You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Initialise the back end and apply the configuration
terraform init
terraform apply
run terraform plan to ensure no state changes
terraform plan
[WARN] Invalid log level: "TRUE". Defaulting to level: TRACE. Valid levels are: [TRACE DEBUG INFO WARN ERROR OFF][WARN] Invalid log level: "TRUE". Defaulting to level: TRACE. Valid levels are: [TRACE DEBUG INFO WARN ERROR
... redacted to save space ...
dnsimple_zone_record.domain1_com["bWFpbC5leGFtcGxlLmNvbS1NWC0xbXg="]: Refreshing state... [id=2940594]
dnsimple_zone_record.domain1_com["aHR0cHM6Ly93d3cuZXhhbXBsZS5jb20tVVJMLQ=="]: Refreshing state... [id=2940578]
No changes. Your infrastructure matches the configuration.
Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
set the prefetch to true and re-initialize
PS > $Env:TF_VAR_DNSIMPLE_PREFETCH="true"
PS > terraform init
Initializing the backend...
Initializing provider plugins...
- Reusing previous version of dnsimple/dnsimple from the dependency lock file
- Using previously-installed dnsimple/dnsimple v0.15.0
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
run another plan
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
~ update in-place
-/+ destroy and then create replacement
Terraform will perform the following actions:
# dnsimple_zone_record.domain1_com["MS4xLjEuMS1BLQ=="] must be replaced
-/+ resource "dnsimple_zone_record" "domain1_com" {
~ id = "2940587" -> (known after apply)
~ priority = "0" -> (known after apply)
~ qualified_name = "domain1.com" -> (known after apply)
~ ttl = "3600" -> "600"
~ type = "SOA" -> "A" # forces replacement
~ value = "ns1.dnsimple.com admin.dnsimple.com 1677551382 86400 7200 604800 300" -> "1.1.1.1"
~ zone_id = "domain1.com" -> (known after apply)
# (1 unchanged attribute hidden)
}
# dnsimple_zone_record.domain1_com["aHR0cHM6Ly93d3cuZXhhbXBsZS5jb20tVVJMLQ=="] must be replaced
-/+ resource "dnsimple_zone_record" "domain1_com" {
~ id = "2940578" -> (known after apply)
~ priority = "0" -> (known after apply)
~ qualified_name = "domain1.com" -> (known after apply)
~ ttl = "3600" -> "600"
~ type = "SOA" -> "URL" # forces replacement
~ value = "ns1.dnsimple.com admin.dnsimple.com 1677551382 86400 7200 604800 300" -> "https://www.example.com"
~ zone_id = "domain1.com" -> (known after apply)
# (1 unchanged attribute hidden)
}
# dnsimple_zone_record.domain1_com["bWFpbC5leGFtcGxlLmNvbS1NWC0="] must be replaced
-/+ resource "dnsimple_zone_record" "domain1_com" {
~ id = "2940580" -> (known after apply)
~ priority = "0" -> "11"
~ qualified_name = "domain1.com" -> (known after apply)
~ type = "SOA" -> "MX" # forces replacement
~ value = "ns1.dnsimple.com admin.dnsimple.com 1677551382 86400 7200 604800 300" -> "mail.example.com"
~ zone_id = "domain1.com" -> (known after apply)
# (2 unchanged attributes hidden)
}
# dnsimple_zone_record.domain1_com["bWFpbDIxLmV4YW1wbGUuY29tLU1YLTJteA=="] will be updated in-place
~ resource "dnsimple_zone_record" "domain1_com" {
id = "2940600"
name = "2mx"
~ priority = "5" -> "1"
~ value = "mail25.example.com" -> "mail21.example.com"
# (5 unchanged attributes hidden)
}
# dnsimple_zone_record.domain1_com["bnMtMS5leGFtcGxlLmNvbS1OUy1leGFtcGxl"] will be updated in-place
~ resource "dnsimple_zone_record" "domain1_com" {
id = "2940591"
name = "example"
~ value = "ns-3.example.com" -> "ns-1.example.com"
# (6 unchanged attributes hidden)
}
# dnsimple_zone_record.domain1_com["bnMtMi5leGFtcGxlLmNvbS1OUy1leGFtcGxl"] will be updated in-place
~ resource "dnsimple_zone_record" "domain1_com" {
id = "2940584"
name = "example"
~ value = "ns-3.example.com" -> "ns-2.example.com"
# (6 unchanged attributes hidden)
}
# dnsimple_zone_record.domain1_com["bnMtNC5leGFtcGxlLmNvbS1OUy1leGFtcGxl"] will be updated in-place
~ resource "dnsimple_zone_record" "domain1_com" {
id = "2940582"
name = "example"
~ value = "ns-3.example.com" -> "ns-4.example.com"
# (6 unchanged attributes hidden)
}
Plan: 3 to add, 4 to change, 3 to destroy.
Important Factoids
We have split the domain records out of terraform configuration and read them in as a set from a json file.
References
The text was updated successfully, but these errors were encountered:
It was found that the prefetch feature. Which pulls the entire zone and creates a local cache for the provider to use and determine if a record already exists as a performance improvement and a way to reduce the number of API requests. The lookup algorithm did a naive lookup only based on the name of the Resource Record (RR), however, that can yield false positives and also result in incorrect records being created/updated.
Implementation notes
Unfortunately, the current version of the TF SDK does not support testing of for_each resources. The algorithm was updated to match all attributes that make a resource unique which are name, type, and content. There is also the potential of using the record ids to match existing records but the current implementation allows for some flexibility when using the provider especially since we do not support duplicate records.
Belongs to #80
Terraform Version
Affected Resource(s)
Terraform Configuration Files
main.tf
domain1.com.json
Debug Output
https://gist.github.com/lawrencewilson/c74945564685cb46241718a2db56a5b9
Panic Output
If Terraform produced a panic, please provide a link to a GitHub Gist containing the output of the
crash.log
.Expected Behavior
What should have happened?
When you enable
prefetch
without changing the state, we should seeNo changes
in terraform.Actual Behavior
When you enable
prefetch
without changing the state, terraform detects drift where there is none and will attempt to delete and re-create records.Steps to Reproduce
Please list the steps required to reproduce the issue, for example:
true
and re-initializeImportant Factoids
We have split the domain records out of terraform configuration and read them in as a set from a json file.
References
The text was updated successfully, but these errors were encountered: