terraform-provider-gitlab
terraform-provider-gitlab copied to clipboard
Build coverage regex can't be removed from the plan
Hello! I have been controlling GitLab Project definitions without issue. We are using provider version 3.16.1. Our administrators updated to 15.0.4-ee and the provider started to complain about a deprecated configuration variable build_coverage_regex
. By complain, I mean the provider thinks it needs to alter the infrastructure even though this variable is no longer valid for Projects.
I realize this attribute was deprecated as a Project setting and moved to a configurable for the pipeline definition file. However, there is something wrong with the TF state and/or provider that doesn't recognize this variable as something to be ignored.
I removed the build_coverage_regex
from the Project definition but Plan still detects that a change needs to be made to the current state even though the configuration option has been deprecated.
For instance:
# gitlab_project.project["omniverse-cloud-ui"] will be updated in-place
~ resource "gitlab_project" "project" {
id = "63113"
- issues_template = "All files[^|]*\\|[^|]*\\s+([\\d\\.]+)" -> null
name = "Omniverse Cloud UI"
tags = []
# (60 unchanged attributes hidden)
# (2 unchanged blocks hidden)
}
# gitlab_project.project["omniverse-ui"] will be updated in-place
~ resource "gitlab_project" "project" {
- build_coverage_regex = "All files[^|]*\\|[^|]*\\s+([\\d\\.]+)" -> null
id = "43897"
name = "Omniverse UI"
tags = []
# (60 unchanged attributes hidden)
# (2 unchanged blocks hidden)
}
The provider does not realize the build_coverage_regex
is deprecated and is associating the field with issue_template
.
I expect the state to be updated with the 15.0.4 metadata in a way that doesn't cause the provider to recognize the two attributes as being out of compliance with the plan.
I'm failing to reproduce this. Can you run this plan with debug logs (TF_LOG=debug
) and post the output in a gist and reference here? If yo do so, please reduct sensitive information!
I'm failing to reproduce this. Can you run this plan with debug logs (
TF_LOG=debug
) and post the output in a gist and reference here? If yo do so, please reduct sensitive information!
Thanks Timo! I can do this in the next couple of days.
Here is a gist of the log. It took longer than expected to remove personal information.
@hulquest I finally had some time to look into this. So, the log has some weird stuff in there, in particular this line:
https://gist.github.com/hulquest/276f18acbdd52a888daf83fe638e859c#file-diag-1182-log-L15906
which is part of a GET
response to fetch project details:
2022-07-27T07:50:27.092-0700 [INFO] provider.terraform-provider-gitlab_v3.16.1: 2022/07/27 07:50:27 [DEBUG] GitLab API Response Details:
---[ RESPONSE ]--------------------------------------
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Cache-Control: max-age=0, private, must-revalidate
Content-Type: application/json
Date: Wed, 27 Jul 2022 14:50:27 GMT
Etag: W/"***"
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Strict-Transport-Security: max-age=63072000
Vary: Accept-Encoding
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Request-Id: 01G9026EPC0JFBWJARPX868CH6
X-Runtime: 0.175219
1162
{
"id": 63113,
"description": "***",
"name": "***",
"name_with_namespace": "***",
"path": "***",
"path_with_namespace": "***",
"created_at": "2022-05-09T11:25:33.482-07:00",
"default_branch": "main",
"tag_list": [],
"topics": [],
"ssh_url_to_repo": "***",,
"http_url_to_repo": "https://**gitlab-host**/**group**/**repo**.git",
"web_url": "https://**gitlab-host**/**group**/**repo**",
"readme_url": "https://***/blob/main/README.md",
"avatar_url": null,
"forks_count": 0,
"star_count": 1,
"last_activity_at": "2022-07-26T18:39:48.832-07:00",
"namespace": {
"id": 12991,
"name": "**group**",
"path": "**group**",
"kind": "group",
"full_path": "**group**",
"parent_id": null,
"avatar_url": "/uploads/-/system/group/avatar/12991/icon-4399694_960_720.png",
"web_url": "https://**gitlab-host**/groups/**group**"
},
"container_registry_image_prefix": "**gitlab-host**:5005/**group/**repo**",
"_links": {
"self": "https://**gitlab-host**/api/v4/projects/63113",
"issues": "https://**gitlab-host**/api/v4/projects/63113/issues",
"merge_requests": "https://**gitlab-host**/api/v4/projects/63113/merge_requests",
"repo_branches": "https://**gitlab-host**/api/v4/projects/63113/repository/branches",
"labels": "https://**gitlab-host**/api/v4/projects/63113/labels",
"events": "https://**gitlab-host**/api/v4/projects/63113/events",
"members": "https://**gitlab-host**/api/v4/projects/63113/members",
"cluster_agents": "https://**gitlab-host**/api/v4/projects/63113/cluster_agents"
},
"packages_enabled": true,
"empty_repo": false,
"archived": false,
"visibility": "internal",
"resolve_outdated_diff_discussions": false,
"container_expiration_policy": {
"cadence": "1d",
"enabled": false,
"keep_n": 10,
"older_than": "90d",
"name_regex": ".*",
"name_regex_keep": null,
"next_run_at": "2022-05-10T11:25:33.542-07:00"
},
"issues_enabled": true,
"merge_requests_enabled": true,
"wiki_enabled": true,
"jobs_enabled": true,
"snippets_enabled": true,
"container_registry_enabled": true,
"service_desk_enabled": false,
"service_desk_address": null,
"can_create_merge_request_in": true,
"issues_access_level": "enabled",
"repository_access_level": "enabled",
"merge_requests_access_level": "enabled",
"forking_access_level": "enabled",
"wiki_access_level": "enabled",
"builds_access_level": "enabled",
"snippets_access_level": "enabled",
"pages_access_level": "public",
"operations_access_level": "enabled",
"analytics_access_level": "enabled",
"container_registry_access_level": "enabled",
"security_and_compliance_access_level": "private",
"emails_disabled": null,
"shared_runners_enabled": false,
"lfs_enabled": true,
"creator_id": 16979,
"import_url": null,
"import_type": null,
"import_status": "none",
"import_error": null,
"open_issues_count": 2,
"runners_token": "***",
"ci_default_git_depth": 20,
"ci_forward_deployment_enabled": true,
"ci_job_token_scope_enabled": false,
"ci_separated_caches": true,
"public_jobs": true,
"build_git_strategy": "fetch",
"build_timeout": 3600,
"auto_cancel_pending_pipelines": "enabled",
"build_coverage_regex": null,
"ci_config_path": "",
"shared_with_groups": [],
"only_allow_merge_if_pipeline_succeeds": true,
"allow_merge_on_skipped_pipeline": false,
"restrict_user_defined_variables": false,
"request_access_enabled": true,
"only_allow_merge_if_all_discussions_are_resolved": false,
"remove_source_branch_after_merge": true,
"printing_merge_request_link_enabled": true,
"merge_method": "ff",
"squash_option": "always",
"enforce_auth_checks_on_uploads": true,
"suggestion_commit_message": "",
"merge_commit_template": null,
"squash_commit_template": null,
"auto_devops_enabled": false,
"auto_devops_deploy_strategy": "continuous",
"autoclose_referenced_issues": true,
"keep_latest_artifact": true,
"runner_token_expiration_interval": null,
"approvals_before_merge": 0,
"mirror": false,
"external_authorization_classification_label": null,
"marked_for_deletion_at": null,
"marked_for_deletion_on": null,
"requirements_enabled": false,
"requirements_access_level": "enabled",
"security_and_compliance_enabled": true,
"compliance_frameworks": [],
"issues_template": "All files[^|]*\\|[^|]*\\s+([\\d\\.]+)",
"merge_requests_template": "",
"merge_pipelines_enabled": true,
"merge_trains_enabled": false,
"permissions": {
"project_access": null,
"group_access": {
"access_level": 50,
"notification_level": 3
}
}
}
... as you can see somehow the upstream GitLab API returns this All files[^|]*\\|[^|]*\\s+([\\d\\.]+)
for the issues_template
field - which I assume is wrong and confused with the old value from the build_coverage_regex
, right?
@timofurrer That's exactly right. I guess this is a backend GitLab bug?
@hulquest Yes, I think it indeed is. Do you mind opening an issue upstream and I'll close this one? In case there would be any news - we can always reopen 😊
@timofurrer This was a bug/change in GitLab that deprecated build_coverage_regex
which affected the TF state. The admins of our internal instance applied a patch that remove the attribute from the api. Once I a plan/applied against the patched version, the plan is once again clean.
This commit resolved the discrepancy between the API and state.
This PR has more details about the deprecation and removal of build_coverage_regex
.
Closing the issue.
@hulquest thanks for the update though!