constellix / terraform-provider-constellix Goto Github PK

After terraform init I get:

Error: Incompatible provider version
Provider registry.terraform.io/Constellix/constellix v0.3.11 does not have a package available for your current platform, darwin_arm64.

Can you provide the version for M1 Macs?

When trying to load in a non-existing GeoProximity data entity, the error message says Cert record with name:..., is not present

It can be quite misleading.

This can be found here:

Occurs with the constellix/constellix provider v0.4.5, on terraform v1.3.2

Same as #12 but for TXT.

missing roundRobin same as #13

Description

constellix_a_record and constellix_cname_record fail to import geolocation properties correctly on the latest release. This bug affects the Import methods on both resource types. It may also affect other record types - I've only checked CNAME and A records.

Replicate (1)

On release v0.3.5 (commit 4e5aefa)

Use the following Terraform configuration to provision a domain and record:

provider constellix {
  apikey    = <API KEY HERE>
  secretkey = <SECRET KEY HERE> 
}

terraform {
  required_providers {
    constellix = {
      source = "Constellix/constellix"
      version = "0.3.5"
    }
  }
}

resource constellix_domain replicate1 {
  name = "domain1.dne.com"
  soa = {
    primary_nameserver = "ns41.constellix.com."
    ttl                = 1800
    refresh            = 48100
    retry              = 7200
    expire             = 1209
    negcache           = 8000
  }
}

resource constellix_cname_record replicate1 {
  name                          = "replicate"
  domain_id                     = constellix_domain.replicate1.id
  host                          = "test."
  source_type                   = "domains"
  ttl                           = 300

  geo_location = {
    drop = false
    geo_ip_failover = false
  }
}

After provisioning the resources, retrieve the CNAME record's ID and remove the resource from Terraform state:

$ terraform state rm constellix_cname_record.replicate1 <ID OF CNAME RECORD>

The resource is now untracked. Import it back into state.

$ terraform import constellix_cname_record.replicate1 domains:<DOMAIN ID>:<CNAME ID>

Run terraform show and note that the geolocation block is not populated. terraform plan will say that changes are required to the existing infrastructure to add geolocation properties.

Replicate (2)

Modify constellix/resource_constellix_cname_record_test.go and add a geo_location object to the HCL string in the testAccCheckConstellixCNameConfig_basic method. Pipe the following to git-apply

diff --git a/constellix/resource_constellix_cname_record_test.go b/constellix/resource_constellix_cname_record_test.go
index 9626737..d2abff8 100644
--- a/constellix/resource_constellix_cname_record_test.go
+++ b/constellix/resource_constellix_cname_record_test.go
@@ -80,6 +80,10 @@ func testAccCheckConstellixCNameConfig_basic(ttl int) string {
                ttl = "%d"
                note = "Practice record naptr"
                record_option = "failover"
+               geo_location = {
+                       drop = false
+                       geo_ip_failover = false
+               }
            record_failover_values  {
                             value = "a."
                             sort_order = 2

and run the TestAccCName_Basic test. You'll note the test fails, complaining of nonempty plan output for the newly created resource.

=== RUN   TestAccCName_Basic
--- FAIL: TestAccCName_Basic (23.85s)
    testing.go:684: Step 0 error: After applying this step, the plan was not empty:

Root cause

I think the root cause of this problem is that the schema for the geolocation block is defined incorrectly for both A and CNAME record types. It's declared as TypeMap, but uses the Elem block to define specific keys. According to the Terraform docs this is a misconfiguration. To enforce type constraints on predefined keys, use TypeSet. PR #14 fixes the import behavior by changing the geolocation field to TypeSet, but is backwards incompatible.

Description

Attempting to recreate a resource will sometimes cause a conflict error (409), with the API complaining of an existing resource with the same properties as the resource being created. Retrying the creation will succeed. This is a bug because the provider should not treat possibly temporary errors like this as an immediate failure. Retrying for a few seconds will mitigate these errors, while still ensuring that incorrectly configured builds fail quickly.

To replicate

Use the following configuration. Note the conflicting domain names:

provider constellix {
  apikey    = <API KEY HERE>
  secretkey = <SECRET KEY HERE> 
}

terraform {
  required_providers {
    constellix = {
      source = "Constellix/constellix"
      version = "0.3.5"
    }
  }
}

variable trigger {
  type = bool
}

resource constellix_domain replicate1 {
  count = var.trigger ? 1 : 0
  name = "domain1.dne.com"
  soa = {
    primary_nameserver = "ns41.constellix.com."
    ttl                = 1800
    refresh            = 48100
    retry              = 7200
    expire             = 1209
    negcache           = 8000
  }
}

resource constellix_domain replicate2 {
  count = var.trigger ? 0 : 1
  name = "domain1.dne.com"
  soa = {
    primary_nameserver = "ns41.constellix.com."
    ttl                  = 1800
    refresh            = 48100
    retry              = 7200
    expire             = 1209
    negcache           = 8000
  }
}

Provision the resources

$ terraform apply -var 'trigger=true'

Then re-provision with trigger set to false

$ terraform apply -var 'trigger=false'

This will result in a race condition and probably a conflict error, and the build will fail (make sure parallelism is set to at least 3, the default is 10)

Error: Domain with name "domain1.dne.com" already exists, Domain Id: 500430

Try again, and the build will succeed, since the destroy operation will have had time to reach all edges of the Constellix API service

$ terraform apply -var 'trigger=false'

This example is a little contrived: usually you don't provision separate resources with the same name. But this case does happen (it happened for us in production), and should be handled gracefully by the provider. Fortunately the Terraform SDK makes it easy to add a backoff/retry loop to these API calls

Fix

Add retries and timeouts to the provider. The retries should not be too optimistic - if the retries fail for more than a minute the build should probably fail. 4 retry attempts with exponential backoff would be sufficient for us.

When i try to use terraform plan i had an issue.
Before i was successfuly add the resources to constellix, but now i don't.
Any ideas?
`
│ Error: Plugin did not respond
│
│ with constellix_a_record_pool.rtb_dc_uswest,
│ on record_pools.tf line 132, in resource "constellix_a_record_pool" "rtb_dc_uswest":
│ 132: resource "constellix_a_record_pool" "rtb_dc_uswest" {
│
│ The plugin encountered an error, and failed to respond to the plugin.(*GRPCProvider).ReadResource call. The plugin logs may contain more details.
╵

Stack trace from the terraform-provider-constellix_v0.4.5 plugin:

panic: interface conversion: interface {} is nil, not []interface {}

goroutine 26 [running]:
github.com/terraform-providers/terraform-provider-constellix/constellix.datasourceConstellixIPFilterRead(0xc0002da420, {0xe17880, 0xc000258b00})
github.com/terraform-providers/terraform-provider-constellix/constellix/datasource_constellix_geo_filter.go:138 +0xc3b
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Resource).ReadDataApply(0xc0002f0be0, 0xc000282480, {0xe17880, 0xc000258b00})
github.com/hashicorp/[email protected]/helper/schema/resource.go:413 +0x66
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Provider).ReadDataApply(0xc000298d80, 0xc0005b7b28, 0xd985c0)
github.com/hashicorp/[email protected]/helper/schema/provider.go:451 +0x65
github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(*GRPCProviderServer).ReadDataSource(0xc00011c870, {0xc00054c080, 0x4b4e06}, 0xc00054c080)
github.com/hashicorp/[email protected]/internal/helper/plugin/grpc_provider.go:1046 +0x2da
github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ReadDataSource_Handler({0xe69060, 0xc00011c870}, {0x1073ef0, 0xc0007ee1e0}, 0xc0001ee060, 0x0)
github.com/hashicorp/[email protected]/internal/tfplugin5/tfplugin5.pb.go:3341 +0x170
google.golang.org/grpc.(*Server).processUnaryRPC(0xc000349880, {0x1083a58, 0xc0000f4480}, 0xc0007fa000, 0xc000322450, 0x1680ad0, 0x0)
google.golang.org/[email protected]/server.go:1194 +0xc8f
google.golang.org/grpc.(*Server).handleStream(0xc000349880, {0x1083a58, 0xc0000f4480}, 0xc0007fa000, 0x0)
google.golang.org/[email protected]/server.go:1517 +0xa2a
google.golang.org/grpc.(*Server).serveStreams.func1.2()
google.golang.org/[email protected]/server.go:859 +0x98
created by google.golang.org/grpc.(*Server).serveStreams.func1
google.golang.org/[email protected]/server.go:857 +0x294

Error: The terraform-provider-constellix_v0.4.5 plugin crashed!`

Adding a domain (via the web interface) that isn't registered (e.g. we own "domain.com", I add "development-domain.com"), shows no issue in the web interface.
When I try to import it in terraform as a data resource the provider returns Error: Domain of specified name is not available.

When importing SRV record, roundRobin info does not import.

sandino@host dns % terraform import --allow-missing-config constellix_srv_record.srv_record domains:<parent-id>:<record-id>
constellix_srv_record.srv_record: Importing from ID "domains:<parent-id>:<record-id>"...
constellix_srv_record.srv_record: Import prepared!
  Prepared constellix_srv_record for import
constellix_srv_record.srv_record: Refreshing state... [id=<record-id>]

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.

----------------

sandino@host dns % terraform state show 'constellix_srv_record.srv_record'
# constellix_srv_record.srv_record:
resource "constellix_srv_record" "srv_record" {
    domain_id   = "<parent-id>"
    gtd_region  = 1
    id          = "<record-id>"
    name        = "value"
    noanswer    = false
    source_type = "domains"
    ttl         = 1800
    type        = "SRV"
}

This line will give a segmentation fault if record_failover_values is not defined. Should be checking if rcfda is nil in the if statements.

1. expire is importing incorrectly, if value is: "1209600" it imports as "1.2096e+06"

   • then on terraform apply it sees this as a change ~ "expire" = "1.2096e+06" -> "1209600"

2. serial does not get imported at all (missing from config)

   • then on terraform apply it tries to add it + "serial" = "2015010112"

While using the plugin, we've run into an issue during an apply which said it's a problem with the plugin

Stack trace:

Stack trace from the terraform-provider-constellix_v0.3.11 plugin:

panic: interface conversion: interface {} is nil, not []interface {}

goroutine 97 [running]:
github.com/Constellix/constellix-go-client/client.checkForErrors(0xc0003cc000, 0x1, 0x1)
	github.com/Constellix/[email protected]/client/client.go:197 +0x435
github.com/Constellix/constellix-go-client/client.(*Client).Save(0xc000186280, 0x1c271c0, 0xc0004fa0b0, 0xc0007cc280, 0x1f, 0x1c5c1b6, 0x1, 0xc0001900d8)
	github.com/Constellix/[email protected]/client/client.go:180 +0x396
github.com/terraform-providers/terraform-provider-constellix/constellix.resourceConstellixCNameRecordCreate(0xc0002a67e0, 0x1bb1fa0, 0xc000186280, 0x2, 0x2615500)
	github.com/terraform-providers/terraform-provider-constellix/constellix/resource_constellix_cname_record.go:343 +0xd0a
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Resource).Apply(0xc0004d7050, 0xc0005323c0, 0xc0002745a0, 0x1bb1fa0, 0xc000186280, 0x1b14c01, 0xc000110ee8, 0xc000325a10)
	github.com/hashicorp/[email protected]/helper/schema/resource.go:310 +0x365
github.com/hashicorp/terraform-plugin-sdk/helper/schema.(*Provider).Apply(0xc0002aa000, 0xc00024fa10, 0xc0005323c0, 0xc0002745a0, 0xc000204bc8, 0xc00081e050, 0x1b16860)
	github.com/hashicorp/[email protected]/helper/schema/provider.go:294 +0x99
github.com/hashicorp/terraform-plugin-sdk/internal/helper/plugin.(*GRPCProviderServer).ApplyResourceChange(0xc00000e008, 0x1ebb960, 0xc000324330, 0xc0002a6000, 0xc00000e008, 0xc000324330, 0xc00020db78)
	github.com/hashicorp/[email protected]/internal/helper/plugin/grpc_provider.go:885 +0x8b4
github.com/hashicorp/terraform-plugin-sdk/internal/tfplugin5._Provider_ApplyResourceChange_Handler(0x1c22540, 0xc00000e008, 0x1ebb960, 0xc000324330, 0xc00080c6c0, 0x0, 0x1ebb960, 0xc000324330, 0xc0003dc2c0, 0x284)
	github.com/hashicorp/[email protected]/internal/tfplugin5/tfplugin5.pb.go:3305 +0x217
google.golang.org/grpc.(*Server).processUnaryRPC(0xc000702900, 0x1ec5ce0, 0xc000703980, 0xc0003c6000, 0xc0006d5470, 0x25db5a0, 0x0, 0x0, 0x0)
	google.golang.org/[email protected]/server.go:1024 +0x501
google.golang.org/grpc.(*Server).handleStream(0xc000702900, 0x1ec5ce0, 0xc000703980, 0xc0003c6000, 0x0)
	google.golang.org/[email protected]/server.go:1313 +0xd3d
google.golang.org/grpc.(*Server).serveStreams.func1.1(0xc00003a5e0, 0xc000702900, 0x1ec5ce0, 0xc000703980, 0xc0003c6000)
	google.golang.org/[email protected]/server.go:722 +0xa1
created by google.golang.org/grpc.(*Server).serveStreams.func1
	google.golang.org/[email protected]/server.go:720 +0xa1

Error: The terraform-provider-constellix_v0.3.11 plugin crashed!

This is always indicative of a bug within the plugin. It would be immensely
helpful if you could report the crash with the plugin's maintainers so that it
can be fixed. The output above should help diagnose the issue.

Full output from terraform apply:
https://gist.github.com/MahmoudDolah/d3950b93cb07e778ba3cebf97c89595a

We are trying to update our version of the Constellix provider from version 0.3.11 to 0.4.5. This is the only change we have in the PR, however a phantom change in a TXT record is being picked up and stopping merging of the change.

The TXT record with the phantom change is on the root domain, where we have 1 record with 15 roundrobin values in it. The change that Terraform is seeing is that the individual values are being reordered in the list, e.g.

~ resource "constellix_txt_record" "root_TXT" {
        id          = "12345678"
        # (8 unchanged attributes hidden)

      ~ roundrobin {
          ~ value        = "apple-domain-verification=a-value" -> "google-site-verification=gsv-value-1"
            # (1 unchanged attribute hidden)
        }
      ~ roundrobin {
          ~ value        = "facebook-domain-verification=fb-value" -> "google-site-verification=gsv-value-2"
            # (1 unchanged attribute hidden)
        }
      ~ roundrobin {
      ...
      etc.

This wouldn't be much of an issue except that it's stopping the Terraform code from being deployed.

Error: Contents are identical

  with constellix_txt_record.root_TXT,
  on constellix.tf line 718, in resource "constellix_txt_record" "root_TXT":
 718: resource "constellix_txt_record" "root_TXT" {

We have attempted to resolve this by deleting the resource from the state and importing it again, but the same behaviour was seen.

Seems we are able to create vanity_nameservers, but we cannot apply them to domains

It does not seem that Constellix API supports this either?

Hi, thanks for this provider.

Other providers use to have better names for the provider enviromental variables.

Could we perhaps change
DefaultFunc: schema.EnvDefaultFunc("apikey", nil),
DefaultFunc: schema.EnvDefaultFunc("secretkey", nil),

To:

DefaultFunc: schema.EnvDefaultFunc("CONSTELLIX_API_KEY", nil),
DefaultFunc: schema.EnvDefaultFunc("CONSTELLIX_SECRET_KEY", nil),

Thanks

Regards