tf always report changes to cloudflare_record of type SRV since v3.25.0

[andyli]

Confirmation

• My issue isn't already found on the issue tracker.
• I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

$ terraform version
Terraform v1.3.2
on linux_amd64
+ provider registry.terraform.io/cloudflare/cloudflare v3.25.0
+ provider registry.terraform.io/hashicorp/aws v4.34.0
+ provider registry.terraform.io/hashicorp/random v3.4.3

Affected resource(s)

cloudflare_record

Terraform configuration files

resource "cloudflare_record" "charleywong-info-imap" {
  zone_id = data.cloudflare_zone.charleywong-info.id
  name    = "_imap._tcp"
  value   = "0\t0\t."
  type    = "SRV"
  ttl     = 1
  proxied = false
}

Link to debug output

https://gist.github.com/andyli/b997817655eb2b6645da1d28b2e811fb

Panic output

No response

Expected output

no changes

Actual output

always changes to the cloudflare_record resource

  # cloudflare_record.charleywong-info-imap will be updated in-place
  ~ resource "cloudflare_record" "charleywong-info-imap" {
        id              = "9e04e9f9cb3494526a1cdc1681923336"
        name            = "_imap._tcp"
        # (12 unchanged attributes hidden)

      - data {
          - algorithm      = 0 -> null
          - altitude       = 0 -> null
          - digest_type    = 0 -> null
          - key_tag        = 0 -> null
          - lat_degrees    = 0 -> null
          - lat_minutes    = 0 -> null
          - lat_seconds    = 0 -> null
          - long_degrees   = 0 -> null
          - long_minutes   = 0 -> null
          - long_seconds   = 0 -> null
          - matching_type  = 0 -> null
          - name           = "charleywong.info" -> null
          - order          = 0 -> null
          - port           = 0 -> null
          - precision_horz = 0 -> null
          - precision_vert = 0 -> null
          - preference     = 0 -> null
          - priority       = 0 -> null
          - proto          = "_tcp" -> null
          - protocol       = 0 -> null
          - selector       = 0 -> null
          - service        = "_imap" -> null
          - size           = 0 -> null
          - target         = "." -> null
          - type           = 0 -> null
          - usage          = 0 -> null
          - weight         = 0 -> null
        }

        # (1 unchanged block hidden)
    }

Steps to reproduce

1. create a cloudflare_record of type = "SRV"
2. apply it
3. apply it again, changes detected

Additional factoids

No response

References

No response

[jacobbednarz]

using https://github.com/cloudflare/terraform-provider-cloudflare/blob/master/internal/provider/resource_cloudflare_record_test.go#L188 as a test case, I'm unable to replicate. are you able to run this example locally and confirm if you're still seeing the issue?

[andyli]

Notice my provided tf code uses value without any data block. I'm not sure if it's still allowed with recent versions of terraform-provider-cloudflare - I wrote that when I first terraform import my cf records.

I have just rewritten all my SRV cf record resource to use data blocks instead, and it is okay now (no more changes to be applied).

[jacobbednarz]

good to know @andyli, thanks. i'm unsure if earlier versions allowed that intentionally but the data block should be the way forward so using that is your best bet.

[graudeejs]

Having this issue with data block.
Originally I imported CF into terraform using cf-terraforming

My issue is with: data.name, data.proto and data.service

If I don't set them, then they are being "removed" every time.
If I set them then they are begin "added" every time.

CF provider version 4.35.0

Annoying

Update:
just for the record: I did move my CF record into module after it was imported into TF state

[MAN98]

seeing the same as @graudeejs in my repo. @jacobbednarz what's the proper way of handling this?

[graudeejs]

I worked this around by setting value instead and using lifecycle hooks to ignore data changes

[MAN98]

@graudeejs - according to the provider documentation, value conflicts with data block. Can you provide an example of how you can specify value for an SRV cloudflare_record?

[graudeejs]

resource "cloudflare_record" "example" {
  type    = "SRV"
  name    = "example" 
  ttl     = 3600
  zone_id = "example_zone_id"
  proxied = false

  priority = 100

  # weight port host
  value = "100 443 foo.example.com"

  lifecycle {
    ignore_changes = [
      data
    ]
  }
}

[graudeejs]

I've abstracted this in module (needed module anyway) - using string interpolation to build value from module parameters

[MAN98]

Thanks for sharing @graudeejs

[janik-cloudflare]

Just found this thread. Sorry for the hassle, perhaps it would've been better not to make this a slow rollout so that it's applied to all zones at the same time.

This change has been rolled out to most zones now, which means the API no longer sends the "service"/"proto"/"name" data fields. Except for a few zones (those will be rolled out later in the week) it should be possible to simply omit these fields from the data map, and Terraform should not report any diffs. If, on Monday, any diffs are still shown with the fields removed from the data map, please let us know!

Apologies again for this issue, it's pretty annoying indeed.