Error: Provider produced inconsistent result after apply

imperva / terraform-provider-incapsula

This package is a plugin for Terraform, and is designed to be used to auto-provision sites in Incapsula via Incapsula’s API from the terraform cli/yaml configurations.

Mozilla Public License 2.0

44 stars 72 forks source link

Error: Provider produced inconsistent result after apply #159

Closed Zack-Watt closed 2 years ago

Zack-Watt commented 2 years ago

Error: Provider produced inconsistent result after apply When applying changes to incapsula_waf_security_rule, provider "provider[\"registry.terraform.io/imperva/incapsula\"]" produced an unexpected new value: Root resource was present, but now absent. This is a bug in the provider, which should be reported in the provider's own issue tracker.

Updated version to 3.5.1, also failed on version 3.2.2

required_providers {
    incapsula = {
      source  = "imperva/incapsula"
      version = "3.5.1"
    }

Example:

resource "incapsula_waf_security_rule" "resource-name" {
  site_id = incapsula_site.resource-name.id
  rule_id = "integration.api.threats.backdoor"
  security_rule_action = "api.threats.action.quarantine_url" # (api.threats.action.quarantine_url (default) | api.threats.action.alert | api.threats.action.disabled | api.threats.action.quarantine_url)
}

BrachaY commented 2 years ago

@Zack-Watt Please use parallelism=1 and see if the issue is reprodeced

Zack-Watt commented 2 years ago

@BrachaY Wasn't positive on what agent we're running. Pretty sure we're running the cloud agent. Attempted both methods in environment variables just to make sure though. All plans produced the same plan of adding our 14 rules, and then same error we've seen when attempting to run the apply.

»Parallelism You can use the TFE_PARALLELISM environment variable when your infrastructure providers produce errors on concurrent operations or use non-standard rate limiting. The TFE_PARALLELISM variable sets the -parallelism= flag for terraform plan and terraform apply (more about parallelism). Valid values are between 1 and 256, inclusive, and the default is 10. Terraform Cloud Agents do not support TFE_PARALLELISM, but you can specify flags as environment variables directly via TF_CLI_ARGS_name. In these cases, use TF_CLI_ARGS_plan="-parallelism=" or TF_CLI_ARGS_apply="-parallelism=" instead.

Anything else that I should try?

BrachaY commented 2 years ago

@Zack-Watt Please attach the provider logs in debug mode - add TF_LOG=DEBUG before the terraform apply command

Zack-Watt commented 2 years ago

I've attached plan/apply logs.

Here are plan/apply logs. Let me know if there is anything else I can provide.

BrachaY commented 2 years ago

Hi @Zack-Watt For some reason you added the prefix "integration" to all rule ids. remove it and it will work for you. In addition, we will fix the bug that let you put this id in the first place - the id should be validated according to a close list of ids.

Zack-Watt commented 2 years ago

that worked. Looks like we added that for our integration environment as a naming convention and didn't realize that wasn't meant to be changed.

Thank you for the help.