Open Lerentis opened 10 months ago
0.13.2
3.21.0
1.14.4
vault_database_secret_backend_connection
Read should happen
Provider Crashes
2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: goroutine 18156 [running]: 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault.getConnectionDetailsFromResponse(0xc000ef0380?, {0xc000052c90, 0x9}, 0x2?) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault/resource_database_secret_backend_connection.go:1014 +0x737 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault.getConnectionDetailsFromResponseWithUserPass(0x15bf951?, {0xc000052c90, 0x9}, 0xc000bf4fc0) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault/resource_database_secret_backend_connection.go:1391 +0x31 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault.getDBConnectionConfig(0x16106de?, 0x23c56c0, 0xc0014b9200?, 0xc001922810?, {0x148a680, 0xc0005a8180}) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault/resource_database_secret_backend_connection.go:1899 +0x2c9 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault.databaseSecretBackendConnectionRead(0xc00065f580, {0x148a680, 0xc0005a8180}) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/vault/resource_database_secret_backend_connection.go:1806 +0x4a5 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/internal/provider.ReadWrapper.func1(0x0?, {0x148a680, 0xc0005a8180}) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-provider-vault/internal/provider/provider.go:241 +0x5a 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).read(0x19ce8e8?, {0x19ce8e8?, 0xc0009c32c0?}, 0xd?, {0x148a680?, 0xc0005a8180?}) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/resource.go:783 +0x178 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*Resource).RefreshWithoutUpgrade(0xc000732e00, {0x19ce8e8, 0xc0009c32c0}, 0xc00079c820, {0x148a680, 0xc0005a8180}) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/resource.go:1089 +0x59e 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema.(*GRPCProviderServer).ReadResource(0xc00098ca50, {0x19ce8e8?, 0xc0009c3170?}, 0xc000ef2ac0) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-sdk/v2@v2.29.0/helper/schema/grpc_provider.go:649 +0x4a5 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0xc00032c280, {0x19ce8e8?, 0xc0009c2960?}, 0xc000cd8a20) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-go@v0.19.0/tfprotov5/tf5server/server.go:789 +0x4b1 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0x156c320?, 0xc00032c280}, {0x19ce8e8, 0xc0009c2960}, 0xc0006a57a0, 0x0) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: github.com/hashicorp/terraform-plugin-go@v0.19.0/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:431 +0x170 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: google.golang.org/grpc.(*Server).processUnaryRPC(0xc0000d0d20, {0x19d4260, 0xc0005481a0}, 0xc0008d2360, 0xc00098e990, 0x23cf348, 0x0) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: google.golang.org/grpc@v1.58.2/server.go:1376 +0xdd2 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: google.golang.org/grpc.(*Server).handleStream(0xc0000d0d20, {0x19d4260, 0xc0005481a0}, 0xc0008d2360, 0x0) 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: google.golang.org/grpc@v1.58.2/server.go:1753 +0xa36 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: google.golang.org/grpc.(*Server).serveStreams.func1.1() 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: google.golang.org/grpc@v1.58.2/server.go:998 +0x98 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: created by google.golang.org/grpc.(*Server).serveStreams.func1 2023-11-10T06:48:21.834Z [DEBUG] plugin.terraform-provider-vault_v3.21.0_x5: google.golang.org/grpc@v1.58.2/server.go:996 +0x18c 2023-11-10T06:48:21.836Z [DEBUG] plugin: plugin process exited: path=.terraform/plugins/registry.terraform.io/hashicorp/vault/3.21.0/linux_amd64/terraform-provider-vault_v3.21.0_x5 pid=672 error="exit status 2"
resource "vault_database_secret_backend_connection" "config-oracle" { backend = var.database.name name = each.key allowed_roles = ["*"] verify_connection = false oracle { max_connection_lifetime = 300 max_idle_connections = 5 max_open_connections = 5 connection_url = format( "%s/%s@%s", data.vault_generic_secret.config_credentials[each.key].data[each.value.vault_username_field], data.vault_generic_secret.config_credentials[each.key].data[each.value.vault_password_field], each.value.url ) } for_each = { for config in var.database.configs : config.name => config if var.database.type == "oracle" } depends_on = [vault_mount.database, data.vault_generic_secret.config_credentials] }
create vault_database_secret_backend_connection manually import into terraform read during next apply
No response
Create entry:
vault write db-oracle-consumer/config/oracle \ plugin_name=oracle-database-plugin \ allowed_roles="*" \ connection_url="REDACTED" \ max_open_connections=5 \ max_connection_lifetime="300s" \ max_idle_connections=5
corresponding json when getting it with vault cli:
{ "request_id": "REDACTED", "lease_id": "", "lease_duration": 0, "renewable": false, "data": { "allowed_roles": [ "*" ], "connection_details": { "connection_url": "REDACTED", "max_connection_lifetime": "300s", "max_idle_connections": "5", "max_open_connections": "5" }, "password_policy": "", "plugin_name": "oracle-database-plugin", "plugin_version": "", "root_credentials_rotate_statements": [] }, "warnings": null }
the expected correct json should look like this:
{ "request_id": "REDACTED", "lease_id": "", "lease_duration": 0, "renewable": false, "data": { "allowed_roles": [ "*" ], "connection_details": { "connection_url": "REDACTED", "max_connection_lifetime": "300s", "max_idle_connections": 5, "max_open_connections": 5, "username_template": "" }, "password_policy": "", "plugin_name": "oracle-database-plugin", "plugin_version": "", "root_credentials_rotate_statements": [] }, "warnings": null }
I understand that this bug is probably somewhere else but honouring the resilience principle i would recommend to change this expectations here to also check the content if it is a string and parse it to int64 if it is a numeric value.
None
Terraform Core Version
0.13.2
Terraform Vault Provider Version
3.21.0
Vault Server Version
1.14.4
Affected Resource(s)
vault_database_secret_backend_connectionExpected Behavior
Read should happen
Actual Behavior
Provider Crashes
Relevant Error/Panic Output Snippet
Terraform Configuration Files
Steps to Reproduce
create
vault_database_secret_backend_connectionmanually import into terraform read during next applyDebug Output
No response
Panic Output
No response
Important Factoids
Create entry:
corresponding json when getting it with vault cli:
the expected correct json should look like this:
I understand that this bug is probably somewhere else but honouring the resilience principle i would recommend to change this expectations here to also check the content if it is a string and parse it to int64 if it is a numeric value.
References
No response
Would you like to implement a fix?
None