core_route_table_default_resource should use CreatedPending instead of CreatedTarget.

[johlang-pillar]

The core_route_table_default resource sets the DeletedPending lifecycle target to be the same as the CreatedActual target. This works fine on OCI, because OCI never transitions the RouteTable's lifecycleState to anything when the RouteRules are modified. But on PCA that RouteTable will change to PROVISIONING state (by design to prevent multiple UpdateRouteTable operations), and on destroy the terraform script fails because it detects that the RouteTable is in an unexpected lifecycle state.

The fix would be for DeletedPending setting to be the same as the CreatedPending() setting instead of CreateTarget().

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

terraform -v

Terraform v1.5.7
on linux_amd64

Affected Resource(s)

affected_resources = core_route_table_default

Terraform Configuration Files

provider.tf

provider "oci" {
  #required_providers {
  #  version = "1.4.2"
  #}
  tenancy_ocid     = var.tenancy_ocid
  user_ocid        = var.user_ocid
  fingerprint      = var.fingerprint
  private_key_path = var.private_key_path
  region           = var.region
}

variable.tf

variable "tenancy_ocid" { default = "ocid1.tenancy.1742XC302B.broom8.ux6jjkx6del1zb5d9s8b02nv3lhufqc3ysjoonn34ai66f6l9pak00090146" }

variable "user_ocid" { default = "ocid1.user."}
variable "fingerprint" { default = "" }
variable "private_key_path" { default = "" }
variable "region" { default = "broom8.us.oracle.com" }
variable "compartment_ocid" { default = "ocid1.tenancy." }
variable "public_ssh_key" { default = "id_rsa.pub" }
variable "image_id" { default = "ocid1.image." }

drgsetup.tf

resource "oci_core_vcn" "vcn-cross-vcn-1"{
compartment_id=var.compartment_ocid
cidr_block="10.196.100.0/25"
display_name="vcn-cross-vcn-1"
}

resource "oci_core_subnet" "subnet-cross-vcn-1"{
compartment_id=var.compartment_ocid
cidr_block="10.196.100.0/28"
vcn_id=oci_core_vcn.vcn-cross-vcn-1.id
display_name="subnet-cross-vcn-1"
}

resource "oci_core_drg" "drg-cross-vcn-1"{
compartment_id=var.compartment_ocid
display_name="drg-cross-vcn-1"
}

resource "oci_core_drg_attachment" "drg-attachment-drg-cross-vcn-1"{
display_name="drg-attachment-cross-vcn-1"
drg_id=oci_core_drg.drg-cross-vcn-1.id
vcn_id=oci_core_vcn.vcn-cross-vcn-1.id
}

resource "oci_core_default_route_table" "default-route-table-vcn-1"{
compartment_id=var.compartment_ocid
manage_default_resource_id=oci_core_vcn.vcn-cross-vcn-1.default_route_table_id
route_rules{
network_entity_id=oci_core_drg.drg-cross-vcn-1.id
destination="10.80.79.5/32"
destination_type="CIDR_BLOCK"
}
route_rules{
network_entity_id=oci_core_drg.drg-cross-vcn-1.id
destination="10.196.100.128/25"
destination_type="CIDR_BLOCK"
}
}

resource "oci_core_default_security_list" "default-security-list-vcn-1"{
compartment_id=var.compartment_ocid
manage_default_resource_id=oci_core_vcn.vcn-cross-vcn-1.default_security_list_id
ingress_security_rules{
source="0.0.0.0/0"
protocol="all"
}
egress_security_rules{
destination="0.0.0.0/0"
protocol="all"
}
}



resource "oci_core_instance" "instance-cross-vcn-1"{
compartment_id=var.compartment_ocid
display_name="instance-cross-vcn-1"
availability_domain="AD-1"
shape="VM.PCAStandard1.2"
metadata={
"ssh_authorized_key"=var.public_ssh_key
}
source_details{
source_type="image"
source_id=var.image_id
}
create_vnic_details{
subnet_id=oci_core_subnet.subnet-cross-vcn-1.id
assign_public_ip=false
}
availability_config{
is_live_migration_preferred=true
}
}

resource "oci_file_storage_file_system" "file-system-cross-vcn-1"{
compartment_id=var.compartment_ocid
availability_domain="AD-1"
}

resource "oci_file_storage_mount_target" "mount-target-cross-vcn-1"{
compartment_id=var.compartment_ocid
availability_domain="AD-1"
subnet_id=oci_core_subnet.subnet-cross-vcn-1.id
}

resource "oci_file_storage_export" "export-cross-vcn-1"{
export_set_id=oci_file_storage_mount_target.mount-target-cross-vcn-1.export_set_id
file_system_id=oci_file_storage_file_system.file-system-cross-vcn-1.id
path="AUTOSELECT"
export_options{
source="10.196.100.128/25"
}
}


resource "oci_core_vcn" "vcn-cross-vcn-2"{
compartment_id=var.compartment_ocid
cidr_block="10.196.143.128/25"
display_name="vcn-cross-vcn-2"
}

resource "oci_core_subnet" "subnet-cross-vcn-2"{
compartment_id=var.compartment_ocid
cidr_block="10.196.143.128/28"
vcn_id=oci_core_vcn.vcn-cross-vcn-2.id
display_name="subnet-cross-vcn-2"
}

resource "oci_core_drg" "drg-cross-vcn-2"{
compartment_id=var.compartment_ocid
display_name="drg-cross-vcn-2"
}

resource "oci_core_drg_attachment" "drg-attachment-drg-cross-vcn-2"{
display_name="drg-attachment-cross-vcn-2"
drg_id=oci_core_drg.drg-cross-vcn-2.id
vcn_id=oci_core_vcn.vcn-cross-vcn-2.id
}

resource "oci_core_default_route_table" "default-route-table-vcn-2"{
compartment_id=var.compartment_ocid
manage_default_resource_id=oci_core_vcn.vcn-cross-vcn-2.default_route_table_id
route_rules{
network_entity_id=oci_core_drg.drg-cross-vcn-2.id
destination="10.80.79.5/32"
destination_type="CIDR_BLOCK"
}
route_rules{
network_entity_id=oci_core_drg.drg-cross-vcn-2.id
destination="10.196.100.0/25"
destination_type="CIDR_BLOCK"
}
}

resource "oci_core_default_security_list" "default-security-list-vcn-2"{
compartment_id=var.compartment_ocid
manage_default_resource_id=oci_core_vcn.vcn-cross-vcn-2.default_security_list_id
ingress_security_rules{
source="0.0.0.0/0"
protocol="all"
}
egress_security_rules{
destination="0.0.0.0/0"
protocol="all"
}
}

resource "oci_core_instance" "instance-cross-vcn-2"{
compartment_id=var.compartment_ocid
display_name="instance-cross-vcn-2"
availability_domain="AD-1"
shape="VM.PCAStandard1.2"
metadata={
"ssh_authorized_key"=var.public_ssh_key
}
source_details{
source_type="image"
source_id=var.image_id
}
create_vnic_details{
subnet_id=oci_core_subnet.subnet-cross-vcn-2.id
assign_public_ip=false
}
availability_config{
is_live_migration_preferred=true
}
}

resource "oci_file_storage_file_system" "file-system-cross-vcn-2"{
compartment_id=var.compartment_ocid
availability_domain="AD-1"
}

resource "oci_file_storage_mount_target" "mount-target-cross-vcn-2"{
compartment_id=var.compartment_ocid
availability_domain="AD-1"
subnet_id=oci_core_subnet.subnet-cross-vcn-2.id
}

resource "oci_file_storage_export" "export-cross-vcn-2"{
export_set_id=oci_file_storage_mount_target.mount-target-cross-vcn-2.export_set_id
file_system_id=oci_file_storage_file_system.file-system-cross-vcn-2.id
path="AUTOSELECT"
export_options{
source="10.196.100.0/25"
}
}



output "vcn-1-id"{
value=oci_core_vcn.vcn-cross-vcn-1.id
}

output "vcn-2-id"{
value=oci_core_vcn.vcn-cross-vcn-2.id
}

output "subnet-1-id"{
value=oci_core_subnet.subnet-cross-vcn-1.id
}

output "subnet-2-id"{
value=oci_core_subnet.subnet-cross-vcn-2.id
}

output "drg-1-id"{
value=oci_core_drg.drg-cross-vcn-1.id
}

output "drg-2-id"{
value=oci_core_drg.drg-cross-vcn-2.id
}

output "drg-attachment-1"{
value=oci_core_drg_attachment.drg-attachment-drg-cross-vcn-1.id
}

output "drg-attachment-2"{
value=oci_core_drg_attachment.drg-attachment-drg-cross-vcn-2.id
}

output "instance-1-id"{
value=oci_core_instance.instance-cross-vcn-1.id
}

output "instance-2-id"{
value=oci_core_instance.instance-cross-vcn-2.id
}

output "export-1-id"{
value=oci_file_storage_export.export-cross-vcn-1.id
}

output "export-2-id"{
value=oci_file_storage_export.export-cross-vcn-2.id
}

Debug Output

Panic Output

Expected Behavior

terraform destroy --auto-approve

Actual Behavior

Terraform destroy reports the following error when first run. A rerun works since all the RouteRules have already been deleted.

2024-02-29T11:33:41.145Z [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
╷
│ Error: During deletion, Terraform expected the resource to reach state(s): AVAILABLE, but the service reported unexpected state: PROVISIONING.
│
│
╵
╷
│ Error: During deletion, Terraform expected the resource to reach state(s): AVAILABLE, but the service reported unexpected state: PROVISIONING.
│
│
╵

Steps to Reproduce

1. Get access to a PCA or CCC platform.
2. `terraform apply --auto-approve
3. 'terraform destroy --auto-approve`

Important Factoids

This was run on a PCA Rack. It will only show up when Terraform is run on a PCA or CCC appliance. It will always happen if a Drg RouteRule is created in the Default RouteTable. It will sometimes happen on other Route Rules.

References

[tf-oci-pub]

Thank you for reporting the issue. We observed the affected resources are not provided in the description or it's incorrect. We request you to add it in issue description as mentioned in below format.
Example: affected_resources = oci_core_instance , oci_core_instances

If it's not related to any particular resource then mention affected resource as terraform.
Example: affected_resources = terraform

As this works through automation, request you to follow exact syntax.

[johlang-pillar]

affected_resources = core_route_table_default

[johlang-pillar]

This is the required change.

index 0771975..9690415 100644
--- a/internal/service/core/core_route_table_default_resource.go
+++ b/internal/service/core/core_route_table_default_resource.go
@@ -92,7 +92,7 @@ func (s *DefaultRouteTableResourceCrud) Delete() error {
 // You can't actually delete a default resource, so the creation target
 // states are valid states for when waiting for delete to complete
 func (s *DefaultRouteTableResourceCrud) DeletedPending() []string {
-       return s.CreatedTarget()
+       return s.CreatedPending()
 }

 func (s *DefaultRouteTableResourceCrud) DeletedTarget() []string {