Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix bug with CSEK where the key stored in state might be associated with the wrong disk #327

Merged
merged 4 commits into from
Sep 7, 2017
Merged

Fix bug with CSEK where the key stored in state might be associated with the wrong disk #327

merged 4 commits into from
Sep 7, 2017

Conversation

danawillow
Copy link
Contributor

Instances don't necessarily return disks in the order they were sent, so we can't just set the encryption key in state based on the index. This matches the correct key to the correct disk information.

This change could potentially break existing configs by changing the order disks are in or adding keys that were not in state before. However, these configs were technically wrong before.

@danawillow danawillow requested a review from paddycarver August 15, 2017 22:08
@paddycarver paddycarver self-assigned this Aug 16, 2017
@danawillow danawillow mentioned this pull request Aug 16, 2017
Merged
@danawillow
Copy link
Contributor Author

Changed test to include one unencrypted disk so the order matters, and updated code so the order doesn't change.

@rosbo
Copy link
Contributor

rosbo commented Aug 16, 2017

With your change,

When applying this config:

resource "google_compute_disk" "foobar2" {
  name = "foobar2"
  size = 10
  type = "pd-ssd"
  zone = "us-central1-a"

  disk_encryption_key_raw = "dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI="
}

resource "google_compute_disk" "foobar3" {
  name = "foobar3"
  size = 10
  type = "pd-ssd"
  zone = "us-central1-a"

  disk_encryption_key_raw = "dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI="
}

resource "google_compute_disk" "foobar4" {
  name = "foobar4"
  size = 10
  type = "pd-ssd"
  zone = "us-central1-a"
}

resource "google_compute_instance" "foobar" {
  name         = "foobar"
  machine_type = "n1-standard-1"
  zone         = "us-central1-a"

  boot_disk {
    initialize_params{
      image = "debian-8-jessie-v20160803"
    }
    disk_encryption_key_raw = "Ym9vdDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI="
  }

  attached_disk {
    source = "${google_compute_disk.foobar2.self_link}"
    disk_encryption_key_raw = "dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI="
  }

  attached_disk {
    source = "${google_compute_disk.foobar4.self_link}"
  }

  attached_disk {
    source = "${google_compute_disk.foobar3.self_link}"
    disk_encryption_key_raw = "dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI="
  }

  network_interface {
    network = "default"
  }

  metadata {
    foo = "bar"
  }
}

I get a diff after the first apply succeeds:

-/+ google_compute_instance.foobar (new resource required)
      attached_disk.#:                            "3" => "3"
      attached_disk.0.device_name:                "persistent-disk-3" => "<computed>"
      attached_disk.0.disk_encryption_key_raw:    "<sensitive>" => "<sensitive>" (attribute changed)
      attached_disk.0.disk_encryption_key_sha256: "b3pvaS7BjDbCKeLPPTx7yXBuQtxyMobCHN1QJR43xeM=" => "<computed>"
      attached_disk.0.source:                     "https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar3" => "https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar2"
      attached_disk.1.device_name:                "persistent-disk-2" => "<computed>"
      attached_disk.1.disk_encryption_key_sha256: "" => "<computed>"
      attached_disk.1.source:                     "https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar4" => "https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar4"
      attached_disk.2.device_name:                "persistent-disk-3" => "<computed>"
      attached_disk.2.disk_encryption_key_raw:    "<sensitive>" => "<sensitive>" (attribute changed)
      attached_disk.2.disk_encryption_key_sha256: "b3pvaS7BjDbCKeLPPTx7yXBuQtxyMobCHN1QJR43xeM=" => "<computed>"
      attached_disk.2.source:                     "https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar3" => "https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar3"
      boot_disk.#:                                "1" => "1"
      boot_disk.0.auto_delete:                    "true" => "true"
      boot_disk.0.device_name:                    "persistent-disk-0" => "<computed>"
      boot_disk.0.disk_encryption_key_raw:        "<sensitive>" => "<sensitive>" (attribute changed)
      boot_disk.0.disk_encryption_key_sha256:     "awJ7p57H+uVZ9axhJjl1D3lfC2MgA/wnt/z88Ltfvss=" => "<computed>"
      boot_disk.0.initialize_params.#:            "1" => "1"
      boot_disk.0.initialize_params.0.image:      "debian-8-jessie-v20160803" => "debian-8-jessie-v20160803"
      boot_disk.0.source:                         "foobar" => "<computed>"
      can_ip_forward:                             "false" => "false"
      create_timeout:                             "4" => "4"
      disk.#:                                     "1" => "0" (forces new resource)
      disk.0.auto_delete:                         "false" => "true" (forces new resource)
      label_fingerprint:                          "42WmSpB8rSM=" => "<computed>"
      machine_type:                               "n1-standard-1" => "n1-standard-1"
      metadata.%:                                 "1" => "1"
      metadata.foo:                               "bar" => "bar"
      metadata_fingerprint:                       "7rri6oX-jMw=" => "<computed>"
      name:                                       "foobar" => "foobar"
      network_interface.#:                        "1" => "1"
      network_interface.0.address:                "10.128.0.2" => "<computed>"
      network_interface.0.name:                   "nic0" => "<computed>"
      network_interface.0.network:                "https://www.googleapis.com/compute/v1/projects/rosbo-personal/global/networks/default" => "default"
      network_interface.0.subnetwork_project:     "rosbo-personal" => "<computed>"
      scheduling.#:                               "1" => "<computed>"
      self_link:                                  "https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/instances/foobar" => "<computed>"
      tags_fingerprint:                           "42WmSpB8rSM=" => "<computed>"
      zone:                                       "us-central1-a" => "us-central1-a"

If I apply again, I get the following error

Error applying plan:

1 error(s) occurred:

* google_compute_instance.foobar: google_compute_instance.foobar: diffs didn't match during apply. This is a bug with Terraform and should be reported as a GitHub Issue.

Please include the following information in your report:

    Terraform Version: 0.10.0
    Resource ID: google_compute_instance.foobar
    Mismatch reason: attribute mismatch: disk.0.auto_delete
    Diff One (usually from plan): *terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{"boot_disk.0.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"awJ7p57H+uVZ9axhJjl1D3lfC2MgA/wnt/z88Ltfvss=", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.1.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.#":*terraform.ResourceAttrDiff{Old:"1", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.2.disk_encryption_key_raw":*terraform.ResourceAttrDiff{Old:"dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", New:"dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:true, Type:0x0}, "name":*terraform.ResourceAttrDiff{Old:"foobar", New:"foobar", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.0.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"b3pvaS7BjDbCKeLPPTx7yXBuQtxyMobCHN1QJR43xeM=", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.1.source":*terraform.ResourceAttrDiff{Old:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar4", New:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar4", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.2.source":*terraform.ResourceAttrDiff{Old:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar3", New:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar3", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "disk.0.auto_delete":*terraform.ResourceAttrDiff{Old:"false", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "attached_disk.2.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"b3pvaS7BjDbCKeLPPTx7yXBuQtxyMobCHN1QJR43xeM=", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.0.subnetwork_project":*terraform.ResourceAttrDiff{Old:"rosbo-personal", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.0.source":*terraform.ResourceAttrDiff{Old:"foobar", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.0.source":*terraform.ResourceAttrDiff{Old:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar3", New:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.#":*terraform.ResourceAttrDiff{Old:"1", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "zone":*terraform.ResourceAttrDiff{Old:"us-central1-a", New:"us-central1-a", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "metadata.foo":*terraform.ResourceAttrDiff{Old:"bar", New:"bar", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "can_ip_forward":*terraform.ResourceAttrDiff{Old:"false", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "disk.#":*terraform.ResourceAttrDiff{Old:"1", New:"0", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "boot_disk.0.disk_encryption_key_raw":*terraform.ResourceAttrDiff{Old:"Ym9vdDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", New:"Ym9vdDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:true, Type:0x0}, "boot_disk.0.initialize_params.0.image":*terraform.ResourceAttrDiff{Old:"debian-8-jessie-v20160803", New:"debian-8-jessie-v20160803", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.0.device_name":*terraform.ResourceAttrDiff{Old:"persistent-disk-0", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.1.device_name":*terraform.ResourceAttrDiff{Old:"persistent-disk-2", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.0.disk_encryption_key_raw":*terraform.ResourceAttrDiff{Old:"dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", New:"dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:true, Type:0x0}, "metadata_fingerprint":*terraform.ResourceAttrDiff{Old:"7rri6oX-jMw=", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.0.auto_delete":*terraform.ResourceAttrDiff{Old:"true", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "machine_type":*terraform.ResourceAttrDiff{Old:"n1-standard-1", New:"n1-standard-1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.0.name":*terraform.ResourceAttrDiff{Old:"nic0", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.0.network":*terraform.ResourceAttrDiff{Old:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/global/networks/default", New:"default", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.0.initialize_params.#":*terraform.ResourceAttrDiff{Old:"1", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "label_fingerprint":*terraform.ResourceAttrDiff{Old:"42WmSpB8rSM=", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "tags_fingerprint":*terraform.ResourceAttrDiff{Old:"42WmSpB8rSM=", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "metadata.%":*terraform.ResourceAttrDiff{Old:"1", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.0.address":*terraform.ResourceAttrDiff{Old:"10.128.0.2", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.2.device_name":*terraform.ResourceAttrDiff{Old:"persistent-disk-3", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "scheduling.#":*terraform.ResourceAttrDiff{Old:"1", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.0.device_name":*terraform.ResourceAttrDiff{Old:"persistent-disk-3", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.#":*terraform.ResourceAttrDiff{Old:"3", New:"3", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "create_timeout":*terraform.ResourceAttrDiff{Old:"4", New:"4", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "self_link":*terraform.ResourceAttrDiff{Old:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/instances/foobar", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)}
    Diff Two (usually from apply): *terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{"boot_disk.0.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "label_fingerprint":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.2.source":*terraform.ResourceAttrDiff{Old:"", New:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar3", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.0.address":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "attached_disk.0.device_name":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "scheduling.#":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.0.disk_encryption_key_raw":*terraform.ResourceAttrDiff{Old:"", New:"Ym9vdDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:true, Type:0x0}, "attached_disk.0.source":*terraform.ResourceAttrDiff{Old:"", New:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar2", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.0.disk_encryption_key_raw":*terraform.ResourceAttrDiff{Old:"", New:"dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:true, Type:0x0}, "attached_disk.#":*terraform.ResourceAttrDiff{Old:"", New:"3", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "tags_fingerprint":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.2.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.0.source":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "create_timeout":*terraform.ResourceAttrDiff{Old:"", New:"4", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.#":*terraform.ResourceAttrDiff{Old:"", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "attached_disk.1.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.2.device_name":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "name":*terraform.ResourceAttrDiff{Old:"", New:"foobar", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "boot_disk.0.initialize_params.0.image":*terraform.ResourceAttrDiff{Old:"", New:"debian-8-jessie-v20160803", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "zone":*terraform.ResourceAttrDiff{Old:"", New:"us-central1-a", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "attached_disk.1.device_name":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "metadata.foo":*terraform.ResourceAttrDiff{Old:"", New:"bar", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "metadata_fingerprint":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.0.disk_encryption_key_sha256":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "metadata.%":*terraform.ResourceAttrDiff{Old:"", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "boot_disk.0.device_name":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "can_ip_forward":*terraform.ResourceAttrDiff{Old:"", New:"false", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "attached_disk.1.source":*terraform.ResourceAttrDiff{Old:"", New:"https://www.googleapis.com/compute/v1/projects/rosbo-personal/zones/us-central1-a/disks/foobar4", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "self_link":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "network_interface.0.name":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, "attached_disk.2.disk_encryption_key_raw":*terraform.ResourceAttrDiff{Old:"", New:"dGhpcmQ2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:true, Type:0x0}, "network_interface.0.subnetwork_project":*terraform.ResourceAttrDiff{Old:"", New:"", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "network_interface.#":*terraform.ResourceAttrDiff{Old:"", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "machine_type":*terraform.ResourceAttrDiff{Old:"", New:"n1-standard-1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "boot_disk.0.auto_delete":*terraform.ResourceAttrDiff{Old:"", New:"true", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "network_interface.0.network":*terraform.ResourceAttrDiff{Old:"", New:"default", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, "boot_disk.0.initialize_params.#":*terraform.ResourceAttrDiff{Old:"", New:"1", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, Meta:map[string]interface {}(nil)}

Also include as much context as you can about your config, state, and the steps you performed to trigger this error.


Terraform does not automatically rollback in the face of errors.
Instead, your Terraform state file has been partially updated with
any resources that successfully completed. Please address the error
above and apply again to incrementally change your infrastructure.

@danawillow
Copy link
Contributor Author

Good catch, thanks! Made a fix (which conveniently simplifies the solution a whole bunch)

rosbo
rosbo reviewed Aug 16, 2017
View reviewed changes
google/resource_compute_instance.go
@@ -1003,16 +1006,15 @@ func resourceComputeInstanceRead(d *schema.ResourceData, meta interface{}) error
return fmt.Errorf("Expected %d disks, API returned %d", expectedDisks, len(instance.Disks))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This might be outside the scope of this PR but if we add or remove a disk outside of Terraform, then this line fails preventing the user from updating the instance.

Is this a behavior we want to fix?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not right now- because we're relying so much on what's written in state, we can't really support that case without a fair amount of effort. It'll probably be easier once disks is gone for good, so it'll probably be worth a shot then.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think even with a fair amount of effort, we might not be able to support that case. :/ I think we may just have to accept it for a couple more weeks as a price for getting to a saner model of disks.

@danawillow
Copy link
Contributor Author

@paddycarver are you all good with this change (once I resolve conflicts)?

@danawillow
Copy link
Contributor Author

All right I'm assuming no answer means yes. Merging now.

@danawillow danawillow merged commit 333c2f0 into hashicorp:master Sep 7, 2017
@danawillow danawillow deleted the encryption-key branch September 7, 2017 14:04
negz pushed a commit to negz/terraform-provider-google that referenced this pull request Oct 17, 2017
@danawillow
Fix bug with CSEK where the key stored in state might be associated w…
17c4c09 
…ith the wrong disk (hashicorp#327)

* Fix bug with CSEK where the key stored in state might be associated with the wrong disk

* preserve original order of attached disks

* use the disk index to figure out the raw key
@ghost
Copy link

ghost commented Mar 31, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Mar 31, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@rosbo rosbo rosbo approved these changes

@paddycarver paddycarver Awaiting requested review from paddycarver

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@danawillow @rosbo @paddycarver