search

pulumi / pulumi-cloudflare

Pulumi's Cloudflare package, providing multi-language infrastructure as code for Cloudflare
Apache License 2.0
99 stars 11 forks source link

pulumi up/preview hangs for DNS record #903

Open the-gigi opened 6 days ago

the-gigi commented 6 days ago

Describe what happened

When running pulumi up it hangs forever when it needs to create or update a DNS record. It works fine with a Zone.

❯ pulumi up --show-replacement-steps -s production -C l10/cloudflare
Previewing update (production):
     Type                        Name                   Plan
     pulumi:pulumi:Stack         cloudflare-production  running
 +   └─ cloudflare:index:Record  _dmarc                 create

I also tried to import an existing DNS record and got this message:

pulumi import -s production -C l10/cloudflare \
   cloudflare:index/record:Record _dmarc \
   5e284095faa7f1d18edd609de6e279ca/dd2d000da48d35d846569e0dae35e084

Previewing import (production):
     Type                        Name                   Plan       Info
     pulumi:pulumi:Stack         cloudflare-production
 =   └─ cloudflare:index:Record  _dmarc                 import     4 warnings

Diagnostics:
  cloudflare:index:Record (_dmarc):
    warning: One or more imported inputs failed to validate. This is almost certainly a bug in the `cloudflare` provider. The import will still proceed, but you will need to edit the generated code after copying it into your program.
    warning: cloudflare:index/record:Record resource '_dmarc' has a problem: Invalid combination of arguments. "data": one of `content,data,value` must be specified. Examine values at '_dmarc.data'.
    warning: cloudflare:index/record:Record resource '_dmarc' has a problem: Invalid combination of arguments. "content": one of `content,data,value` must be specified. Examine values at '_dmarc.content'.
    warning: cloudflare:index/record:Record resource '_dmarc' has a problem: Invalid combination of arguments. "value": one of `content,data,value` must be specified. Examine values at '_dmarc.value'.

Is the Java flavor of the Cloudflare provider fully supported? DNS records is arguably the primary Cloudflare resource. Looking at the Github issues I see only two Java issues (one closed and one open).

Please advise how to fix or troubleshoot this problem.

Sample program

Here is a sample code, very similar to the example program

import com.pulumi.Context;
import com.pulumi.cloudflare.Record;
import com.pulumi.cloudflare.RecordArgs;

  private static void createRecord(String zoneId) {
      new Record(
        name,
        RecordArgs.builder()
            .zoneId(zoneId)
            .name("_dmarc")
            .content("\"v = DMARC1; p = none;\"")
            .type("TXT")
            .ttl(3600)
            .build());
}

Log output

The logs are empty.

 pulumi logs -C l10/cloudflare
Collecting logs for stack production since 2024-09-12T00:37:24.000-07:00.

Affected Resource(s)

DNS records not created.

Output of pulumi about

pulumi about -Cl10/cloudflare
CLI
Version      3.131.0
Go Version   go1.23.0
Go Compiler  gc

Plugins
KIND      NAME        VERSION
resource  aws         6.41.0
resource  cloudflare  5.38.0
language  java        unknown

Host
OS       darwin
Version  14.1
Arch     arm64

This project is written in java: executable='/Users/gigi/.sdkman/candidates/java/current/bin/java' version='openjdk 21.0.2 2024-01-16 LTS
OpenJDK Runtime Environment Temurin-21.0.2+13 (build 21.0.2+13-LTS)
OpenJDK 64-Bit Server VM Temurin-21.0.2+13 (build 21.0.2+13-LTS, mixed mode)' java='/Users/gigi/.sdkman/candidates/java/current/bin/java' javac='21.0.2' maven='Apache Maven 3.9.6 (bc0240f3c744dd6b6ec2920b3cd08dcc295161ae)'

Current Stack: organization/cloudflare/production

TYPE                         URN
pulumi:pulumi:Stack          urn:pulumi:production::cloudflare::pulumi:pulumi:Stack::cloudflare-production
pulumi:providers:cloudflare  urn:pulumi:production::cloudflare::pulumi:providers:cloudflare::default_5_38_0
cloudflare:index/zone:Zone   urn:pulumi:production::cloudflare::cloudflare:index/zone:Zone::insurbot.com

Found no pending operations associated with production

Backend
Name           Gigis-MacBook-Pro.local
URL            s3://invisible-pulumi/aws?profile=ProdAdmin
User           gigi
Organizations
Token type     personal

No dependencies found

Additional context

I'm on the latest version 3.58.0. I tried with the previous version too (3.57.0) with the same results.

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

guineveresaenger commented 5 days ago

Thank you for filing this issue, @the-gigi.

I will verify with the team that the Java SDK has the same behavior as the other Pulumi languages. We'll take a look - thank you for providing us with your code, and for trying multiple provider versions as well.

the-gigi commented 4 days ago

@guineveresaenger Update: I managed to create a new DNS record when the name of the record include the domain:

_dmarc.insurbot.com instead of just _dmarc. The only _dmarc name is how the record are imported, which is broken and missing the "content" field. I guess this is an upstream issue.

In the end instead of importing into Pulumi, I had to delete the original DNS record and re-create it using Pulumi.

Anyway, even if the import is corrupted or using invalid name without the domain, it shouldn't hang.