terraform-provider-google: GCP secret when destroy manually terraform goes on 400 request as secret already destroyed.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

Terraform v1.1.9
on linux_amd64
+ provider registry.terraform.io/hashicorp/google v4.35.0

Your version of Terraform is out of date! The latest version
is 1.2.8. You can update by downloading from https://www.terraform.io/downloads.html

Affected Resource(s)

• google_secret_manager_secret_version

Terraform Configuration Files

# Copy-paste your Terraform configurations here.
#
# For large Terraform configs, please use a service like Dropbox and share a link to the ZIP file.
# For security, you can also encrypt the files using our GPG public key:
#    https://www.hashicorp.com/security
#
# If reproducing the bug involves modifying the config file (e.g., apply a config,
# change a value, apply the config again, see the bug), then please include both:
# * the version of the config before the change, and
# * the version of the config after the change.

Debug Output

{
  "error": {
    "code": 400,
    "message": "SecretVersion.state is already DESTROYED.",
    "status": "FAILED_PRECONDITION"
  }

}: timestamp=2022-09-08T12:07:34.416+0100

2022-09-08T12:07:34.417+0100 [INFO]  provider.terraform-provider-google_v4.35.0_x5: 2022/09/08 12:07:34 [DEBUG] Retry Transport: Returning after 1 attempts: timestamp=2022-09-08T12:07:34.416+0100

2022-09-08T12:07:34.417+0100 [ERROR] provider.terraform-provider-google_v4.35.0_x5: Response contains error diagnostic: tf_provider_addr=provider tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/terraform-plugin-go@v0.10.0/tfprotov5/internal/diag/diagnostics.go:56 diagnostic_detail= diagnostic_severity=ERROR diagnostic_summary="Error when reading or editing SecretVersion: googleapi: Error 400: SecretVersion.state is already DESTROYED." tf_resource_type=google_secret_manager_secret_version @module=sdk.proto tf_proto_version=5.2 tf_req_id=2176ca90-b5f0-ca6b-09df-3a3be972d20a timestamp=2022-09-08T12:07:34.417+0100

2022-09-08T12:07:34.419+0100 [ERROR] vertex "module.my_module.google_secret_manager_secret_version.my_secret_version (destroy)" error: Error when reading or editing SecretVersion: googleapi: Error 400: SecretVersion.state is already DESTROYED.
╷
│ Error: Error when reading or editing SecretVersion: googleapi: Error 400: SecretVersion.state is already DESTROYED.
│ 
│ 
╵

Panic Output

Expected Behavior

When a secret is already in a destroyed state and terraform was to destroying the secret, it should not fail as the error is easy to recover: it should update the state that the error has been destroyed and keep going instead of failing. eventually it could emit a warning/info to notify the user of that unexpected secret state.

Actual Behavior

When terraform tries to destroy the secret that has been already destroyed, manually for e.g., it is failing like is an unrecoverable error.

Steps to Reproduce

1. terraform apply

Important Factoids

References

• #0000