terraform-provider-elasticsearch: Watches don't seem to detect diffs made outside of Terraform
Thanks again for putting this provider together! I’m finally getting around to implementing it into our workflows and am looking forward to no longer having to version our Elastic resources ‘manually’ 😃
Doing some quick testing, and I think I’m unable to get the provider to generate a diff on a watch that has been edited outside of Terraform. This is obviously a key part of managing the resources via Terraform, that we want to be able to detected unintended drift in the live resources.
Firstly, some necessary data:
- Terraform v0.11.14
- latest release of terraform-provider-elasticsearch (I think - installed it fresh today, unsure how to 100% check the version though as
terraform versionshows ‘unversioned’ for the provider) - cluster is on Elastic Cloud
sniffis set tofalsein provider config- cluster username and password are provided via environment variables
- there are no other provider settings configured
What I did:
- Successfully created a new watch via Terraform, with a very simple config (see below)
- Adjusted in Terraform the value of
trigger.schedule.intervalto 100m, to confirm that the diff is detected and updated (works great!) - Adjusted manually via Kibana the value of
trigger.schedule.intervalto 102m, and ranterraform applyagain. At this point I would expect Terraform to want to set the interval back to 100m again - however it detects no diff; no changes to apply (at this point I also tried changing it back to 10m in my code, Terraform then generates a diff but it notes that I’d be changing ‘100m’ to ‘10m’ - i.e. it isn’t aware of the 102m that I set manually in the meantime.
It seems like a bug - I can’t think of something I’ve wrong here as it’s quite a simple test - but would appreciate any insight you can offer. I’m very inexperienced in Go but I might be able to offer a PR given a few pointers!
Watch config used:
resource "elasticsearch_watch" "test" {
watch_id = "test-watch"
body = <<EOF
{
"trigger": {
"schedule": {
"interval": "10m"
}
},
"input": {
"search": {
"request": {
"indices": ["filebeat-*"],
"body": {
"query": {
"match_all" : {}
}
}
}
}
},
"condition": {
"always": {}
},
"actions": {},
"metadata": {
"name": "test"
}
}
EOF
}
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 17 (11 by maintainers)
Part of the issue is that, originally, in order to add support for this functionality quickly, the resource was built to accept just a JSON blob, instead of breaking out the attributes as most resources do. The downside of this is that it’s harder to use terraform schema helpers to deal with issues like this. The medium term fix is to transition away from the json blob to a “real” schema.
Released a fix for the watch diff in 1.4.2, note that it looks like the watch API may return default values that were not passed in the original request, e.g. for log actions,
"level": "info", which would result in a perpetual diff unless it’s pulled into the definition.Still working on the monitor issue.
Upstream issue for xpack watch was fixed for v7 in https://github.com/olivere/elastic/pull/1363, v6 fix is in https://github.com/olivere/elastic/pull/1368.
I have a fix in progress for this, but it’s blocked by an upstream bug, PR to fix that issue is here: https://github.com/olivere/elastic/pull/1345.
That fix will also need to be ported to the v6 version of the upstream library.