Terraform: MySQL Provider does not recreate user if user got deleted manually in MySQL

Created on 16 Mar 2017  ยท  4Comments  ยท  Source: hashicorp/terraform

Hi there,

Terraform Version

Terraform v0.9.0

Affected Resource(s)

Please list the resources as a list, for example:

  • mysql_user

Terraform Configuration Files

provider "mysql" {
  alias    = "apps"
  endpoint = "${var.db_apps_endpoint}"
  username = "root"
  password = "root_secret"
}

resource "mysql_database" "ocsng" {
  provider = "mysql.apps"
  name     = "ocsng"
}

resource "mysql_user" "ocsng" {
  provider = "mysql.apps"
  user     = "ocsng"
  host = "%"
  password = "user_secret"
}

resource "mysql_grant" "ocsng" {
  provider = "mysql.apps"
  user     = "${mysql_user.ocsng.user}"

  host       = "${mysql_user.ocsng.host}"
  database   = "${mysql_database.ocsng.name}"
  privileges = ["SELECT", "UPDATE"]
}

After applying, delete the user ocsng in your database manually.

Then, after a terraform plan this output appears:

Debug Output

mysql_database.ocsng: Refreshing state... (ID: ocsng)
mysql_user.ocsng: Refreshing state... (ID: ocsng@%)
mysql_grant.ocsng: Refreshing state... (ID: ocsng@%:ocsng)
2017/03/16 18:05:19 [INFO] terraform: building graph: GraphTypePlan
No changes. Infrastructure is up-to-date.

This means that Terraform did not detect any differences between your
configuration and real physical resources that exist. As a result, Terraform
doesn't need to do anything.

Expected Behavior

Terraform informing me that the user is not existing in the database instance and needs to be recreated.

Actual Behavior

Terraform says No changes. Infrastructure is up-to-date..

Steps to Reproduce

  1. Execute the configuration above with terraform apply and a valid endpoint.
  2. Delete the user "ocsng" from the database manually
  3. Run terraform plan again and see the unexpected output that the infrastructure is up-to-date.

(After research: The user does not get removed from the local state, same goes probably also for the other resources from the MySQL provider. Removing them from the state manually again with terraform state rm mysql_user.username let's terraform create the user again.)

bug providemysql
Source
picture derFunk

All 4 comments

ReadUser only returns nil here

snowsky picture snowsky on 16 Mar 2017
👍1

Good find! It should be trivial to implement, given that we have mysql admin credentials already.

derFunk picture derFunk on 16 Mar 2017

The same report is valid for mysql_grants: https://github.com/hashicorp/terraform/blob/master/builtin/providers/mysql/resource_grant.go#L90

derFunk picture derFunk on 16 Mar 2017
👍1

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 15 Apr 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

pawelsawicz picture pawelsawicz  ยท  3Comments
Seraf picture Seraf  ยท  3Comments
rjinski picture rjinski  ยท  3Comments
jrnt30 picture jrnt30  ยท  3Comments
c4milo picture c4milo  ยท  3Comments