Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

azurerm_api_management_custom_domain: resource gets updated every time #10253

Closed
AmudaPalani opened this issue Jan 19, 2021 · 7 comments
Closed

azurerm_api_management_custom_domain: resource gets updated every time #10253

AmudaPalani opened this issue Jan 19, 2021 · 7 comments
Labels
bug service/api-management

Comments

@AmudaPalani
Copy link

AmudaPalani commented Jan 19, 2021
edited
Loading

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform (and AzureRM Provider) Version

Affected Resource(s)

  • azurerm_api_management_custom_domain

Terraform Configuration Files

image

Debug Output

Panic Output

Expected Behaviour

Since this resource already exists and no changes were requested, this should not be updated.

Actual Behaviour

resource gets updated every time.

Steps to Reproduce

  1. terraform apply

Important Factoids

References

  • #0000
@larsmaes
Copy link

larsmaes commented Jan 21, 2021
edited
Loading

👍

same issue here. This also reulst in downtime because the service gets restarted when this change gets applied

@larsmaes
Copy link

This also results in the removal of the custom domain in the first run; and when i run it again it get added again and so on..

@hgutvik
Copy link

hgutvik commented Jan 22, 2021
edited
Loading

I would also like to add a couple of things.

First, it's not very clear whether or not one should include the default proxy in the custom domains definition.
The example usage shown in Terraform azurerm_api_management_custom_domain docs only lists the custom domains.
The automated tests for azurerm_api_management_custom_domain list the default proxy along with the custom domains.
Perhaps clarify this in the docs, and align with tests?

Second, I'll add some additional info from our attempts, might help for debugging.
We tried both the approaches mentioned above, resulting in slightly different behavior:

(a) Defining only our custom domains

This approach performs the same updates on every apply after initial creation.

Definition - azurerm_api_management_custom_domain

  • proxy (custom)
  • developer_portal
  • management

The initial create-deployment runs successfully and correctly.

Running terraform plan/apply (same code - no changes):

  • Update azurerm_api_management - delete hostname_configuration (containing only the three custom domains):
    image
  • Update azurerm_api_management_custom_domain - replace default proxy with custom proxy
    image

(b) Defining default proxy along with our custom domains

This approach performs almost the same update as above, except split in two steps, in consequent pairs of apply.
The slight difference is that the custom domains, when added back in, are not conflicting with the default proxy in Terraform, but added in addition to it.

Definition - azurerm_api_management_custom_domain

  • proxy (custom)
  • proxy (default)
  • developer_portal
  • management

Like above, the initial create-deployment runs successfully and correctly.

1st Running terraform plan/apply (same code - no changes):

  • Update azurerm_api_management - delete hostname_configuration (containing only the three custom domains):
    image

Result of apply: all custom domains deleted. The default proxy remains, and gets default_ssl_binding auto-toggled to true.

2nd Running terraform plan/apply (same code - no changes):

  • Update azurerm_api_management_custom_domain - add custom domains alongside the default proxy, and toggle default_ssl_binding of default proxy correctly back to false
    image

Result of apply: custom domains added back in, alongside the default proxy, which gets default_ssl_binding toggled correctly back to false

3rd Running terraform plan/apply (same code - no changes) [same as 1st]:

  • Update azurerm_api_management - delete hostname_configuration (containing only the three custom domains):
    image

And so it goes, 4th terraform plan / apply is identical to 1st one.

@maximivanov
Copy link

Getting same problem here.

A related Github issue where the need for the azurerm_api_management_custom_domain resource was originally raised: #3058

For those who can't wait till this bug is fixed:

There's also a workaround in the comments there with a custom domain configured via a call to an external script: #3058 (comment)

And a blog post by the same guy: https://www.jeanpaulsmit.com/2020/03/terraform-deploy-apim/#custom-domains

@patst patst mentioned this issue Feb 18, 2021
Merged
katbyte pushed a commit that referenced this issue Mar 9, 2021
@patst
azurerm_api_management_custom_domain: resource gets updated every time (
85cccac 
#10636)

A possible solution for #10253 .

As described in the issue it is unclear if the default hostname for a proxy (<apim-name>.azure-api.net) needs to be included in the azurerm_api_management_custom_domain resource. The test cases include the default hostname, the example in the docs don't.

In both cases there are problems using the azurerm_api_management_custom_domain resource at the moment because tf plan will try to apply changes on subsequent runs (see issue).

My solution filters out the default hostname (as the azurerm_api_management resource does as well, see https://github.com/terraform-providers/terraform-provider-azurerm/blob/master/azurerm/internal/services/apimanagement/api_management_resource.go#L986 ).

The test cases are succeeding and my local tests are successful with this behaviour:
@kensykora
Copy link

The latest version of azurerm fixed this issue, thank you @patst!

@amkctc amkctc mentioned this issue Apr 12, 2021
Open
@katbyte
Copy link
Collaborator

katbyte commented Jun 23, 2021

closing as it sounds like its fixed!

@katbyte katbyte closed this as completed Jun 23, 2021
@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jul 24, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug service/api-management
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@kensykora @larsmaes @katbyte @maximivanov @AmudaPalani @hgutvik