search

mongodb / terraform-provider-mongodbatlas

Terraform MongoDB Atlas Provider: Deploy, update, and manage MongoDB Atlas infrastructure as code through HashiCorp Terraform
https://registry.terraform.io/providers/mongodb/mongodbatlas
Mozilla Public License 2.0
242 stars 168 forks source link

Provisioning mongodbatlas_federated_settings_org_config.org_connection throws Error: Provider produced inconsistent result after apply #995

Closed CherylFlowers closed 1 year ago

CherylFlowers commented 1 year ago

Terraform CLI and Terraform MongoDB Atlas Provider Version

1.3.6

Terraform Configuration File

terraform {
  required_providers {
    mongodbatlas = {
      source  = "mongodb/mongodbatlas"
      version = ">= 1.3.0"
    }
    azurerm = {
      source  = "hashicorp/azurerm"
      version = ">= 3.0.0"
    }
  }
}

provider "mongodbatlas" {
  public_key  = "(redacted)"
  private_key = "(redacted)"
}

provider "azurerm" {
  features {}
}

resource "azurerm_resource_group" "resource_group" {
  location = "canadacentral"
  name     = "test-federation-rg"
}

resource "mongodbatlas_project" "mongodb_project" {
  is_collect_database_specifics_statistics_enabled = false
  is_data_explorer_enabled                         = false
  is_performance_advisor_enabled                   = false
  is_realtime_performance_panel_enabled            = false
  is_schema_advisor_enabled                        = false
  name                                             = "test-federation"
  org_id                                           = "(redacted)"
  with_default_alerts_settings                     = true

  api_keys {
    api_key_id = "(redacted)"
    role_names = [
      "GROUP_OWNER",
    ]
  }
}

resource "mongodbatlas_database_user" "database_user" {
  auth_database_name = "admin"
  password           = "(redacted)"
  project_id         = mongodbatlas_project.mongodb_project.id
  username           = "userAdmin"

  roles {
    database_name = "admin"
    role_name     = "atlasAdmin"
  }
}

resource "mongodbatlas_project_invitation" "invitation" {
  project_id = mongodbatlas_project.mongodb_project.id
  roles = [
    "GROUP_DATA_ACCESS_READ_WRITE",
  ]
  username = "(redacted)"
}

Steps to Reproduce

  1. terraform init
  2. terraform plan -out ./terraform.plan
  3. terraform apply ./terraform.plan

Expected Behavior

Plan should apply with no errors.

Actual Behavior

Note that the error below references a module, however the source code above does not contain a module. I've purposely flattened the Terraform config in an effort to simplify the bug report. However please let me know if you need the module source code as well, I'm happy to provide more details.

╷
│ Error: Provider produced inconsistent result after apply
│
│ When applying changes to module.mongodbatlas_project.mongodbatlas_federated_settings_org_config.org_connection, provider
│ "module.mongodbatlas_project.provider[\"registry.terraform.io/mongodb/mongodbatlas\"]" produced an unexpected new value: Root resource was present, but now absent.
│
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.

Debug Output

Crash Output

Additional Context

References

Zuhairahmed commented 1 year ago

Thanks @CherylFlowers attempting to reproduce issue, in the interim can you share any error logs? best if you can set export TF_LOG=TRACE and output results to file. More details here on how to do this if helpful.

martinstibbe commented 1 year ago

@CherylFlowers I would need module code to attempt to reproduce error module.mongodbatlas_project.mongodbatlas_federated_settings_org_config.org_connection needs to be imported as first step so I would need this to do the required steps

CherylFlowers commented 1 year ago

Thank you @Zuhairahmed and @martinstibbe for your speedy replies!

I'm working with a colleague to get those trace logs to you, apologies for the wait on that one.

As for the module code, again apologies for the confusion on the tf config, I was trying to simplify the bug report. I've attached the main.tf which contains the client code, and the module.tf which contains our module code. There are additional module calls and I didn't include that source code as I don't think it's relevant (ie. private endpoints, tags etc.), however if you need that as well please let me know.

main.txt module.txt

--- edit ---

And the vars as well; vars.txt

horochj commented 1 year ago

Hi @Zuhairahmed and @martinstibbe

I'm working with @CherylFlowers on this issue and have rerun a terraform deploy and have attached associated files along with a trace file. If you need something else, please let me know.

Thanks terraform_plan.txt mongodb-test-federation.tf.txt trace.log

martinstibbe commented 1 year ago

@horochj @CherylFlowers ok thanks I used a portion of your module to replicate issue if I just do a direct terraform init then terraform apply I get error Error: Provider produced inconsistent result after apply │ │ When applying changes to module.mongodbatlas_project.mongodbatlas_federated_settings_org_config.org_connection, provider │ "provider[\"registry.terraform.io/mongodb/mongodbatlas\"]" produced an unexpected new value: Root resource was present, but now │ absent. │ │ This is a bug in the provider, which should be reported in the provider's own issue tracker.

But if I import module first via terraform import module.mongodbatlas_project.mongodbatlas_federated_settings_org_config.org_connection orgid-federatedsettings-id

I get ... `Import successful!

The resources that were imported are shown above. These resources are now in your Terraform state and will henceforth be managed by Terraform.`

Then a terraform apply yields Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

So it appears to just be import step is missing to correct the error you are encountering

CherylFlowers commented 1 year ago

In this case, it would appear that the mongodbatlas_federated_settings_org_config.org_connection resource is not being reported back to the state file. The mongodbatlas_federated_settings_org_config is a new resource being implemented in the tf config that was provided. So in a usual terraform workflow of init, plan, apply, one should not have to run an import, it should be done automatically.

Also, the error from Terraform (Root resource was present, but now absent. This is a bug in the provider, which should be reported in the provider's own issue tracker.) indicates that the plan returned a non-null object (intent to create), but the apply returned a null object (doesn't exist at all).

Perhaps I'm misunderstanding how the mongodbatlas_federated_settings_org_config should be implemented? I welcome your suggestions and insight.

martinstibbe commented 1 year ago

In this case, it would appear that the mongodbatlas_federated_settings_org_config.org_connection resource is not being reported back to the state file. The mongodbatlas_federated_settings_org_config is a new resource being implemented in the tf config that was provided. So in a usual terraform workflow of init, plan, apply, one should not have to run an import, it should be done automatically.

Also, the error from Terraform (Root resource was present, but now absent. This is a bug in the provider, which should be reported in the provider's own issue tracker.) indicates that the plan returned a non-null object (intent to create), but the apply returned a null object (doesn't exist at all).

Perhaps I'm misunderstanding how the mongodbatlas_federated_settings_org_config should be implemented? I welcome your suggestions and insight.

Yes there is a requirement to import ... per Documentation website/docs/r/federated_settings_org_config.html.markdown

Example Usage

~> IMPORTANT You MUST import this resource before you can manage it with this provider.

CherylFlowers commented 1 year ago

Thank you for the details @martinstibbe. Closing this issue as we have the info we need.