Closed heryxpc closed 1 year ago
@heryxpc If I read your message correctly, you are moving the policy resource from one module watch-all-repos-xxx
to another watch-critical-all-repos-xxx
?
Unless you use the Terraform moved
block or state mv
cli command, TF won't know that this is a move operation and will try to do exactly what you described. Which is, delete the policy resource in watch-all-repos-xxx
and create the same policy as new resource in watch-critical-all-repos-xxx
. However, since TF doesn't know they are the same resource, it will try to perform both operation at the same time in parallel. This is, I think, the cause of the 409 error.
Describe the bug I updated my configuration to move one policy to a new watch. Terraform apply seemed to destroy it, but when the api tries to generate it it fails with a 409 error:
The policy
security-policy-critical-cvss
used to exist in the watch I'm using Terraform modules to save the configuration into the watchwatch-all-repos-xxx
. I was moving it to a new one namedwatch-critical-all-repos-xxx
My CI first ran
terraform plan
and thenterraform apply
. During plan it is stated that will be destroyed:But, as stated above it fails during apply. I'm using version 1.11.1
Former configuration:
New configuration:
Artifactory version: 7.41.7 Xray version: 3.41.5 Terraform: 1.0.2
Requirements for and issue
curl
Artifactory version at$host/artifactory/api/system/version
and Xray version at$host/xray/api/v1/system/version
Expected behavior The policy from the original watch should be destroyed and a new one with the same name be created into the new watch.
Additional context We use project atlantis to run Terraform as part of our pipeline.