terraform-provider-oci
terraform-provider-oci copied to clipboard
oracle
`oci_core_shape_management` does not allow removing shapes from image
The oci_core_shape_management resource does not allow removing shapes from an image. This means that the default list of shapes when the image is created are left here. In my case, this means that an X86 instance could inadvertently be created against my ARM image.
Surely this module should take a list of shapes, and override the configuration of the image to match that list.
This is also impacting our deployments of custom aarch64 images.
We can add VM.Standard.A1.Flex, but we cant remove all the automatically added amd64 shapes without a separate golang app that I wrote that removes all shapes associated with the image.
What we currently do:
variable "shape_names" {
type = list(string)
default = ["VM.Standard.A1.Flex","BM.Standard.A1.160"]
}
resource "null_resource" "removeImageShapeAssociations" {
provisioner "local-exec" {
command = "./removeImageShapeAssociations --ImageId ${resource.oci_core_image.this.id} --Region ${var.region} --CompartmentId ${var.compartment_id}"
}
}
resource "oci_core_shape_management" "shape_names" {
count = length(var.shape_names)
# This adds one shape to the image
depends_on = [null_resource.removeImageShapeAssociations]
#Required
compartment_id = var.compartment_id
image_id = oci_core_image.this.id
shape_name = var.shape_names[count.index]
}
output "shape_names" {
value = resource.oci_core_shape_management.shape_names
}
Ideally I would be able to just do:
variable "shape_names" {
type = list(string)
default = ["VM.Standard.A1.Flex","BM.Standard.A1.160"]
}
"oci_core_shape_management" "this" {
#Required
compartment_id = var.compartment_id
image_id = oci_core_image.test_image.id
shape_names = var.shape_names
}
and the result would be that the image is ONLY compatible with the specified shapes.
Thank you for reporting the issue. We have raised an internal ticket to track this. Our service engineers will get back to you.
