Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Module should ask for resource group ID instead of name #143

Closed
ocofaigh opened this issue Nov 16, 2022 · 1 comment
Closed

Module should ask for resource group ID instead of name #143

ocofaigh opened this issue Nov 16, 2022 · 1 comment

Comments

@ocofaigh
Copy link
Member

I would suggest changing input variable powervs_resource_group_name to powervs_resource_group_id and removing the data lookups from your code.
Why? Because data lookups are executed at the plan phase. And if you are executing this module as part of a higher module which also creates a resource group, the data lookup occurs on a resource group that does not yet exist because the the resource group name is not computed - it is known before the resource is even provisioned.
Here is an example. The below code creates a new resource group, and calls the power infrastructure module as part of the same terraform execution....

##############################
terraform {
  required_version = ">=1.1"
  required_providers {
    ibm = {
      source  = "IBM-Cloud/ibm"
      version = "=1.45.1"
    }
    tls = {
      source  = "hashicorp/tls"
      version = "4.0.1"
    }
  }
}

##############################
provider "ibm" {
  region           = "syd"
  zone             = "syd05"
  ibmcloud_api_key = var.ibmcloud_api_key != null ? var.ibmcloud_api_key : null
}

provider "ibm" {
  alias            = "ibm-is"
  region           = "au-syd"
  zone             = "syd05"
  ibmcloud_api_key = var.ibmcloud_api_key != null ? var.ibmcloud_api_key : null
}
##############################
locals {
  powervs_workspace_name = "${var.prefix}-${var.powervs_zone}-${var.powervs_workspace_name}"
  powervs_sshkey_name    = "${var.prefix}-${var.powervs_zone}-${var.powervs_sshkey_name}"
}

resource "tls_private_key" "tls_key" {
  algorithm = "RSA"
  rsa_bits  = 4096
}

resource "ibm_is_ssh_key" "ssh_key" {
  provider   = ibm.ibm-is
  name       = local.powervs_sshkey_name
  public_key = trimspace(tls_private_key.tls_key.public_key_openssh)
}

resource "ibm_resource_group" "resourceGroup" {
  name     = "test"
}

module "power_infrastructure" {
  source = "git::https://github.com/terraform-ibm-modules/terraform-ibm-powervs-infrastructure.git?ref=v5.0.0"

  powervs_zone                = "syd05"
  powervs_resource_group_name = ibm_resource_group.resourceGroup.name
  powervs_workspace_name      = local.powervs_workspace_name
  tags                        = []
  powervs_sshkey_name         = local.powervs_sshkey_name
  ssh_public_key              = ibm_is_ssh_key.ssh_key.public_key
  ssh_private_key             = trimspace(tls_private_key.tls_key.private_key_openssh)
  access_host_or_ip           = var.access_host_or_ip
  powervs_management_network  = var.powervs_management_network
  powervs_backup_network      = var.powervs_backup_network
  transit_gateway_name        = var.transit_gateway_name
  reuse_cloud_connections     = var.reuse_cloud_connections
  cloud_connection_count      = var.cloud_connection_count
  cloud_connection_speed      = var.cloud_connection_speed
  cloud_connection_gr         = var.cloud_connection_gr
  cloud_connection_metered    = var.cloud_connection_metered
  squid_config                = var.squid_config
  dns_forwarder_config        = var.dns_forwarder_config
  ntp_forwarder_config        = var.ntp_forwarder_config
  nfs_config                  = var.nfs_config
  perform_proxy_client_setup  = var.perform_proxy_client_setup
}

The problem with this code is that terraform plan fails with the error:

module.power_infrastructure.module.power_workspace.data.ibm_resource_group.resource_group_ds: Reading...
╷
│ Error: [ERROR] Given Resource Group is not found in the account : %!s(<nil>) {
│     "StatusCode": 200,
│     "Headers": {
│         "Cache-Control": [
│             "max-age=0, no-cache, no-store"
│         ],
│         "Content-Length": [
│             "16"
│         ],
│         "Content-Type": [
│             "application/json; charset=utf-8"
│         ],
│         "Date": [
│             "Tue, 15 Nov 2022 13:30:45 GMT"
│         ],
│         "Etag": [
│             "W/\"10-snEjXFi4SWmfY0hH7xVHSX5MF4M\""
│         ],
│         "Expires": [
│             "Tue, 15 Nov 2022 13:30:45 GMT"
│         ],
│         "Pragma": [
│             "no-cache"
│         ],
│         "Server": [
│             "istio-envoy"
│         ],
│         "Set-Cookie": [
│             "ak_bmsc=9023656E822830D2F5BCC746AFB82CB5~000000000000000000000000000000~YAAQJtERAkl6EnqEAQAAjyp8exFDPCBuTcSX7kfAnGQGV8qbvTbUNWjuhlnFQcqGH8RrfBEQuRgPrRB+nyNv3AXDjnwiRTLo7Di64ST4ZxOhulSA8QADYdeQQHwjSGAwIfYR1ffh6fPwarDT3i87SMxczz0SxdvlTAMmb5nC9G2TZeILemB9jI6IdMaSZv6cGVvMrWMC7zraJslAMRSEUdrT4aHfuufKQLFmA/DfAVstDRDGyPlJjK/BU0w9OxyHHhegJEI/0zsUSVqlYiLshpTPNEsW8k/SzCLsLIJdL8zDuWf0tYcVKas10pg3MdMPEFNKjbn5jcUxvHNCbVmgfIAevSMwoXF4fzbK3g8asP+o92LOCaFsxV1+Z8DcFxaJvwab51vgz9rn5KLrXg==; Domain=.cloud.ibm.com; Path=/; Expires=Tue, 15 Nov 2022 15:30:45 GMT; Max-Age=7200; HttpOnly"
│         ],
│         "Strict-Transport-Security": [
│             "max-age=31536000; includeSubDomains"
│         ],
│         "Transaction-Id": [
│             "abb5f462af7b42deb9ab3d6577f2f1bb"
│         ],
│         "Vary": [
│             "Accept-Encoding"
│         ],
│         "X-Content-Type-Options": [
│             "nosniff"
│         ],
│         "X-Envoy-Upstream-Service-Time": [
│             "368"
│         ],
│         "X-Ratelimit-Limit": [
│             "60"
│         ],
│         "X-Ratelimit-Remaining": [
│             "59"
│         ],
│         "X-Ratelimit-Reset": [
│             "0"
│         ],
│         "X-Request-Id": [
│             "abb5f462af7b42deb9ab3d6577f2f1bb"
│         ],
│         "X-Response-Time": [
│             "354.619ms"
│         ],
│         "_request_id": [
│             "abb5f462af7b42deb9ab3d6577f2f1bb"
│         ]
│     },
│     "Result": {
│         "resources": []
│     },
│     "RawResult": null
│ }
│ 
│ 
│   with module.power_infrastructure.module.power_workspace.data.ibm_resource_group.resource_group_ds,
│   on .terraform/modules/power_infrastructure/submodules/power_workspace/main.tf line 10, in data "ibm_resource_group" "resource_group_ds":
│   10: data "ibm_resource_group" "resource_group_ds" {
│

Current workaround is to add a depends_on = [ibm_resource_group.resourceGroup] when calling the power infrastrcuture module, but adding explicit depends_on is not a good practise and can lead to issues later on (see more here)
@surajsbharadwaj
Copy link
Contributor

Will not be fixed due to other dependencies for extension flavour

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ocofaigh @surajsbharadwaj