no updates when modifying the code

[electropolis]

Describe the bug
It's strange but when changing attribute value no changes are made. I tried with many options but I will focus on related with dhcp server leases and disabled option to show the essence of problem

To Reproduce
provider.tf

terraform {
  required_providers {
    routeros = {
      source = "terraform-routeros/routeros"
    }
  }
}

provider "routeros" {
  hosturl  = "apis://10.255.253.1" # env ROS_HOSTURL or MIKROTIK_HOST
  username = "konrad"               # env ROS_USERNAME or MIKROTIK_USER
  password = "temp123"              # env ROS_PASSWORD or MIKROTIK_PASSWORD
  # ca_certificate = "/path/to/ca/certificate.pem" # env ROS_CA_CERTIFICATE or MIKROTIK_CA_CERTIFICATE
  insecure = true # env ROS_INSECURE or MIKROTIK_INSECURE
}

main.tf

resource "routeros_ip_dhcp_server_lease" "leases" {
  for_each = var.dhcp.leases

  mac_address = each.value.mac
  address     = each.value.ip_address
  comment     = can(each.value.comment) ? each.value.comment : null
  server      = can(each.value.server) ? each.value.server : null
  dhcp_option = can(each.value.dhcp_option) ? each.value.dhcp_option : null
  # disabled = true
}

variables.tf

variable "dhcp" {}

dhcp.auto.tfvars

dhcp = {
  leases = {
    eset-eth = {
    comment = "eset-eth"
    mac = "A8:60:B6:24:EC:61"
    ip_address = "10.255.0.10"
    server = "MGMT_LAN"
    dhcp_option = "h-node"
    }
  }
}

Expected behavior
When running for the first time everything goes well
$ tf plan

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create

Terraform will perform the following actions:

  # routeros_ip_dhcp_server_lease.leases["eset-eth"] will be created
  + resource "routeros_ip_dhcp_server_lease" "leases" {
      + active_address     = (known after apply)
      + active_client_id   = (known after apply)
      + active_hostname    = (known after apply)
      + active_mac_address = (known after apply)
      + active_server      = (known after apply)
      + address            = "10.255.0.10"
      + agent_circuit_id   = (known after apply)
      + agent_remote_id    = (known after apply)
      + block_access       = false
      + blocked            = (known after apply)
      + comment            = "eset-eth"
      + dhcp_option        = "h-node"
      + disabled           = false
      + dynamic            = (known after apply)
      + expires_after      = (known after apply)
      + host_name          = (known after apply)
      + id                 = (known after apply)
      + last_seen          = (known after apply)
      + mac_address        = "A8:60:B6:24:EC:61"
      + radius             = (known after apply)
      + server             = "MGMT_LAN"
      + src_mac_address    = (known after apply)
      + status             = (known after apply)
    }

Plan: 1 to add, 0 to change, 0 to destroy.

Apply works as expected
Apply complete! Resources: 1 added, 0 changed, 0 destroyed.
When changing adding attribute disabled = true it should
change the item to be disabled on MikroTik

13 X ;;; eset-eth
     10.255.0.10                                    A8:60:B6:24:EC:61                                        MGMT_LAN                                                                    waiting never

But instead it does update-in-place and does nothing on MikroTik. Element is still enabled

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # routeros_ip_dhcp_server_lease.leases["eset-eth"] will be updated in-place
  ~ resource "routeros_ip_dhcp_server_lease" "leases" {
      ~ disabled     = false -> true
        id           = "*3176"
        # (11 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

apply gives
Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

Stack Trace
When first element created and apply finished successfully

2023-07-18T00:50:34.952+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: request body:  /ip/dhcp-server/lease/add =disabled=no =address=10.255.0.10 =mac-address=A8:60:B6:24:EC:61 =server=MGMT_LAN =dhcp-option=h-node =block-access=no =comment=eset-eth: tf_provider_addr=terraform-routeros/routeros tf_req_id=b16f14f2-54db-f90e-7c5b-ae8db3fb65a0 tf_rpc=Configure @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros timestamp=2023-07-18T00:50:34.952+0200
2023-07-18T00:50:34.957+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: response body: !done @r1 [{`ret` `*3176`}]: tf_req_id=b16f14f2-54db-f90e-7c5b-ae8db3fb65a0 tf_rpc=Configure @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros tf_provider_addr=terraform-routeros/routeros timestamp=2023-07-18T00:50:34.957+0200
2023-07-18T00:50:34.957+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: request body:  /ip/dhcp-server/lease/print ?.id=*3176: tf_provider_addr=terraform-routeros/routeros tf_req_id=b16f14f2-54db-f90e-7c5b-ae8db3fb65a0 tf_rpc=Configure @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros timestamp=2023-07-18T00:50:34.957+0200
2023-07-18T00:50:34.963+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: response body: !re @r2 [{`.id` `*3176`} {`address` `10.255.0.10`} {`mac-address` `A8:60:B6:24:EC:61`} {`address-lists` ``} {`server` `MGMT_LAN`} {`dhcp-option` `h-node`} {`status` `waiting`} {`last-seen` `never`} {`radius` `false`} {`dynamic` `false`} {`blocked` `false`} {`disabled` `false`} {`comment` `eset-eth`}]
!done @r2 []: tf_rpc=Configure @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros tf_provider_addr=terraform-routeros/routeros tf_req_id=b16f14f2-54db-f90e-7c5b-ae8db3fb65a0 timestamp=2023-07-18T00:50:34.963+0200

When disabled set to true and run apply

2023-07-18T00:58:01.828+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: request body:  /ip/dhcp-server/lease/print ?.id=*3176: @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros tf_provider_addr=terraform-routeros/routeros tf_req_id=d19ffeea-16b5-9783-30e8-5bb39e494e33 tf_rpc=Configure timestamp=2023-07-18T00:58:01.828+0200
2023-07-18T00:58:01.833+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: response body: !re @r1 [{`.id` `*3176`} {`address` `10.255.0.10`} {`mac-address` `A8:60:B6:24:EC:61`} {`address-lists` ``} {`server` `MGMT_LAN`} {`dhcp-option` `h-node`} {`status` `waiting`} {`last-seen` `never`} {`radius` `false`} {`dynamic` `false`} {`blocked` `false`} {`disabled` `false`} {`comment` `eset-eth`}]
!done @r1 []: tf_req_id=d19ffeea-16b5-9783-30e8-5bb39e494e33 tf_rpc=Configure @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros tf_provider_addr=terraform-routeros/routeros timestamp=2023-07-18T00:58:01.833+0200
2023-07-18T00:58:01.834+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: request body:  /ip/dhcp-server/lease/set =address=10.255.0.10 =comment=eset-eth =mac-address=A8:60:B6:24:EC:61 =server=MGMT_LAN =disabled=yes =block-access=no =dhcp-option=h-node: tf_rpc=Configure @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros tf_provider_addr=terraform-routeros/routeros tf_req_id=d19ffeea-16b5-9783-30e8-5bb39e494e33 timestamp=2023-07-18T00:58:01.833+0200
2023-07-18T00:58:01.837+0200 [DEBUG] provider.terraform-provider-routeros_v1.13.0: response body: !done @r2 []: @caller=github.com/terraform-routeros/terraform-provider-routeros/routeros/log.go:16 @module=routeros tf_provider_addr=terraform-routeros/routeros tf_req_id=d19ffeea-16b5-9783-30e8-5bb39e494e33 tf_rpc=Configure timestamp=2023-07-18T00:58:01.837+0200

Strange because it shows that request finished successfully response body: !done but it seems it's a fake information

Additional context
This is just an example when doing additional change on existing resource. The Terraform should work declaratively but right now it looks like this provider can't handle any updates because it requires removing whole resources and then by adding additional feature or like in the example above disabling , changing existing one.

[vaerh]

Hi!
I have already encountered such unexpected behavior of MT + provider + TF bundle. MT has a certain number of "dark places". I will test your configuration at my system and see what happens. If MT is the problem, the only thing I can think of right now is to try to signal such bad points with a non-consistent execution plan. Re-creating resources, in my opinion, is a bad solution, because the above problem can occur at the most unexpected moment, both for resource attributes and ROS version.

[electropolis]

Yeah, creating from beginning isn't the best option. It's literally the opposite of the essence of terraform. Strange because I must admit that I had the same scenario when using Ansible in the same case.

[vaerh]

I will be able to get to the test lab only tomorrow. If you have a desire, try to create a resource using REST API (change the connection string) and see if MT behavior changes.
But in the process of development I got the impression that the internal library that executes CLI, API and REST API is the same, and the application interfaces are small wrappers over it.
What version of ROS are you using?

[electropolis]

The key question is what version I'm using and my fault I didn't provide you with this info. The last version of v6 => 6.49.7 (stable)
So REST API I can test but I need to pull off my second MikroTik and update it to v7 and then make some tests. But as you said probably the library is the same. But does it mean that this provider, which is official one doesn't work at all ?

[vaerh]

Please do not disconnect your working Microtik, there is no urgency, I will check a little later on the docker container.
But there are two key points:

• all testing is done on the 7.x branch (I may be wrong, but on 6.x I had some problems with TF operation, but I can't say what kind of problems I had a long time ago).
• this is not an official TF provider, there is a small footnote on the main page: We are not affiliated in any way with Mikrotik or the development of RouterOS. I have no involvement in the development of ROS, my email to MT support about strange API behavior went unanswered. The provider's capabilities end at the moment of sending data structures to MT and getting a response back.

[electropolis]

Ok I get. So please test and check if this is a v6 problem and on v7 using REST API the problem disappears. I was referring to documentation of your provider and I saw info that this was tested on v6 also and works that's why I was confused when it appears that it doesn't.

[vaerh]

Ok, after testing I'll come back with feedback. Could you please tell me where the 6.x version is mentioned? This is, I think, an artifact and needs to be fixed.

[electropolis]

There wasn't exactly used v6 word but this sentence

This provider allows you to configure Mikrotik routers using old API or REST API, using or not using TLS.

where old api is used refers to v6 because it doesn't have REST API

[vaerh]

Got it, thanks! I'll make an addition to avoid any ambiguity.

[vaerh]

The problem was actually caused by my mistake. Please test the provider after the release and give feedback.

[vaerh]

🎉 This issue has been resolved in version 1.13.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

[electropolis]

The problem was actually caused by my mistake. Please test the provider after the release and give feedback.

Checked
Before:

 3 X ;;; eset-eth
     10.255.0.10                                    A8:60:B6:24:EC:61                                        MGMT_LAN

❯ tf apply --auto-approve
routeros_ip_dhcp_server_lease.leases["sw-poz-1"]: Refreshing state... [id=*3178]
routeros_ip_dhcp_server_lease.leases["eset-eth"]: Refreshing state... [id=*3176]
routeros_ip_dhcp_server_lease.leases["sw-poz-3"]: Refreshing state... [id=*317A]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # routeros_ip_dhcp_server_lease.leases["eset-eth"] will be updated in-place
  ~ resource "routeros_ip_dhcp_server_lease" "leases" {
      - dhcp_option  = "h-node" -> null
      ~ disabled     = true -> false
        id           = "*3176"
        # (10 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.
routeros_ip_dhcp_server_lease.leases["eset-eth"]: Modifying... [id=*3176]
routeros_ip_dhcp_server_lease.leases["eset-eth"]: Modifications complete after 0s [id=*3176]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

After:

 3   ;;; eset-eth
     10.255.0.10                                    A8:60:B6:24:EC:61                                        MGMT_LAN

Also adding a dhcp-option for further tests

❯ tf apply --auto-approve
routeros_ip_dhcp_server_lease.leases["sw-poz-3"]: Refreshing state... [id=*317A]
routeros_ip_dhcp_server_lease.leases["sw-poz-1"]: Refreshing state... [id=*3178]
routeros_ip_dhcp_server_lease.leases["eset-eth"]: Refreshing state... [id=*3176]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  ~ update in-place

Terraform will perform the following actions:

  # routeros_ip_dhcp_server_lease.leases["eset-eth"] will be updated in-place
  ~ resource "routeros_ip_dhcp_server_lease" "leases" {
      + dhcp_option  = "h-node"
        id           = "*3176"
        # (11 unchanged attributes hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.
routeros_ip_dhcp_server_lease.leases["eset-eth"]: Modifying... [id=*3176]
routeros_ip_dhcp_server_lease.leases["eset-eth"]: Modifications complete after 0s [id=*3176]

Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

Worked

 3   ;;; eset-eth
     address=10.255.0.10 mac-address=A8:60:B6:24:EC:61 address-lists="" server=MGMT_LAN dhcp-option=h-node status=waiting last-seen=never

Now update-in-place seems working as expected.

[vaerh]

I saw a typo in the word "code" but never fixed it and it automatically went into the release. 🤦

[electropolis]

I wonder why no one saw that and request an issue. Was it only a problem with v6 ? Does it means most of the users are using v7?

[vaerh]

The problem was for both version 6 and 7 when using the old API. You are right, people are probably using version 7 and the REST API.