terraform: remote state file exists check issue #6296
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
In the official CLI implementation of Terraform, if the state file does not exist, a new one will be created, and there is no need to check that the state file already exists and with an error if file not exists. ```bash # Test command terraform apply -state test.tfstate. # if state file not exists ,terraform will create a new one terraform destroy -state test1.tfstate ### Terraform will not throw any error, the command will succeed execute, only report no resource has destroy ```
ansibullbot
added
bug
This comment was marked as outdated.
This comment was marked as outdated.
ansibullbot
added
the
needs_revision
add 1 blank line to function end
remove file exists check (ansible-collections#6296)
|
The test The test The test The test The test The test |
russoz
reviewed
Apr 7, 2023
There was a problem hiding this comment.
hi @LanceNero thanks for your contribution!
Question: shouldn't the presence of the state file be required when state=absent, I mean, if we are decommissioning infrastructure, it should exist in a state file, no?
felixfontein
added
check-before-release
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
Hi Alexei I think yes, the answer is NO. because even the state file not exists that will not cause any error from terraform cmd, and the user program does not have any wrong behavior, It just ran once and without any effect. I think we don't need to add an error to block the user's program, but we cloud to provide a warning to let users know their program has not achieved their expected goals, then they will check the state file path. but now, according to the current implementation, if I want to specify the state file output to another directory when the backend is local, this module will throw an error and block subsequent tasks.
|
ansibullbot
added
ci_verified
russoz
changed the title
russoz
reviewed
Apr 9, 2023
|
Hmm, maybe I understand the code wrong, but aren't you also removing that condition when (Also sanity tests are currently failing, the changelog fragment is missing the correct extension.) |
Actually that was hist very first intention, and as far as I can tell, there is nothing wrong with that. For states My doubt was for state
Yeah, @LanceNero you need to fix that before we can merge this PR. |
|
May be that is OK (I'm not familiar with terraform), but in my opinion the change for state=present would definitely not be a bugfix, but a feature. |
|
Errr, I hadn't paid attention to that. Yes, definitely a feature not a bugfix. And come to think about it, it would be nice to mention in the docs for the |
Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com>
This comment was marked as outdated.
This comment was marked as outdated.
Docs Build 📝Thank you for contribution!✨ This PR has been merged and your docs changes will be incorporated when they are next published. |
ansibullbot
added
feature
Actually, previous implementations of this program did not perform the correct operation, when the state is set to "present"( planned stage will ignore this param) and we set the state_file param a value (even default name terraform.tfstate ) it wouldn't work and will throw an error, that means this param only work when the state is "absent". that's why I set the tag as bug_fix. But If you think it should be classified as feature improvement, I'm ok with it, I've changed the fragment and PR comment to feature release. |
felixfontein
removed
backport-5
check-before-release
Backport to stable-6: 💚 backport PR created✅ Backport PR branch: Backported as #6331 🤖 @patchback |
patchback bot
pushed a commit
that referenced
this pull request
Apr 13, 2023
* remote state file exists check In the official CLI implementation of Terraform, if the state file does not exist, a new one will be created, and there is no need to check that the state file already exists and with an error if file not exists. ```bash # Test command terraform apply -state test.tfstate. # if state file not exists ,terraform will create a new one terraform destroy -state test1.tfstate ### Terraform will not throw any error, the command will succeed execute, only report no resource has destroy ``` * Update terraform.py add 1 blank line to function end * Create 6296-LanceNero-Terraform_statefile_check remove file exists check (#6296) * resolve if case issue * Add blank line * Update 6296-LanceNero-Terraform_statefile_check * Update changelogs/fragments/6296-LanceNero-Terraform_statefile_check Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> * update code style Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> * Update suffix to correct CI issue * Update Code Style * Update bug-fix to feature release --------- Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> (cherry picked from commit bf780ea)
|
@LanceNero thanks for your contribution! |
felixfontein
pushed a commit
that referenced
this pull request
Apr 13, 2023
…xists check issue (#6331) terraform: remote state file exists check issue (#6296) * remote state file exists check In the official CLI implementation of Terraform, if the state file does not exist, a new one will be created, and there is no need to check that the state file already exists and with an error if file not exists. ```bash # Test command terraform apply -state test.tfstate. # if state file not exists ,terraform will create a new one terraform destroy -state test1.tfstate ### Terraform will not throw any error, the command will succeed execute, only report no resource has destroy ``` * Update terraform.py add 1 blank line to function end * Create 6296-LanceNero-Terraform_statefile_check remove file exists check (#6296) * resolve if case issue * Add blank line * Update 6296-LanceNero-Terraform_statefile_check * Update changelogs/fragments/6296-LanceNero-Terraform_statefile_check Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> * update code style Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> * Update suffix to correct CI issue * Update Code Style * Update bug-fix to feature release --------- Co-authored-by: Alexei Znamensky <103110+russoz@users.noreply.github.com> (cherry picked from commit bf780ea) Co-authored-by: LanceNero <Lance.nero@gmail.com>
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Apr 26, 2023
v7.5.0 Minor Changes ------------- ansible.posix ~~~~~~~~~~~~~ - Add jsonl callback plugin to ansible.posix collection - firewalld - add `protocol` parameter cisco.aci ~~~~~~~~~ - Add aci_access_span_dst_group module for fabric access policies span destination group support - Add aci_access_span_filter_group and aci_access_span_filter_group_entry modules for access span filter group support - Add aci_config_export_policy module - Add aci_igmp_interface_policy module - Add aci_interface_config module for new interface configuration available in ACI v5.2(5)+ - Add aci_interface_policy_spanning_tree module cisco.dnac ~~~~~~~~~~ - accesspoint_configuration_details_by_task_id_info - new module - authentication_policy_servers_info - new module - credential_to_site_by_siteid_create_v2 - new module - device_interface_info - attributes `lastInputTime` and `lastOutputTime` were added. - device_reboot_apreboot_info - new module - dnac_packages_info - new module - eox_status_device_info - new module - eox_status_summary_info - new module - event_email_config - new module - event_email_config_info - new module - event_snmp_config_info - new module - event_syslog_config - new module - event_syslog_config_info - new module - execute_suggested_actions_commands - new module - global_credential_v2 - new module - global_credential_v2_info - new module - integration_settings_instances_itsm - new module - integration_settings_instances_itsm_info - new module - lan_automation_log_by_serial_number_info - new module - network_device_user_defined_field - new module - network_device_user_defined_field_info - new module - network_v2 - new module - network_v2_info - new module - pnp_device_claim_to_site - attributes `removeInactive` and `hostname` were removed. - role_permissions_info - new module - roles_info - new module - sda_fabric_border_device - attributes `routeDistributionProtocol` and `borderPriority` were added. - sda_fabric_control_plane_device attribute `routeDistributionProtocol` was added. - sda_fabric_edge_device - attribute `siteNameHierarchy` was added. - sda_fabric_site - attribute `fabricType` was added. - sda_port_assignment_for_user_device - attribute `interfaceNames` was added. - sda_virtual_network - attribute `vManageVpnId` was added. - sda_virtual_network_ip_pool - attribute `isBridgeModeVm` was added. - sda_virtual_network_v2 - attribute `isBridgeModeVm` was added. - service_provider_v2 - new module - service_provider_v2_info - new module - sp_profile_delete_v2 - new module - user - new module - user_info - new module - users_external_servers_info - new module - wireless_accespoint_configuration - new module - wireless_accesspoint_configuration_summary_info - new module cisco.ios ~~~~~~~~~ - ios_bgp_address_family - add option redistribute.ospf.include_connected when redistributing OSPF in IPv6 AFI - ios_bgp_address_family - add option redistribute.ospf.match.externals.type_1 to allow - ios_bgp_address_family - add option redistribute.ospf.match.externals.type_2 to allow - specification of OSPF E1 routes - specification of OSPF E2 routes cisco.mso ~~~~~~~~~ - Add ip_data_plane_learning and preferred_group arguments to mso_schema_template_vrf module - Add module mso_schema_site_anp_epg_bulk_staticport - Add route_reachability attribute to mso_schema_site_external_epg module cisco.nxos ~~~~~~~~~~ - `nxos_route_maps` - add support for 'set ip next-hop <>' command in route-maps - `nxos_vxlan_vtep` - add support for 'advertise virtual-rmac' command under nve interface community.crypto ~~~~~~~~~~~~~~~~ - get_certificate - add ``asn1_base64`` option to control whether the ASN.1 included in the ``extensions`` return value is binary data or Base64 encoded (ansible-collections/community.crypto#592). community.general ~~~~~~~~~~~~~~~~~ - cpanm - minor change, use feature from ``ModuleHelper`` (ansible-collections/community.general#6385). - dconf - be forgiving about boolean values: convert them to GVariant booleans automatically (ansible-collections/community.general#6206). - dconf - minor refactoring improving parameters and dependencies validation (ansible-collections/community.general#6336). - deps module utils - add function ``failed()`` providing the ability to check the dependency check result without triggering an exception (ansible-collections/community.general#6383). - dig lookup plugin - Support multiple domains to be queried as indicated in docs (ansible-collections/community.general#6334). - gitlab_project - add new option ``topics`` for adding topics to GitLab projects (ansible-collections/community.general#6278). - homebrew_cask - allows passing ``--greedy`` option to ``upgrade_all`` (ansible-collections/community.general#6267). - idrac_redfish_command - add ``job_id`` to ``CreateBiosConfigJob`` response (ansible-collections/community.general#5603). - ipa_hostgroup - add ``append`` parameter for adding a new hosts to existing hostgroups without changing existing hostgroup members (ansible-collections/community.general#6203). - keycloak_authentication - add flow type option to sub flows to allow the creation of 'form-flow' sub flows like in Keycloak's built-in registration flow (ansible-collections/community.general#6318). - mksysb - improved the output of the module in case of errors (ansible-collections/community.general#6263). - nmap inventory plugin - added environment variables for configure ``address`` and ``exclude`` (ansible-collections/community.general#6351). - nmcli - add ``macvlan`` connection type (ansible-collections/community.general#6312). - pipx - add ``system_site_packages`` parameter to give application access to system-wide packages (ansible-collections/community.general#6308). - pipx - ensure ``include_injected`` parameter works with ``state=upgrade`` and ``state=latest`` (ansible-collections/community.general#6212). - puppet - add new options ``skip_tags`` to exclude certain tagged resources during a puppet agent or apply (ansible-collections/community.general#6293). - terraform - remove state file check condition and error block, because in the native implementation of terraform will not cause errors due to the non-existent file (ansible-collections/community.general#6296). - udm_dns_record - minor refactor to the code (ansible-collections/community.general#6382). community.zabbix ~~~~~~~~~~~~~~~~ - httpapi plugin - updated to work with Zabbix 6.4. - zabbix_action, zabbix_authentication, zabbix_discovery_rule, zabbix_mediatype, zabbix_user, zabbix_user_directory, zabbix_usergroup - updated to work with Zabbix 6.4. - zabbix_agent role - Add support for SUSE Linux Enterprise Server for SAP Applications ("SLES_SAP"). - zabbix_host - add missing variants for SNMPv3 authprotocol and privprotocol introduced by Zabbix 6 - zabbix_proxy role - Add variable zabbix_proxy_dbpassword_hash_method to control whether you want postgresql user password to be hashed with md5 or want to use db default. When zabbix_proxy_dbpassword_hash_method is set to anything other than md5 then do not hash the password with md5 so you could use postgresql scram-sha-256 hashing method. - zabbix_server role - Add variable zabbix_server_dbpassword_hash_method to control whether you want postgresql user password to be hashed with md5 or want to use db default. When zabbix_server_dbpassword_hash_method is set to anything other than md5 then do not hash the password with md5 so you could use postgresql scram-sha-256 hashing method. - zabbix_usergroup module - userdirectory, hostgroup_rights and templategroup_rights parameters added (Zabbix >= 6.2) - zabbix_web role - possibility to add custom includes in apache vhost config dellemc.powerflex ~~~~~~~~~~~~~~~~~ - Info module is enhanced to support the listing of replication pairs. dellemc.unity ~~~~~~~~~~~~~ - Add synchronous replication support for filesystem. - Support addition of host from the Host List to NFS Export in nfs module. - Support enable/disable advanced dedup in volume module. hetzner.hcloud ~~~~~~~~~~~~~~ - hcloud_image_info - Add cpu architecture field to return value. - hcloud_image_info - Allow filtering images by cpu architecture. - hcloud_server - Select matching image for the cpu architecture of the server type on create & rebuild. - hcloud_server_type_info - Add cpu architecture field to return value. - inventory plugin - Add cpu architecture to server variables. netapp.ontap ~~~~~~~~~~~~ - na_ontap_cifs - new options ``browsable`` and ``show_previous_versions`` added in REST. - na_ontap_cifs - removed default value for ``unix_symlink`` as its not supported with ZAPI. - na_ontap_cifs - updated documentation and examples for REST. - na_ontap_file_security_permissions - updated module examples. - na_ontap_ipspace - improved module fail error message in REST. - na_ontap_rest_info - improved documentation for ``parameters`` option. - na_ontap_security_config - updated documentation for ``supported_cipher_suites``. - na_ontap_user - option ``vserver`` is not required with REST, ignore this option to create cluster scoped user. netbox.netbox ~~~~~~~~~~~~~ - netbox_aggregate - Add tenant as parameter to module - netbox_asn - Add module - netbox_fhrp_group - Add module - netbox_journal_entry - Add module purestorage.flashblade ~~~~~~~~~~~~~~~~~~~~~~ - purefb_info - Added `encryption` and `support_keys` information. - purefb_info - Added bucket quota and safemode information per bucket - purefb_info - Added security update version for Purity//FB 4.0.2, or higher - purefb_info - Updated object store account information - purefb_inventory - Added `part_number` to hardware item information. - purefb_policy - Added support for multiple rules in snapshot policies - purefb_proxy - Added new boolean parameter `secure`. Default of true (for backwards compatability) sets the protocol to be `https://`. False sets `http://` - purefb_s3acc - Added support for default bucket quotas and hard limits - purefb_s3acc - Added support for object account quota and hard limit purestorage.fusion ~~~~~~~~~~~~~~~~~~ - added Python package dependency checks in prerequisites.py - fusion_hap - added missing 'windows' personality type theforeman.foreman ~~~~~~~~~~~~~~~~~~ - content_export_library, content_export_repository, content_export_version - add ``format`` option to control the export format - content_view_filter - add support for creating modulemd filters - content_view_publish role - also accept a list of dicts as the ``content_views`` role for publishing (theforeman/foreman-ansible-modules#1436) - setting - document how to obtain valid setting names (https://bugzilla.redhat.com/show_bug.cgi?id=2174367) Deprecated Features ------------------- cisco.ios ~~~~~~~~~ - ios_bgp_address_family - deprecate redistribute.ospf.match.external with redistribute.ospf.match.externals which enables attributes for OSPF type E1 and E2 routes - ios_bgp_address_family - deprecate redistribute.ospf.match.nssa_external with redistribute.ospf.match.nssa_externals which enables attributes for OSPF type N1 and N2 routes - ios_bgp_address_family - deprecate redistribute.ospf.match.type_1 with redistribute.ospf.match.nssa_externals.type_1 - ios_bgp_address_family - deprecate redistribute.ospf.match.type_2 with redistribute.ospf.match.nssa_externals.type_2
1 task
|
I checked the solution of this issue in a setup described in #6490 and it doesn't work. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
In the official CLI implementation of Terraform, if the state file does not exist, a new one will be created, and there is no need to check that the state file already exists and with an error if file not exists.
SUMMARY
Remove state file check condition and error block, because in the native implementation of terraform will not cause errors due to the non-existent file
Fixes community.general.terraform module paramter state_file throw error due to the non-existent file
ISSUE TYPE
Feature Pull Request
COMPONENT NAME
Fixes community.general.terraform
ADDITIONAL INFORMATION
Terraform CLI result
Ansible Module result
the following code will return an error for the file doesn't exists issue
site.yml