#175 ⁃ Error: error removing private link from database
Description
Activity
➤ Erik Merkle commented:
@oscar-b Thanks for the clarification. I'll see if I can trigger the issue somehow and then add better handling to the provider.
➤ Oscar Bolmsten commented:
Hi emerkle826
Not sure if your reproduction steps reflect it, but what happened in my case was that the endpoint_id actually changed. It was an incorrect value from the beginning.
Either way, it might just have been an API error that was thrown, the point being that the provider doesn’t recover gracefully from it and ended up in a corrupted state. If I remember correctly, the TF state expected there to still be an psc endpoint and just bails when when it doesn’t return anything from the api (as the delete actually succeeded). This could be handled better.
I guess one way to reproduce it could be to delete the psc endpoint on Astra side without TF, then try to delete it with TF.
➤ Erik Merkle commented:
For the record, I switched my config from this initially:
resource "astra_private_link_endpoint" "endpoint" {
database_id = astra_database.privlinkdb.id
datacenter_id = "${astra_database.privlinkdb.id}-1"
endpoint_id = "67463546871349251"
}to this:
resource "astra_private_link_endpoint" "endpoint" {
database_id = astra_database.privlinkdb.id
datacenter_id = "${astra_database.privlinkdb.id}-1"
endpoint_id = google_compute_forwarding_rule.default.psc_connection_id
}
➤ Erik Merkle commented:
I just looked briefly at https://github.com/hashicorp/terraform-provider-google/blob/main/CHANGELOG.md and I don't really see anything that would have fixed things between v4.41.0 and v4.43.0 related to this.
➤ Erik Merkle commented:
@oscar-b Sorry it took me so long to get around to this.
I just tried with v2.1.7 of the provider, and I am not able to reproduce the issue. There shouldn't be anything in v2.1.7 that would have fixed it, as I see you used v2.1.6.
When I try your steps, first with a hard-coded PSC ID, I am able to associate the endpoint as expected. If I then change the definition to be google_compute_forwarding_rule.default.psc_connection_id, and run a terraform apply the plugin tells me there are no changes to be made and it exits gracefully.
For the record, here are the plugin versons I am using:
Terraform v1.3.4
on linux_amd64
+ provider registry.terraform.io/datastax/astra v2.1.7
+ provider registry.terraform.io/hashicorp/google v4.43.0I'll go look at the GCP plugin and see if maybe there was something fixed between v4.41.0 and v4.43.0 perhaps.
Hi there,
Please provide the following details with your issue report.
Terraform Version
Terraform v1.3.3
on darwin_arm64
provider registry.terraform.io/datastax/astra v2.1.6
provider registry.terraform.io/elastic/ec v0.5.0
provider registry.terraform.io/elastic/elasticstack v0.4.0
provider registry.terraform.io/hashicorp/google v4.41.0
Affected Resource(s)
Please list the resources as a list, for example:
astra_private_link_endpoint
If this issue appears to affect multiple resources, it may be an issue with Terraform's core, so please mention this.
Terraform Configuration Files
resource "google_compute_forwarding_rule" "astra-db" { name = "psc-endpoint" target = "https://www.googleapis.com/compute/v1/${astra_private_link.astra-db.service_name}" project = google_compute_network.private_network.project ip_address = google_compute_address.astra-db.id network = google_compute_network.private_network.id region = var.region load_balancing_scheme = "" } # The endpoint ID (PSC Connection ID) is not currently accessible from the google_compute_forwarding_rule terraform object. # It must be retrieved via the GCP UI (https://console.cloud.google.com/net-services/psc/list) or via the gcloud CLI: # gcloud compute forwarding-rules describe psc-endpoint --region=us-east1 resource "astra_private_link_endpoint" "endpoint" { database_id = astra_database.astra-db.id datacenter_id = "${astra_database.astra-db.id}-1" endpoint_id = google_compute_forwarding_rule.astra-db.psc_connection_id }
Debug Output
astra_private_link_endpoint.endpoint: Destroying... [id=531b0009-a519-4965-b547-4555ff7293d5/datacenter/531b0009-a519-4965-b547-4555ff7293d5-1/endpoint/19182715690418178] ╷ │ Error: error removing private link from database: &{%!s(*http.body=&{0x1400011b110 <nil> <nil> false false {0 0} false false false <nil>}) {%!s(int32=0) %!s(uint32=0)} %!s(bool=false) <nil> %!s(func(error) error=0x102e5be60) %!s(func() error=0x102e5bf50)}
And now after that failure I'm getting:
│ Error: privateLinks was nil. DatabaseID: 531b0009-a519-4965-b547-4555ff7293d5, DatacenterID: 531b0009-a519-4965-b547-4555ff7293d5-1, endpointID: 19182715690418178, astraEndpointID: 19182715690418178 │ │ with astra_private_link_endpoint.endpoint, │ on main.tf line 58, in resource "astra_private_link_endpoint" "endpoint": │ 58: resource "astra_private_link_endpoint" "endpoint" {
Expected Behavior
The endpoint should have been removed
Actual Behavior
It failed, see above
Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
I had a
astra_private_link_endpoint
deployed with a staticendpoint_id
I changed
endpoint_id
togoogle_compute_forwarding_rule.astra-db.psc_connection_id
terraform apply
Boom
┆Issue is synchronized with a Github issue by Unito
┆Issue Number: 175