Closed hashibot closed 1 year ago
I am seeing this too.
Hi folks, I'm afraid this is an effect of eventually consistent nature of the API, or more likely storage GitHub uses internally to back the API. I can certainly see regular intermittent test failures resulting from this.
When I inspected the debug log and followed sequence of API calls, I can tell that these are issued as expected (e.g. POST
-> GET
), but the API sometimes decides to respond 404
to GET
right after previous successful creation (201
) call.
This unfortunately affects the whole API and would be quite tricky, if not impossible to address reliably. We could add retries where possible (e.g. when we're sure that a resource should really exist in a given sequence of calls, e.g. right after creation), but it's going to be a what-a-mole game.
This also affects updates, where you can get old values from GET
right after issuing successful PATCH
request.
@radeksimko I don't understand what eventual consistency has to do with resources that I built over a year ago always being "created" every time I do a terraform apply
. They simply never make it into the state file.
@razorsedge That's a very useful and important detail (so far not mentioned in this thread), which indeed puts the issue in a different perspective. Thank you for the update. 👍
Do you mind providing a debug log from terraform commands you ran (minus any secrets)? This would allow us to investigate further what's happening behind the scenes, esp. between Terraform and the API.
If you fancy you can also encrypt the log using our GPG key.
Thanks.
In attempting to simplify the code and get the debug log, I picked a single github_team_repository
and ... It Worked. The github_team
was added to the repo, it was in the statefile, and subsequent plan/apply stated there were no changes.
So I picked another repo and it failed to add it to the catalog. This got me to thinking about the difference between the two repos: the successful one is public and the failed one is private.
... Which got me wondering about access token scope. What is needed in order for Terraform to work with GitHub?
Debug logs to follow...
Adding repo:all to my token's scope has fixed it. I am not sure if only repo:status, repo_deployment, public_repo, or repo:invite will do the trick.
👋 Hey Friends, this issue has been automatically marked as stale
because it has no recent activity. It will be closed if no further activity occurs. Please add the Status: Pinned
label if you feel that this issue needs to remain open/active. Thank you for your contributions and help in keeping things tidy!
This issue was originally opened by @publysher as hashicorp/terraform#9149. It was migrated here as part of the provider split. The original body of the issue is below.
My github_team_repository resources do not show up in
terraform show
. Whenever I create a fresh plan, they are indicated as new.Terraform Version
Terraform v0.7.4
Affected Resource(s)
Terraform Configuration Files
Expected Behavior
The first time,
terraform plan
should show:After applying,
terraform plan
should indicate that everything is in sync.After applying,
terraform show | grep frontend_frontend
should show the github_team_repository resource.Actual Behavior
After applying,
terraform plan
shows:terraform apply
will re-create the resource.terraform show
does not show the resource.