search

pulumi / pulumi-aws

An Amazon Web Services (AWS) Pulumi resource package, providing multi-language access to AWS
Apache License 2.0
466 stars 156 forks source link

Warnings emitted when importing aws:lb:Listener, One or more imported inputs failed to validate #4362

Closed Zaid-Ajaj closed 2 months ago

Zaid-Ajaj commented 3 months ago

Similar to #4361 importing aws:lb:Listener works but emits warnings:

  aws:lb:Listener (listener):
    warning: One or more imported inputs failed to validate. This is almost certainly a bug in the `aws` provider. The import will still proceed, but you will need to edit the generated code after copying it into your program.
    warning: aws:lb/listener:Listener resource 'listener' has a problem: expected default_action.0.order to be in the range (1 - 50000), got 0. Examine values at 'listener.defaultActions[0].order'.
flostadler commented 3 months ago

Thanks for reporting this @Zaid-Ajaj! I have a hunch that this is nils/default values for primitives returned by the AWS SDK not being handled correctly.

I tried reproducing this, but couldn't trigger this exact error. But another one:

aws:lb/listener:Listener resource 'testitest' has a problem: expected default_action.0.forward.0.stickiness.0.duration to be in the range (1 - 604800), got 0. Examine values at 'testitest.defaultActions[0].forward.stickiness.enabled'.

This is the Listener I tried importing:

const listener = new aws.lb.Listener("my-listener", {
    loadBalancerArn: loadbalancer.arn,
    port: 80,
    defaultActions: [{
        type: "forward",
        targetGroupArn: targetGroup.arn,
    }],
});

I'm quite sure this line here is triggering the initial issue. It's converting the pointer to Order to an int32, which will yield 0 if Order is nil: https://github.com/hashicorp/terraform-provider-aws/blob/3724def77810f619392ecb79fd3e40915c0b0214/internal/service/elbv2/listener.go#L977

Similarly this here will trigger the issue I was able to find because it coerces the pointers for stickiness duration & enabled config into primitives: https://github.com/hashicorp/terraform-provider-aws/blob/3724def77810f619392ecb79fd3e40915c0b0214/internal/service/elbv2/listener.go#L1170-L1171

We'll need to fix the upstream handling of optional values in read for elbv2 Listener.

flostadler commented 3 months ago

Correcting the code of the imported resource and running pulumi up correctly aligns the state. This is in line with the behavior in upstream. e.g. see Step 4 - Import here https://github.com/hashicorp/terraform-provider-aws/issues/37211#issuecomment-2127911378.

Running this terraform program and then importing the resource (terraform import aws_lb_listener.testitest "arn:aws:elasticloadbalancing:eu-central-1:REDACTED:listener/app/my-lb-68bcf24/37b75057b7294e93/8480247a88078e97") shows the same behavior as with Pulumi.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
    }
  }
}

provider "aws" {
  region = "eu-central-1"
}

resource "aws_lb_listener" "testitest" {
    load_balancer_arn = "arn:aws:elasticloadbalancing:eu-central-1:REDACTED:loadbalancer/app/my-lb-68bcf24/37b75057b7294e93"
    port              = 80

    default_action {
        type             = "forward"
        target_group_arn = "arn:aws:elasticloadbalancing:eu-central-1:REDACTED:targetgroup/my-tg-355c5dc/12565d1a2120a867"
    }
}
tf apply output ``` aws_lb_listener.testitest: Refreshing state... [id=arn:aws:elasticloadbalancing:eu-central-1:REDACTED:listener/app/my-lb-68bcf24/37b75057b7294e93/8480247a88078e97] Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: ~ update in-place Terraform will perform the following actions: # aws_lb_listener.testitest will be updated in-place ~ resource "aws_lb_listener" "testitest" { id = "arn:aws:elasticloadbalancing:eu-central-1:REDACTED:listener/app/my-lb-68bcf24/37b75057b7294e93/8480247a88078e97" tags = {} # (5 unchanged attributes hidden) ~ default_action { + target_group_arn = "arn:aws:elasticloadbalancing:eu-central-1:REDACTED:targetgroup/my-tg-355c5dc/12565d1a2120a867" # (2 unchanged attributes hidden) - forward { - stickiness { - duration = 0 -> null - enabled = false -> null } - target_group { - arn = "arn:aws:elasticloadbalancing:eu-central-1:REDACTED:targetgroup/my-tg-355c5dc/12565d1a2120a867" -> null - weight = 1 -> null } } } } Plan: 0 to add, 1 to change, 0 to destroy. Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yes aws_lb_listener.testitest: Modifying... [id=arn:aws:elasticloadbalancing:eu-central-1:REDACTED:listener/app/my-lb-68bcf24/37b75057b7294e93/8480247a88078e97] aws_lb_listener.testitest: Modifications complete after 1s [id=arn:aws:elasticloadbalancing:eu-central-1:REDACTED:listener/app/my-lb-68bcf24/37b75057b7294e93/8480247a88078e97] Apply complete! Resources: 0 added, 1 changed, 0 destroyed. ```
flostadler commented 3 months ago

Opened upstream issue: https://github.com/hashicorp/terraform-provider-aws/issues/38861

t0yv0 commented 3 months ago

Adding this to https://github.com/pulumi/pulumi-terraform-bridge/issues/2028 as well - I do think this could be mitigated by https://github.com/pulumi/pulumi-terraform-bridge/issues/2314 if it could be made to handle recursive values.

flostadler commented 2 months ago

The issue was fixed upstream and just released as part of v5.69.0. This should be fixed when we pull this release into pu-aws in the next days.

pulumi-bot commented 2 months ago

This issue has been addressed in PR #4571 and shipped in release v6.54.0.