search

hashicorp / terraform-provider-google

Terraform Provider for Google Cloud Platform
https://registry.terraform.io/providers/hashicorp/google/latest/docs
Mozilla Public License 2.0
2.28k stars 1.72k forks source link

google_project resource in DELETE_REQUESTED state causes terraform plan error #451

Closed ewbankkit closed 6 years ago

ewbankkit commented 6 years ago

I successfully create a project via Terraform:

resource "google_project" "service" {
  project_id      = "test-service3-id"
  name            = "test-service3-name"
  org_id          = ...
  billing_account = ...
}

and then shut down the project in the GCP console. The project transitions to DELETE_REQUESTED state. I then run terraform plan and get an error:

* google_project.service: google_project.service: Error reading billing account for project "projects/test-service3-id": googleapi: Error 404: Requested entity was not found., notFound

Running with logging on:

2017-09-22T17:56:04.319-0400 [DEBUG] plugin.terraform-provider-google: ---[ REQUEST ]---------------------------------------
2017-09-22T17:56:04.319-0400 [DEBUG] plugin.terraform-provider-google: GET /v1/projects/test-service3-id?alt=json HTTP/1.1
2017-09-22T17:56:04.319-0400 [DEBUG] plugin.terraform-provider-google: Host: cloudresourcemanager.googleapis.com
2017-09-22T17:56:04.319-0400 [DEBUG] plugin.terraform-provider-google: User-Agent: google-api-go-client/0.5 (linux amd64) Terraform/0.10.0-dev
2017-09-22T17:56:04.319-0400 [DEBUG] plugin.terraform-provider-google: Accept-Encoding: gzip
2017-09-22T17:56:04.321-0400 [DEBUG] plugin.terraform-provider-google: 
2017-09-22T17:56:04.321-0400 [DEBUG] plugin.terraform-provider-google: -----------------------------------------------------
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: 2017/09/22 17:56:04 [DEBUG] Google API Response Details:
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: ---[ RESPONSE ]--------------------------------------
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: HTTP/2.0 200 OK
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Cache-Control: private
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Content-Type: application/json; charset=UTF-8
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Date: Fri, 22 Sep 2017 21:56:05 GMT
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Server: ESF
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Vary: Origin
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Vary: X-Origin
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: Vary: Referer
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: X-Content-Type-Options: nosniff
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: X-Frame-Options: SAMEORIGIN
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: X-Xss-Protection: 1; mode=block
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: 
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: {
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:   "projectNumber": "00000000000000000",
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:   "projectId": "test-service3-id",
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:   "lifecycleState": "DELETE_REQUESTED",
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:   "name": "test-service3-name",
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:   "createTime": "2017-09-16T22:19:51.329Z",
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:   "parent": {
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:     "type": "organization",
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:     "id": "00000000000000000"
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google:   }
2017-09-22T17:56:04.810-0400 [DEBUG] plugin.terraform-provider-google: }
...
2017-09-22T17:56:04.811-0400 [DEBUG] plugin.terraform-provider-google: -----------------------------------------------------
2017-09-22T17:56:04.812-0400 [DEBUG] plugin.terraform-provider-google: 2017/09/22 17:56:04 [DEBUG] Google API Request Details:
2017-09-22T17:56:04.812-0400 [DEBUG] plugin.terraform-provider-google: ---[ REQUEST ]---------------------------------------
2017-09-22T17:56:04.812-0400 [DEBUG] plugin.terraform-provider-google: GET /v1/projects/test-service3-id/billingInfo?alt=json HTTP/1.1
2017-09-22T17:56:04.812-0400 [DEBUG] plugin.terraform-provider-google: Host: cloudbilling.googleapis.com
2017-09-22T17:56:04.812-0400 [DEBUG] plugin.terraform-provider-google: User-Agent: google-api-go-client/0.5 (linux amd64) Terraform/0.10.0-dev
2017-09-22T17:56:04.812-0400 [DEBUG] plugin.terraform-provider-google: Accept-Encoding: gzip
2017-09-22T17:56:04.813-0400 [DEBUG] plugin.terraform-provider-google: -----------------------------------------------------
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: 2017/09/22 17:56:05 [DEBUG] Google API Response Details:
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: ---[ RESPONSE ]--------------------------------------
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: HTTP/2.0 404 Not Found
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Alt-Svc: quic=":443"; ma=2592000; v="39,38,37,35"
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Cache-Control: private
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Content-Type: application/json; charset=UTF-8
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Date: Fri, 22 Sep 2017 21:56:05 GMT
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Server: ESF
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Vary: Origin
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Vary: X-Origin
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: Vary: Referer
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: X-Content-Type-Options: nosniff
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: X-Frame-Options: SAMEORIGIN
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: X-Xss-Protection: 1; mode=block
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: 
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: {
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:   "error": {
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:     "code": 404,
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:     "message": "Requested entity was not found.",
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:     "errors": [
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:       {
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:         "message": "Requested entity was not found.",
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:         "domain": "global",
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:         "reason": "notFound"
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:       }
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:     ],
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:     "status": "NOT_FOUND"
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google:   }
2017-09-22T17:56:05.023-0400 [DEBUG] plugin.terraform-provider-google: }
ewbankkit commented 6 years ago

Call handleNotFoundError here or check project.lifecycleState here?

rosbo commented 6 years ago

Hi Kit,

I am curious about what behavior you expect when the project is in DELETE_REQUESTED state?

A) Delete from tf.state (that's what calling handleNotFoundError like you suggested would do) and recreate a brand new project.

B) Call undelete on the project making it ACTIVE again.

ewbankkit commented 6 years ago

If the project is deleted via terraform destroy then the resource will be removed from the corresponding state file and we shouldn't get into this situation on the next terraform plan (we'd see a new project was going to be created). So we should only get into this situation if the project is deleted outside of Terraform. In this case I would say go with B) - re-activate the project; If the user really wants to delete the project she will have to remove the corresponding resource from the code AND the state file (else if it's not removed from the state file the next terraform plan will get the same error).

However, a case can be made for A) also 😄.

BTW, it looks like folders can also be undeleted and that resource has lifecycle_state attribute. Consistency of behavior will be important I think.

I can think of no prior art here for other resources/cloud providers I know except for some similarity to re-creating the AWS default VPC for a region - https://github.com/terraform-providers/terraform-provider-aws/pull/1400.

rosbo commented 6 years ago

Agreed, folders and projects should behave the same way for this.

I am also leaning towards B).

@danawillow @paddycarver @selmanj Any thoughts before I update our project and folder resources to handle this case?

danawillow commented 6 years ago

Yup, same.

I think we should handle DELETE_REQUESTED as if it were actually deleted- so a plan would show it as being created, and apply would un-delete it. It's a bit tricky because if it has any properties (I guess just billing account right now) that change, they'd have to be updated as well alongside the undelete.

selmanj commented 6 years ago

I am hesitant about using an undelete; from the docs:

Project owners can restore a terminated project within the 30-day waiting period that starts when the project is shut down. Restoring a project returns it to the state it was in prior to being shut down.

As a user, it would be surprising to me if I deleted a project, recreated it, and then all the previous state was restored (more specifically, all the resources associated with the project get revived). That works different from every other resource in terraform.

rosbo commented 6 years ago

@selmanj you convinced me. undelete cloud be quite surprising. If they deleted it from the console by mistake, they can undelete it from there.

I will handle the not found error properly and this will trigger a new project creation.

paddycarver commented 6 years ago

(Chiming in late that support for undelete would be very cool in certain situations, but I too believe it would lead to confusing and unexpected edge cases and it would probably be better to delete from state. So what y'all said, just agreeing. :) )

AbhinayGupta741 commented 4 years ago

Thanks to @ewbankkit . Well, the restoring terminated project in GCP worked for me. We are facing the same issue while creating the new project through Jenkins using terraform.

danawillow commented 4 years ago

Hi @AbhinayGupta741, this issue has been closed for over two years so I think most of us have lost context as this point. If you're experiencing problems still, could you please open a new one in the tracker and fill out the template completely? Thanks!

ghost commented 4 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 hashibot-feedback@hashicorp.com. Thanks!