terraform-provider-cloudflare custom hostname validation

custom hostname validation_records are not predictable

Open mtdjr opened this issue 2 years ago • 1 comments

Confirmation

[X] My issue isn't already found on the issue tracker.
[X] I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform v1.0.1 on darwin_amd64

provider registry.terraform.io/cloudflare/cloudflare v3.21.0

Affected resource(s)

cloudflare_custom_hostname
cloudflare_record

Terraform configuration files

terraform {
  required_providers {
    cloudflare = {
      source = "cloudflare/cloudflare"
      version = "3.21.0"
    }
  }
}

provider "cloudflare" {
  api_token = ""
}

locals {
  custom_hostname    = "test.example.com"
  cloudflare_zone_id = ""
}

resource "cloudflare_custom_hostname" "test" {
  zone_id  = local.cloudflare_zone_id
  hostname = local.custom_hostname
  ssl {
    method = "txt"
  }
}

resource "cloudflare_record" "validation" {
  name       = local.custom_hostname
  value      = resource.cloudflare_custom_hostname.test.ssl.0.validation_records.0.txt_value
  zone_id    = local.cloudflare_zone_id
  type       = "TXT"
  ttl        = 60
}

Debug output

2022-08-17T12:33:52.752-0400 [DEBUG] Adding temp file log sink: /var/folders/rr/t6khg1_s6fqfjf_p6zwjx7pc0000gq/T/terraform-log466524081
2022-08-17T12:33:52.753-0400 [INFO]  Terraform version: 1.0.1
2022-08-17T12:33:52.753-0400 [INFO]  Go runtime version: go1.16.4
2022-08-17T12:33:52.753-0400 [INFO]  CLI args: []string{"/usr/local/Cellar/tfenv/2.2.0/versions/1.0.1/terraform", "apply"}
2022-08-17T12:33:52.753-0400 [DEBUG] Attempting to open CLI config file: /Users/michael.dalton/.terraformrc
2022-08-17T12:33:52.753-0400 [DEBUG] File doesn't exist, but doesn't need to. Ignoring.
2022-08-17T12:33:52.754-0400 [DEBUG] ignoring non-existing provider search directory terraform.d/plugins
2022-08-17T12:33:52.754-0400 [DEBUG] ignoring non-existing provider search directory /Users/michael.dalton/.terraform.d/plugins
2022-08-17T12:33:52.754-0400 [DEBUG] ignoring non-existing provider search directory /Users/michael.dalton/Library/Application Support/io.terraform/plugins
2022-08-17T12:33:52.754-0400 [DEBUG] ignoring non-existing provider search directory /Library/Application Support/io.terraform/plugins
2022-08-17T12:33:52.755-0400 [INFO]  CLI command args: []string{"apply"}
2022-08-17T12:33:54.228-0400 [DEBUG] checking for provisioner in "."
2022-08-17T12:33:54.228-0400 [DEBUG] checking for provisioner in "/usr/local/Cellar/tfenv/2.2.0/versions/1.0.1"
2022-08-17T12:33:54.232-0400 [INFO]  Failed to read plugin lock file .terraform/plugins/darwin_amd64/lock.json: open .terraform/plugins/darwin_amd64/lock.json: no such file or directory
2022-08-17T12:33:54.232-0400 [INFO]  backend/local: starting Apply operation
2022-08-17T12:33:54.237-0400 [DEBUG] created provider logger: level=debug
2022-08-17T12:33:54.237-0400 [INFO]  provider: configuring client automatic mTLS
2022-08-17T12:33:54.269-0400 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0]
2022-08-17T12:33:54.273-0400 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60839
2022-08-17T12:33:54.273-0400 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0
2022-08-17T12:33:54.288-0400 [INFO]  provider.terraform-provider-cloudflare_v3.21.0: configuring server automatic mTLS: timestamp=2022-08-17T12:33:54.287-0400
2022-08-17T12:33:54.309-0400 [DEBUG] provider: using plugin: version=5
2022-08-17T12:33:54.309-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: plugin address: address=/var/folders/rr/t6khg1_s6fqfjf_p6zwjx7pc0000gq/T/plugin1083450449 network=unix timestamp=2022-08-17T12:33:54.309-0400
2022-08-17T12:33:54.348-0400 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-08-17T12:33:54.349-0400 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60839
2022-08-17T12:33:54.349-0400 [DEBUG] provider: plugin exited
2022-08-17T12:33:54.349-0400 [INFO]  terraform: building graph: GraphTypeValidate
2022-08-17T12:33:54.349-0400 [DEBUG] ProviderTransformer: "cloudflare_record.validation" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:33:54.349-0400 [DEBUG] ProviderTransformer: "cloudflare_custom_hostname.test" (*terraform.NodeValidatableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:33:54.350-0400 [DEBUG] ReferenceTransformer: "cloudflare_record.validation" references: [local.cloudflare_zone_id (expand) cloudflare_custom_hostname.test local.custom_hostname (expand)]
2022-08-17T12:33:54.350-0400 [DEBUG] ReferenceTransformer: "local.custom_hostname (expand)" references: []
2022-08-17T12:33:54.350-0400 [DEBUG] ReferenceTransformer: "local.cloudflare_zone_id (expand)" references: []
2022-08-17T12:33:54.350-0400 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: []
2022-08-17T12:33:54.350-0400 [DEBUG] ReferenceTransformer: "cloudflare_custom_hostname.test" references: [local.cloudflare_zone_id (expand) local.custom_hostname (expand)]
2022-08-17T12:33:54.350-0400 [DEBUG] Starting graph walk: walkValidate
2022-08-17T12:33:54.351-0400 [DEBUG] created provider logger: level=debug
2022-08-17T12:33:54.351-0400 [INFO]  provider: configuring client automatic mTLS
2022-08-17T12:33:54.380-0400 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0]
2022-08-17T12:33:54.384-0400 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60840
2022-08-17T12:33:54.384-0400 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0
2022-08-17T12:33:54.398-0400 [INFO]  provider.terraform-provider-cloudflare_v3.21.0: configuring server automatic mTLS: timestamp=2022-08-17T12:33:54.397-0400
2022-08-17T12:33:54.420-0400 [DEBUG] provider: using plugin: version=5
2022-08-17T12:33:54.420-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: plugin address: address=/var/folders/rr/t6khg1_s6fqfjf_p6zwjx7pc0000gq/T/plugin2898641246 network=unix timestamp=2022-08-17T12:33:54.420-0400
2022-08-17T12:33:54.467-0400 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-08-17T12:33:54.468-0400 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60840
2022-08-17T12:33:54.468-0400 [DEBUG] provider: plugin exited
2022-08-17T12:33:54.468-0400 [INFO]  backend/local: apply calling Plan
2022-08-17T12:33:54.468-0400 [INFO]  terraform: building graph: GraphTypePlan
2022-08-17T12:33:54.468-0400 [DEBUG] ProviderTransformer: "cloudflare_record.validation (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:33:54.468-0400 [DEBUG] ProviderTransformer: "cloudflare_custom_hostname.test (expand)" (*terraform.nodeExpandPlannableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:33:54.468-0400 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: []
2022-08-17T12:33:54.468-0400 [DEBUG] ReferenceTransformer: "cloudflare_custom_hostname.test (expand)" references: [local.custom_hostname (expand) local.cloudflare_zone_id (expand)]
2022-08-17T12:33:54.469-0400 [DEBUG] ReferenceTransformer: "cloudflare_record.validation (expand)" references: [local.custom_hostname (expand) local.cloudflare_zone_id (expand) cloudflare_custom_hostname.test (expand)]
2022-08-17T12:33:54.469-0400 [DEBUG] ReferenceTransformer: "local.custom_hostname (expand)" references: []
2022-08-17T12:33:54.469-0400 [DEBUG] ReferenceTransformer: "local.cloudflare_zone_id (expand)" references: []
2022-08-17T12:33:54.469-0400 [DEBUG] Starting graph walk: walkPlan
2022-08-17T12:33:54.469-0400 [DEBUG] created provider logger: level=debug
2022-08-17T12:33:54.469-0400 [INFO]  provider: configuring client automatic mTLS
2022-08-17T12:33:54.500-0400 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0]
2022-08-17T12:33:54.503-0400 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60841
2022-08-17T12:33:54.503-0400 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0
2022-08-17T12:33:54.518-0400 [INFO]  provider.terraform-provider-cloudflare_v3.21.0: configuring server automatic mTLS: timestamp=2022-08-17T12:33:54.517-0400
2022-08-17T12:33:54.539-0400 [DEBUG] provider: using plugin: version=5
2022-08-17T12:33:54.539-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: plugin address: address=/var/folders/rr/t6khg1_s6fqfjf_p6zwjx7pc0000gq/T/plugin3447267816 network=unix timestamp=2022-08-17T12:33:54.539-0400
2022-08-17T12:33:54.581-0400 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" changed the config value, but that value is unused
2022-08-17T12:33:54.582-0400 [DEBUG] Resource instance state not found for node "cloudflare_custom_hostname.test", instance cloudflare_custom_hostname.test
2022-08-17T12:33:54.582-0400 [INFO]  ReferenceTransformer: reference not found: "local.cloudflare_zone_id"
2022-08-17T12:33:54.582-0400 [INFO]  ReferenceTransformer: reference not found: "local.custom_hostname"
2022-08-17T12:33:54.582-0400 [DEBUG] ReferenceTransformer: "cloudflare_custom_hostname.test" references: []
2022-08-17T12:33:54.582-0400 [DEBUG] refresh: cloudflare_custom_hostname.test: no state, so not refreshing
2022-08-17T12:33:54.584-0400 [WARN]  Provider "registry.terraform.io/cloudflare/cloudflare" produced an invalid plan for cloudflare_custom_hostname.test, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .ssl[0].type: planned value cty.StringVal("dv") for a non-computed attribute
      - .ssl[0].settings: attribute representing nested block must not be unknown itself; set nested attribute values to unknown instead
2022-08-17T12:33:54.585-0400 [DEBUG] Resource instance state not found for node "cloudflare_record.validation", instance cloudflare_record.validation
2022-08-17T12:33:54.585-0400 [INFO]  ReferenceTransformer: reference not found: "local.custom_hostname"
2022-08-17T12:33:54.585-0400 [INFO]  ReferenceTransformer: reference not found: "local.cloudflare_zone_id"
2022-08-17T12:33:54.585-0400 [DEBUG] ReferenceTransformer: "cloudflare_record.validation" references: []
2022-08-17T12:33:54.585-0400 [DEBUG] refresh: cloudflare_record.validation: no state, so not refreshing
2022-08-17T12:33:54.587-0400 [WARN]  Provider "registry.terraform.io/cloudflare/cloudflare" produced an invalid plan for cloudflare_record.validation, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .allow_overwrite: planned value cty.False for a non-computed attribute
2022-08-17T12:33:54.588-0400 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-08-17T12:33:54.589-0400 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60841
2022-08-17T12:33:54.590-0400 [DEBUG] provider: plugin exited

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # cloudflare_custom_hostname.test will be created
  + resource "cloudflare_custom_hostname" "test" {
      + hostname                    = "test.example.com"
      + id                          = (known after apply)
      + ownership_verification      = (known after apply)
      + ownership_verification_http = (known after apply)
      + status                      = (known after apply)
      + zone_id                     = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"

      + ssl {
          + certificate_authority = (known after apply)
          + method                = "txt"
          + status                = (known after apply)
          + type                  = "dv"
          + validation_errors     = (known after apply)
          + validation_records    = (known after apply)

          + settings {
              + ciphers         = (known after apply)
              + early_hints     = (known after apply)
              + http2           = (known after apply)
              + min_tls_version = (known after apply)
              + tls13           = (known after apply)
            }
        }
    }

  # cloudflare_record.validation will be created
  + resource "cloudflare_record" "validation" {
      + allow_overwrite = false
      + created_on      = (known after apply)
      + hostname        = (known after apply)
      + id              = (known after apply)
      + metadata        = (known after apply)
      + modified_on     = (known after apply)
      + name            = "test.example.com"
      + proxiable       = (known after apply)
      + ttl             = 60
      + type            = "TXT"
      + value           = (known after apply)
      + zone_id         = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
    }

Plan: 2 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: 2022-08-17T12:33:54.591-0400 [DEBUG] command: asking for input: "\nDo you want to perform these actions?"
yes

2022-08-17T12:34:04.952-0400 [INFO]  backend/local: apply calling Apply
2022-08-17T12:34:04.952-0400 [INFO]  terraform: building graph: GraphTypeApply
2022-08-17T12:34:04.953-0400 [DEBUG] Resource state not found for node "cloudflare_custom_hostname.test", instance cloudflare_custom_hostname.test
2022-08-17T12:34:04.953-0400 [DEBUG] Resource state not found for node "cloudflare_record.validation", instance cloudflare_record.validation
2022-08-17T12:34:04.953-0400 [DEBUG] ProviderTransformer: "cloudflare_custom_hostname.test" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:34:04.953-0400 [DEBUG] ProviderTransformer: "cloudflare_record.validation" (*terraform.NodeApplyableResourceInstance) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:34:04.954-0400 [DEBUG] ProviderTransformer: "cloudflare_custom_hostname.test (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:34:04.954-0400 [DEBUG] ProviderTransformer: "cloudflare_record.validation (expand)" (*terraform.nodeExpandApplyableResource) needs provider["registry.terraform.io/cloudflare/cloudflare"]
2022-08-17T12:34:04.954-0400 [DEBUG] ReferenceTransformer: "local.cloudflare_zone_id (expand)" references: []
2022-08-17T12:34:04.954-0400 [DEBUG] ReferenceTransformer: "local.custom_hostname (expand)" references: []
2022-08-17T12:34:04.954-0400 [DEBUG] ReferenceTransformer: "cloudflare_custom_hostname.test" references: [local.custom_hostname (expand) local.cloudflare_zone_id (expand)]
2022-08-17T12:34:04.954-0400 [DEBUG] ReferenceTransformer: "cloudflare_record.validation" references: [local.cloudflare_zone_id (expand) cloudflare_custom_hostname.test cloudflare_custom_hostname.test cloudflare_custom_hostname.test (expand) local.custom_hostname (expand)]
2022-08-17T12:34:04.954-0400 [DEBUG] ReferenceTransformer: "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" references: []
2022-08-17T12:34:04.954-0400 [DEBUG] ReferenceTransformer: "cloudflare_custom_hostname.test (expand)" references: []
2022-08-17T12:34:04.954-0400 [DEBUG] ReferenceTransformer: "cloudflare_record.validation (expand)" references: []
2022-08-17T12:34:04.956-0400 [DEBUG] Starting graph walk: walkApply
2022-08-17T12:34:04.957-0400 [DEBUG] created provider logger: level=debug
2022-08-17T12:34:04.957-0400 [INFO]  provider: configuring client automatic mTLS
2022-08-17T12:34:04.999-0400 [DEBUG] provider: starting plugin: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 args=[.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0]
2022-08-17T12:34:05.003-0400 [DEBUG] provider: plugin started: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60843
2022-08-17T12:34:05.003-0400 [DEBUG] provider: waiting for RPC address: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0
2022-08-17T12:34:05.018-0400 [INFO]  provider.terraform-provider-cloudflare_v3.21.0: configuring server automatic mTLS: timestamp=2022-08-17T12:34:05.018-0400
2022-08-17T12:34:05.039-0400 [DEBUG] provider: using plugin: version=5
2022-08-17T12:34:05.039-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: plugin address: address=/var/folders/rr/t6khg1_s6fqfjf_p6zwjx7pc0000gq/T/plugin1156017939 network=unix timestamp=2022-08-17T12:34:05.039-0400
2022-08-17T12:34:05.083-0400 [WARN]  ValidateProviderConfig from "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" changed the config value, but that value is unused
2022-08-17T12:34:05.086-0400 [WARN]  Provider "registry.terraform.io/cloudflare/cloudflare" produced an invalid plan for cloudflare_custom_hostname.test, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .ssl[0].type: planned value cty.StringVal("dv") for a non-computed attribute
      - .ssl[0].settings: attribute representing nested block must not be unknown itself; set nested attribute values to unknown instead
cloudflare_custom_hostname.test: Creating...
2022-08-17T12:34:05.086-0400 [INFO]  Starting apply for cloudflare_custom_hostname.test
2022-08-17T12:34:05.086-0400 [DEBUG] cloudflare_custom_hostname.test: applying the planned Create change
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ssl.0.validation_records" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ssl.0.validation_errors" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ssl.0.settings" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ssl.0.validation_errors" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ssl.0.settings" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ssl.0.validation_records" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ownership_verification" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: setting computed for "ownership_verification_http" from ComputedKeys: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.087-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: Cloudflare API Request Details:
---[ REQUEST ]---------------------------------------
POST /client/v4/zones/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/custom_hostnames HTTP/1.1
Host: api.cloudflare.com
User-Agent: terraform/1.0.1 terraform-plugin-sdk/2.10.1 terraform-provider-cloudflare/dev
Content-Length: 175
Authorization: [redacted]
Content-Type: application/json
Accept-Encoding: gzip

{
 "hostname": "test.example.com",
 "ssl": {
  "method": "txt",
  "type": "dv",
  "wildcard": false,
  "settings": {}
 },
 "ownership_verification": {},
 "ownership_verification_http": {}
}
-----------------------------------------------------: timestamp=2022-08-17T12:34:05.087-0400
2022-08-17T12:34:05.633-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: Cloudflare API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 201 Created
Cf-Cache-Status: DYNAMIC
Cf-Ray: 73c3d0afc8e5b18d-ATL
Content-Type: application/json; charset=UTF-8
Date: Wed, 17 Aug 2022 16:34:05 GMT
Expect-Ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Set-Cookie: __cflb=0H28vgHxwvgAQtjUGU4vq74ZFe3sNVUZRCNcj4XD4UV; SameSite=Lax; path=/; expires=Wed, 17-Aug-22 19:04:06 GMT; HttpOnly
Set-Cookie: __cfruid=e61f258fde217cedd1fe402960e5c56e19bf7077-1660754045; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
X-Envoy-Upstream-Service-Time: 41

{
  "result": {
    "id": "a2961b91-672d-4941-a48a-91b788029174",
    "hostname": "test.example.com",
    "ssl": {
      "id": "057952dd-c629-4488-af09-e044eb722473",
      "type": "dv",
      "method": "txt",
      "status": "initializing",
      "settings": {},
      "wildcard": false,
      "certificate_authority": "digicert"
    },
    "status": "pending",
    "ownership_verification": {
      "type": "txt",
      "name": "_cf-custom-hostname.test.example.com",
      "value": "ffa07747-c03a-4528-96a0-031beb9d8109"
    },
    "ownership_verification_http": {
      "http_url": "http://test.example.com/.well-known/cf-custom-hostname-challenge/a2961b91-672d-4941-a48a-91b788029174",
      "http_body": "ffa07747-c03a-4528-96a0-031beb9d8109"
    },
    "created_at": "2022-08-17T16:34:05.600606Z"
  },
  "success": true,
  "errors": [],
  "messages": []
}

-----------------------------------------------------: timestamp=2022-08-17T12:34:05.633-0400
2022-08-17T12:34:05.634-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: Cloudflare API Request Details:
---[ REQUEST ]---------------------------------------
GET /client/v4/zones/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/custom_hostnames/a2961b91-672d-4941-a48a-91b788029174 HTTP/1.1
Host: api.cloudflare.com
User-Agent: terraform/1.0.1 terraform-plugin-sdk/2.10.1 terraform-provider-cloudflare/dev
Authorization: [redacted]
Content-Type: application/json
Accept-Encoding: gzip


-----------------------------------------------------: timestamp=2022-08-17T12:34:05.633-0400
2022-08-17T12:34:06.272-0400 [DEBUG] provider.terraform-provider-cloudflare_v3.21.0: Cloudflare API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/2.0 200 OK
Cf-Cache-Status: DYNAMIC
Cf-Ray: 73c3d0b31c2facef-ATL
Content-Type: application/json; charset=UTF-8
Date: Wed, 17 Aug 2022 16:34:06 GMT
Expect-Ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Server: cloudflare
Set-Cookie: __cflb=0H28vgHxwvgAQtjUGU4vq74ZFe3sNVUZRCNcj4XD4UV; SameSite=Lax; path=/; expires=Wed, 17-Aug-22 19:04:07 GMT; HttpOnly
Set-Cookie: __cfruid=2d8594d6b031a6b5aeb8d2abcdbce98f582ab704-1660754046; path=/; domain=.api.cloudflare.com; HttpOnly; Secure; SameSite=None
Vary: Accept-Encoding
X-Envoy-Upstream-Service-Time: 12

{
  "result": {
    "id": "a2961b91-672d-4941-a48a-91b788029174",
    "hostname": "test.example.com",
    "ssl": {
      "id": "057952dd-c629-4488-af09-e044eb722473",
      "type": "dv",
      "method": "txt",
      "status": "initializing",
      "settings": {},
      "bundle_method": "ubiquitous",
      "wildcard": false,
      "certificate_authority": "digicert"
    },
    "status": "pending",
    "ownership_verification": {
      "type": "txt",
      "name": "_cf-custom-hostname.test.example.com",
      "value": "ffa07747-c03a-4528-96a0-031beb9d8109"
    },
    "ownership_verification_http": {
      "http_url": "http://test.example.com/.well-known/cf-custom-hostname-challenge/a2961b91-672d-4941-a48a-91b788029174",
      "http_body": "ffa07747-c03a-4528-96a0-031beb9d8109"
    },
    "created_at": "2022-08-17T16:34:05.600606Z"
  },
  "success": true,
  "errors": [],
  "messages": []
}

-----------------------------------------------------: timestamp=2022-08-17T12:34:06.271-0400
2022-08-17T12:34:06.275-0400 [WARN]  Provider "provider[\"registry.terraform.io/cloudflare/cloudflare\"]" produced an unexpected new value for cloudflare_custom_hostname.test, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .custom_origin_sni: was null, but now cty.StringVal("")
      - .custom_origin_server: was null, but now cty.StringVal("")
      - .ssl[0].custom_key: was null, but now cty.StringVal("")
      - .ssl[0].wildcard: was null, but now cty.False
      - .ssl[0].custom_certificate: was null, but now cty.StringVal("")
cloudflare_custom_hostname.test: Creation complete after 1s [id=a2961b91-672d-4941-a48a-91b788029174]
╷
│ Error: Invalid index
│
│   on cloudflare.tf line 29, in resource "cloudflare_record" "validation":
│   29:   value      = resource.cloudflare_custom_hostname.test.ssl.0.validation_records.0.txt_value
│     ├────────────────
│     │ resource.cloudflare_custom_hostname.test.ssl[0].validation_records is empty list of object
│
│ The given key does not identify an element in this collection value.
╵
2022-08-17T12:34:06.328-0400 [DEBUG] provider.stdio: received EOF, stopping recv loop: err="rpc error: code = Unavailable desc = transport is closing"
2022-08-17T12:34:06.330-0400 [DEBUG] provider: plugin process exited: path=.terraform/providers/registry.terraform.io/cloudflare/cloudflare/3.21.0/darwin_amd64/terraform-provider-cloudflare_v3.21.0 pid=60843
2022-08-17T12:34:06.330-0400 [DEBUG] provider: plugin exited

Panic output

No response

Expected output

When, using the txt validation method for a custom hostname, it's expected that validation_records be present in the response after creation. A targeted apply of the custom hostname then a subsequent apply is required to create the validation records. The provider should anticipate an initializing status and retry resourceCloudflareCustomHostnameRead until a pending_validation status and validation_records are available.

After the custom hostname is validated, the validation_records are no longer present in the response and the cloudflare_record resource would be destroyed. It's expected that these values persist for the life of the custom hostname.

Actual output

╷
│ Error: Invalid index
│
│   on cloudflare.tf line 29, in resource "cloudflare_record" "validation":
│   29:   value      = resource.cloudflare_custom_hostname.test.ssl.0.validation_records.0.txt_value
│     ├────────────────
│     │ resource.cloudflare_custom_hostname.test.ssl[0].validation_records is empty list of object
│
│ The given key does not identify an element in this collection value.
╵

Steps to reproduce

apply template above

Additional factoids

It is not possible to use count or for_each to conditionally create the cloudflare_record if validation_records are present as the values are determined after apply.

References

#1466 and #1197 also report the missing records post-validation

Aug 17 '22 18:08 mtdjr

i'd be open to reviewing a PR that added a wait_for_active_status attribute (see #1567 for prior art) where people could opt into this. i wouldn't want it as the default behaviour as many don't need this.

Aug 26 '22 00:08 jacobbednarz

hey @jacobbednarz i opened up https://github.com/cloudflare/terraform-provider-cloudflare/pull/1953 to address this issue, which is also blocking me at the moment. thanks.

Oct 07 '22 14:10 charmingnewt

This functionality has been released in v3.26.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

Oct 18 '22 23:10 github-actions[bot]

terraform-provider-cloudflare terraform-provider-cloudflare copied to clipboard

custom hostname validation_records are not predictable

Confirmation

Terraform and Cloudflare provider version

Affected resource(s)

Terraform configuration files

Debug output

Panic output

Expected output

Actual output

Steps to reproduce

Additional factoids

References

terraform-provider-cloudflare
terraform-provider-cloudflare copied to clipboard