terraform-provider-incapsula icon indicating copy to clipboard operation
terraform-provider-incapsula copied to clipboard

Published 20 hours ago verified publisher icon imperva

creatign multiple instances of sites using 'for_each" ends with error.

Open altmvogi opened this issue 2 years ago • 10 comments

Confirmation

  • [X] My issue isn't already found on the issue tracker.
  • [X] I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Imperva provider version

D:\terraform\imperva\test>terraform -v Terraform v1.2.9 on windows_amd64

  • provider registry.terraform.io/hashicorp/null v3.1.1
  • provider registry.terraform.io/imperva/incapsula v3.8.5

D:\terraform\imperva\test> terraform { required_providers { incapsula = { source = "imperva/incapsula" version = "3.8.5" } } }

Affected resource(s)

incasula_site

Terraform configuration files

provider "incapsula" {
  api_id  = var.app_id
  api_key = var.api_key
}

# Create a site
resource "incapsula_site" "example-site" {
  for_each     = toset(var.applications)
  domain       = each.key
  force_ssl    = true
  wildcard_san = true
}
Unfortunately, this is an issue related to a dynamic entry usign for_each, while the regular version using 1 instance works properly.

Debug output

terraform_imperva_debug.txt

Panic output

N/A

Expected output

created sites with no error response

Actual output

created sites with errors, whcih prevent the rest from the production script to be executed. However the sites are gettgin created normally in Imperva

Steps to reproduce

just run the config file and wait until it errors out

Additional factoids

No response

References

No response

altmvogi avatar Sep 16 '22 10:09 altmvogi

Hi,

Can you please share the error you get? Also can you please share the size of the applications set?

The same setup works for me with no errors for applications.size==12

Thanks, Eilon

eilon-shai avatar Sep 18 '22 15:09 eilon-shai

Hi, I have an update for you. you are right this works on a new site creation, but in case the create and the change site is triggered after creation, the error appears. and the error comes from the "site update" fnction. so this is an issue, but has nothing to do with creating multiple instances with for each.

regards Michael

altmvogi avatar Sep 20 '22 12:09 altmvogi

the go code includes a timeout of 5 seconds for the site creation to complete. can you please change the constant, that defines the waiting time to 10 seconds instead to see if this is enough?

altmvogi avatar Sep 20 '22 13:09 altmvogi

is this proiject still developped or not ? I would contribute, but my go knowledge is close to 0

altmvogi avatar Sep 27 '22 15:09 altmvogi

can you please share the error that you get?

eilon-shai avatar Sep 27 '22 19:09 eilon-shai

@eilon-shai You can find the error in the debug log attached to the first message:

2022-09-16T03:15:02.562-0700 [INFO] provider.terraform-provider-incapsula_v3.8.5.exe: 2022/09/16 03:15:02 [DEBUG] Incapsula update site JSON response: {"res":3015,"res_message":"Internal error","debug_info":{"":"Add site operation hasn\u0027t finished.","id-info":"999999"}}: timestamp=2022-09-16T03:15:02.562-0700

There are multiple such errors.

BrachaY avatar Sep 28 '22 09:09 BrachaY

Thanks Brancha, this is correct. i know the case title is confusing. if you want we can close this threat and open a new one as this happens in a single event as well, if an update is required immediately.i would fix it to check if the site has been created and sleep until I get a site created ok and only after this call the update. playing with time increase to wait for "unknown" issues is not a good idea and may break again..

regards

Am Mi., 28. Sept. 2022 um 11:15 Uhr schrieb Bracha Yalon < @.***>:

@eilon-shai https://github.com/eilon-shai You can find the error in the debug log attached to the first message:

2022-09-16T03:15:02.562-0700 [INFO] provider.terraform-provider-incapsula_v3.8.5.exe: 2022/09/16 03:15:02 [DEBUG] Incapsula update site JSON response: {"res":3015,"res_message":"Internal error","debug_info":{"":"Add site operation hasn\u0027t finished.","id-info":"999999"}}: timestamp=2022-09-16T03:15:02.562-0700

There are multiple such errors.

— Reply to this email directly, view it on GitHub https://github.com/imperva/terraform-provider-incapsula/issues/210#issuecomment-1260621355, or unsubscribe https://github.com/notifications/unsubscribe-auth/AENXGQ56AFEJXOFBZGKPIULWAQECRANCNFSM6AAAAAAQOGHWTY . You are receiving this because you authored the thread.Message ID: @.***>

-- Ing. Michael Vogi Meiselhofstrasse 22 9330 Althofen Austria Cell:+43 676 8980 1701

altmvogi avatar Oct 11 '22 07:10 altmvogi

Hi, thanks for the quick response, the error is in the trace file I uploaded, but here it is.

I havn't set the application size. can you educate me how to do this and where? ╷ │ Error: Error from Incapsula service when updating site for siteID 94769540: {"res":3015,"res_message":"Internal error","debug_info":{"":"Add site operation hasn\u0027t finished.","id-info":"999999"}} │ │ with incapsula_site.example-site["awts.flex.com"], │ on imperva_create_waf_configuration.tf line 7, in resource "incapsula_site" "example-site": │ 7: resource "incapsula_site" "example-site" { │ ╵ ╷ │ Error: Error from Incapsula service when updating site for siteID 79529716: {"res":3015,"res_message":"Internal error","debug_info":{"":"Add site operation hasn\u0027t finished.","id-info":"999999"}} │ │ with incapsula_site.example-site["tokenservicetest.flex.com"], │ on imperva_create_waf_configuration.tf line 7, in resource "incapsula_site" "example-site": │ 7: resource "incapsula_site" "example-site" { │ ╵thanks Michael

Am So., 18. Sept. 2022 um 17:22 Uhr schrieb eilon-shai < @.***>:

Hi,

Can you please share the error you get? Also can you please share the size of the applications set?

The same setup works for me with no errors for applications.size==12

Thanks, Eilon

— Reply to this email directly, view it on GitHub https://github.com/imperva/terraform-provider-incapsula/issues/210#issuecomment-1250330554, or unsubscribe https://github.com/notifications/unsubscribe-auth/AENXGQ6V4KXTAFDWBYITOMLV64XS7ANCNFSM6AAAAAAQOGHWTY . You are receiving this because you authored the thread.Message ID: @.***>

-- Ing. Michael Vogi Meiselhofstrasse 22 9330 Althofen Austria Cell:+43 676 8980 1701

altmvogi avatar Oct 11 '22 08:10 altmvogi

Hi, is this issue still relevant?

shirisemoimperva avatar Jul 06 '23 11:07 shirisemoimperva

Hi, we could not wait until this is fixed. and we implemented the automation using python code and the Impeva API instead. I guess the issue is still there, but no need to fix it for me anymore.

regards Michael

Am Do., 6. Juli 2023 um 13:28 Uhr schrieb shirisemoimperva < @.***>:

Hi, is this issue still relevant?

— Reply to this email directly, view it on GitHub https://github.com/imperva/terraform-provider-incapsula/issues/210#issuecomment-1623511917, or unsubscribe https://github.com/notifications/unsubscribe-auth/AENXGQZWFQC62B3XZTQBMMLXO2OPTANCNFSM6AAAAAAQOGHWTY . You are receiving this because you authored the thread.Message ID: @.***>

-- Ing. Michael Vogi Meiselhofstrasse 22 9330 Althofen Austria Cell:+43 676 8980 1701

altmvogi avatar Jul 06 '23 12:07 altmvogi