terraform-provider-databricks icon indicating copy to clipboard operation
terraform-provider-databricks copied to clipboard
verified publisher icon databricks

[ISSUE] Issue with `databricks_storage_credential` resource and `databricks_external_location` resource

Open DucNM11 opened this issue 1 year ago • 0 comments

Configuration

resource "databricks_storage_credential" "datalake_storage_account" {
  name = "${var.environment}_datalake_storage_account"
  azure_managed_identity {
    access_connector_id = azurerm_databricks_access_connector.external_location_connector.id
  }
  isolation_mode = "ISOLATED"
  force_destroy  = true
  force_update   = true
  comment        = "Managed by TF"
  depends_on     = [databricks_metastore_assignment.unity_catalog]
}

resource "databricks_external_location" "executable" {
  name            = "${var.environment}_${azurerm_storage_container.executable.name}"
  url             = "abfss://${azurerm_storage_container.executable.name}@${azurerm_storage_account.datalake-storage_GRS.name}.dfs.core.windows.net/"
  credential_name = databricks_storage_credential.datalake_storage_account.name
  comment         = "Managed by TF"
  isolation_mode  = "ISOLATED"
  force_destroy   = true
  force_update    = true
}

...

resource "databricks_workspace_binding" "datalake_storage_account" {
  workspace_id   = azurerm_databricks_workspace.databricks_workspace.workspace_id
  securable_name = databricks_storage_credential.datalake_storage_account.name
  securable_type = "storage-credential"
}

resource "databricks_workspace_binding" "executable" {
  workspace_id   = azurerm_databricks_workspace.databricks_workspace.workspace_id
  securable_name = databricks_external_location.executable.name
  securable_type = "external-location"
}

Expected Behavior

Isolation_mode should be isolated

Actual Behavior

"isolation_mode": "ISOLATION_MODE_OPEN"

Steps to Reproduce

  1. terraform plan
  2. terraform apply

Terraform and provider versions

1.49.1

Is it a regression?

New config block from 1.49.1

Relevant Debug Output

2024-08-12T16:24:24.183+0100 [DEBUG] provider.terraform-provider-databricks_v1.49.1.exe: GET /api/2.1/unity-catalog/current-metastore-assignment
< HTTP/1.1 200 OK
< {
<   "default_catalog_name": "hive_metastore",
<   "metastore_id": "_redacted_",
<   "workspace_id": _redacted_
< }: @module=databricks tf_provider_addr=registry.terraform.io/databricks/databricks @caller=/home/runner/work/terraform-provider-databricks/terraform-provider-databricks/logger/logger.go:33 tf_resource_type=databricks_external_location tf_rpc=ApplyResourceChange tf_req_id=25297c54-39c2-4ed9-82b8-801fbcd0c6a2 timestamp="2024-08-12T16:24:24.183+0100"
2024-08-12T16:24:24.433+0100 [DEBUG] provider.terraform-provider-databricks_v1.49.1.exe: PATCH /api/2.1/unity-catalog/external-locations/dummystaging_executable
> {
>   "comment": "Managed by TF",
>   "credential_name": "dummystaging_datalake_storage_account",
>   "force": true,
>   "isolation_mode": "ISOLATED",
>   "url": "_redacted_"
> }
< HTTP/1.1 200 OK
< {
<   "comment": "Managed by TF",
<   "created_at": 1723475135260,
<   "created_by": "_redacted_",
<   "credential_id": "_redacted_",
<   "credential_name": "dummystaging_datalake_storage_account",
<   "full_name": "dummystaging_executable",
<   "id": "_redacted_",
<   "isolation_mode": "ISOLATION_MODE_OPEN",
<   "metastore_id": "_redacted_",
<   "name": "dummystaging_executable",
<   "owner": "_redacted_",
<   "read_only": false,
<   "securable_kind": "EXTERNAL_LOCATION_STANDARD",
<   "securable_type": "EXTERNAL_LOCATION",
<   "updated_at": 1723476265191,
<   "updated_by": "_redacted_",
<   "url": "_redacted_"
< }: tf_resource_type=databricks_external_location tf_req_id=06ac5b0b-f7ba-9ef8-beab-a4a76867bf1f tf_provider_addr=registry.terraform.io/databricks/databricks tf_rpc=ApplyResourceChange @caller=/home/runner/work/terraform-provider-databricks/terraform-provider-databricks/logger/logger.go:33 @module=databricks timestamp="2024-08-12T16:24:24.433+0100"

...

2024-08-12T16:24:25.486+0100 [DEBUG] provider.terraform-provider-databricks_v1.49.1.exe: GET /api/2.1/unity-catalog/external-locations/dummystaging_executable
< HTTP/1.1 200 OK
< {
<   "comment": "Managed by TF",
<   "created_at": 1723475135260,
<   "created_by": "_redacted_",
<   "credential_id": "_redacted_",
<   "credential_name": "dummystaging_datalake_storage_account",
<   "full_name": "dummystaging_executable",
<   "id": "_redacted_",
<   "isolation_mode": "ISOLATION_MODE_OPEN",
<   "metastore_id": "_redacted_",
<   "name": "dummystaging_executable",
<   "owner": "_redacted_",
<   "read_only": false,
<   "securable_kind": "EXTERNAL_LOCATION_STANDARD",
<   "securable_type": "EXTERNAL_LOCATION",
<   "updated_at": 1723476265191,
<   "updated_by": "_redacted_",
<   "url": "_redacted_"
< }: @module=databricks tf_req_id=06ac5b0b-f7ba-9ef8-beab-a4a76867bf1f tf_resource_type=databricks_external_location @caller=/home/runner/work/terraform-provider-databricks/terraform-provider-databricks/logger/logger.go:33 tf_provider_addr=registry.terraform.io/databricks/databricks tf_rpc=ApplyResourceChange timestamp="2024-08-12T16:24:25.486+0100"
2024-08-12T16:24:25.487+0100 [WARN]  Provider "provider[\"registry.terraform.io/databricks/databricks\"]" produced an unexpected new value for databricks_external_location.executable, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .isolation_mode: was cty.StringVal("ISOLATED"), but now cty.StringVal("ISOLATION_MODE_OPEN")

2024-08-12T16:24:23.448+0100 [DEBUG] provider.terraform-provider-databricks_v1.49.1.exe: PATCH /api/2.1/unity-catalog/bindings/storage-credential/dummystaging_datalake_storage_account
> {
>   "add": [
>     {
>       "binding_type": "BINDING_TYPE_READ_WRITE",
>       "workspace_id": _redacted_
>     }
>   ]
> }
< HTTP/1.1 200 OK
< {
<   "bindings": [
<     {
<       "binding_type": "BINDING_TYPE_READ_WRITE",
<       "workspace_id": _redacted_
<     }
<   ]
< }: @caller=/home/runner/work/terraform-provider-databricks/terraform-provider-databricks/logger/logger.go:33 @module=databricks tf_provider_addr=registry.terraform.io/databricks/databricks tf_resource_type=databricks_storage_credential tf_req_id=3c7d454e-da65-2273-a882-ec1ad3f9e277 tf_rpc=ApplyResourceChange timestamp="2024-08-12T16:24:23.448+0100"
2024-08-12T16:24:23.747+0100 [DEBUG] provider.terraform-provider-databricks_v1.49.1.exe: GET /api/2.1/unity-catalog/storage-credentials/dummystaging_datalake_storage_account
< HTTP/1.1 200 OK
< {
<   "azure_managed_identity": {
<     "access_connector_id": "_redacted_",
<     "credential_id": "_redacted_"
<   },
<   "comment": "Managed by TF",
<   "created_at": 1723474852563,
<   "created_by": "_redacted_",
<   "full_name": "dummystaging_datalake_storage_account",
<   "id": "_redacted_",
<   "isolation_mode": "ISOLATION_MODE_OPEN",
<   "metastore_id": "_redacted_",
<   "name": "dummystaging_datalake_storage_account",
<   "owner": "_redacted_",
<   "read_only": false,
<   "securable_kind": "STORAGE_CREDENTIAL_AZURE_MI",
<   "securable_type": "STORAGE_CREDENTIAL",
<   "updated_at": 1723476263339,
<   "updated_by": "_redacted_"
< }: tf_provider_addr=registry.terraform.io/databricks/databricks @module=databricks tf_req_id=3c7d454e-da65-2273-a882-ec1ad3f9e277 tf_resource_type=databricks_storage_credential tf_rpc=ApplyResourceChange @caller=/home/runner/work/terraform-provider-databricks/terraform-provider-databricks/logger/logger.go:33 timestamp="2024-08-12T16:24:23.746+0100"
2024-08-12T16:24:23.748+0100 [WARN]  Provider "provider[\"registry.terraform.io/databricks/databricks\"]" produced an unexpected new value for databricks_storage_credential.datalake_storage_account, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .isolation_mode: was cty.StringVal("ISOLATED"), but now cty.StringVal("ISOLATION_MODE_OPEN")
2024-08-12T16:24:23.762+0100 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2024-08-12T16:24:23.775+0100 [WARN]  Provider "registry.terraform.io/databricks/databricks" produced an invalid plan for databricks_external_location.executable, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .read_only: planned value cty.False for a non-computed attribute
2024-08-12T16:24:23.775+0100 [WARN]  Provider "registry.terraform.io/databricks/databricks" produced an invalid plan for databricks_external_location.download, but we are tolerating it because it is using the legacy plugin SDK.
    The following problems may be the cause of any confusing errors from downstream operations:
      - .read_only: planned value cty.False for a non-computed attribute
    The following problems may be the cause of any confusing errors from downstream operations:
      - .read_only: planned value cty.False for a non-computed attribute

DucNM11 avatar Aug 12 '24 15:08 DucNM11