Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

v5.0.0 does not detect configuration drift #4984

Open
3 tasks done
jimnor0xF opened this issue Jan 30, 2025 · 5 comments
Open
3 tasks done

v5.0.0 does not detect configuration drift #4984

jimnor0xF opened this issue Jan 30, 2025 · 5 comments

Comments

@jimnor0xF
Copy link

jimnor0xF commented Jan 30, 2025
edited
Loading

Confirmation

  • This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
  • I have searched the issue tracker and my issue isn't already found.
  • I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform v1.10.5 on darwin_arm64

  • provider registry.terraform.io/cloudflare/cloudflare v5.0.0

Affected resource(s)

  • cloudflare_dns_record
  • cloudflare_zero_trust_access_application
  • And likely more

Terraform configuration files

 resource "cloudflare_dns_record" "example_dns_record" {
  zone_id = "REDACTED"
  comment = "Test record"                        
  content = "blabla"                                            
  name = "stuff.test.io.internal.redacted.net"                  
  type = "CNAME"
  proxied = true
  ttl = 1
}

Link to debug output

https://gist.github.com/jimnor0xF/a8bb6ab7e3cef0593b6c4253e77de6df

Panic output

No response

Expected output

So what was done here is that I applied the above resource then changed the name attribute from stuff.test.io.internal.redacted.net to shoulddetectchange.test.io.internal.redacted.net manually in Cloudflare Dashboard.

Record is fetched according to attached debug log in gist, but Terraform does not report any changes.

In v4, changes are detected, but not in v5 it seems. Is this intended?

Actual output

$ terraform plan

cloudflare_dns_record.example_dns_record: Refreshing state... [id=4765cbfe3b2dcc6e793ad27447d88b9e]

No changes. Your infrastructure matches the configuration.

Terraform has compared your real infrastructure against your configuration and found no differences, so no changes are needed.
@jimnor0xF jimnor0xF changed the title v5.0.0 does not detect drift for cloudflare_dns_record v5.0.0 does not detect configuration drift for cloudflare_dns_record Jan 30, 2025
@martinohmann martinohmann mentioned this issue Jan 30, 2025
Closed
1 task
@jacobbednarz
Copy link
Member

this isn't intentional and maybe a side effect of our custom marshaler. i'll take a look but in the meantime, if you manage the resource just with terraform, you can avoid this one.

@jimnor0xF
Copy link
Author

Noticed this happens with cloudflare_zero_trust_access_application as well. So perhaps affects all resources in v5

@devin-purple
Copy link

Probably, this is also happening with rulesets. After making changes in the UI, running plan doesn't report any changes.

@jimnor0xF jimnor0xF changed the title v5.0.0 does not detect configuration drift for cloudflare_dns_record v5.0.0 does not detect configuration drift Feb 4, 2025
@devin-purple
Copy link

#5032 ?

@dackerman
Copy link
Contributor

#5032 ?

@devin-purple yes, that is a change that we plan to make in a future release that should address this, but a little testing is needed first to check for fields that need to be "normalized" to avoid being overzealous with drift detection.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dackerman @jacobbednarz @jimnor0xF @devin-purple