-
Notifications
You must be signed in to change notification settings - Fork 585
-
Notifications
You must be signed in to change notification settings - Fork 585
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changing a single IP in a cloudflare_list
causes subsequent IPs to change
#3025
Comments
Community NoteVoting for Prioritization
Volunteering to Work on This Issue
|
Terraform debug log detected ✅ |
Thank you for opening this issue and sorry to hear you're hitting issues. Unfortunately, the reproduction case provided contains HCL dynamic expressions. Examples of these are:
Maintainers don't accept these as reproduction cases since using these constructs and expressions can hold their own logic bugs which are outside of the provider and not able to be diagnosed. For maintainers to triage this issue, we recommend providing a minimal reproduction test case that is only contains the impacted resources and can be easily reproduced in an isolated environment. Without providing this, maintainers are limited in what support they can provide. |
We have the same issue on v4.18 and now v4.20 and subsequent apply commands always reset the list even though we dont change anything, seemingly caused by wanting to set the |
Can we get a maintainer to look at this please? The bot comment above is invalid, as this issue might be caused by the dynamic expressions and this must work. The repro case above is self contained and is expected to work. |
We are experiencing the same issue. It seems that it is related to kind="ip" as the API returns ASN as 0 on subsequent runs, but ASN is null in the Terraform state which results in a change required by Terraform. Setting ASN to 0 does not mitigate the issue as 0 is not allowed as an ASN. |
@rickardp the bot comment is not invalid. you have not provided the full debug log output which is used for diagnosis and you're using dynamics which we don't accept for reproduction cases for the reasons mentioned. if you provide the requested details, this can be triaged. @niklasweimann if you have the debug logs and reproduction case available, we can also use that instead for investigation. |
The IP list is from a dynamic source. I don't see why my use case would not be valid. Are you saying that this resource does not work with dynamic blocks and this is by design? Naturally I am not going to provide a full debug log of my IaC output on the public internet. I kept the part where the versions were printed in the hope that this sufficed. I am happy to provide more details privately if you prefer. |
Thank you, @niklasweimann I can confirm this shows the same behaviour as I had. @jacobbednarz Is anyone looking into this issue? |
This seems to be a bug in the update logic for cloudflare list items, resulting in erroneous reordering of entries when there are in fact no changes. This is not reproducible without the |
Curious when we can expect this to be resolved. It is generating alot noise in plans that make it easy to overlook other undesirable outcomes. I think we're just going to open a support case on this to hopefully get some eyes on it. |
First you create a IP list using cloudflare_list resource
Then, you add a new item inside the same resource
Terraform will plan to delete the first one and add all back.
Here is the associated gist: https://gist.github.com/7jPUn4w8caDX/241ad64c031a386fe8bfc1ab8e4e6ca8 |
CF support came back to us stating that the issue was that we were explicitly specifying a /32 in our addresses. We confirmed that removing the /32 from our input resolved the issue with the plan tearing the list down and rebuilding it. Looking at the OG post here it appears you're manually specifying an ASN=0, perhaps try removing any ASN=0 from your input. Here is our current terraform block
|
|
The operation cloudflare_list does is running this API Call: https://developers.cloudflare.com/api/operations/lists-update-all-list-items |
Same issue with the |
Confirmation
Terraform and Cloudflare provider version
(Possibly related to #2538)
Affected resource(s)
Terraform configuration files
Link to debug output
https://gist.github.com/rickardp/715aaca98bada8f75334dd1ad77f92bc
Panic output
No response
Expected output
No diff
Actual output
Steps to reproduce
terraform plan
Additional factoids
No response
References
No response
The text was updated successfully, but these errors were encountered: