Terraform-provider-google: GitHub App Triggers: Error 400: update not yet supported for GitHub App Triggers

Created on 11 Feb 2020  ·  8Comments  ·  Source: hashicorp/terraform-provider-google


Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
  • Please do not leave _+1_ or _me too_ comments, they generate extra noise for issue followers and do not help prioritize the request.
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment.
  • If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

TF Version: 0.12.20
google-beta = "~> 2.18"

Affected Resource(s)

  • google_cloudbuild_trigger

Terraform Configuration Files

resource "google_cloudbuild_trigger" "int_trigger" {
  provider    = google-beta
  project     = local.project_id
  description = "Integration tests on pull request for ${each.key}"
  for_each    = local.repo_folder
  github {
    owner = "terraform-google-modules"
    name  = each.key
    pull_request {
      branch = ".*"
    }
  }
  substitutions = {
    _BILLING_ACCOUNT          = local.billing_account
    _FOLDER_ID                = each.value
    _ORG_ID                   = local.org_id
    _BILLING_IAM_TEST_ACCOUNT = each.key == "terraform-google-iam" ? local.billing_iam_test_account : null
  }

  filename = "build/int.cloudbuild.yaml"
}

Debug Output

Plan: 0 to add, 1 to change, 0 to destroy.

Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

google_cloudbuild_trigger.int_trigger["terraform-google-iam"]: Modifying... [id=cloud-foundation-cicd/41f1bf65-41f7-4b3f-b4d7-a65cf27c2201]

Error: Error updating Trigger "cloud-foundation-cicd/41f1bf65-41f7-4b3f-b4d7-a65cf27c2201": googleapi: Error 400: update not yet supported for GitHub App Triggers

  on triggers.tf line 33, in resource "google_cloudbuild_trigger" "int_trigger":
  33: resource "google_cloudbuild_trigger" "int_trigger" {

Panic Output

Expected Behavior

terraform apply should have updated/delete&recreated the existing Trigger by adding an extra field.

Actual Behavior

terraform apply failed to update the existing Trigger by adding an extra field.

Steps to Reproduce

terraform apply did not update the existing Cloud Build Trigger by adding an extra field. Needed to delete the trigger and then reapply through terraform apply.

Important Factoids

References

https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit/pull/568

bug waiting-response
Source
picture kunalkg11
👍1

All 8 comments

It looks like the API doesn't support updates, so we'll want to force recreate.

morgante picture morgante on 11 Feb 2020
👍1

@kunalkg11 can you specify the steps how I can repro this issue? Thanks

edwardmedia picture edwardmedia on 11 Feb 2020
😕1

@edwardmedia You should be able to reproduce with a simple config like this:

resource "google_cloudbuild_trigger" "int_trigger" {
  provider    = google-beta
  project     = "my-project-id"
  description = "Integration tests on pull request"
  github {
    owner = "terraform-google-modules"
    name  = "my-repo"
    pull_request {
      branch = ".*"
    }
  }
  substitutions = {
    _BILLING_ACCOUNT          = "some-account"
  }

  filename = "build/int.cloudbuild.yaml"
}

Run terraform apply on this config and the trigger is created successfully.

Then update the config, for example by adding a new substitution:

resource "google_cloudbuild_trigger" "int_trigger" {
  provider    = google-beta
  project     = "my-project-id"
  description = "Integration tests on pull request"
  github {
    owner = "terraform-google-modules"
    name  = "my-repo"
    pull_request {
      branch = ".*"
    }
  }
  substitutions = {
    _BILLING_ACCOUNT          = "some-account"
    _SUB_TWO = "some-value"
  }

  filename = "build/int.cloudbuild.yaml"
}

Run terraform apply on the update config and Terraform will attempt to update the trigger but the API responds with this error: 

googleapi: Error 400: update not yet supported for GitHub App Triggers

It looks like edit to GitHub triggers should force recreation of the resource. I confirmed that running terraform destroy then terraform apply does work.

morgante picture morgante on 12 Feb 2020

@kunalkg11 below is the plan I got after I added one more line in the substitutions block. It doesn't look like recreating the resources. I noticed that the version of your provider is old. Can you try to use the latest version? Let me know what you find. Thanks

  # google_cloudbuild_trigger.int_trigger will be updated in-place
  ~ resource "google_cloudbuild_trigger" "int_trigger" {
        create_time    = "2020-02-12T19:17:35.649929625Z"
        description    = "Integration tests on pull request"
        disabled       = false
        filename       = "build/int.cloudbuild.yaml"
        id             = "projects/sunedward-1/triggers/9cc53f30-67aa-4a44-974b-98db904a0786"
        ignored_files  = []
        included_files = []
        name           = "Integration-tests-on-pull-request"
        project        = "sunedward-1"
      ~ substitutions  = {
            "_BILLING_ACCOUNT" = "some-account"
          + "_SUB_THREE"       = "some-value-3"
            "_SUB_TWO"         = "some-value"
        }
        trigger_id     = "9cc53f30-67aa-4a44-974b-98db904a0786"

        github {
            name  = "myrepo"
            owner = "myowner"

            pull_request {
                branch = ".*"
            }
        }
    }

Plan: 0 to add, 1 to change, 0 to destroy.
edwardmedia picture edwardmedia on 12 Feb 2020

@edwardmedia Did you try applying that plan?

That's the bug: Terraform thinks it can simply update the trigger in place, but the API rejects in-place updates to GitHub triggers.

morgante picture morgante on 12 Feb 2020

@morgante I did. To show you the result, I added one more line in the block. Below was the request & response to api call. I may have missed your point. Can you clarify more details? In the meantime, can you try to upgrade the version of the provider and then try on your side to see if that helps?

 PATCH /v1/projects/myproject/triggers/6664b54a-cbc9-4be7-bcb6-d05fc688e626?alt=json HTTP/1.1
 Host: cloudbuild.googleapis.com
 {
  "description": "Integration tests on pull request",
  "filename": "build/int.cloudbuild.yaml",
  "github": {
   "name": "myrepo",
   "owner": "myowner",
   "pullRequest": {
    "branch": ".*"
   }
  },
  "id": "6664b54a-cbc9-4be7-bcb6-d05fc688e626",
  "name": "Integration-tests-on-pull-request",
  "substitutions": {
   "_BILLING_ACCOUNT": "some-account",
   "_SUB_FOUR": "some-value-4",
   "_SUB_THREE": "some-value-3",
   "_SUB_TWO": "some-value"
  }
 }

 ---[ RESPONSE ]--------------------------------------
 HTTP/2.0 200 OK
 {
   "id": "6664b54a-cbc9-4be7-bcb6-d05fc688e626",
   "createTime": "2020-02-13T00:31:36.450595576Z",
   "description": "Integration tests on pull request",
   "substitutions": {
     "_BILLING_ACCOUNT": "some-account",
     "_SUB_FOUR": "some-value-4",
     "_SUB_THREE": "some-value-3",
     "_SUB_TWO": "some-value"
   },
   "github": {
     "owner": "myowner",
     "name": "myrepo",
     "pullRequest": {
       "branch": ".*"
     }
   },
   "name": "Integration-tests-on-pull-request",
   "filename": "build/int.cloudbuild.yaml"
 }

Here is its plan

   ~ resource "google_cloudbuild_trigger" "int_trigger" {
        create_time    = "2020-02-13T00:31:36.450595576Z"
        description    = "Integration tests on pull request"
        disabled       = false
        filename       = "build/int.cloudbuild.yaml"
        id             = "projects/myproject/triggers/6664b54a-cbc9-4be7-bcb6-d05fc688e626"
        ignored_files  = []
        included_files = []
        name           = "Integration-tests-on-pull-request"
        project        = "myproject"
      ~ substitutions  = {
            "_BILLING_ACCOUNT" = "some-account"
          + "_SUB_FOUR"        = "some-value-4"
            "_SUB_THREE"       = "some-value-3"
            "_SUB_TWO"         = "some-value"
        }
        trigger_id     = "6664b54a-cbc9-4be7-bcb6-d05fc688e626"

        github {
            name  = "myrepo"
            owner = "myowner"

            pull_request {
                branch = ".*"
            }
        }
    }
edwardmedia picture edwardmedia on 13 Feb 2020

@morgante @kunalkg11 is this still an issue with you? I have just retested it. No error being hit in the 2nd apply after the addition of a new line inside substitution. I don't need to destroy and recreate the plan. I also verify the new line showing up on cloud build UI. Based on this, I am closing this issue. Please feel free if this is still an issue with you. Thanks

edwardmedia picture edwardmedia on 12 May 2020

I'm going to lock this issue because it has been closed for _30 days_ ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

hashibot[bot] picture hashibot[bot] on 12 Jun 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

matti picture matti  ·  3Comments
mumblez picture mumblez  ·  4Comments
nthypes picture nthypes  ·  4Comments
sho-abe picture sho-abe  ·  3Comments
ewbankkit picture ewbankkit  ·  4Comments