terraform-provider-cloudflare icon indicating copy to clipboard operation
terraform-provider-cloudflare copied to clipboard

Published 20 hours ago verified publisher icon cloudflare

Error message for failed importing is a bit missleading

Open ztNIE opened this issue 1 year ago • 9 comments

Confirmation

  • [X] My issue isn't already found on the issue tracker.
  • [X] I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

terraform -v Terraform v1.6.6 on darwin_amd64

  • provider registry.terraform.io/cloudflare/cloudflare v4.20.0

Affected resource(s)

cloudflare_list cloudflare_list_item

Terraform configuration files

resource "cloudflare_list" "example_list" {
    name = "example"
    account_id = var.account_id
    kind = "redirect"
}

resource "cloudflare_list_item" "example_list_item" {
    account_id = var.account_id
    list_id = "cxxxxxxxxxxxxxxxxxxxxxxxx4ad6e26"
}

Link to debug output

https://gist.github.com/ztNIE/ae5456c503b66e544becb7ee0ffb7c05

Panic output

No response

Expected output

It should import the resource successfully.

Actual output

╷ │ Error: The provider returned a resource missing an identifier during ImportResourceState. This is generally a bug in the resource implementation for import. Resource import code should not call d.SetId("") or create an empty ResourceData. If the resource is missing, instead return an error. Please report this to the provider developers. │ │ ╵

Steps to reproduce

  1. Create a bulk redirect list in cloudflare
  2. Get the id of cloudflare redirect list id and list item id through cloudflare API. ref https://developers.cloudflare.com/api/operations/lists-get-a-list, https://developers.cloudflare.com/api/operations/lists-get-list-items
  3. Use the id of list and list item to try import the resource to your terraform config https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/list_item

Additional factoids

No response

References

No response

ztNIE avatar Dec 21 '23 02:12 ztNIE

Community Note

Voting for Prioritization

  • Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

  • If you are interested in working on this issue, please leave a comment.
  • If this would be your first contribution, please review the contribution guide.

github-actions[bot] avatar Dec 21 '23 02:12 github-actions[bot]

I'm keen to work on this issue

ztNIE avatar Dec 21 '23 02:12 ztNIE

this doesn't look like a bug but user error with the wrong ID?

filters.api.not_found: could not find list cc491d9e7bea493fa3a056ab83e03fb9

jacobbednarz avatar Dec 21 '23 03:12 jacobbednarz

thanks for your timely reply jacob, I just confirmed that it's because of the wrong list ID. Perhaps the error message can be improved tho?

ztNIE avatar Dec 21 '23 04:12 ztNIE

in most cases, what is happening here is normal behaviour. the end user provides the Import string, we trust it and set the identifier, client makes a call to the API, the response is a HTTP 404 so we assume that it has been removed and should be cleaned up from state. the tricky bit is working out whether we can trust the identifier from the end user (which i don't have a good answer for other than making extra API calls before the Read operation) 🤔

jacobbednarz avatar Dec 21 '23 04:12 jacobbednarz

Yeah it's very tricky I agree and an extra API call probably doesn't worth it.

How about just make the error message provides a little bit more context?

I only created this issue because the error message said that "This is generally a bug in the resource implementation for import. ... Please report this to the provider developers." Since this error is expected when a wrong identifier is provided, could this error message contains something like "This could be caused by a wrong resource id is provided." I could fix the import command in seconds if I knew it's the id problem from the error message.

Just tried the error message for cloudflare_account_member importing is quite good

% terraform import cloudflare_account_member.tmp f09bcc1d3d02f25a6c68c2e781470b59/123908541902380984501
Acquiring state lock. This may take a few moments...
╷
│ Error: unable to find account member with ID "123908541902380984501": Member not found for account (1003)

ztNIE avatar Dec 21 '23 05:12 ztNIE

the cloudflare_account_member resource gives you a nicer message because it takes the route of making an additional API call before setting the identifier.

https://github.com/cloudflare/terraform-provider-cloudflare/blob/7c5bbad741530bf65f16dbcf5385f540505b551b/internal/sdkv2provider/resource_cloudflare_account_member.go#L137-L140

while this works, it basically makes you have an additional API call per import operation (which in some cases, is doubling the API calls made).

jacobbednarz avatar Dec 22 '23 04:12 jacobbednarz

I am wondering if maybe we encounter errors, we can turn on a debug mode somehow? I am encountering this issue with importing worker script and was very worried that something was wrong on provider side.

xav-ie avatar Jan 02 '24 22:01 xav-ie

terraform has the ability through logging to view the internals - https://developer.hashicorp.com/terraform/internals/debugging

jacobbednarz avatar Jan 02 '24 23:01 jacobbednarz