search

hashicorp / terraform-provider-infoblox

This provider has moved to https://github.com/infobloxopen/terraform-provider-infoblox
https://github.com/infobloxopen/terraform-provider-infoblox
Mozilla Public License 2.0
12 stars 22 forks source link

Data conflict error (record already exists) masked by search error in output #23

Open jamesbtate opened 4 years ago

jamesbtate commented 4 years ago

When an attempt is made to create a host record (with DNS enabled) record using the infoblox_ip_allocation resource, but a record already exists with that name, the wrong error is shown in the output. Debug logging shows the expected error but the output only shows the below misleading error message.

I suspect the provider is doing some sort of search after the name conflict is detected. And erroneously using the configure_for_dns parameter in the search filter.

Sample configuration:

resource "infoblox_ip_allocation" "my_host" {
  vm_name           = "conflict"
  zone              = "test.example.com"
  dns_view          = "Internal"
  enable_dns        = true
  tenant_id         = "terraform_created"
  cidr              = "192.168.132.0/24"
}

output "ipv4_address" {
  value = infoblox_ip_allocation.my_host.ip_addr
}

Steps to reproduce:

  1. Create above Terraform configuration and appropriate provider configuration.
  2. Apply the config (this should succeed).
  3. Remove .tfstate file(s).
  4. Apply again. THis will fail, but with the wrong error.

Console output of the above steps:

me@home:one_host_record$../terraform-13.0 apply -auto-approve -no-color
infoblox_ip_allocation.my_host: Creating...
infoblox_ip_allocation.my_host: Creation complete after 1s [id=record:host/ZG5zLmhvc3QkLl9kZWZhdWx0LmVkdS5vZHUudGVzdC5jb25mbGljdA:conflict.test.example.com/Internal]

Apply complete! Resources: 1 added, 0 changed, 0 destroyed.

Outputs:

ipv4_address = 192.168.132.59

me@home:one_host_record$rm terraform.tfstate*
me@home:one_host_record$../terraform-13.0 apply -auto-approve -no-color
infoblox_ip_allocation.my_host: Creating...

Error: Error allocating IP from network block(192.168.132.0/24): WAPI request error: 400('400 Bad Request')
Contents:
{ "Error": "AdmConProtoError: Field is not searchable: configure_for_dns",
  "code": "Client.Ibap.Proto",
  "text": "Field is not searchable: configure_for_dns"
}

  on main.tf line 1, in resource "infoblox_ip_allocation" "my_host":
   1: resource "infoblox_ip_allocation" "my_host" {

Correct error in debug output:

2020-09-04T11:34:50.709-0400 [DEBUG] plugin.terraform-provider-infoblox_v1.1.0_x4: { "Error": "AdmConDataError: None (IBDataConflictError: IB.Data.Conflict:The record 'conflict.test.example.com' already exists.)",

Tested with Terraform 0.13.0 and 0.12.13. And with provider version 1.0.0 and 1.1.0. Same results in all cases.

jamesbtate commented 4 years ago

I tried digging into this on my own even though I have essentially zero experience with Go. I see the actual interaction with Infoblox API occurs in the infoblox-go-client code. Specifically this function which is called from line 109 of resource_infoblox_ip_allocation.go: https://github.com/terraform-providers/terraform-provider-infoblox/blob/7efc53b7e406ddb319c0a351678c282118bed549/vendor/github.com/infobloxopen/infoblox-go-client/object_manager.go#L433

At the end of that function, there are these four lines (455-458):

ref, err := objMgr.connector.CreateObject(recordHost)
recordHost.Ref = ref
err = objMgr.connector.GetObject(recordHost, ref, &recordHost)
return recordHost, err

It looks to me like any error that occurs in line 455 is unchecked and the error is replaced by any error that may occur in line 457. Is that the correct interpretation? This would match my suspicion that this bug is caused by a bad search after the failed create.

Should I open a new issue i that repo for this issue?

AvRajath commented 4 years ago

The error message returned will be from the go-client code only. Terraform just appends the output thrown by the Go code. As you pointed out it looks suspicious on why that error is left out without being returned. For updates on that Git you should probably raise a request on that Git Page.

jamesbtate commented 4 years ago

It turns out I don't understand how the infobloxopen/infoblox-go-client repo is included in this repo. Is it really just a copy of the source code? Is that how golang does dependencies?

In any case, this is actually fixed in the master branch: https://github.com/infobloxopen/infoblox-go-client/blob/master/object_manager.go#L437. The expected check for non-nil err is present. It was added in this commit on August 5, 2020: https://github.com/infobloxopen/infoblox-go-client/commit/efdea6e938a75c51b6f7b5d3856616fc89bb2976.

What is the process to get this included in the Terraform provider? I don't see anything about that in the README.md.

AvRajath commented 4 years ago

Our plugin works on go-client dependency and hence its included. Will update the latest infoblox-go client to this branch.