[英]Terraform 0.12: Provider produced inconsistent final plan
I have a Terraform configuration which creates an aws_api_gateway_usage_plan
resource, using a computed value during the apply stage from a local_file
resource.我有创建一个Terraform配置aws_api_gateway_usage_plan
资源,使用计算出的值在从应用阶段local_file
资源。
resource "aws_api_gateway_usage_plan" "api_plan" {
name = var.usage_plan_name
api_stages {
api_id = jsondecode(file("dev.json")).resources[1].rest_api_id
stage = "api"
}
# Have to wait for the API to be created before we can create the usage plan
depends_on = [local_file.chalice_config]
}
As you can see, I read dev.json
to determine the api_id
Terraform needs.如您所见,我阅读了dev.json
以确定api_id
Terraform 需求。 The problem is that when I run terraform apply
, the new safety checks described here notice that the previous value that api_id
evaluated to has changed!问题是,当我运行terraform apply
, 这里描述的新安全检查注意到api_id
评估的先前值已更改!
Provider produced inconsistent final plan: When expanding the plan for aws_api_gateway_usage_plan.api_plan
to include new values learned so far during apply, provider "aws" produced an invalid new value
for .api_stages[0].api_id: was cty.StringVal("****"), but now cty.StringVal("****").
As that documentation describes, the correct way to solve this error is to specify that during the plan
phase this api_id
actually has yet to be computed
.正如该文档所述,解决此错误的正确方法是在plan
阶段指定此api_id
实际上尚未computed
。 The problem is I'm not sure how to do this through a Terraform config - the documentation I've referenced is for the writers of the actual Terraform providers.问题是我不确定如何通过 Terraform 配置来做到这一点 - 我引用的文档是为实际 Terraform 提供者的作者准备的。
Looking at issues on GitHub, it seems like setting the initial value to null
isn't a reasonable way to do this.查看 GitHub 上的问题,似乎将初始值设置为null
不是一种合理的方法。
Any ideas?有任何想法吗? I am considering downgrading to Terraform 0.11 to get around this new safety check, but I was hoping this would be possible in 0.12.我正在考虑降级到 Terraform 0.11 以绕过这项新的安全检查,但我希望这在 0.12 中成为可能。
Thanks in advance!提前致谢!
Okay, after thinking for a while I came up with a silly workaround that enabled me to "trick" Terraform into believing that the value for the api_id
was to be computed during the apply
phase, thereby disregarding the safety check.好的,经过一段时间的思考,我想出了一个愚蠢的解决方法,它使我能够“欺骗”Terraform 相信api_id
的值将在apply
阶段计算,从而无视安全检查。
What I did was replace the api_id
expression with the following:我所做的是用以下内容替换api_id
表达式:
api_id = replace("=${aws_security_group.sg.vpc_id}=${jsondecode(file("files/handler/.chalice/deployed/dev.json")).resources[1].rest_api_id}", "=${aws_security_group.sg.vpc_id}=", "")
Essentially what I am doing is saying that the api_id
's value depends on a computed variable - namely, the vpc_id
of a aws_security_group
I create named sg
.基本上我在做的是说api_id
的值取决于一个计算变量 - 即我创建的名为sg
的vpc_id
的aws_security_group
。 In doing so, Terraform recognizes this value is to be computed later, so the safety check is ignored.这样做时,Terraform 认识到该值将在以后计算,因此忽略安全检查。
Obviously, I don't actually want to have the vpc_id
in here, so I used Terraform's string functions to remove it from the final expression.显然,我实际上并不想在此处使用vpc_id
,因此我使用 Terraform 的字符串函数将其从最终表达式中删除。
This is a pretty hacky workaround, and I'm open to a better solution - just thought I'd share what I have now in case someone else runs into the same issue.这是一个非常棘手的解决方法,我对更好的解决方案持开放态度 - 只是想我会分享我现在拥有的内容,以防其他人遇到同样的问题。
Thanks!谢谢!
I've got the same error when encoded my user_data
scripts (with filebase64
or base64encode
) in places where I add to just simply use file
or templatefile
:在我添加到仅使用file
或templatefile
地方编码我的user_data
脚本(使用filebase64
或base64encode
)时,我遇到了同样的错误:
user_data = file("${path.module}/provisioning_scripts/init_script.sh")
user_data = templatefile("${path.module}/provisioning_scripts/init_script.tpl", {
USER = "my-user"
GROUP = "my-group"
})
(*) I can't 100% reproduce it but I'm adding this solution as another possible reason for receiving the mentioned error. (*) 我无法 100% 重现它,但我正在添加此解决方案作为收到上述错误的另一个可能原因。
I was facing the same issue while creating lambda event source mapping.我在创建 lambda 事件源映射时遇到了同样的问题。 I overcome from it running terraform plan
and then terraform apply
我克服了它运行terraform plan
然后terraform apply
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.