Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] Bootsrap mode activated. Token_key or access_key and secret_key can not be provided #1455

Open
DavideRutigliano opened this issue Dec 15, 2024 · 1 comment
Labels

Comments

@DavideRutigliano
Copy link

Rancher Server Setup

  • Rancher version:
  • Installation option (Docker install/Helm Chart): Helm
    • If Helm Chart, Kubernetes Cluster and version (RKE1, RKE2, k3s, EKS, etc): k3s v1.30.6
  • Proxy/Cert Details: N/A

Information about the Cluster

  • Kubernetes version: v1.30.6 (k3s)
  • Cluster Type (Local/Downstream): Local

User Information

  • What is the role of the user logged in? Admin

Provider Information

  • What is the version of the Rancher v2 Terraform Provider in use? 5.1, 5.2, 6.0
  • What is the version of Terraform in use? 1.9

Describe the bug

Unable to bootstrap rancher using terraform: [ERROR] Bootsrap mode activated. Token_key or access_key and secret_key can not be provided

To Reproduce

terraform apply
"""hcl
terraform {
required_version = ">= 1.9.0"
required_providers {
rancher2 = {
source = "rancher/rancher2"
version = ">=6.0"
}
}
}

provider "rancher2" {
alias = "bootstrap"
api_url = "https://whatever"
bootstrap = true
insecure = true
}

provider "rancher2" {
alias = "admin"
api_url = "https://whatever"
token_key = "whatever"
insecure = true
}

resource "rancher2_bootstrap" "admin" {
provider = rancher2.bootstrap
initial_password = "token"
password = "secret"
telemetry = true
}
"""

Actual Result

│ Error: [ERROR] Bootsrap mode activated. Token_key or access_key and secret_key can not be provided

│ with module.rancher2.provider["registry.terraform.io/rancher/rancher2"].bootstrap,
│ on ../../modules/rancher2/providers.tf line 7, in provider "rancher2":
│ 7: provider "rancher2" {

Expected Result

Ability to bootstrap rancher

I suspect there's some issue with token_key value in rancher2 module, as I am getting early failure when applying the plan. Am I doing something wrong?

@DavideRutigliano
Copy link
Author

DavideRutigliano commented Dec 15, 2024

Quick analysis: the issue seems to be the condition at https://github.com/rancher/terraform-provider-rancher2/blame/1a9c3e011151dd68ae32ab35a7066f9653385c86/rancher2/provider.go#L217 and next line overriding tokenKey.

I guess in my case https://github.com/rancher/terraform-provider-rancher2/blame/1a9c3e011151dd68ae32ab35a7066f9653385c86/rancher2/provider.go#L218 gets somehow executed (but it shouldn't), thus setting the tokenKey for me.

Workaround is to force that condition to be false without explicitly setting token_key (or setting token_key = "nil").
Note: the string "nil" comes from here: https://github.com/rancher/terraform-provider-rancher2/blame/1a9c3e011151dd68ae32ab35a7066f9653385c86/rancher2/provider.go#L12

Not sure why it worked til now tho (I see the lines I pointed are there since the very first commits actually)


Working with workaround
terraform apply
"""hcl
terraform {
required_version = ">= 1.9.0"
required_providers {
rancher2 = {
source = "rancher/rancher2"
version = ">=6.0"
}
}
}

provider "rancher2" {
alias = "bootstrap"
api_url = "https://whatever/"
bootstrap = true
insecure = true
# workaround
access_key = "nil"

}

provider "rancher2" {
alias = "admin"
api_url = "https://whatever/"
token_key = "whatever"
insecure = true
}

resource "rancher2_bootstrap" "admin" {
provider = rancher2.bootstrap
initial_password = "token"
password = "secret"
telemetry = true
}
"""

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant