search

newrelic / terraform-provider-newrelic

Terraform provider for New Relic
https://registry.terraform.io/providers/newrelic/newrelic/latest/docs
Mozilla Public License 2.0
200 stars 247 forks source link

Error: INVALID_PARAMETER: Channels ids are already in use by workflows #2067

Open hverma95 opened 2 years ago

hverma95 commented 2 years ago

Terraform Version

Terraform v0.14.11

Affected Resource(s)

Please list the resources as a list, for example:

Error: Error: INVALID_PARAMETER: Channels ids are already in use by workflows [ef1f8c4c-074f-4dbc-9173-5df65faa3271, 418881be-f71d-4c1d-b32e-eebf75580617]

Description The issue is related to the mapping between the workflow and the channel. The error comes while creating the workflow resource.

When running "terraform apply", it fails on adding the same "notification channel" to some of the "workflows", it says that it is already connected to other workflows. In fact, during the terraform run the channel gets connected to some of the workflows.

Like in the above error it shows that a single channel got connected to 2 workflows but failed for the current workflow.

So the mapping scenario is like this: Set 1(shared):
Workflow1 ------> Channel1 ------> Destination1 Workflow2 ------> Channel1 ------> Destination1 Workflow3 ------> Channel1 ------> Destination1

Set 2 (dummy): Workflow4 ------> Channel2 ------> Destination2 Workflow5 ------> Channel2 ------> Destination2 Workflow6 ------> Channel2 ------> Destination2

Terraform Configuration

provider.tf

terraform {
  required_version = ">= 0.14"
  required_providers {
    newrelic = {
      source  = "newrelic/newrelic"
      version = "~> 3.5.0"
    }
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
}

provider "newrelic" {
  account_id = "ACCOUNT_ID_GOES_HERE"
  api_key    = API_KEY_GOES_HERE
  region     = "REGION_GOES_HERE"
}

provider "aws" {
  region  = "eu-west-1"
}

main.tf

data "aws_ssm_parameter" "new_relic_api_key" {
  name = "KEY_GOES_HERE"
}

locals {
  endpoints_items = flatten([for k, v in var.platforms : [for s, t in v : {
    name              = "${s}-${var.env}"
    env               = t.env
    url               = t.url
    platform          = k
    verify_ssl        = t.verify_ssl
    workflow_enabled  = t.workflow_enabled
    location_is_private = t.location_is_private
    locations_public  = t.locations_public
    period            = t.period
    status            = t.status
    # validation_string = lookup(t, "# validation_string", null)
  }]])
}

resource "newrelic_notification_destination" "webhook-squadcast" {
    for_each            = var.squadcast_endpoints
    name              = "${each.key}"
    account_id = "ID_GOES_HERE"
    type = "WEBHOOK"

    property {
      key = "url"
      value = "${each.value}"
    }
  }

  resource "newrelic_notification_channel" "webhook-channel" {
    for_each            = var.squadcast_endpoints
    account_id = "ID_GOES_HERE"
    name              = "${each.key}"
    type = "WEBHOOK"
    destination_id = newrelic_notification_destination.webhook-squadcast[each.key].id
    product = "IINT"

    property {
      key = "payload"
      value = var.payload
      label = "Payload Template"
    }
  }

  resource "newrelic_workflow" "workflow-squadcast" {
    for_each          = { for i in local.endpoints_items : "${i.platform}-${i.name}" => i }
    account_id        = "ID_GOES_HERE"
    name              = each.value.name
    muting_rules_handling = "NOTIFY_ALL_ISSUES"
    enabled = each.value.workflow_enabled
    enrichments {
      nrql {
        name = each.value.name

        configuration {
         query = "SELECT count(*) from SyntheticCheck WHERE monitorName='${each.value.name}' and result='FAILED' SINCE 3 minutes ago"
        }
      }
    }

    issues_filter {
      name = "Shared-PolicyID"
      type = "FILTER"

      predicate {
        attribute = "labels.policyIds"
        operator  = "EXACTLY_MATCHES"
        values    = [ newrelic_alert_policy.alert_policy[each.value.platform].id ]
      }
    }

    depends_on = [
      newrelic_notification_channel.webhook-channel
    ]

    destination {
      channel_id = newrelic_notification_channel.webhook-channel[each.value.platform].id
    }
  }

vars.tf

env = "ENV_NAME_GOES_HERE"
email_notification = {
  shared    = "EMAIL_ID_GOES_HERE"
  dummy  = "EMAIL_ID_GOES_HERE"
}

payload = <<EOL
{
  "id": {{ json issueId }},
  "issueUrl": {{ json issuePageUrl }},
  "title": {{ json annotations.title.[0] }}
}
EOL

squadcast_endpoints = {
  shared     = "ENDPOINT1"
  dummy   = "ENDPOINT2"
}

platforms = {
  shared = {
    nextgen-keycloak = {
      env        = "ENV_NAME_GOES_HERE"
      url        = "URL_TO_BE_MONITORED"
      period     = "EVERY_5_MINUTES"
      status     = "ENABLED"
      location_is_private = true
      verify_ssl = true
      workflow_enabled = true
      locations_public = null
    }
    nextgen-thanos = {
      env        = "ENV_NAME_GOES_HERE"
      url        = "URL_TO_BE_MONITORED"
      period     = "EVERY_5_MINUTES"
      status     = "ENABLED"
      location_is_private = true
      verify_ssl = true
      workflow_enabled = true
      locations_public = null
    }
  }
  dummy = {
    dummy-payments-service = {
      env        = "ENV_NAME_GOES_HERE"
      url        = "URL_TO_BE_MONITORED"
      period     = "EVERY_MINUTE"
      status     = "ENABLED"
      location_is_private = true
      verify_ssl = true
      workflow_enabled = true
      locations_public = null
    }
    dummy-billing-profile-service = {
      env        = "ENV_NAME_GOES_HERE"
      url        = "URL_TO_BE_MONITORED"
      period     = "EVERY_MINUTE"
      status     = "DISABLED"
      location_is_private = true
      verify_ssl = true
      workflow_enabled = true
      locations_public = null
    }
  }
}

Actual Behavior

When running "terraform apply":

Error: INVALID_PARAMETER: Channels ids are already in use by workflows [ef1f8c4c-074f-4dbc-9173-5df65faa3271, 418881be-f71d-4c1d-b32e-eebf75580617]
                                              on main.tf line 82, in resource "newrelic_workflow" "workflow-squadcast":

                                              82: resource "newrelic_workflow" "workflow-squadcast" {

Expected Behavior

A single channel should get connected to multiple workflows.

Steps to Reproduce

terraform apply

Important Factoids

Manually we are able to create the workflow and attach the same channel which is already connected to other workflows BUT through terraform it fails.

IliaShurygin commented 2 years ago

Hi @hverma95!

It is indeed currently impossible to use the same channel across multiple workflows.

Manually we are able to create the workflow and attach the same channel which is already connected to other workflows BUT through terraform it fails.

Could you please clarify how you do it? Are you talking about UI or GraphQL API? If we are talking about UI, you can reuse destinations but not channels. Channels are mostly invisible to UI users.

You can reuse destinations in TF as well. Using your diagram format, it would look like this:

Workflow1 ------> Channel1 ------> Destination1
Workflow2 ------> Channel2 ------> Destination1
Workflow3 ------> Channel3 ------> Destination1

Please let me know if I am missing something and it is indeed possible to reuse channels (not destinations) though UI/GraphQL.

In general, we are thinking about allowing to reuse channels between workflows at some point. But this is not a high priority currently.

Gobikannan commented 1 year ago

I m having the same issue as @hverma95 . It works only for 5 workflows. If I have 6th workflow and try to reuse the same channel then I get the error - "Error: INVALID_PARAMETER: Channels ids are already in use by workflows".

Is there any update on this ticket? @IliaShurygin

shachar-ash commented 1 year ago

@IliaShurygin We also face the same issue.

I am able to create multiple workflows with the same destination and the same slack channel through the UI:

Workflow1 ------> Channel1 ------> Destination1 Workflow2 ------> Channel1 ------> Destination1 Workflow3 ------> Channel1 ------> Destination1

When I'm trying to do so through Terraform, I get the same error:

Error: INVALID_PARAMETER: Channels ids are already in use by workflows [channel_id]

IliaShurygin commented 1 year ago

Hi!

I am able to create multiple workflows with the same destination and the same slack channel through the UI:

UI never reuses channels, but it does reuse destinations. You can verify this using our GraphQL API. UI just creates new channel every time you add a new destination to the workflow.

@shachar-ash , @Gobikannan I would recommend to just create separate channels for each workflow. You can reuse destinations, but not channels (currently).

We see that the channel usage restriction causes confusion and do plan to address this problem in the long term. However, as of now, we do not have any concrete plans or timelines.

In order to avoid this issue, please create new channels for each workflow (this is exactly how UI currently works). This would still allow you to fully reuse destinations.

Gobikannan commented 1 year ago

Thanks @IliaShurygin , We have created a channel for each workflow/destination to attach.

shachar-ash commented 1 year ago

@IliaShurygin Just to make sure I understand what you are saying - when you say "create new channels for each workflow" do you mean to create a new channel object that points to the same slack channel?

Is that the way its implemented through the UI?

Thanks

IliaShurygin commented 1 year ago

@shachar-ash yes, exactly! This is the way UI currently does it internally

talsembhi commented 1 year ago

We are hitting the same issue 

Error: INVALID_PARAMETER: Channels ids are already in use by workflows [50b6cbb7-4187-402e-8e74-5ff8aed1be6a]  
> terraform --version
Terraform v1.3.3
on darwin_amd64
+ provider registry.terraform.io/hashicorp/aws v4.48.0
+ provider registry.terraform.io/newrelic/newrelic v3.11.0

For now we will have to create a new channel for each workflow.