search

hashicorp / terraform

Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
https://www.terraform.io/
Other
42.6k stars 9.55k forks source link

depends_on shouldn't require static expression #27732

Closed Carlovo closed 3 years ago

Carlovo commented 3 years ago

Terraform Version

Terraform v0.13.2 aws 3.8.0 I didn't see any relevant changes between then and the current version, though.

Terraform Configuration Files

First I tried this:

resource "aws_wafv2_web_acl" "example" {
  count = var.production_account ? 1 : 0

  name  = "alb-example"
  scope = "REGIONAL"

  # some more irrelevant config goes here
}

resource "aws_lb" "example" {
  name = "example"

  depends_on = var.production_account ? [aws_wafv2_web_acl.example[0]] : []

  # some more irrelevant config goes here
}

It errors with:

Error: Invalid expression

  on main.tf line 13, in resource "aws_lb" "example":
  13:   depends_on = var.production_account ? [aws_wafv2_web_acl.example[0]] : []

A static list expression is required.

But this works perfectly fine:

resource "aws_wafv2_web_acl" "example" {
  count = var.production_account ? 1 : 0

  name  = "alb-example"
  scope = "REGIONAL"

  # some more irrelevant config goes here
}

locals {
  timing_depencies = var.production_account ? [aws_wafv2_web_acl.example[0]] : []
}

resource "aws_lb" "example" {
  name = "example"

  depends_on = [local.timing_depencies]

  # some more irrelevant config goes here
}

Expected Behavior

Although, I'm happy I found this workaround for now, I would have expected either or neither would have worked. I know I'm pushing the use-case of both count and depends_on here :stuck_out_tongue: Still, I thought it would be good to point out this inconsistency. I feel both should actually work.

References

I was trying to find a workaround for hashicorp/terraform-provider-aws#17527

jbardin commented 3 years ago

Hi @Carlovo

I don't think the workaround you have is doing what you think it's doing. The depends_on meta attribute must use static references, because it is used in building the dependency graph before anything can be evaluated. There are no conditional dependencies, because expressions are only taken into consideration after all dependencies are determined.

The depends_on references are only used for creating extra dependency edges, so the end result of using the local.timing_depencies reference is identical to to using depends_on = [aws_wafv2_web_acl.example] directly.

Since terraform is working as expected here, I'm going to close this out. We use GitHub issues for tracking bugs and enhancements, rather than for questions. If you have more questions it's better to use the community forum where there are more people ready to help.

Thanks!

ghost commented 3 years ago

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.