Describe the bug
When running terraform apply using a GitHub actions workflow with google_image_nixos_custom as shown in the example config:
resource "random_id" "bucket" {
byte_length = 8
}
# create a bucket to upload the image into
resource "google_storage_bucket" "nixos-images" {
name = "nixos-images-${random_id.bucket.hex}"
location = "US"
}
# create a custom nixos base image the deployer can SSH into
#
# this could also include much more configuration and be used to feed the
# auto-scaler with system images
module "nixos_image_custom" {
source = "github.com/tweag/terraform-nixos/google_image_nixos_custom"
bucket_name = google_storage_bucket.nixos-images.name
nixos_config = "${path.module}/image_nixos_custom.nix"
}
Terraform detects that the md5hash of the google_storage_bucket_object has changed, even when I haven't made any changes to the repo. This is the output:
Terraform will perform the following actions:
# module.nixos_image_custom.google_storage_bucket_object.nixos must be replaced
+/- resource "google_storage_bucket_object" "nixos" ***
~ crc32c = "hptang==" -> (known after apply)
~ detect_md5hash = "okiQS+ha88pmBeqKlPAG1Q==" -> "different hash" # forces replacement
- event_based_hold = false -> null
~ id = "nixos-images-2a682647b7c[45](https://github.com/robbins/infra-2/actions/runs/3876298638/jobs/6609960756#step:6:46)337-images/m8ky02n1ik2gfyf7wsmjv0saiczb4r54-nixos-image-23.05pre-git-x86_64-linux.raw.tar.gz" -> (known after apply)
+ kms_key_name = (known after apply)
~ md5hash = "okiQS+ha88pmBeqKlPAG1Q==" -> (known after apply)
~ media_link = "https://storage.googleapis.com/download/storage/v1/b/nixos-images-2a6826[47](https://github.com/robbins/infra-2/actions/runs/3876298638/jobs/6609960756#step:6:48)b7c45337/o/images%2Fm8ky02n1ik2gfyf7wsmjv0saiczb4r54-nixos-image-23.05pre-git-x86_64-linux.raw.tar.gz?generation=1673285901733547&alt=media" -> (known after apply)
- metadata = *** -> null
name = "images/m8ky02n1ik2gfyf7wsmjv0saiczb4r54-nixos-image-23.05pre-git-x86_64-linux.raw.tar.gz"
~ output_name = "images/m8ky02n1ik2gfyf7wsmjv0saiczb4r54-nixos-image-23.05pre-git-x86_64-linux.raw.tar.gz" -> (known after apply)
~ self_link = "https://www.googleapis.com/storage/v1/b/nixos-images-2a682647b7c45337/o/images%2Fm8ky02n1ik2gfyf7wsmjv0saiczb4r54-nixos-image-23.05pre-git-x86_64-linux.raw.tar.gz" -> (known after apply)
~ storage_class = "STANDARD" -> (known after apply)
- temporary_hold = false -> null
# (3 unchanged attributes hidden)
***
Plan: 1 to add, 0 to change, 1 to destroy.
module.nixos_image_custom.google_storage_bucket_object.nixos: Creating...
module.nixos_image_custom.google_storage_bucket_object.nixos: Still creating... [10s elapsed]
module.nixos_image_custom.google_storage_bucket_object.nixos: Creation complete after 12s [id=nixos-images-2a682647b7c45337-images/m8ky02n1ik2gfyf7wsmjv0saiczb4r54-nixos-image-23.05pre-git-x86_64-linux.raw.tar.gz]
module.nixos_image_custom.google_storage_bucket_object.nixos (deposed object 320[48](https://github.com/robbins/infra-2/actions/runs/3876298638/jobs/6609960756#step:6:49)425): Destroying... [id=nixos-images-2a682647b7c4[53](https://github.com/robbins/infra-2/actions/runs/3876298638/jobs/6609960756#step:6:54)37-images/m8ky02n1ik2gfyf7wsmjv0saiczb4r[54](https://github.com/robbins/infra-2/actions/runs/3876298638/jobs/6609960756#step:6:55)-nixos-image-23.05pre-git-x86_[64](https://github.com/robbins/infra-2/actions/runs/3876298638/jobs/6609960756#step:6:65)-linux.raw.tar.gz]
module.nixos_image_custom.google_storage_bucket_object.nixos: Destruction complete after 0s
Apply complete! Resources: 1 added, 0 changed, 1 destroyed.
::debug::Terraform exited with code 0.
The image stored in the bucket isn't modified, so I'm not sure why the bucket hash is changing.
To Reproduce
Steps to reproduce the behavior.
Use the above config for main.tf and use GitHub actions to run terraform apply -auto-approve -input=false
Expected behavior
A clear and concise description of what you expected to happen.
Terraform should detect that nothing has changed and not make any changes.
Environment
OS name + version: Runner is on ubuntu-latest with Terraform 1.3.6
Version of the code: Latest commit
Additional context
When running terraform apply on my local machine, the md5 hash does not change, and terraform correctly detects that no changes are needed.
Describe the bug When running
terraform applyusing a GitHub actions workflow with google_image_nixos_custom as shown in the example config:Terraform detects that the md5hash of the google_storage_bucket_object has changed, even when I haven't made any changes to the repo. This is the output:
The image stored in the bucket isn't modified, so I'm not sure why the bucket hash is changing.
To Reproduce Steps to reproduce the behavior. Use the above config for main.tf and use GitHub actions to run
terraform apply -auto-approve -input=falseExpected behavior A clear and concise description of what you expected to happen. Terraform should detect that nothing has changed and not make any changes.
Environment
ubuntu-latestwith Terraform 1.3.6Additional context When running terraform apply on my local machine, the md5 hash does not change, and terraform correctly detects that no changes are needed.