terraform-provider-redshift icon indicating copy to clipboard operation
terraform-provider-redshift copied to clipboard

Published 20 hours ago verified publisher icon brainly

bug in provider when pq fails

Open mtesch-um opened this issue 3 years ago • 2 comments

On a fresh terraform state, and the following tf config (notice the error in the schema owner - is user but should be xuser)

output saved to TF_LOG_FILE: log.broke.txt :

terraform {
  required_providers {
    redshift = {
      source  = "brainly/redshift"
      version = "0.5.1"
    }
  }
}
variable "redshift_host" { type = string }
variable "redshift_username" { type = string }
variable "redshift_password" {
  type      = string
  sensitive = true
}
variable "redshift_database" { type = string }
provider "redshift" {
  host            = var.redshift_host
  username        = var.redshift_username
  password        = var.redshift_password
  database        = var.redshift_database
  sslmode         = "require"
  max_connections = 0
}
resource "redshift_user" "user" {
  name      = "xuser"
}
resource "redshift_group" "group" {
  name  = "xgroup"
  users = ["xuser"]
}
resource "redshift_schema" "schema" {
  name  = "xschema"
  owner = "user"
}
resource "redshift_grant" "grants" {
  group       = "xgroup"
  schema      = "xschema"
  object_type = "table"
  privileges  = ["SELECT", "INSERT", "UPDATE", "DELETE", "DROP", "REFERENCES"]
}

got the following error:

% terraform apply

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # redshift_grant.grants will be created
  + resource "redshift_grant" "grants" {
      + group       = "xgroup"
      + id          = (known after apply)
      + object_type = "table"
      + privileges  = [
          + "delete",
          + "drop",
          + "insert",
          + "references",
          + "select",
          + "update",
        ]
      + schema      = "xschema"
    }

  # redshift_group.group will be created
  + resource "redshift_group" "group" {
      + id    = (known after apply)
      + name  = "xgroup"
      + users = [
          + "xuser",
        ]
    }

  # redshift_schema.schema will be created
  + resource "redshift_schema" "schema" {
      + id    = (known after apply)
      + name  = "xschema"
      + owner = "user"
      + quota = 0
    }

  # redshift_user.user will be created
  + resource "redshift_user" "user" {
      + connection_limit = -1
      + create_database  = false
      + id               = (known after apply)
      + name             = "xuser"
      + superuser        = false
      + valid_until      = "infinity"
    }

Plan: 4 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

redshift_user.user: Creating...
redshift_group.group: Creating...
redshift_grant.grants: Creating...
redshift_schema.schema: Creating...
redshift_user.user: Creation complete after 2s [id=166]
redshift_grant.grants: Still creating... [10s elapsed]
redshift_grant.grants: Still creating... [20s elapsed]
redshift_grant.grants: Still creating... [30s elapsed]
redshift_grant.grants: Still creating... [40s elapsed]
redshift_grant.grants: Still creating... [50s elapsed]
redshift_grant.grants: Still creating... [1m0s elapsed]
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to redshift_grant.grants, provider "provider[\"registry.terraform.io/brainly/redshift\"]" produced an unexpected new value: Root resource
│ was present, but now absent.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Could not create redshift group: pq: user "xuser" does not exist
│ 
│   with redshift_group.group,
│   on main.tf line 41, in resource "redshift_group" "group":
│   41: resource "redshift_group" "group" {
│ 
╵
╷
│ Error: pq: user "user" does not exist
│ 
│   with redshift_schema.schema,
│   on main.tf line 46, in resource "redshift_schema" "schema":
│   46: resource "redshift_schema" "schema" {
│

state after only has one resource: redshift_user.user

mtesch-um avatar Dec 31 '21 03:12 mtesch-um

I think I understood the problem statement incorrectly, I'll let this comment stand for now, and will wait for some further info from OP.

resource "redshift_schema" "schema" {
  name  = "xschema"
  owner = "user"
}

Here you're mentioning the owner (name of the user) as user, but such as user does not exist, as your user is named as xuser.

Either use the below method, to create a dependency between the user and the schema, so that schema is created after the user is.

resource "redshift_schema" "schema" {
  name  = "xschema"
  owner = redshift_user.user.name
}

Or use an explicit, depends_on the redshift_user.user resource.

I hope this solves the issue, would love to know if the solution was along the right track.

piyush-daga avatar Jan 06 '22 04:01 piyush-daga

@piyush-daga Yes, it's true that the .tf file is incorrect - however this should still not cause the provider to create an inconsistent result - the error message from terraform itself says that there is a bug in the provider, and that a ticket should be filed at the provider's issue tracker - which is what this issue is :) I dont understand terraform well enough to point out what is wrong (although it seems like probably some incorrect error handling?), so my best help is to give the inputs that I used to produce the error. If there's anything else I can do to help find what's wrong, please let me know!

mtesch-um avatar Jan 06 '22 15:01 mtesch-um