pulumi-cloudflare icon indicating copy to clipboard operation
pulumi-cloudflare copied to clipboard

Published 20 hours ago verified publisher icon pulumi

R2 custom domain is broken

Open daveio opened this issue 6 months ago • 3 comments

Describe what happened

Trying to create a R2CustomDomain. The bucket most certainly does exist. This only fails when we set jurisdiction instead of location.

Sample program

Replace [ACCOUNT_ID], [BUCKET_NAME], [ZONE_ID], and [DOMAIN].

import { R2Bucket, R2CustomDomain } from "@pulumi/cloudflare"

const dataBucket = new R2Bucket("[BUCKET_NAME]", {
  accountId: [ACCOUNT_ID],
  name: [BUCKET_NAME],
  jurisdiction: "eu",
  storageClass: "Standard"
})

const dataBucketCustomDomain = new R2CustomDomain("[BUCKET_NAME]", {
  accountId: [ACCOUNT_ID],
  bucketName: [BUCKET_NAME],
  domain: [DOMAIN],
  enabled: true,
  zoneId: [ZONE_ID],
  minTls: "1.0"
})

export default {
  dataBucket,
  dataBucketCustomDomain
}

Log output

Placeholders: [ACCOUNT_ID] and [BUCKET_NAME]

Diagnostics:
  cloudflare:index:R2CustomDomain (images-dave-io):
    error: failed to make http request: POST "https://api.cloudflare.com/client/v4/accounts/[ACCOUNT_ID]/r2/buckets/[BUCKET_NAME]/domains/custom": 404 Not Found {"success":false,"errors":[{"code":10006,"message":"The specified bucket does not exist."}],"messages":[],"result":null}

  pulumi:pulumi:Stack (sl1p-production):
    error: update failed

Outputs:
    default: true

Resources:
    167 unchanged

Duration: 8s

Affected Resource(s)

R2CustomDomain

Output of pulumi about

Placeholders: [RESOURCES]

CLI          
Version      3.167.0
Go Version   go1.24.2
Go Compiler  gc

Plugins
KIND      NAME          VERSION
resource  cloudflare    6.1.2
resource  digitalocean  4.43.0
resource  kubernetes    4.23.0
language  nodejs        3.167.0
resource  upcloud       0.2.0

Host     
OS       darwin
Version  15.4.1
Arch     arm64

This project is written in nodejs: executable='/Users/dave/.local/share/mise/installs/node/23.11.0/bin/node' version='v23.11.0'

Current Stack: daveio/sl1p/production

[RESOURCES]

Found no pending operations associated with production

Backend        
Name           pulumi.com
URL            https://app.pulumi.com/daveio
User           daveio
Organizations  daveio
Token type     personal

Pulumi locates its logs in /var/folders/ny/9qhlpxxd775c3ctmhrqtbc780000gn/T/ by default

Additional context

This succeeds when we don't set jurisdiction but set location instead.

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

daveio avatar May 07 '25 15:05 daveio

Thanks for logging it here with a good repro.

t0yv0 avatar May 07 '25 21:05 t0yv0

I have found these issues upstream, but they do not seem to be directly related and claim to be fixed:

https://github.com/cloudflare/terraform-provider-cloudflare/issues/3330 https://github.com/cloudflare/terraform-provider-cloudflare/issues/5144 https://github.com/cloudflare/terraform-provider-cloudflare/issues/5275

It could be interesting to see if this reproduces in Terraform, and/or if it reproduces under pulumi up --refresh. If it does not reproduce in Terraform and it does reproduce under pulumi up --refresh we will definitely be prioritizing it as it means there is an issue in the Pulumi-specific libraries somewhere.

If it does reproduce in Terraform the ideal would be to fix it in the upstream provider and for Pulumi provider to inherit the fix.

There's not much I can suggest unfortunately in terms of a workaround. Leaving it in the backlog for the moment.

t0yv0 avatar May 07 '25 21:05 t0yv0

Only workaround I have is using location instead of jurisdiction on the bucket which is imperfect but at least allows the custom domain to exist.

daveio avatar May 08 '25 08:05 daveio