-
Notifications
You must be signed in to change notification settings - Fork 630
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cloudflare_record does not handle deletion outside of Terraform #1621
Comments
Experiencing the same issue. Terraform will not create the record, while, at the same time, acknowledging that it does not exist.
|
This started happening for us today too:
|
Tested with Terraform v1.2.0 this morning -- still the same. Interesting finding though was that if I remove the record it refers to as non existing from the state file, and run terraform plan again, the error just jumps to another record. Importing the record back also makes no difference. |
+1, happened to us today too.
|
+1, same error but slightly different trigger. I was moving resource across stacks via (
My custome module source: terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 3.0"
}
cloudflare = {
source = "cloudflare/cloudflare"
version = ">= 3.0"
}
}
}
data "cloudflare_zone" "this" {
name = var.zone_name
zone_id = var.zone_id
}
resource "aws_acm_certificate" "this" {
domain_name = format("%s.%s", var.primary_name, data.cloudflare_zone.this.name)
subject_alternative_names = formatlist("%s.%s", distinct(concat([var.primary_name], var.alternative_names)), data.cloudflare_zone.this.name)
tags = var.tags
validation_method = "DNS"
options {
# This has become a requirement de facto as Chrome requires CT.
certificate_transparency_logging_preference = "ENABLED"
}
lifecycle {
create_before_destroy = true
}
}
resource "cloudflare_record" "this" {
for_each = {
for o in aws_acm_certificate.this.domain_validation_options :
trimsuffix(o.domain_name, ".${data.cloudflare_zone.this.name}") => {
name = trimsuffix(o.resource_record_name, ".${data.cloudflare_zone.this.name}.")
value = trimsuffix(o.resource_record_value, ".")
type = o.resource_record_type
}
}
allow_overwrite = var.allow_overwrite
zone_id = data.cloudflare_zone.this.id
name = each.value.name
value = each.value.value
type = each.value.type
proxied = false
}
resource "aws_acm_certificate_validation" "this" {
certificate_arn = aws_acm_certificate.this.arn
validation_record_fqdns = [for record in cloudflare_record.this : record.hostname]
} Invocation: data "cloudflare_zones" "this" {
filter {
name = local.zone_name
}
}
module "certificate" {
source = "../../../../../modules/aws/acm-cloudflare"
zone_id = data.cloudflare_zones.this.zones[0].id
primary_name = "*.${local.environment}"
alternative_names = local.domain_names
} Versions:
|
My workaround is to create a new bogus record, then pull the tfstate and modify the id of the record.
|
Just fiy: I ran into this issue while setting up a Cloudflare pages space with a custom domain that is being managed by Cloudflare - which is being managed by terraform. While Cloudflare Web UI states it creates the dns CNAME entry itself it even deletes and recreates the entry that I made in advance. |
@jacobbednarz Any solution for released for this? |
Workaround: Just remove it and import the new one(thanks @ohmer) For example, if the resource is
How to get the id: https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record#import |
As of b9dc7b5 this works now, thank you! |
Another workaround that may work for some people is to "terraform state rm" the problematic record and then apply, assuming 'allow_overwrite' is true or this is not critical to manually delete then re-run. |
This functionality has been released in v3.19.0 of the Terraform Cloudflare Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you! |
Confirmation
Terraform and Cloudflare provider version
Affected resource(s)
Judging from the issue history, this probably affects other resources too.
Terraform configuration files
Debug output
Panic output
No response
Expected output
terraform apply
reports something along the lines of:Actual output
terraform apply
exits with an error:No attempt is made to create cloudflare_record.myhost again.
Steps to reproduce
terraform apply
terraform apply
againAdditional factoids
No response
References
Please could this be reviewed and fixed for all of this provider's resources?
The text was updated successfully, but these errors were encountered: