Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot create service directory endpoint via terraform #20612

Open
Rassibassi opened this issue Dec 6, 2024 · 6 comments
Open

Cannot create service directory endpoint via terraform #20612

Rassibassi opened this issue Dec 6, 2024 · 6 comments

Comments

@Rassibassi
Copy link

Rassibassi commented Dec 6, 2024

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
  • Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.
  • If an issue is assigned to a user, that user is claiming responsibility for the issue.
  • Customers working with a Google Technical Account Manager or Customer Engineer can ask them to reach out internally to expedite investigation and resolution of this issue.

Terraform Version & Provider Version(s)

Terraform v1.9.8
on

  • provider registry.terraform.io/hashicorp/google v6.12.0
  • provider registry.terraform.io/hashicorp/google-beta v6.12.0

Affected Resource(s)

google_service_directory_endpoint

Terraform Configuration

resource "google_service_directory_endpoint" "this" {
  provider    = google-beta
  endpoint_id = "test"
  service = var.service_directory.service

  network = var.network_id
  address = google_compute_instance.this.network_interface[0].network_ip
  port    = 80
}

Debug Output

Terraform will perform the following actions:
  # google_service_directory_endpoint.this[0] will be created
+ resource "google_service_directory_endpoint" "this" {
+ address     = "10.0.0.10"
+ endpoint_id = "test"
+ id          = (known after apply)
+ name        = (known after apply)
+ network     = "projects/proj-staging/global/networks/proj-staging-network"
+ port        = 80
+ service     = "proj-staging-shared"
}

Expected Behavior

Resource is created, just like when I do:

  gcloud service-directory endpoints create test \
--location=$LOCATION \
--namespace=$NAMESPACE \
--service=$SERVICE \
--network=projects/$PROJECT_ID/locations/global/networks/$NETWORK \
--address=$INTERNAL_IP --port=80

the gcloud CLI command works

Actual Behavior

* Failed to execute "terraform apply" in ./.terragrunt-cache/weO9BUd54ZD_BUkA2z8HBLHgd3E/eLNrTKDaytXVI8Hz_eXVRQMw85w
  ╷
  │ Error: Error creating Endpoint: googleapi: got HTTP response code 404 with body: <!DOCTYPE html>
  │ <html lang=en>
  │   <meta charset=utf-8>
  │   <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
  │   <title>Error 404 (Not Found)!!1</title>
  │   <style>
  │     *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
  │   </style>
  │   <a href=//www.google.com/><span id=logo aria-label=Google></span></a>
  │   <p><b>404.</b> <ins>That’s an error.</ins>
  │   <p>The requested URL <code>/v1beta1/proj-staging-shared/endpoints?alt=json&amp;endpointId=test</code> was not found on this server.  <ins>That’s all we know.</ins>
  │ 
  │ 
  │   with google_service_directory_endpoint.this[0],
  │   on main.tf line 176, in resource "google_service_directory_endpoint" "this":
  │  176: resource "google_service_directory_endpoint" "this" {
  │ 
  ╵
  
  exit status 1

Steps to reproduce

  1. terraform apply

Important Factoids

gcloud CLI version works, where as terraform version fails

References

https://cloud.google.com/monitoring/uptime-checks/private-checks#gcloud-cli

b/389949722

@Rassibassi Rassibassi added the bug label Dec 6, 2024
@github-actions github-actions bot added forward/review In review; remove label to forward service/servicedirectory labels Dec 6, 2024
@NickElliot NickElliot self-assigned this Dec 6, 2024
@NickElliot
Copy link
Collaborator

Could you provide the POST request from the debug log of your attempted apply?

@Rassibassi
Copy link
Author

[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: 2024/12/08 12:21:12 [DEBUG] Creating new Endpoint: map[string]interface {}{"address":"10.0.0.10", "network":"projects/proj-staging/global/networks/proj-staging-network", "port":80}
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: 2024/12/08 12:21:12 [DEBUG] Waiting for state to become: [success]
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: 2024/12/08 12:21:12 [DEBUG] Retry Transport: starting RoundTrip retry loop
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: 2024/12/08 12:21:12 [DEBUG] Retry Transport: request attempt 0
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: 2024/12/08 12:21:12 [DEBUG] Google API Request Details:
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: ---[ REQUEST ]---------------------------------------
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: POST /v1beta1/proj-staging-shared/endpoints?alt=json&endpointId=test HTTP/1.1
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Host: servicedirectory.googleapis.com
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: User-Agent: Terraform/1.9.8 (+https://www.terraform.io) Terraform-Plugin-SDK/2.33.0 terraform-provider-google-beta/6.12.0
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Content-Length: 103
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Content-Type: application/json
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Accept-Encoding: gzip
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: {
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:  "address": "10.0.0.10",
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:  "network": "projects/proj-staging/global/networks/proj-staging-network",
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:  "port": 80
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: }
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: -----------------------------------------------------
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: 2024/12/08 12:21:12 [DEBUG] Google API Response Details:
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: ---[ RESPONSE ]--------------------------------------
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: HTTP/2.0 404 Not Found
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Content-Length: 1640
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Content-Type: text/html; charset=UTF-8
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Date: Sun, 08 Dec 2024 11:21:13 GMT
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: Server: ESF
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: X-Content-Type-Options: nosniff
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: X-Frame-Options: SAMEORIGIN
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: X-Xss-Protection: 0
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: <!DOCTYPE html>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: <html lang=en>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   <meta charset=utf-8>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   <title>Error 404 (Not Found)!!1</title>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   <style>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:     *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   </style>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   <a href=//www.google.com/><span id=logo aria-label=Google></span></a>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   <p><b>404.</b> <ins>That’s an error.</ins>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5:   <p>The requested URL <code>/v1beta1/proj-staging-shared/endpoints?alt=json&amp;endpointId=test</code> was not found on this server.  <ins>That’s all we know.</ins>
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5
[DEBUG] provider.terraform-provider-google-beta_v6.12.0_x5: -----------------------------------------------------

@ggtisc ggtisc assigned ggtisc and unassigned c2thorn Jan 6, 2025
@ggtisc
Copy link
Collaborator

ggtisc commented Jan 6, 2025

Hi @Rassibassi

I'm going to continue with this report... Trying to reproduce this issue I can't find any errors, this is the fully implemented code:

resource "google_compute_network" "vpc_20612" {
  name = "vpc-20612"
  auto_create_subnetworks = false
}

resource "google_service_directory_namespace" "service_directory_namespace_20612" {
  provider     = google-beta
  namespace_id = "service-directory-namespace-20612"
  location     = "us-central1"
}

resource "google_service_directory_service" "service_directory_service_20612" {
  provider   = google-beta
  service_id = "service-directory-service-20612"
  namespace  = google_service_directory_namespace.service_directory_namespace_20612.id
}

resource "google_service_directory_endpoint" "service_directory_endpoint_20612" {
  provider    = google-beta
  endpoint_id = "service-directory-endpoint-20612"
  network     = google_compute_network.vpc_20612.id
  service     = google_service_directory_service.service_directory_service_20612.id
  address     = "10.0.0.10"
  port        = 5353
}

I noticed you are using this value for the address argument: google_compute_instance.this.network_interface[0].network_ip. Have you tried with the direct value or using a variable with the IP address like this?

variable "address" {
    type = string
    default = "1.2.3.4"
}

resource "google_service_directory_endpoint" "service_directory_endpoint_20612" {
    # some code
    address     = var.address # or directly assigning the value "10.0.0.10"
}

@Rassibassi
Copy link
Author

Rassibassi commented Jan 12, 2025

Thanks @ggtisc ! I made it work with your help.

My google_service_directory_endpoint was defined as this (following your example):

resource "google_service_directory_endpoint" "service_directory_endpoint_20612" {
  provider    = google-beta
  endpoint_id = "service-directory-endpoint-20612"
  network     = google_compute_network.vpc_20612.id
  service     = google_service_directory_service.service_directory_service_20612.service_id
  address     = "10.0.0.10"
  port        = 5353
}

mistakenly with service_id instead of id. So here id is required.

When passing the service directory to a google_monitoring_uptime_check_config resource via the monitored_resource attribute, then the service_id is required:

resource "google_monitoring_uptime_check_config" "google_monitoring_uptime_check_config" {
[... some more config ...]

    monitored_resource = {
        type = "servicedirectory_service"
        labels = {
          project_id     = ...
          service_name   = google_service_directory_service.service_directory_service_20612.service_id
          namespace_name = google_service_directory_namespace.service_directory_namespace_20612.namespace_id
          location       = ...
        }
      }
}

My mistake, so thanks a bunch. It might be clearer to name the attributes service_id and namespace_id of google_service_directory_service and google_service_directory_namespace to name.

EDIT:
Just for completeness, within a google_compute_forwarding_rule resource [1], service_id and namespace_id are required.

[1] https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_forwarding_rule#nested_service_directory_registrations

@Rassibassi
Copy link
Author

18:00:23.721 STDOUT terraform: Terraform used the selected providers to generate the following execution
18:00:23.721 STDOUT terraform: plan. Resource actions are indicated with the following symbols:
18:00:23.721 STDOUT terraform: -/+ destroy and then create replacement
18:00:23.722 STDOUT terraform: Terraform will perform the following actions:
18:00:23.722 STDOUT terraform:   # google_service_directory_endpoint.this[0] must be replaced
18:00:23.722 STDOUT terraform: -/+ resource "google_service_directory_endpoint" "this" {
18:00:23.722 STDOUT terraform:       ~ id          = "projects/***-production-######/locations/europe-west#/namespaces/***-production-shared/services/***-production-shared/endpoints/***-production-broker" -> (known after apply)
18:00:23.722 STDOUT terraform:       ~ name        = "projects/***-production-######/locations/europe-west#/namespaces/***-production-shared/services/***-production-shared/endpoints/***-production-broker" -> (known after apply)
18:00:23.722 STDOUT terraform:       ~ network     = "projects/9###########/locations/global/networks/***-production-network" -> "projects/***-production-######/global/networks/***-production-network" # forces replacement
18:00:23.723 STDOUT terraform:         # (5 unchanged attributes hidden)
18:00:23.723 STDOUT terraform:     }
18:00:23.723 STDOUT terraform: Plan: 1 to add, 0 to change, 1 to destroy.

I'm encountering a new issue with Terraform when running terraform apply consecutively.

During the second run, Terraform indicates that the google_service_directory_endpoint needs to be changed, even though no changes were actually made.

In the provided output, I've replaced sensitive information with *** for letters and ### for numbers.

Could you test this behavior by running terraform apply twice consecutively using your example configuration?

@ggtisc
Copy link
Collaborator

ggtisc commented Jan 14, 2025

Confirmed permadiff issue

@ggtisc ggtisc removed the forward/review In review; remove label to forward label Jan 14, 2025
@ggtisc ggtisc removed their assignment Jan 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants