search

oracle / terraform-provider-oci

Terraform Oracle Cloud Infrastructure provider
https://www.terraform.io/docs/providers/oci/
Mozilla Public License 2.0
760 stars 683 forks source link

oci_core_instance should replace the resource on source_details updates #2133

Open lra opened 5 months ago

lra commented 5 months ago

Community Note

Terraform Version and Provider Version

Terraform v1.8.5
on darwin_arm64
+ provider registry.terraform.io/oracle/oci v5.45.0

Affected Resource(s)

core_instance

Terraform Configuration Files

resource "oci_core_instance" "sdm_gateways" {
  count = local.gateway_count

  availability_domain = var.availability_domains[count.index]
  compartment_id      = oci_identity_compartment.this.id
  defined_tags        = local.labels
  display_name        = "${local.gateway_name}-${count.index}"
  shape               = local.shape
  shape_config {
    memory_in_gbs = 4
    ocpus         = 1
  }

  create_vnic_details {
    assign_public_ip       = true
    display_name           = "${local.gateway_name}-vnic-${count.index}"
    subnet_id              = oci_core_subnet.public[count.index].id
    hostname_label         = "${local.gateway_name}-${count.index}"
    skip_source_dest_check = true
    nsg_ids                = [oci_core_network_security_group.this.id]
  }

  source_details {
    source_id               = data.oci_core_image.this.id
    source_type             = "image"
    boot_volume_size_in_gbs = 50
  }

  metadata = {
    user_data = base64encode(templatefile("${path.module}/templates/gateway_install.sh.tpl", {
      SDM_GATEWAY_TOKEN = sdm_node.sdm_gateways[count.index].gateway[0].token
    }))
  }
}

Debug Output

Panic Output

Expected Behavior

When the source_details.source_id of the VM is changed, terraform should replace the whole oci_core_instance resource.

Actual Behavior

Instead, it tries to update the oci_core_instance resource and the API fails with this error:

ā•·
ā”‚ Error: 400-InvalidParameter, sourceDetails.kmsKeyId size must be between 1 and 255
ā”‚ Suggestion: Please update the parameter(s) in the Terraform config as per error message sourceDetails.kmsKeyId size must be between 1 and 255
ā”‚ Documentation: https://registry.terraform.io/providers/oracle/oci/latest/docs/resources/core_instance 
ā”‚ API Reference: https://docs.oracle.com/iaas/api/#/en/iaas/20160918/Instance/UpdateInstance 
ā”‚ Request Target: PUT https://iaas.us-phoenix-1.oraclecloud.com/20160918/instances/ocid1.instance.oc1.phx.anyhqljrp4o7ruacplfc63r45qkhzeni4ydkywifmqhn6cdu2d6ubf2lupna 
ā”‚ Provider version: 5.45.0, released on 2024-06-05.  
ā”‚ Service: Core Instance 
ā”‚ Operation Name: UpdateInstance 
ā”‚ OPC request ID: 38ccc413c5e45f32dfd7d06e71ba1eb6/53508B2F886A98DA289B961D079B4237/538001672CEE97C9422F7567958EC45C 
ā”‚ 
ā”‚ 
ā”‚   with module.strongdm_gateway_oci_seismic_us_phoenix.oci_core_instance.sdm_gateways[0],
ā”‚   on ../../modules/oci-strongdm-gateway/main.tf line 84, in resource "oci_core_instance" "sdm_gateways":
ā”‚   84: resource "oci_core_instance" "sdm_gateways" {
ā”‚ 
ā•µ

Steps to Reproduce

  1. terraform apply

Important Factoids

A workaround is to create a fake resource bound to the source_id image data, and to state it in the lifecycle.replace_triggered_by block of the oci_core_instance resource:

resource "oci_core_instance" "sdm_gateways" {
  [...]
  lifecycle {
    replace_triggered_by = [
      # This is to avoid this error when TF tries to modify an existing instance: "Error: 400-InvalidParameter, sourceDetails.kmsKeyId size must be between 1 and 255"
      terraform_data.sdm_gateway_image,
    ]
  }
}

resource "terraform_data" "sdm_gateway_image" {
  input = data.oci_core_image.this.id
}

References

vkuusk commented 4 months ago

I hope I understood the title and description correctly, but
could you clarify (maybe in title?) what the "vote for" means:

lra commented 4 months ago

Thanks, updated the title.