-
Notifications
You must be signed in to change notification settings - Fork 112
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Feature request: Option to ignore failures for data source "http" #107
Comments
We have to be able to not fail on error here, for example if our firewall rules block the site or some other network problem. |
Agreed with the value of returning the HTTP response status code verbatim and without prematurely acting on it - I've dropped a comment in #114 (comment) - WDYT? That said, what would you expect to happen if a lower-level error occurred (e.g. DNS resolution failure) which effectively resulted in no HTTP status code being available to evaluate at all? It sounds like you'd still prefer to ignore those types of errors too - in which case, we're probably looking at more generic error handling like |
The primary functionality needed is to be able to provide an option/mechanism to prevent The secondary functionality needed would be to provide a cached value, so that a failure does not then remove the firewall rules, and then a subsequent run re-adds the firewall rules.... this would cause some very unusual network issues that would be difficult to track down. It sounds like Although I'm not sure if older versions of Terraform support A |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. |
Current Terraform Version
Use-cases
We use the
http
data source to query a list of current IP CIDRs from vendors such as CloudFlare, so we can add those ranges to our security groups. However, occasionally one of those http sources may return a 500 error. We don't need to pull this value on every single terraform apply, because the old values that were already applied will continue to work until the service returns.Attempted Solutions
This is an example of our code. I have not found a workaround for this issue because Terraform simply dies with "500 Error".
An alternative to this would be to use a null resources with "local-exec" provisioner to call
curl
orwget
, but that would not necessarily be portable (Dockerized versions of Terraform might not includecurl
, and behavior would have to change on Windows). Since there is already a data source for doing an HTTP GET. we might as well extend its functionality to support ignoring these failures.(On earlier versions of Terraform, it actually gives no indication that this module was causing the error (even with TF_DEBUG=TRACE); I had to upgrade Terraform to figure out it was coming from this module block.)
Proposal
Support an input to the module such as
ignore_errors = true
.Alternate proposal: support specifying the range of return statuses that signify success (
http_status_success_range = [ 200, 599 ]
).It also would be great to support passing this as an environment variable so when the error occurs we can temporarily enable/disable this behavior and continue to apply our infrastructure, rather than having to modify the code to ignore errors, which is not necessarily what we want.
References
The text was updated successfully, but these errors were encountered: