google_sql_database_instance accepts user_labels and not labels

tibers commented 1 month ago

Community Note

Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
If you are interested in working on this issue or have submitted a pull request, please leave a comment.
If an issue is assigned to a user, that user is claiming responsibility for the issue.
Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform cloud latest on

provider registry.terraform.io/hashicorp/google latest

Affected Resource(s)

google_sql_database_instance accepts user_labels and not labels

Why is this a problem? If we write a sentinel policy which requires labels on things, I have one single resource which uses user_labels and not the standard labels.

See https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#user_labels

Terraform Configuration

Debug Output

No response

Expected Behavior

No response

Actual Behavior

No response

Steps to reproduce

terraform apply

Important Factoids

No response

References

No response

ggtisc commented 1 month ago

Hi @tibers!

I tried to replicate this issue with the next code based on this example but the result was successful without errors:

resource "google_sql_database_instance" "sql_db_instance_19450" {
  name             = "sql-db-instance-19450"
  database_version = "MYSQL_8_0_31"
  deletion_protection = false
  settings {
    tier    = "db-perf-optimized-N-2"
    edition = "ENTERPRISE_PLUS"
    data_cache_config {
        data_cache_enabled = true
    }
    user_labels = {
      "foo" : "bar"
    }
  }
}

I suggest you to check the terraform registry and API documentation. But if you still continue with issues share your full code to check out what is happening.

SarahFrench commented 1 month ago

Hi @tibers - Thanks for opening this issue and I appreciate this resource being an outlier is irritating!

We discussed this internally and decided that we won't alter this resource to make the labels field be called 'labels' or be located at the top-level. Our reasoning is that we prefer to make resources in the provider resemble the resources in the API, and not deviate from that except when absolutely necessary. Unfortunately the SQL API is an old GCP API that predates the standards that make other APIs look so alike, hence the labels field being handled differently.

Are you able to write your Sentinel policy in a way that accommodates this resource as it currently behaves?

hashicorp / terraform-provider-google