Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

2.18.0: Plan fails with panic in a workspace with no changes #949

Closed
Funghorn opened this issue Feb 11, 2021 · 1 comment
Closed

2.18.0: Plan fails with panic in a workspace with no changes #949

Funghorn opened this issue Feb 11, 2021 · 1 comment
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.

Comments

@Funghorn
Copy link

Terraform version

v0.14.6

Affected resource(s)

There is no clear indication of an error with a particular resource, but there are multiple errors of the following type - vertex "cloudflare_access_policy.policy": dynamic subgraph encountered errors that relate to these resources:

  • cloudflare_access_application
  • cloudflare_access_policy

Terraform configuration files

locals {
  cloudflare_account_id = "test_id"

  session_duration = "6h"

  envs = toset([
    "env1",
    "env2",
  ])
}

data "terraform_remote_state" "test_state" {
  backend = "atlas"

  config = {
    name = "test_org/test_state"
  }
}

resource "cloudflare_access_application" "test_app" {
  for_each = local.envs

  account_id       = local.cloudflare_account_id
  name             = "test-app-${each.value}"
  domain           = "test-app-${each.value}.test-org.com"
  session_duration = local.session_duration
  allowed_idps     = [data.terraform_remote_state.test_state.outputs.gsuite_identity_provider_id]
}

resource "cloudflare_access_policy" "test_app_gsuite" {
  for_each = local.envs

  application_id = cloudflare_access_application.test_app[each.value].id
  account_id     = local.cloudflare_account_id
  name           = "test-app-${each.value} gsuite policy"
  precedence     = 1
  decision       = "allow"

  include {
    gsuite {
      identity_provider_id = data.terraform_remote_state.test_state.outputs.gsuite_identity_provider_id
      email                = [
        "[email protected]",
      ]
    }
  }
}

Debug output

Panic output

gist link

Expected behavior

Plan should have finished successfully with "no changes" result.

Actual behavior

Plan crashes with panic.

Steps to reproduce

  1. terraform init
  2. terraform apply
  3. terraform plan

Important factoids

References

Community note

  • Please vote on this issue by adding a 👍 reaction
    to the original issue to help the community and maintainers prioritize this request
  • If you are interested in working on this issue or have submitted a pull
    request, please leave a comment
@Funghorn Funghorn added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Feb 11, 2021
@jacobbednarz
Copy link
Member

thanks for the issue; by the looks of things, this should already be addressed by #940 as it's failing on the GSuite access group.

if you'd like to test that fix works for you, checkout the README on building the provider (https://github.com/cloudflare/terraform-provider-cloudflare#building-the-provider) and you can retry the steps above.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jacobbednarz @Funghorn