name                                     = "default"
        # (31 unchanged attributes hidden)

      ~ node_pool_auto_config {
          + resource_manager_tags = {}

          + network_tags {
              + tags = []
            }
        }

even after applying, it still shows up in subsequent updates.

Steps to reproduce

  1. terraform apply
  2. terraform apply
  3. terraform apply

Important Factoids

No response

References

No response

b/337531673

AndreasBergmeier6176 commented 6 months ago

I think the problem might be due to inherited tags. The Console does handle this properly - maybe the terraform code handles tags too simplistically - especially since removing an inherited tag is not possible.

ggtisc commented 6 months ago

Confirmed issue:

After the resource creation whiteout changing anything in the 2nd terraform apply it tries to change the node_pool_auto_config

jessicaochen commented 6 months ago

Is this specific to node_pool_auto_config or how empty arrays are handled under google_container_cluster?