terraform-provider-checkpoint

terraform-provider-checkpoint copied to clipboard

Hello,

we are currently, using this provider to update resources on multiple domains (~ 7 domains). We are distinguishing the providers using provider-aliases, f.e. like this:

provider "checkpoint" {
        alias = "domainA"
        timeout = 60
        session_file_name = "sid_domainA.json"
        server = "our-server-url.com"
        api_key = "our-api-key"
        domain = "domainA"
}
provider "checkpoint" {
        alias = "domainB"
        timeout = 60
        session_file_name = "sid_domainB.json"
        server = "our-server-url.com"
        api_key = "our-api-key"
        domain = "domainB"
}
...

The problem is, some login-requests to the Checkpoint Backend fail sporadically. Sometimes everything works as expected but sometimes we get an error for specific domains, there is no pattern:

╷
│ Error: failed to execute API call
│ Status: 400 Bad Request
│ Code: err_login_failed
│ Message: Authentication to server failed.
│ 
│   with provider["registry.terraform.io/checkpointsw/checkpoint"].domainA,
│   on main.tf.json line 58, in provider.checkpoint[4]:
│   58:          },
│ 

I think, the cause is the parallel login-requests, because when using only one provider, everything works fine. Would it be possible, that you implement some kind of locking to have these requests send sequentially?

Hi @neinkob15,

We need to investigate your request and see how we can support it. In overall, provider support one domain in every execution, we cannot guarantee expected results in the way you do it. You need to configure single provider in your configuration files and to run terraform per domain. Maybe you can think of wrapping your terraform execution and implement this parallelism by yourself (e.g. separate configuration files per domain in different directories)

Regards, Roy