-
Notifications
You must be signed in to change notification settings - Fork 53
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Updating from 1.12.1 to 1.13.0 causes forced replacement on storage blob container and keyvault key due to "location=<LOC>->null" #514
Comments
Hi @Brakistad , Thank you for taking time to report this issue! In previous version, the location might not be correctly reflected in terraform state. Would you please add the location field to the resource block to match with remote state? And I'd recommend to use v1.13.1 instead of v1.13.0 because v1.13.1 contains multiple bug fixes. |
Hi @ms-henglu, Thank you for your previous response and guidance. Current Status:After updating the azapi provider to version 1.13.1, we have modified our configuration to include # Key Vault Key
resource "azapi_resource" "key_vault_key" {
for_each = { for k, v in var.principal : k => v if v != "" }
type = "Microsoft.KeyVault/vaults/keys@2023-07-01"
name = "EncryptionKey"
schema_validation_enabled = false
parent_id = <PARENT ID>
location = var.location
body = jsonencode({
properties = {
... valid properties
}
})
} Plan Output:Upon running Concerns:While the plan step appears to validate the configuration correctly, we are concerned about the Could you please confirm if the current fix using Thank you for your support and guidance. EDIT: Additional information: We had to use 'schema_validation_enabled = false' to not break in the plan step, because the provider did not recognize the parameter "location" in the azapi_resource block. |
Thanks for the quick response! Yes, you could the I'll check the if the swagger has incorrect definition and get back to you. |
Hi @ms-henglu, Thank you for your previous support and guidance. Current Status:We have successfully updated the azapi provider to version 1.13.1 and applied the fix using # Example of tag changes causing in-place updates
# module.submoduleX["id"].azapi_resource.blob_container["id"] will be updated in-place
~ resource "azapi_resource" "blobcontainer" {
id = "/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/example-rg/providers/Microsoft.Storage/storageAccounts/example-sa/blobServices/default/containers/blob-example"
name = "blobcontainer"
~ output = jsonencode({}) -> (known after apply)
+ tags = {
+ "BusinessUnit" = "BUSINESS_UNIT"
+ "CostCenter" = "COST_CENTER"
+ "Criticality" = "CRITICALITY_LEVEL"
+ "DataClassification" = "DATA_CLASSIFICATION"
+ "EndDate" = "END_DATE"
+ "Env" = "ENVIRONMENT"
+ "ManagedBy" = "MANAGED_BY"
+ "OpsCommitment" = "OPS_COMMITMENT"
+ "OpsTeam" = "OPS_TEAM"
+ "Owner" = "OWNER_EMAIL"
+ "Requester" = "REQUESTER_EMAIL"
+ "StartDate" = "START_DATE"
+ "WorkloadName" = "WORKLOAD_NAME"
}
# (8 unchanged attributes hidden)
}
# Similar updates are shown for other resources Issue:
Concerns:We are concerned that this behavior will lead to unnecessary updates and noise during deployment. We would like to confirm if this behavior is expected with the current provider version or if there are any additional steps we should take to stabilize the tag management. |
Thanks for the details. But these tags are not introduced by You could check the activity logs to see who edited the resource. |
We ran into this issue using The rerun want's to replace The change of the location forces a redeployment of the resources, which isn't possible on a running web app due to the nature of the extension. We tried running this using provider version |
@ms-henglu any updates on this? |
Hi @rvdouderaa , sorry for late response. I think it's a similar case, please check: #514 (comment) |
Hi @ms-henglu afaik location is nog accepted as a property for the siteextensions. So, Terraform does want to change it, but you cannot set it. |
I see. Another workaround is adding the lifecycle to suppress the diff. |
I managed to fix it for me with adding
Disclaimer: I did not do extensive testing on it. There is a chance it may break on update attempts if there are other diff's that would enforce re-creation. |
Summary of Issues with azapi Provider
Description:
After updating the azapi provider from version 1.12.1 to 1.13.0 and Terraform itself, we encountered issues with forced replacements of resources, even though there are no significant changes to the configuration.
Error Messages:
location
attribute being set tonull
. This behavior affects both blob containers and Key Vault keys.Impact:
Steps to Reproduce:
terraform plan
with a configuration that includes azapi resources for blob containers and Key Vault keys.The text was updated successfully, but these errors were encountered: