terraform-provider-kubernetes
terraform-provider-kubernetes copied to clipboard
Published
20 hours ago •
hashicorp
hashicorp
Crash reading kubernetes_manifest remote object
Terraform Version, Provider Version and Kubernetes Version
Terraform version: 1.8.5
Kubernetes provider version:
Kubernetes version: 1.29.4
Affected Resource(s)
- kubernetes_manifest
Current deployed state:
# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
creationTimestamp: "2024-07-02T13:32:06Z"
generation: 7
name: my-coraza-http-wasm-traefik
namespace: traefik
resourceVersion: "69273585"
uid: 09342471-b20e-4c1a-8aa8-422e878f60b4
spec:
plugin:
coraza:
directives:
- SecRuleEngine On
- SecDebugLog /dev/stdout
- SecDebugLogLevel 9
- SecRequestBodyAccess On
- SecRequestBodyInMemoryLimit 256000
- SecRequestBodyLimit 134217728
- SecRule ARGS "@detectSQLi" "id:153,phase:2,deny,status:403,log,msg:'SQL Injection
Detected in Argument'"
coraza-http-wasm-traefik:
directives:
- SecRuleEngine On
- SecDebugLog /dev/stdout
- SecDebugLogLevel 9
- SecRule ARGS "@detectSQLi" "id:153,phase:2,deny,status:403,log,msg:'SQL Injection
Detected in Argument'"
- SecRule REQUEST_URI "@detectSQLi" "id:152,phase:2,deny,status:403,log,msg:'SQL
Injection Detected'"
Resource in TF
resource "kubernetes_manifest" "my_coraza_http_wasm_traefik" {
provider = kubernetes.aks
manifest = {
apiVersion = "traefik.io/v1alpha1"
kind = "Middleware"
metadata = {
name = "my-coraza-http-wasm-traefik"
namespace = "${kubernetes_namespace.traefik.metadata[0].name}"
}
spec = {
plugin = {
coraza-http-wasm-traefik = {
directives = [
"SecRuleEngine On",
"SecDebugLog /dev/stdout",
"SecDebugLogLevel 9",
"SecRule ARGS \"@detectSQLi\" \"id:153,phase:2,deny,status:403,log,msg:'SQL Injection Detected in Argument'\"",
"SecRule REQUEST_URI \"@detectSQLi\" \"id:152,phase:2,deny,status:403,log,msg:'SQL Injection Detected'\""
]
}
}
}
}
depends_on = [helm_release.traefik]
}
Terraform Configuration Files
# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.
Debug Output
Panic Output
Steps to Reproduce
Expected Behavior
No error.
Actual Behavior
Stack trace from the terraform-provider-kubernetes_v2.30.0_x5.exe plugin:
panic: ElementKeyString("coraza-http-wasm-traefik"): can't use tftypes.Object["directives":tftypes.Tuple[tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String]] as tftypes.Object["directives":tftypes.Tuple[tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String]]
goroutine 61 [running]:
github.com/hashicorp/terraform-plugin-go/tftypes.NewValue(...)
github.com/hashicorp/[email protected]/tftypes/value.go:278
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.mapToTFMapValue(0x262be40?, {0x2ab4cf0?, 0xc0032835f0}, 0x0?, 0xc00258dc80)
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:247 +0x669
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.ToTFValue({0x24355c0?, 0xc003519ef0?}, {0x2ab4cf0, 0xc0032835f0}, 0xc0034ddca0?, 0x998b48?)
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:130 +0x974
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.mapToTFObjectValue(0x263fde0?, {0x2ab4c40?, 0xc0033fd6b0}, 0xc0034ddca0?, 0xc00258d938)
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:259 +0x308
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.ToTFValue({0x24355c0?, 0xc003519ec0?}, {0x2ab4c40, 0xc0033fd6b0}, 0x1?, 0xc001e46f68?)
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:128 +0x9aa
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.mapToTFObjectValue(0x263fde0?, {0x2ab4c40?, 0xc0034e2fc0}, 0x552?, 0xc00258d608)
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:259 +0x308
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.ToTFValue({0x24355c0?, 0xc003519bc0?}, {0x2ab4c40, 0xc0034e2fc0}, 0x0?, 0x0?)
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:128 +0x9aa
github.com/hashicorp/terraform-provider-kubernetes/manifest/provider.(*RawProviderServer).ReadResource(0xc000066e00, {0x2aadb58, 0xc001c1edb0}, 0xc003d41580)
github.com/hashicorp/terraform-provider-kubernetes/manifest/provider/read.go:164 +0x155d
github.com/hashicorp/terraform-plugin-mux/tf5muxserver.(*muxServer).ReadResource(0x2aadb90?, {0x2aadb58?, 0xc001c1eab0?}, 0xc003d41580)
github.com/hashicorp/[email protected]/tf5muxserver/mux_server_ReadResource.go:35 +0x193
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0xc000128320, {0x2aadb58?, 0xc001c1e300?}, 0xc00062c8a0)
github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:775 +0x4c3
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0x26a8020?, 0xc000128320}, {0x2aadb58, 0xc001c1e300}, 0xc003abfd00, 0x0)
github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:482 +0x169
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0001d0e00, {0x2aadb58, 0xc001c1e270}, {0x2ab6080, 0xc000105380}, 0xc001bf2fc0, 0xc000e7af00, 0x3b65768, 0x0)
google.golang.org/[email protected]/server.go:1386 +0xe23
google.golang.org/grpc.(*Server).handleStream(0xc0001d0e00, {0x2ab6080, 0xc000105380}, 0xc001bf2fc0)
google.golang.org/[email protected]/server.go:1797 +0x100c
google.golang.org/grpc.(*Server).serveStreams.func2.1()
google.golang.org/[email protected]/server.go:1027 +0x8b
created by google.golang.org/grpc.(*Server).serveStreams.func2 in goroutine 69
google.golang.org/[email protected]/server.go:1038 +0x135
Error: The terraform-provider-kubernetes_v2.30.0_x5.exe plugin crashed!
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
