-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Terraform Apply for non-project resources fails if project removed #25
Comments
Hi @logachev , Thanks for open this issue. Its's not recommend manage resource with Terraform and portal UI at the same time. |
Sorry, git repos are fine. The error occurs for at least Build Definitions and Service Authorizations. I sent a PR to fix it. I agree, it is not recommended to manage resources outside of Terraform, but it happens :) Here is sample that shows an error (apply, delete project via UI, run plan) provider "azurerm" {
version = "=2.16.0"
features {}
}
data "azurerm_subscription" "tools" {
}
resource "azuredevops_project" "this" {
project_name = "test"
description = "description"
}
resource "azuredevops_git_repository" "this" {
project_id = azuredevops_project.this.id
name = "Pipelines"
initialization {
init_type = "Clean"
}
}
resource "azuredevops_serviceendpoint_azurerm" "foundation" {
project_id = azuredevops_project.this.id
service_endpoint_name = "test"
credentials {
serviceprincipalid = "clientid"
serviceprincipalkey = "secret"
}
azurerm_subscription_id = data.azurerm_subscription.tools.subscription_id
azurerm_subscription_name = data.azurerm_subscription.tools.display_name
azurerm_spn_tenantid = data.azurerm_subscription.tools.tenant_id
}
resource "time_sleep" "wait_15_seconds" {
create_duration = "15s"
depends_on = [azuredevops_serviceendpoint_azurerm.foundation]
}
resource "azuredevops_build_definition" "foundation_deployment" {
project_id = azuredevops_project.this.id
name = "Foundation Deployment"
path = "\\"
repository {
repo_id = azuredevops_git_repository.this.id
repo_type = "TfsGit"
branch_name = azuredevops_git_repository.this.default_branch
yml_path = ".azure-pipelines/foundation-tenant.yml"
}
}
resource "azuredevops_resource_authorization" "foundation" {
project_id = azuredevops_project.this.id
resource_id = azuredevops_serviceendpoint_azurerm.foundation.id
authorized = true
depends_on = [time_sleep.wait_15_seconds]
}
|
Hi. Anyone still facing this issue? We are also getting this error when trying to recover from removal of a project. In out case it is from git_commit_file, azuredevops_git_repository_file.
Thanks |
@joaocc can you be more specific how this error happens, any reproduce steps |
Hi. Sure. |
@joaocc Recreate project have different ID though they have the same name. If the project recreated, all the resource belong to this project will be deleted in which you need to remove it out of the state. In ADO provider it should detect this change and generate a new plan. I will track this issue |
Thanks. My issue was not that it would remove all resources of a project (as they are already gone due to project having been deleted). The main problem is that there was no path outside this error loop other than manually changing the state to prune it of the project and the remaining resources. We would expect to get a "oops, your resources are missing... removing them from terraform state" :) |
@joaocc After the project deleted all the resource belong to is will return a http status code with 404, this will trigger a create operation but not deletion in ADO provider. State is a copy status of the resource not the first priority, real resource is. So in this scenario it will simply generate a creation plan but not info about update the state files. |
Not sure we are talking about the same situation. In our case, the project was removed in azdo (via the web ui) and we also removed the instance from the terraform code. We would not expect any errors, as all it had to do was understand that the desired state (no project) was already the same as in real life. However the 404 errors kept preventing code from running. |
@joaocc Thanks for the feedback, this is a bug in ADO provider and I can reproduce it. |
Community Note
Terraform (and Azure DevOps Provider) Version
Affected Resource(s)
azuredevops_build_definition
azuredevops_git_repository
Probably all resources, created inside the project
Terraform Configuration Files
Debug Output
Panic Output
Expected Behavior
terraform apply
and wait for it to succeedterraform apply
Expected: detect both resources were destroyed & recreate them.
Actual Behavior
Error: VS800075: The project with id '6f6ee8e2-96ba-488e-95aa-79e17ee3ee28' does not exist, or you do not have permission to access it.
Steps to Reproduce
terraform apply
and wait for it to succeedterraform apply
Important Factoids
References
The text was updated successfully, but these errors were encountered: