Provider produced inconsistent result after apply in ionoscloud_share

Question

Provider produced inconsistent result after apply in ionoscloud_share

malhussan opened this issue 8 months ago · 4 comments

Description

Using the following configuration:

locals {
  admins  = { for user in var.users : user.username => user if contains(user["roles"], "admin") }
  editors = { for user in var.users : user.username => user if contains(user["roles"], "user") }
  readers = { for user in var.users : user.username => user if contains(user["roles"], "reader") }
}

data "ionoscloud_user" "admins" {
  for_each = local.admins
  email    = each.value.username
}

data "ionoscloud_user" "editors" {
  for_each = local.editors
  email    = each.value.username
}

data "ionoscloud_user" "readers" {
  for_each = local.readers
  email    = each.value.username
}

resource "ionoscloud_datacenter" "this" {
  name                = "${var.workspace_id}-${var.project_id}"
  location            = var.dc_location
  description         = var.dc_description
  sec_auth_protection = false
}

resource "ionoscloud_share" "admin" {
  count           = length(local.admins) > 0 ? 1 : 0
  group_id        = ionoscloud_group.admin[0].id
  resource_id     = ionoscloud_datacenter.this.id
  edit_privilege  = true
  share_privilege = false
}

resource "ionoscloud_share" "editor" {
  count           = length(local.editors) > 0 ? 1 : 0
  group_id        = ionoscloud_group.editor[0].id
  resource_id     = ionoscloud_datacenter.this.id
  edit_privilege  = true
  share_privilege = false
}

resource "ionoscloud_share" "reader" {
  count           = length(local.readers) > 0 ? 1 : 0
  group_id        = ionoscloud_group.reader[0].id
  resource_id     = ionoscloud_datacenter.this.id
  edit_privilege  = true
  share_privilege = false
}

resource "ionoscloud_group" "admin" {
  count                          = length(local.admins) > 0 ? 1 : 0
  name                           = "${var.workspace_id}-${var.project_id}-admins"
  user_ids                       = [for d in data.ionoscloud_user.admins : d["id"]]
  create_datacenter              = true
  create_snapshot                = true
  reserve_ip                     = true
  create_pcc                     = true
  s3_privilege                   = true
  create_backup_unit             = true
  create_internet_access         = true
  create_k8s_cluster             = true
  create_flow_log                = true
  access_and_manage_monitoring   = true
  access_and_manage_certificates = true
  manage_dbaas                   = true
}

resource "ionoscloud_group" "editor" {
  count                          = length(local.editors) > 0 ? 1 : 0
  name                           = "${var.workspace_id}-${var.project_id}-editors"
  user_ids                       = [for d in data.ionoscloud_user.editors : d["id"]]
  reserve_ip                     = true
  s3_privilege                   = true
  access_and_manage_monitoring   = true
  access_and_manage_certificates = true
  manage_dbaas                   = true
}

resource "ionoscloud_group" "reader" {
  count    = length(local.readers) > 0 ? 1 : 0
  name     = "${var.workspace_id}-${var.project_id}-readers"
  user_ids = [for d in data.ionoscloud_user.readers : d["id"]]
}

produces the following error:

│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to ionoscloud_share.admin[0], provider "provider[\"registry.terraform.io/ionos-cloud/ionoscloud\"]" produced an unexpected new value: Root resource was present, but now
│ absent.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: an error occured while creating a share: 500 Internal Server Error {
│   "httpStatus" : 500,
│   "messages" : [ {
│     "errorCode" : "301",
│     "message" : "Oops! Something went very wrong. Please contact the administrator"
│   } ]
│ }
│ 
│ 
│   with ionoscloud_share.editor[0],
│   on main.tf line 37, in resource "ionoscloud_share" "editor":
│   37: resource "ionoscloud_share" "editor" {
│

Note that e.g. after re-applying, it works fine

Expected behavior

Shares are created on first apply

Environment

Terraform version:

1.5

Provider version:

terraform {
  required_providers {
    ionoscloud = {
      source = "ionos-cloud/ionoscloud"
      version = "= 6.4.10"
    }
  }
}

OS:

Darwin Kernel Version 23.0.0,  x86_64 Linux

Configuration Files

vars.tfvars:

dc_location    = "de/txl"
dc_description = "ionos-user-permissions"
workspace_id   = "mo-s-customer"
project_id     = "ionos-test-dev"
users = [
  {
    "identifier" : "<uuid>",
    "username" : "example@example.com",
    "firstName" : "Example",
    "lastName" : "User",
    "email" : "example@example.com",
    "euid" : "example@example.com
    "roles" : [
      "admin",
      "user",
      "reader"
    ]
  }
]

Answer 1 · 2023-11-15T08:18:58.000Z

Thanks for raising this, we will investigate and see why it happened.

Answer 2 · 2023-11-15T12:14:38.000Z

Does this happen consistently? Can you try again and see if it reproduces?

Answer 3 · 2023-11-15T14:37:24.000Z

We have a limitation with shares where we get an error if multiple shares are created at the same time. You can either try to set parallelism=1 when running terraform, or you can set depends_on between them so creation is done sequentially.

Answer 4 · 2023-11-16T12:22:56.000Z

We have a limitation with shares where we get an error if multiple shares are created at the same time. You can either try to set parallelism=1 when running terraform, or you can set depends_on between them so creation is done sequentially.

Thanks for your help. Setting depends_on to run sequentially solved it for me.