-
Notifications
You must be signed in to change notification settings - Fork 9.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Consul Provider does not seem to query consul #1879
Comments
consul 0.5.0 does not de-reference consul_keys on plan, but will on apply. If you do not have a tfstate file, neither plans or applies will work if you have any resources in your tf file. However, if you create a file like provider "consul" {and run terraform apply it will create the right state file. From then on you can add your regular resource in there and continue to apply them. However you will never be able to run a plan, so hey, GFL.
|
@packplusplus this is great debugging work. I'm picking this up now - thanks for the head start! |
To make the tf file for 0.4.2 I pulled Error configuring: 1 error(s) occurred: * Cycle: consul_keys.app, provider.aws, aws_security_group.consul-test (destroy tainted), consul_keys.app (destroy tainted) Do you need anything else? Happy to test any patches (I already have a build env). |
No this is good. I'll keep you posted on the debugging process. Pretty close to the end of the day for me over here, so might not be able to get a fix in today. But I'll make sure this thread has the latest info. |
Alright I've done a bunch of exercising of (1) You're expecting the initial plan to query consul. I can see how you might expect this, but because "consul_keys" is implemented as a Terraform Resource, it's got a CRUD lifecycle internally, and on the first Plan Terraform only knows it must create this "resource" and record its ID to the state. Subsequent plans have recorded the ID and can perform a "refresh" of the data, which queries consul. It's just a limitation of the model, but it generally works out okay in practice. (2) You're trying to interpolate the configuration of a provider with the results of a resource. This is not something we support yet - provider config happens at an early stage, which means that only input variables are allowed to be interpolated in provider config. The first error message you got is a clue that interpolation is not happening:
I was unable to reproduce a scenario where an "apply" would not result in the consul keys being read. If you have some repro steps there I'm happy to continue to investigate. |
I now completely understand the behavior and why what I was trying to do wasn't ever going to work. I would argue it would be reallllly nice to reference keys in your provider config. I will have a script generate a tfvariables file instead (maybe use fsconsul for that). Since the original tf file references a consul variable, if you don't have a tfstatefile (as in you removed it or were starting out net new), no applies can happen because of issue 2. Is there any documentation that explains that provider configs cannot use resource results? Am I too greedy in asking not to close this issue until the documentation on the consul provider notes that consul variables cannot be used to configure providers? Or maybe a generic warning on any of the providers? |
Not too greedy at all. You were confused based on very reasonable Seems like a specific error message when interpolation is attempted in On Friday, May 8, 2015, Patrick Flaherty notifications@github.com wrote:
|
Going to close this since the original issue was solved. Ideas on improved messaging are still welcome! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
I've tried this with 0.5.0. Working on testing 0.4.2 (doesn't support AWS Env variables)
It doesn't seem to make a call to consul. I left
tcpdump -i lo port 8500
running in another window, and no packets show up on a plan or an apply. They do show up on the curls.Here's my .tf
Output of plan:
Output of apply:
and some KVs
The text was updated successfully, but these errors were encountered: