Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix for #33 #70

Closed
wants to merge 2 commits into from
Closed

Fix for #33 #70

wants to merge 2 commits into from

Conversation

mslipets
Copy link

Description

in Motivation and Context ⤵

Motivation and Context

attempt to fix #33
also mentioned at #26 (comment)

Breaking Changes

No breaking changes.

How Has This Been Tested?

Tested on sandbox environment as a part of destroy phase,
otherwise destroy comes out with:

Error: Invalid index

  on .terraform/modules/test-sonar-ecs-service.ssl-cert/main.tf line 6, in locals:
   6:   validation_domains = var.create_certificate ? [for k, v in aws_acm_certificate.this[0].domain_validation_options : tomap(v) if contains(local.distinct_domain_names, replace(v.domain_name, "*.", ""))] : []
    |----------------
    | aws_acm_certificate.this is empty tuple

The given key does not identify an element in this collection value.

@mslipets
Copy link
Author

Hi @antonbabenko,
please consider on this PR as it helps to eliminate the need of changing value of create_certificate param, each time on destroy of configuration (really useful for testing modules with terratest)

@antonbabenko
Copy link
Member

I will try to take a look at this during this week.

The solution is probably a bit more complicated than the fix you are proposing here so I can't just merge this easily with certaincy.

@mslipets
Copy link
Author

mslipets commented Feb 2, 2021

Hello @antonbabenko,
i was wondering if you had a chance to look into proposed solution?

(it eliminates the edge case when "aws_acm_certificate" was not created or is not present in state,
but locals gets evaluated each time before building execution graph)

e.g. hashicorp/terraform#17425

@antonbabenko
Copy link
Member

Unfortunately, I have not had time for this yet.

@mslipets
Copy link
Author

@mslipets gently poking @antonbabenko just to remind. (if you don't mind =)

This was referenced Feb 17, 2021
Closed
Merged
@mslipets
Copy link
Author

@antonbabenko i'm afraid that #71 does not really closes #70,
as the root cause of #33 and issue mentioned in #26 is in aws_acm_certificate.this[0] which causes the issue when there is no acm certificate resource in state...

@antonbabenko
Copy link
Member

Ok. Please provide the exact values you are trying to pass to the module to get such an issue. I can see a lot of comments but nowhere I can see the actual code which does not work. It is just impossible for me to figure out the broken condition which the PR should fix.

module "acm" {
  source  = "terraform-aws-modules/acm/aws"

  domain_name  = "my-domain.com"
  zone_id      = "Z2ES7B9AZ6SHAE"

  # ??? what to put here to get the error ???
}

@szEvEz
Copy link

szEvEz commented May 25, 2021
edited
Loading

I've also stumbled on this issue.

I have 2 existing certificates in terraform.

module "acm-mydomain" {
  source  = "terraform-aws-modules/acm/aws"
  version = "3.0.0"

  domain_name                                 = "mydomain.com"
  subject_alternative_names                   = ["*.mydomain.com"]
  certificate_transparency_logging_preference = true
  validate_certificate = false
}

module "acm-mydomain2" {
  source  = "terraform-aws-modules/acm/aws"
  version = "3.0.0"

  domain_name                                 = "mydomain2.com"
  certificate_transparency_logging_preference = true
  validate_certificate = false
}

I created a new certificate via the UI, now I wanted to import the existing certificate by creating the resource and running the import statement

module "acm-manual-created" {
  source  = "terraform-aws-modules/acm/aws"
  version = "3.0.0"

  domain_name                                 = "*.myamazindmanuallycreateddomain.com"
  certificate_transparency_logging_preference = true
  validate_certificate = false
}

terraform import 'module.acm-manual-created.aws_acm_certificate.this[0]' arn:aws:arnstuff

Which throws an error for the existing certificates?

│ Error: Invalid index                                                                                                                                                                                                                                                                    
│                                                                                                                                                                                                                                                                                         
│   on .terraform/modules/acm-mydomain/main.tf line 8, in locals:                                                                                                                                                                                                                  
│    8:   validation_domains = var.create_certificate ? [for k, v in aws_acm_certificate.this[0].domain_validation_options : tomap(v) if contains(local.distinct_domain_names, replace(v.domain_name, "*.", ""))] : []                                                                    
│     ├────────────────                                                                                                                                                                                                                                                                   
│     │ aws_acm_certificate.this is empty tuple                                                                                                                                                                                                                                           
│                                                                                                                                                                                                                                                                                         
│ The given key does not identify an element in this collection value.                                                                                                                                                                                                                    
╵                                                                                                                                                                                                                                                                                         
                                                                                                                                                                                                                                                                                          
╷                                                                                                                                                                                                                                                                                         
│ Error: Invalid index                                                                                                                                                                                                                                                                    
│                                                                                                                                                                                                                                                                                         
│   on .terraform/modules/acm-mydomain2/main.tf line 8, in locals:                                                                                                                                                                                                        
│    8:   validation_domains = var.create_certificate ? [for k, v in aws_acm_certificate.this[0].domain_validation_options : tomap(v) if contains(local.distinct_domain_names, replace(v.domain_name, "*.", ""))] : []                                                                    
│     ├────────────────                                                                                                                                                                                                                                                                   
│     │ aws_acm_certificate.this is empty tuple                                                                                                                                                                                                                                           
│                                                                                                                                                                                                                                                                                         
│ The given key does not identify an element in this collection value.

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Invalid Index?
3 participants
@mslipets @antonbabenko @szEvEz