search

mongodb / terraform-provider-mongodbatlas

Terraform MongoDB Atlas Provider: Deploy, update, and manage MongoDB Atlas infrastructure as code through HashiCorp Terraform
https://registry.terraform.io/providers/mongodb/mongodbatlas
Mozilla Public License 2.0
240 stars 168 forks source link

mongodbatlas_custom_db_role not waiting for resource creation #148

Closed bauerben closed 4 years ago

bauerben commented 4 years ago

When creating several custom db roles at the same time with mongodbatlas_custom_db_role, seems like the provider is not waiting long enough or retrying to get the return confirmation of resource creation.

Terraform source: 

variable "db_list" {
  type = list(string)
  default = ["db1", "db2", "db3", "db4" ,"db5" ]
}

resource "mongodbatlas_custom_db_role" "db_role" {
  for_each = toset(var.db_list)
  project_id = var.atlas_project_id
  role_name  = "READ__${each.key}"
  actions {
    action = "FIND"
    resources {
      collection_name = ""
      database_name = each.key
    }
  }
}

Terraform apply results in code 404 : 

mongodbatlas_custom_db_role.db_role["db1"]: Creating...
mongodbatlas_custom_db_role.db_role["db4"]: Creating...
mongodbatlas_custom_db_role.db_role["db2"]: Creating...
mongodbatlas_custom_db_role.db_role["db5"]: Creating...
mongodbatlas_custom_db_role.db_role["db3"]: Creating...
mongodbatlas_custom_db_role.db_role["db3"]: Creation complete after 1s [id=cmVjdF9pZA==:NWU0ZWMyOGJiYTRmNDEzMTk0ZGYxOTR9sZV9uYW1l:UkVBRF9fZGIz]
mongodbatlas_custom_db_role.db_role["db1"]: Creation complete after 1s [id=cHJvaF9pZA==:NWU0ZWMyOGJiYTRmNDEzMTk0ZGYxOTR9sZV9uYW1l:UkVBRF9fZGIx]
mongodbatlas_custom_db_role.db_role["db2"]: Creation complete after 1s [id=cHJvamVjZA==:NWU0ZWMyOGJiYTRmNDEzMTk0ZGYxOTR9sZV9uYW1l:UkVBRF9fZGIy]

Error: error creating custom db role: POST https://cloud.mongodb.com/api/atlas/v1.0/groups/XXXXXXXXXXXXX/customDBRoles/roles: 404 (request "Not Found") The specified custom db role READ__db4 does not exist.

  on custom_db_roles.tf line 20, in resource "mongodbatlas_custom_db_role" "db_role":
  20: resource "mongodbatlas_custom_db_role" "db_role"  {

Error: error creating custom db role: POST https://cloud.mongodb.com/api/atlas/v1.0/groups/XXXXXXXXXXXXX/customDBRoles/roles: 404 (request "Not Found") The specified custom db role READ__db5 does not exist.

  on custom_db_roles.tf line 20, in resource "mongodbatlas_custom_db_role" "db_role":
  20: resource "mongodbatlas_custom_db_role" "db_role"  {

Applying a second time works.

In case of creating a lot of resources at the same time, retry should be implemented in every resource types as it has been done with replicasets or whitelists creation ?

Mentioning depends_on seems to be a possible workaround in the meanwhile : 

variable "db_list" {
  type = list(string)
  default = ["db1", "db2", "db3", "db4" ,"db5" ]
}

resource "mongodbatlas_custom_db_role" "db_role" {
  for_each = toset(var.db_list)
  project_id = var.atlas_project_id
  role_name  = "READ__${each.key}"
  depends_on = [var.db_list]
  actions {
    action = "FIND"
    resources {
      collection_name = ""
      database_name = each.key
    }
  }
}
themantissa commented 4 years ago

@bauerben thank you for the report. We'll look to improve the retry experience going forward by your workaround for now with depends_on seems solid. @marinsalinas and @PacoDw, thoughts on depends_on as a documented workaround until we have time to schedule in retry work?