Provider produced inconsistent result after apply

[dmcgowandmc]

Hi All,

Getting the following error when using the latest project factory version. Something to do with the default service account

When applying changes to
module.project.module.project-factory.google_service_account.default_service_account,
provider "registry.terraform.io/-/google" produced an unexpected new value for
was present, but now absent.

This is a bug in the provider, which should be reported in the provider's own
issue tracker.

module "project" {
  source  = "terraform-google-modules/project-factory/google"
  version = "~> 8.0"

  activate_apis               = var.activate_apis
  # auto_create_network set to 'true' to prevent explicit deletion of default network. Use org policy to disable default network creation
  auto_create_network         = true
  billing_account             = var.billing_account_id
  disable_services_on_destroy = false
  folder_id                   = var.folder_id
  #labels                      = local.labels
  lien                        = true
  name                        = var.project_name
  org_id                      = var.organization_id
  project_id                  = "${var.project_name}-${random_id.postfix.hex}"
  skip_gcloud_download        = true
}

I have been able to resolve this by setting default_service_account to delete and provided that doesn't cause any issues down the line, it's an acceptable workaround for me, but through i'd call it out.

Let me know if you have any ideas as to what's causing this

Regards, Doug.

[morgante]

Just to confirm, is your config working now?

[dmcgowandmc]

I added in the the following parameter

default_service_account     = "delete"

And that fixed the error. I've never used the default service account and I believe the default action is to disable, so not sure if that will cause issues later down the track

[Alucardfh]

Similar problem here. Looks like there is something wrong with the way Terraform processes disabling the default service account.

Error: Provider produced inconsistent result after apply
 When applying changes to
 module.project-factory.module.project-factory.google_service_account.default_service_account,

This happened with module v6.0.0 and v8.0.1.

Module configuration:

module "project-factory" {
  source  = "terraform-google-modules/project-factory/google"
  version = "~> 8.0.0"

  name                = "${upper(var.env)} - ${var.project_display_name}"
  project_id          = "${module.config.organization_prefix}-${lower(var.project_id)}-${lower(var.env)}"
  random_project_id   = "false"
  org_id              = module.config.organization_id
  folder_id           = data.google_active_folder.project_folder.name
  billing_account     = module.config.billing_account
  auto_create_network = "true"
  group_name          = lower(var.project_ad_group)

  labels = { env = "${var.env}", charging-code = "${lower(var.project_charging_code)}" }
  activate_apis = [
    "compute.googleapis.com",
    "cloudbilling.googleapis.com",
    "iam.googleapis.com",
  ]

  shared_vpc = module.config.sharedvpc_project
}

In the past we had issues with the old delete behaviour and so the workaround above is not applicable to us.

[bharathkkb]

I believe this is a provider error https://github.com/terraform-providers/terraform-provider-google/issues/6377

[morgante]

Yes, hopefully this will be fixed in the next provider release.

[unclebene]

not fixed in the gcp provider release 3.22 :(

[bharathkkb]

Closing this out as it is fixed. Feel free to reopen if need.