template_file - terraform will perform the following actions when none needed

[cyrus-mc]

Currently in the process of migrating all our modules (actually complete) over to v0.12.

We are finding that after doing so we notice that Terraform wants to apply changes when no changes are needed. This has specifically been noted for the template_file resource.

The nice thing about this is it actually doesn't change any physical resources. But for those on our team who are not as knowledgeable with Terraform it gives them pause when running an apply after converting.

Terraform Version

› terraform -v
Terraform v0.12.0
+ provider.aws v2.13.0
+ provider.template v2.1.2

Terraform Configuration Files

Here is the state of the resource prior to conversion

› terraform state list
data.template_file.stub
module.file.data.aws_region.current
module.file.data.aws_security_group.default
module.file.data.aws_subnet.selected
module.file.data.template_file.dashboard
module.file.data.template_file.iam_default_policy
module.file.aws_iam_policy.default
module.file.aws_iam_role.default
module.file.aws_iam_role_policy_attachment.default
module.file.aws_iam_role_policy_attachment.iam_for_lambda_vpc                                                          module.file.aws_lambda_function.lambda-file                                                                                                                                                                                                   

› terraform state show "module.file.data.template_file.dashboard"
# module.file.data.template_file.dashboard:
data "template_file" "dashboard" {
    id       = "685f936a091f7bcabb5115dd4846f14c0a9d6ef28eb3fa3c17ba344f2110e26a"
    rendered = jsonencode(
        {
            widgets = [
                {
                    height     = 6
                    properties = {
                        metrics = []                                                                                                          
                        region  = "us-west-2"                                                                                                  
                        stacked = false                                                                                                        
                        view    = "timeSeries"
                    }
                    type       = "metric"
                    width      = 24
                    x          = 0
                    y          = 0
                },
            ]
        }
    )
    template = "{\n    \"widgets\": [\n        {\n            \"type\": \"metric\",\n            \"x\": 0,\n            \"y\": 0,\n            \"width\": 24,\n            \"height\": 6,\n            \"properties\": {\n                \"metrics\": [\n                  ${list_of_metrics}\n                ],\n                \"view\": \"timeSeries\",\n                \"stacked\": false,\n                \"region\": \"${region}\"\n            }\n        }\n    ]\n}\n\n"
    vars     = {
        "list_of_metrics" = ""                                                                                                 "region"          = "us-west-2"                                                                                    }                                                                                                                  }

And here is the output of the plan and state after conversion

Terraform will perform the following actions:

  # module.file.data.template_file.dashboard will be read during apply
  # (config refers to values not yet known)
 <= data "template_file" "dashboard"  {
      + id       = (known after apply)
      + rendered = (known after apply)                                                                                       + template = "{\n    \"widgets\": [\n        {\n            \"type\": \"metric\",\n            \"x\": 0,\n            \"y\": 0,\n            \"width\": 24,\n            \"height\": 6,\n            \"properties\": {\n                \"metrics\": [\n                  ${list_of_metrics}\n                ],\n                \"view\": \"timeSeries\",\n                \"stacked\": false,\n                \"region\": \"${region}\"\n            }\n        }\n    ]\n}\n\n"
      + vars     = {
          + "list_of_metrics" = ""
          + "region"          = "us-west-2"
        }
    }

Plan: 0 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

module.file.data.template_file.dashboard: Refreshing state...

Apply complete! Resources: 0 added, 0 changed, 0 destroyed.

# module.file.data.template_file.dashboard:
data "template_file" "dashboard" {
    id       = "685f936a091f7bcabb5115dd4846f14c0a9d6ef28eb3fa3c17ba344f2110e26a"
    rendered = jsonencode(
        {
            widgets = [
                {
                    height     = 6
                    properties = {
                        metrics = []
                        region  = "us-west-2"
                        stacked = false
                        view    = "timeSeries"
                    }
                    type       = "metric"
                    width      = 24
                    x          = 0
                    y          = 0
                },
            ]
        }
    )
    template = "{\n    \"widgets\": [\n        {\n            \"type\": \"metric\",\n            \"x\": 0,\n            \"y\": 0,\n            \"width\": 24,\n            \"height\": 6,\n            \"properties\": {\n                \"metrics\": [\n                  ${list_of_metrics}\n                ],\n                \"view\": \"timeSeries\",\n                \"stacked\": false,\n                \"region\": \"${region}\"\n            }\n        }\n    ]\n}\n\n"
    vars     = {
        "list_of_metrics" = ""
        "region"          = "us-west-2"
    }
}

As you can see it lists a change it will apply (just create the template). After applying a show on the state of that resources shows it is exactly the same as it was before. Contents are the same and the ID hasn't change.

Expected Behavior

Since there is no change, terraform should indicate the infrastructure is up to date.

[apparentlymart]

Hi @cyrus-mc! Sorry for this odd behavior.

Could you also share the configuration of the data resource? It looks like the output shown here is all state/plan data, rather than configuration.

[apparentlymart]

Hi @cyrus-mc!

We didn't hear back from you, so I'm going to close this out.

One common reason for a perpetual plan to read a data resource is if depends_on is set for it. depends_on for a data resource forces its read action to always happen during the apply step, because there isn't enough information available in the refresh step to know if it's safe to read then and so Terraform must be conservative.

#17034 is the main issue representing that limitation. In the mean time, the solution is to avoid using depends_on in data blocks and instead use implicit dependencies via references. For example, you can add an additional element to the vars map in the template_file to refer to some unchanging attribute of the resource it depends on, and then Terraform will know that it's safe to read that data source as long as the attribute in question has a known value during refresh.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.