search

integrations / terraform-provider-github

Terraform GitHub provider
https://www.terraform.io/docs/providers/github/
MIT License
911 stars 751 forks source link

[BUG]: Invalid state of github_repository after a failed update #2426

Open krzysztofdrys opened 1 month ago

krzysztofdrys commented 1 month ago

Expected Behavior

I don't have rights to update the repository settings. After I do terraform apply and the update fails, I want to see the correct stare.

In other words after failed apply like this:

❯ terraform apply
github_repository.yyy: Preparing import... [id=yyy]
github_repository.yyy: Refreshing state... [id=yyy]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # github_repository.yyy will be updated in-place
  # (imported from "yyy")
  ~ resource "github_repository" "yyy" {
        allow_auto_merge            = false
      ~ allow_merge_commit          = true -> false
      ~ allow_rebase_merge          = true -> false
        allow_squash_merge          = true
        allow_update_branch         = false
        archived                    = false
        auto_init                   = false
        default_branch              = "master"
        delete_branch_on_merge      = false
        etag                        = "W/\"c6fc49c0c8587160963c8cc0756f7d56f1bbbd9bba78f5279b22ebd1a64d579d\""
        full_name                   = "xxx/yyy"
        git_clone_url               = "git://github.com/xxx/yyy.git"
        has_discussions             = false
      ~ has_downloads               = true -> false
      ~ has_issues                  = true -> false
      ~ has_projects                = true -> false
      ~ has_wiki                    = true -> false
        html_url                    = "https://github.com/xxx/yyy"
        http_clone_url              = "https://github.com/xxx/yyy.git"
        id                          = "yyy"
        is_template                 = false
        merge_commit_message        = "PR_TITLE"
        merge_commit_title          = "MERGE_MESSAGE"
        name                        = "yyy"
        node_id                     = "MDEwOlJlcG9zaXRvcnkyNTQyMTAxNjM="
        primary_language            = "Mustache"
        private                     = true
        repo_id                     = 254210163
        squash_merge_commit_message = "COMMIT_MESSAGES"
        squash_merge_commit_title   = "COMMIT_OR_PR_TITLE"
        ssh_clone_url               = "git@github.com:xxx/yyy.git"
        svn_url                     = "https://github.com/xxx/yyy"
        topics                      = []
        visibility                  = "private"
        vulnerability_alerts        = false
        web_commit_signoff_required = false
    }

Plan: 1 to import, 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

github_repository.yyy: Importing... [id=yyy]
github_repository.yyy: Import complete [id=yyy]
github_repository.yyy: Modifying... [id=yyy]
╷
│ Error: PATCH https://api.github.com/repos/xxx/yyy: 404 Not Found []
│ 
│   with github_repository.yyy,
│   on main.tf line 1, in resource "github_repository" "yyy":
│    1: resource "github_repository" "yyy" {
│ 
╵

I expect next terraform plan to show the same changes as the first terraform apply showed.

Actual Behavior

I am "stuck" with the incorrect state. Terraform apply changed some parts of the state, but not etag, so terraform plan or terraform refresh will not fetch the actual state. 

❯ terraform plan
github_repository.yyy Refreshing state... [id=yyy]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.

Terraform Version

Terraform v1.7.4 on darwin_amd64

Affected Resource(s)

github_repository

Terraform Configuration Files

# When doing terraform apply, you should be able to "see" repository yyy, but not
# to modify it.

resource "github_repository" "yyy" {
  name = "yyy"

  has_downloads = false
  has_issues = false
  has_projects = false
  has_wiki = false

  allow_merge_commit = false
  allow_rebase_merge = false
}

import {
  id = "yyy"
  to = github_repository.yyy
}

terraform {
  required_version = ">= 1.1.5"
  required_providers {
    github = {
      source  = "integrations/github"
      version = "~> 6.0"
    }
  }
}

provider "github" {
  owner = "xxx"
}

Steps to Reproduce

terraform apply
terraform plan

Debug Output

No response

Panic Output

No response

Code of Conduct

krzysztofdrys commented 1 month ago

Additional information: I use GitHub CLI authentication.