nginx

[krsnvss]

What am I trying to do?

I'm trying to create a resource for the NGINX Ingress Controller

data "vkcs_kubernetes_addon" "ingress-nginx" {
  cluster_id           = vkcs_kubernetes_cluster.my-cluster.id
  name                 = "ingress-nginx"
  version              = "4.7.1"
}

What's the issue?

Terraform fails to create the resource with the following error:

│vkcs_kubernetes_addon.ingress-nginx: Still creating... [10m0s elapsed]
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to vkcs_kubernetes_addon.ingress-nginx, provider
│ "provider[\"registry.terraform.io/vk-cs/vkcs\"]" produced an unexpected new
│ value: .configuration_values: was cty.StringVal("# Подробное описание
│ доступных полей:
│ https://github.com/kubernetes/ingress-nginx/blob/helm-chart-4.7.1/charts/ingress-nginx/values.yaml\n\ncontroller:\n
│ name: controller\n  admissionWebhooks:\n    patch:\n      image:\n
│ registry: registry.infra.mail.ru:5010\n        image:
│ ingress-nginx/kube-webhook-certgen\n        tag: v20230407\n        digest:
│ \"\"\n        pullPolicy: IfNotPresent\n      tolerations: []\n
│ createSecretJob:\n      resources:\n        limits:\n          cpu: 50m\n
│ memory: 64Mi\n      patchWebhookJob:\n        resources:\n
│ limits:\n            cpu: 50m\n            memory: 64Mi\n      patch:\n
│ image:\n          registry: registry.infra.mail.ru:5010\n          image:
│ ingress-nginx/kube-webhook-certgen\n          tag: v20230407\n
│ digest: \"\"\n          pullPolicy: IfNotPresent\n        tolerations: []\n
│ image:\n    registry: registry.infra.mail.ru:5010\n    image:
│ ingress-nginx/controller\n    digest: \"\"\n    tag: \"v1.8.1\"\n
│ config:\n    use-proxy-protocol: \"True\"\n\n    real-ip-header:
│ \"proxy_protocol\"\n\n    set-real-ip-from: \"10.0.7.0/27\"\n  headers:
│ {}\n  hostNetwork: false\n  dnsPolicy: ClusterFirst\n
│ defaultBackendService: \"\"\n  publishService:\n    enabled: false\n
│ pathOverride: \"\"\n  scope:\n    enabled: false\n    namespace: \"\"   #
│ defaults to .Release.Namespace\n  extraArgs:\n    enable-ssl-passthrough:
│ \"\"\n  extraEnvs: []\n  kind: Deployment\n  updateStrategy: {}\n
│ minReadySeconds: 0\n  tolerations: []\n  affinity:\n    podAntiAffinity:\n
│ requiredDuringSchedulingIgnoredDuringExecution:\n      - labelSelector:\n
│ matchExpressions:\n          - key: component\n            operator: In\n
│ values:\n            - controller\n        topologyKey:
│ \"kubernetes.io/hostname\"\n  livenessProbe:\n    failureThreshold: 3\n
│ initialDelaySeconds: 150\n    periodSeconds: 10\n    successThreshold: 1\n
│ timeoutSeconds: 1\n  readinessProbe:\n    failureThreshold: 3\n
│ initialDelaySeconds: 10\n    periodSeconds: 10\n    successThreshold: 1\n
│ timeoutSeconds: 1\n  podAnnotations:\n    prometheus.io/port: '10254'\n
│ prometheus.io/scrape: 'true'\n    timestamp: \"1700552895\" #<-
│ обязательное поле\n  replicaCount: 2.0\n  minAvailable: 1\n  resources:\n
│ requests:\n      cpu: 100m\n      memory: 90Mi\n    limits:\n      cpu:
│ 500m\n      memory: 512Mi\n  autoscaling:\n    enabled: false\n
│ customTemplate:\n    configMapName: \"\"\n    configMapKey: \"\"\n
│ service:\n\n    annotations:
│ {\"loadbalancer.openstack.org/proxy-protocol\": \"true\",
│ \"service.beta.kubernetes.io/openstack-internal-load-balancer\":
│ \"false\"}\n\n    loadBalancerIP: \"\" #<- Задайте плавающий IP адрес при
│ необходимости\n    labels: {}\n    clusterIP: \"\"\n    externalIPs: []\n
│ loadBalancerSourceRanges: []\n    enableHttp: true\n    enableHttps: true\n
│ externalTrafficPolicy: \"\"\n    healthCheckNodePort: 0\n    targetPorts:\n
│ http: http\n      https: https\n    type: LoadBalancer\n  extraContainers:
│ []\n  extraVolumeMounts: []\n  extraVolumes: []\n  extraInitContainers:
│ []\n  stats:\n    enabled: true\n    service:\n      annotations: {}\n
│ clusterIP: \"\"\n      externalIPs: []\n      loadBalancerIP: \"\"\n
│ loadBalancerSourceRanges: []\n      servicePort: 18080\n      type:
│ ClusterIP\n  metrics:\n    enabled: true\n    service:\n      annotations:
│ {}\n      clusterIP: \"\"\n      externalIPs: []\n      loadBalancerIP:
│ \"\"\n      loadBalancerSourceRanges: []\n      servicePort: 9913\n
│ type: ClusterIP\n    serviceMonitor:\n      enabled: false\n
│ additionalLabels: {}\n      namespace: prometheus-monitoring\n  lifecycle:
│ {}\n  priorityClassName: \"\"\nrevisionHistoryLimit: 10\ndefaultBackend:\n
│ enabled: true\n  name: default-backend\n  image:\n    registry:
│ registry.infra.mail.ru:5010\n    image: defaultbackend-amd64\n    tag:
│ \"1.5\"\n    pullPolicy: IfNotPresent\n  extraArgs: {}\n  port: 8080\n
│ tolerations: []\n  affinity:\n    podAntiAffinity:\n
│ requiredDuringSchedulingIgnoredDuringExecution:\n      - labelSelector:\n
│ matchExpressions:\n          - key: component\n            operator: In\n
│ values:\n            - default-backend\n        topologyKey:
│ \"kubernetes.io/hostname\"\n  podLabels: {}\n  podAnnotations:\n
│ timestamp: \"1700552895\" #<- обязательное поле\n  replicaCount: 2.0\n
│ minAvailable: 1\n  resources:\n    limits:\n      cpu: 10m\n      memory:
│ 20Mi\n    requests:\n      cpu: 10m\n      memory: 20Mi\n  service:\n
│ annotations: {}\n    clusterIP: \"\"\n    externalIPs: []\n
│ loadBalancerIP: \"\"\n    loadBalancerSourceRanges: []\n    servicePort:
│ 80\n    type: ClusterIP\n  priorityClassName: \"\"\nrbac:\n  create:
│ true\nserviceAccount:\n  create: true\n  name:\nimagePullSecrets: []"), but
│ now cty.StringVal("# Подробное описание доступных полей:
│ https://github.com/kubernetes/ingress-nginx/blob/helm-chart-4.7.1/charts/ingress-nginx/values.yaml\ncontroller:\n
│ name: controller\n  admissionWebhooks:\n    patch:\n      image:\n
│ registry: registry.infra.mail.ru:5010\n        image:
│ ingress-nginx/kube-webhook-certgen\n        tag: v20230407\n        digest:
│ \"\"\n        pullPolicy: IfNotPresent\n      tolerations: []\n
│ createSecretJob:\n      resources:\n        limits:\n          cpu: 50m\n
│ memory: 64Mi\n      patchWebhookJob:\n        resources:\n
│ limits:\n            cpu: 50m\n            memory: 64Mi\n      patch:\n
│ image:\n          registry: registry.infra.mail.ru:5010\n          image:
│ ingress-nginx/kube-webhook-certgen\n          tag: v20230407\n
│ digest: \"\"\n          pullPolicy: IfNotPresent\n        tolerations: []\n
│ image:\n    registry: registry.infra.mail.ru:5010\n    image:
│ ingress-nginx/controller\n    digest: \"\"\n    tag: \"v1.8.1\"\n
│ config:\n    use-proxy-protocol: \"True\"\n    real-ip-header:
│ \"proxy_protocol\"\n    set-real-ip-from: \"10.0.7.0/27\"\n  headers: {}\n
│ hostNetwork: false\n  dnsPolicy: ClusterFirst\n  defaultBackendService:
│ \"\"\n  publishService:\n    enabled: false\n    pathOverride: \"\"\n
│ scope:\n    enabled: false\n    namespace: \"\" # defaults to
│ .Release.Namespace\n  extraArgs:\n    enable-ssl-passthrough: \"\"\n
│ extraEnvs: []\n  kind: Deployment\n  updateStrategy: {}\n  minReadySeconds:
│ 0\n  tolerations: []\n  affinity:\n    podAntiAffinity:\n
│ requiredDuringSchedulingIgnoredDuringExecution:\n        - labelSelector:\n
│ matchExpressions:\n              - key: component\n
│ operator: In\n                values:\n                  - controller\n
│ topologyKey: \"kubernetes.io/hostname\"\n  livenessProbe:\n
│ failureThreshold: 3\n    initialDelaySeconds: 150\n    periodSeconds: 10\n
│ successThreshold: 1\n    timeoutSeconds: 1\n  readinessProbe:\n
│ failureThreshold: 3\n    initialDelaySeconds: 10\n    periodSeconds: 10\n
│ successThreshold: 1\n    timeoutSeconds: 1\n  podAnnotations:\n
│ prometheus.io/port: '10254'\n    prometheus.io/scrape: 'true'\n
│ timestamp: \"1700553244\" #<- обязательное поле\n  replicaCount: 2.0\n
│ minAvailable: 1\n  resources:\n    requests:\n      cpu: 100m\n
│ memory: 90Mi\n    limits:\n      cpu: 500m\n      memory: 512Mi\n
│ autoscaling:\n    enabled: false\n  customTemplate:\n    configMapName:
│ \"\"\n    configMapKey: \"\"\n  service:\n    annotations:
│ {\"loadbalancer.openstack.org/proxy-protocol\": \"true\",
│ \"service.beta.kubernetes.io/openstack-internal-load-balancer\":
│ \"false\"}\n    loadBalancerIP: \"\" #<- Задайте плавающий IP адрес при
│ необходимости\n    labels: {}\n    clusterIP: \"\"\n    externalIPs: []\n
│ loadBalancerSourceRanges: []\n    enableHttp: true\n    enableHttps: true\n
│ externalTrafficPolicy: \"\"\n    healthCheckNodePort: 0\n    targetPorts:\n
│ http: http\n      https: https\n    type: LoadBalancer\n  extraContainers:
│ []\n  extraVolumeMounts: []\n  extraVolumes: []\n  extraInitContainers:
│ []\n  stats:\n    enabled: true\n    service:\n      annotations: {}\n
│ clusterIP: \"\"\n      externalIPs: []\n      loadBalancerIP: \"\"\n
│ loadBalancerSourceRanges: []\n      servicePort: 18080\n      type:
│ ClusterIP\n  metrics:\n    enabled: true\n    service:\n      annotations:
│ {}\n      clusterIP: \"\"\n      externalIPs: []\n      loadBalancerIP:
│ \"\"\n      loadBalancerSourceRanges: []\n      servicePort: 9913\n
│ type: ClusterIP\n    serviceMonitor:\n      enabled: false\n
│ additionalLabels: {}\n      namespace: prometheus-monitoring\n  lifecycle:
│ {}\n  priorityClassName: \"\"\nrevisionHistoryLimit: 10\ndefaultBackend:\n
│ enabled: true\n  name: default-backend\n  image:\n    registry:
│ registry.infra.mail.ru:5010\n    image: defaultbackend-amd64\n    tag:
│ \"1.5\"\n    pullPolicy: IfNotPresent\n  extraArgs: {}\n  port: 8080\n
│ tolerations: []\n  affinity:\n    podAntiAffinity:\n
│ requiredDuringSchedulingIgnoredDuringExecution:\n        - labelSelector:\n
│ matchExpressions:\n              - key: component\n
│ operator: In\n                values:\n                  -
│ default-backend\n          topologyKey: \"kubernetes.io/hostname\"\n
│ podLabels: {}\n  podAnnotations:\n    timestamp: \"1700553244\" #<-
│ обязательное поле\n  replicaCount: 2.0\n  minAvailable: 1\n  resources:\n
│ limits:\n      cpu: 10m\n      memory: 20Mi\n    requests:\n      cpu:
│ 10m\n      memory: 20Mi\n  service:\n    annotations: {}\n    clusterIP:
│ \"\"\n    externalIPs: []\n    loadBalancerIP: \"\"\n
│ loadBalancerSourceRanges: []\n    servicePort: 80\n    type: ClusterIP\n
│ priorityClassName: \"\"\nrbac:\n  create: true\nserviceAccount:\n  create:
│ true\n  name:\nimagePullSecrets: []\n").
│ 
│ This is a bug in the provider, which should be reported in the provider's
│ own issue tracker.

Software versions

terraform --version
Terraform v1.5.7
on darwin_arm64

[paaanic]

Thank you for reporting this problem! This is a known issue and is planned to be fixed in the next release with a merge of #331. For now, I can only suggest you to use terraform untaint vkcs_kubernetes_addon.ingress-nginx and to add ignore_changes = [ configuration_values ], you can check documentation for lifecycle management here: https://developer.hashicorp.com/terraform/language/meta-arguments/lifecycle.

[paaanic]

Fixed in version 0.5.3.