pecdm::provision is not idempotent - running the plan again on an already provisioned aws infra (albeit with reaped instances) causes the following error:
% bolt plan run pecdm::provision --params @params.json
Starting: plan pecdm::provision
Input Puppet Enterprise console password now or accept default. [puppetlabs]:
Starting: plan pecdm::subplans::provision
Starting: task terraform::initialize on localhost
Finished: task terraform::initialize with 0 failures in 0.17 sec
Starting infrastructure provisioning for a standard deployment of Puppet Enterprise
Starting: plan terraform::apply
Starting: task terraform::apply on localhost
Finished: task terraform::apply with 1 failure in 34.67 sec
Finished: plan terraform::apply in 34.68 sec
Finished: plan pecdm::subplans::provision in 35.76 sec
Finished: plan pecdm::provision in 39.71 sec
Failed on localhost:
Error: Error import KeyPair: InvalidKeyPair.Duplicate: The keypair 'pe_adm_14e8e3' already exists.
status code: 400, request id: 257c2dd5-8d06-4e8c-902b-0dbe086c6f67
with module.instances.aws_key_pair.pe_adm,
on modules/instances/main.tf line 54, in resource "aws_key_pair" "pe_adm":
54: resource "aws_key_pair" "pe_adm" {
Failed on 1 target: localhost
Ran on 1 target
Expected Behavior
I expect this plan to run the terraform apply again and have it create anything that currently does not exist.
Execute the plan as per above: bolt plan run pecdm::provision --params @params.json
Delete the created ec2 instances.
Execute the plan again: bolt plan run pecdm::provision --params @params.json
Environment
Terraform v1.3.4 on darwin_amd64
macOS 12.6.1
Additional Context
Looks like aws_key_pair resource state is not being added to tfstate. I see there is this issue https://github.com/hashicorp/terraform-provider-aws/issues/1092 about aws_key_pair not being able to be idempotent unless you hack the tfstate file by adding in the public_key if it's not there already.
I also tried just deleting the key pair and running the provision plan again, but then it creates a second pe server instance (same name) and then goes on to pass invalid parameters to peadm::deploy (passing undef to primary_host)...
Describe the Bug
pecdm::provision is not idempotent - running the plan again on an already provisioned aws infra (albeit with reaped instances) causes the following error:
Expected Behavior
I expect this plan to run the terraform apply again and have it create anything that currently does not exist.
Steps to Reproduce
Create params.json:
Sign in to aws with
aws sso login
Execute the plan as per above:
bolt plan run pecdm::provision --params @params.json
Delete the created ec2 instances.
Execute the plan again:
bolt plan run pecdm::provision --params @params.json
Environment
Additional Context
Looks like aws_key_pair resource state is not being added to tfstate. I see there is this issue https://github.com/hashicorp/terraform-provider-aws/issues/1092 about aws_key_pair not being able to be idempotent unless you hack the tfstate file by adding in the public_key if it's not there already.
I also tried just deleting the key pair and running the provision plan again, but then it creates a second pe server instance (same name) and then goes on to pass invalid parameters to peadm::deploy (passing
undef
toprimary_host
)...