Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to set ACL #229

Closed
timduhenchanter opened this issue Apr 21, 2023 · 3 comments · Fixed by #303
Closed

Failed to set ACL #229

timduhenchanter opened this issue Apr 21, 2023 · 3 comments · Fixed by #303
Labels
bug Something isn't working

Comments

@timduhenchanter
Copy link

timduhenchanter commented Apr 21, 2023
edited
Loading

Terraform version: 1.3.5
Tailscale provider version: 0.13.7
OS: Ubuntu 20.04

I am trying to set a Tailscale ACL via the provider for the first time. There is no existing state for the ACL and I expect the Terraform state to be generated as part of the first apply, however, I am encountering errors requesting that I import the ACL? Please advise.

tailscale_acl.default: Creating...
2023-04-21T12:00:31.337-0700 [INFO]  Starting apply for tailscale_acl.default
2023-04-21T12:00:31.338-0700 [DEBUG] tailscale_acl.default: applying the planned Create change
2023-04-21T12:00:31.934-0700 [ERROR] provider.terraform-provider-tailscale_v0.13.7: Response contains error diagnostic: @caller=github.com/hashicorp/[email protected]/tfprotov5/internal/diag/diagnostics.go:55 diagnostic_summary="Failed to set ACL" tf_proto_version=5.3 tf_resource_type=tailscale_acl tf_rpc=ApplyResourceChange tf_req_id=599122e0-8509-7d08-1127-f1d752314276 @module=sdk.proto diagnostic_detail="! You seem to be trying to overwrite a non-default ACL with a tailscale_acl resource.
Before doing this, please import your existing ACL into Terraform state using:
 terraform import $(this_resource) acl
(got error "precondition failed, invalid old hash (412)")" diagnostic_severity=ERROR tf_provider_addr=provider timestamp=2023-04-21T12:00:31.934-0700
2023-04-21T12:00:31.934-0700 [ERROR] vertex "tailscale_acl.default" error: Failed to set ACL
╷
│ Error: Failed to set ACL
│
│   with tailscale_acl.default,
│   on acls.tf line 1, in resource "tailscale_acl" "default":
│    1: resource "tailscale_acl" "default" {
│
│ ! You seem to be trying to overwrite a non-default ACL with a tailscale_acl
│ resource.
│ Before doing this, please import your existing ACL into Terraform state
│ using:
│  terraform import $(this_resource) acl
│ (got error "precondition failed, invalid old hash (412)")
@timduhenchanter timduhenchanter added the bug Something isn't working label Apr 21, 2023
@markwellis
Copy link
Contributor

markwellis commented Apr 24, 2023
edited
Loading

the error says you need to import the acl into your terraform state before it will let you overwrite it.

terraform import $(this_resource) acl - you need to replace $(this_resource) with your resource name, which is tailscale_acl.default

running terraform import tailscale_acl.default acl will fix this error

see issue #182 for the reason for this error

@timduhenchanter
Copy link
Author

That is fine. I understand the reasoning behind the mentioned ticket but this is kind if counterintuitive to how terraform operates. I went in knowing that the resource object was authoritative and would not expect to have to import existing state in order to be able to define a resource. For example AWS and Google Terraform providers do not raise exceptions if you use an authoritative resource so why would Tailscale?

What is the long term solution to removing the need to import existing data for the provider to function out of the box? ACL versioning?

Importing the existing state did resolve the issue so closing the ticket. Thank you @markwellis .

markwellis added a commit to Agreena-ApS/terraform-provider-tailscale that referenced this issue Nov 15, 2023
@markwellis
added allow_overwrite option to resource_acl
5967605 
so it doesn't need to be imported first, as this breaks is a manual task
that breaks our workflow.

Fixes tailscale#229
@markwellis markwellis mentioned this issue Nov 15, 2023
Merged
markwellis added a commit to Agreena-ApS/terraform-provider-tailscale that referenced this issue Jan 25, 2024
@markwellis
added allow_overwrite option to resource_acl
f0eabb8 
so it doesn't need to be imported first, as this breaks is a manual task
that breaks our workflow.

Fixes tailscale#229
markwellis added a commit to Agreena-ApS/terraform-provider-tailscale that referenced this issue Feb 9, 2024
@markwellis
added overwrite_existing_content option to resource_acl
db90c2a 
so it doesn't need to be imported first, as this breaks is a manual task
that breaks our workflow.

Fixes tailscale#229
knyar pushed a commit that referenced this issue Feb 9, 2024
@markwellis
tailscale: add overwrite_existing_content option to resource_acl (#303
5c36d39 
)

So it doesn't need to be imported first.

Fixes #229
@colans colans mentioned this issue Sep 4, 2024
Open
@colans
Copy link

colans commented Sep 4, 2024

It shouldn't be necessary to run the import command. See #426 for details.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

added allow_overwrite option to resource_acl Agreena-ApS/terraform-provider-tailscale
3 participants
@colans @markwellis @timduhenchanter