Terraform: panic: not a collection type (regression between 13.1 and 13.0)

Created on 27 Aug 2020  ยท  22Comments  ยท  Source: hashicorp/terraform

Terraform Version

Terraform v0.13.1
+ provider registry.terraform.io/hashicorp/azurerm v2.24.0

Terraform Configuration Files

terraform {
  backend "azurerm" {}
}
provider "azurerm" {
  version = "~>2"
  features {}
  subscription_id = var.subscription_id
}
data "azurerm_client_config" "current" {}
data "terraform_remote_state" "geography" {
  for_each = var.geos
  backend = "azurerm"
  config = {
    resource_group_name = var.backend_state.resource_group_name
    storage_account_name = var.backend_state.account_name
    container_name = var.backend_state.container_name
    key = "infra-setup-${each.value}.tfstate"
  }
}
data "terraform_remote_state" "locust" {
  count = var.locust_supported ? 1 : 0
  backend = "azurerm"
  config = {
    resource_group_name = var.backend_state.resource_group_name
    storage_account_name = var.backend_state.account_name
    container_name = var.backend_state.container_name
    key = "infra-locust.tfstate"
  }
}
locals {
  app_gateway_object_ids = flatten(values({
    for item in flatten([
      for geo in var.geos : [
        for object_id in values(data.terraform_remote_state.geography[geo].outputs.app_gateway_msi_objectids) : {
          key = "${geo}_${object_id}"
          policy = {
            object_id = object_id
            key_permissions = [ ]
            secret_permissions = [ "get" ]
            certificate_permissions = [ ]
          }
        }
      ]
    ]) : item.key => item.policy
  }))
  locust_app_gateway_policies = flatten(values({
    for item in flatten([
      for num in range(var.locust_supported ? 1 : 0) :[
        for object_id in values(data.terraform_remote_state.locust[num].outputs.app_gateway_msi_objectids) : {
          key = "${num}_${object_id}"
          policy = {
            object_id = object_id
            key_permissions = [ ]
            secret_permissions = [ "get" ]
            certificate_permissions = [ ]
          }
        }
      ]
    ]) : item.key => item.policy
  }))
}
resource "azurerm_resource_group" "rg" {
  name = var.resource_group_name
  location = "westus2"
}
resource "azurerm_user_assigned_identity" "msi" {
  resource_group_name = azurerm_resource_group.rg.name
  location = azurerm_resource_group.rg.location
  name = var.msi_name
}
resource "azurerm_role_assignment" "managed_identity_operator" {
  scope = azurerm_user_assigned_identity.msi.id
  role_definition_name = "Managed Identity Operator"
  principal_id = var.cluster_service_principal_object_id
}
module "keyvault" {
  source = "../modules/keyvault"
  resource_group_name = azurerm_resource_group.rg.name
  account_name = var.key_vault_name
  location = azurerm_resource_group.rg.location
  tenant_id = data.azurerm_client_config.current.tenant_id
  enabled_for_deployment = true
  enabled_for_template_deployment = true
  policies = concat(
    var.policies,
    [
      {
        object_id = azurerm_user_assigned_identity.msi.principal_id
        key_permissions = [ ]
        secret_permissions = [ "get", "list" ]
        certificate_permissions = [ ]
      }
    ],
    flatten(local.app_gateway_object_ids),
    flatten(local.locust_app_gateway_policies))
}
output "key_vault_id" {
  value = module.keyvault.id
}
output "key_vault_uri" {
  value = module.keyvault.vault_uri
}
output "service_msi" {
  value = {
    resource_id = azurerm_user_assigned_identity.msi.id
    client_id = azurerm_user_assigned_identity.msi.client_id
    msi_name = var.msi_name
  }
}

Debug Output

2020/08/26 14:25:52 [TRACE] Executing graph transform *terraform.OrphanResourceInstanceCountTransformer
2020/08/26 14:25:52 [TRACE] eval: *terraform.EvalSequence
2020/08/26 14:25:52 [TRACE] eval: *terraform.EvalGetProvider
2020/08/26 14:25:52 [TRACE] Completed graph transform *terraform.OrphanResourceInstanceCountTransformer (no changes)
2020/08/26 14:25:52 [TRACE] Executing graph transform *terraform.AttachStateTransformer
2020/08/26 14:25:52 [TRACE] Completed graph transform *terraform.AttachStateTransformer (no changes)
2020/08/26 14:25:52 [TRACE] Executing graph transform *terraform.TargetsTransformer
2020/08/26 14:25:52 [TRACE] Completed graph transform *terraform.TargetsTransformer (no changes)
2020/08/26 14:25:52 [TRACE] Executing graph transform *terraform.ReferenceTransformer
2020/08/26 14:25:52 [TRACE] eval: *terraform.EvalReadState
2020/08/26 14:25:52 [TRACE] EvalReadState: reading state for azurerm_resource_group.rg
2020/08/26 14:25:52 [DEBUG] ReferenceTransformer: "data.azurerm_client_config.current" references: []
2020/08/26 14:25:52 [TRACE] Completed graph transform *terraform.ReferenceTransformer (no changes)
2020/08/26 14:25:52 [TRACE] Executing graph transform *terraform.RootTransformer
2020/08/26 14:25:52 [TRACE] Completed graph transform *terraform.RootTransformer (no changes)
2020/08/26 14:25:52 [TRACE] vertex "data.azurerm_client_config.current": entering dynamic subgraph
2020/08/26 14:25:52 [TRACE] dag/walk: visiting "data.azurerm_client_config.current"
2020/08/26 14:25:52 [TRACE] vertex "data.azurerm_client_config.current": starting visit (*terraform.NodePlannableResourceInstance)
2020/08/26 14:25:52 [TRACE] vertex "data.azurerm_client_config.current": evaluating
2020/08/26 14:25:52 [TRACE] [walkPlan] Entering eval tree: data.azurerm_client_config.current
2020/08/26 14:25:52 [TRACE] eval: *terraform.EvalSequence
2020/08/26 14:25:52 [TRACE] eval: *terraform.EvalGetProvider
2020/08/26 14:25:52 [TRACE] UpgradeResourceState: schema version of azurerm_resource_group.rg is still 0; calling provider "azurerm" for any other minor fixups
2020/08/26 14:25:52 [TRACE] eval: *terraform.EvalReadState
2020/08/26 14:25:52 [TRACE] GRPCProvider: UpgradeResourceState
2020/08/26 14:25:52 [TRACE] EvalReadState: reading state for data.azurerm_client_config.current
2020/08/26 14:25:52 [TRACE] eval: *terraform.EvalValidateSelfRef
2020/08/26 14:25:52 [TRACE] eval: *terraform.evalReadDataPlan
2020/08/26 14:25:52 [TRACE] vertex "data.azurerm_client_config.current": visit complete
panic: not a collection type
...

Crash Output

2020/08/26 14:25:52 [TRACE] vertex "data.azurerm_client_config.current": visit complete
panic: not a collection type

goroutine 459 [running]:
github.com/zclconf/go-cty/cty.Type.ElementType(0x2d39220, 0xc000ff80d0, 0xc0005f59e8, 0x8)
    /home/circleci/project/project/vendor/github.com/zclconf/go-cty/cty/collection.go:25 +0xc1
github.com/hashicorp/terraform/terraform.createEmptyBlocks(0xc000f3a8a0, 0x2d39220, 0xc000ff80f0, 0x2355700, 0xc001508ed0, 0x2d39220, 0xc000ff81f0, 0x2355700, 0xc00152cd20)
    /home/circleci/project/project/terraform/eval_read_data_plan.go:242 +0x209
github.com/hashicorp/terraform/terraform.dataObjectHasChanges(0xc000f3a8a0, 0x2d39220, 0xc000ff80f0, 0x2355700, 0xc001508ed0, 0x2d39220, 0xc000ff81f0, 0x2355700, 0xc00152cd20, 0x0, ...)
    /home/circleci/project/project/terraform/eval_read_data_plan.go:211 +0x1a5
github.com/hashicorp/terraform/terraform.(*evalReadDataPlan).Eval(0xc001516000, 0x2d7b6e0, 0xc0012121a0, 0x1, 0x1, 0x0, 0x0)
    /home/circleci/project/project/terraform/eval_read_data_plan.go:107 +0x123f
github.com/hashicorp/terraform/terraform.EvalRaw(0x2cd1460, 0xc001516000, 0x2d7b6e0, 0xc0012121a0, 0x0, 0x0, 0x0, 0x0)
    /home/circleci/project/project/terraform/eval.go:49 +0xce
github.com/hashicorp/terraform/terraform.(*EvalSequence).Eval(0xc000692580, 0x2d7b6e0, 0xc0012121a0, 0x1, 0x1, 0x6, 0xc000765550)
    /home/circleci/project/project/terraform/eval_sequence.go:20 +0x104
github.com/hashicorp/terraform/terraform.EvalRaw(0x2cd0ec0, 0xc000692580, 0x2d7b6e0, 0xc0012121a0, 0x230aac0, 0x40098a2, 0x226ae60, 0xc0012f2730)
    /home/circleci/project/project/terraform/eval.go:49 +0xce
github.com/hashicorp/terraform/terraform.Eval(0x2cd0ec0, 0xc000692580, 0x2d7b6e0, 0xc0012121a0, 0xc000692580, 0x2cd0ec0, 0xc000692580, 0x0)
    /home/circleci/project/project/terraform/eval.go:35 +0x54
github.com/hashicorp/terraform/terraform.(*Graph).walk.func1(0x2699c60, 0xc0012f2250, 0x0, 0x0, 0x0)
    /home/circleci/project/project/terraform/graph.go:73 +0xc7e
github.com/hashicorp/terraform/dag.(*Walker).walkVertex(0xc000765440, 0x2699c60, 0xc0012f2250, 0xc0014b2280)
    /home/circleci/project/project/dag/walk.go:387 +0x35e
created by github.com/hashicorp/terraform/dag.(*Walker).Update
    /home/circleci/project/project/dag/walk.go:309 +0x11de

Expected Behavior

Running the following command should succeed.

Actual Behavior

Crashes on 13.1, but doesn't on 13.0

Steps to Reproduce

  1. az login
  2. az account set -s <id>
  3. terraform init -backend-config=storage_account_name=x -backend-config=container_name=state -backend-config=key=y-bootstrap.tfstate -backend-config=resource_group_name=z-state -backend-config=arm_subscription_id=subid
  4. terraform plan --var-file ./dev.tfvars -out ./dev.tfplan

References

  • May be related to #25773
bug confirmed
Source
picture michsco
👍41 👀1

Most helpful comment

Revert to the latest working version(0.13.0) until this bug is fixed as a temporary solution.

PS: Fixed on the latest version(0.13.2).

picture man0s on 28 Aug 2020
👍7 🚀2

All 22 comments

Same error here.
it doesn't happen if i don't use

data "azurerm_subscription" "current" {}

lasoster picture lasoster on 27 Aug 2020
👍1

Get this error with Azure AD provider when using 13.1
data.azuread_users.users configuration is complete, so reading from provider
2020/08/27 11:42:53 [TRACE] GRPCProvider: ReadDataSource
panic: not a collection type

goroutine 5859 [running]:
github.com/zclconf/go-cty/cty.Type.ElementType(0x2ce50a0, 0xc0005860d0, 0xc0006d5330, 0x8)
/home/circleci/project/project/vendor/github.com/zclconf/go-cty/cty/collection.go:25 +0xba
github.com/hashicorp/terraform/terraform.createEmptyBlocks(0xc000a280f0, 0x2ce50a0, 0xc0005860f8, 0x2300040, 0xc0012ad170, 0x2ce50a0, 0xc0005861b0, 0x2300040, 0xc00245c420)
/home/circleci/project/project/terraform/eval_read_data_plan.go:242 +0x202
github.com/hashicorp/terraform/terraform.dataObjectHasChanges(0xc000a280f0, 0x2ce50a0, 0xc0005860f8, 0x2300040, 0xc0012ad170, 0x2ce50a0, 0xc0005861b0, 0x2300040, 0xc00245c420, 0x0, ...)
/home/circleci/project/project/terraform/eval_read_data_plan.go:211 +0x19e
github.com/hashicorp/terraform/terraform.(evalReadDataPlan).Eval(0xc000d3bef0, 0x2d26860, 0xc001fca0d0, 0x1, 0x1, 0x0, 0x0)
/home/circleci/project/project/terraform/eval_read_data_plan.go:107 +0x1238
github.com/hashicorp/terraform/terraform.EvalRaw(0x2c7d420, 0xc000d3bef0, 0x2d26860, 0xc001fca0d0, 0x0, 0x0, 0x0, 0x0)
/home/circleci/project/project/terraform/eval.go:49 +0xc7
github.com/hashicorp/terraform/terraform.(EvalSequence).Eval(0xc001d2fa80, 0x2d26860, 0xc001fca0d0, 0x1, 0x1, 0x6, 0xc0004e1670)
/home/circleci/project/project/terraform/eval_sequence.go:20 +0xfd
github.com/hashicorp/terraform/terraform.EvalRaw(0x2c7ce80, 0xc001d2fa80, 0x2d26860, 0xc001fca0d0, 0x22b4bc0, 0x3fa2622, 0x2214980, 0xc001173050)
/home/circleci/project/project/terraform/eval.go:49 +0xc7
github.com/hashicorp/terraform/terraform.Eval(0x2c7ce80, 0xc001d2fa80, 0x2d26860, 0xc001fca0d0, 0xc001d2fa80, 0x2c7ce80, 0xc001d2fa80, 0x0)
/home/circleci/project/project/terraform/eval.go:35 +0x4d
github.com/hashicorp/terraform/terraform.(Graph).walk.func1(0x2645300, 0xc001172520, 0x0, 0x0, 0x0)
/home/circleci/project/project/terraform/graph.go:73 +0xc77
github.com/hashicorp/terraform/dag.(Walker).walkVertex(0xc0004e1320, 0x2645300, 0xc001172520, 0xc0020b1d00)
/home/circleci/project/project/dag/walk.go:387 +0x357
created by github.com/hashicorp/terraform/dag.(*Walker).Update
/home/circleci/project/project/dag/walk.go:309 +0x11d7

LaurentLesle picture LaurentLesle on 27 Aug 2020

I can confirm that removing the following from the code and using variables instead fixes the issue in terraform 0.13.1:
data "azurerm_client_config"

byserge picture byserge on 27 Aug 2020
👍1

It seems that any data "azurerm_*" is broken. I am trying to use data "azurerm_virtual_network" with the same error results.

knighteagle789 picture knighteagle789 on 27 Aug 2020
👍8

I also have this issue on a fresh project and have additional anecdotal info.

First terraform apply on a "virgin" resource group works fine. If i run terraform plan or apply after resource creation I get this same crash.

Also, since this is a fresh project I didn't notice any problems until I added data elements to my configuration. If i remove them then everything works fine again.

My data elements use azurerm_subnet resource.

Terraform v0.13.1
hashicorp/azurerm 2.24.0

rcyrus picture rcyrus on 27 Aug 2020

Experiencing the same issue

buddhamangler-cbre picture buddhamangler-cbre on 27 Aug 2020

+1 here, same error.

dcrreynolds picture dcrreynolds on 27 Aug 2020

Thanks for all the reports! This is the simplest config I've been able to find that reproduces this crash:

provider "azurerm" {
  version = "~>2"
  features {}
}
data "azurerm_client_config" "current" {}
  • az login
  • terraform init
  • terraform plan crashes
alisdair picture alisdair on 28 Aug 2020
👍3

We are using remote state that was overwritten with terraform_version 0.13.1 and as a result the terraform plan and apply fails. Trying to manually downgrade to terraform 0.13.0 with terraform state pull, editing the terraform_version and bumping the serial, followed by terraform state push, does not work.

{
---cut
  "terraform_version": "0.13.0",
  "serial": 123,
---cut
}

Anyone has any ideas of workarounds since we are pretty much stuck with the state being locked to 0.13.1 ?

swetli picture swetli on 28 Aug 2020

Revert to the latest working version(0.13.0) until this bug is fixed as a temporary solution.

PS: Fixed on the latest version(0.13.2).

man0s picture man0s on 28 Aug 2020
👍7 🚀2

Thanks again to everyone who reported this. The bug is fixed in #26028 which will be released as part of v0.13.2.

alisdair picture alisdair on 28 Aug 2020

We are using remote state that was overwritten with terraform_version 0.13.1 and as a result the terraform plan and apply fails. Trying to manually downgrade to terraform 0.13.0 with terraform state pull, editing the terraform_version and bumping the serial, followed by terraform state push, does not work.

{
---cut
  "terraform_version": "0.13.0",
  "serial": 123,
---cut
}

Anyone has any ideas of workarounds since we are pretty much stuck with the state being locked to 0.13.1 ?

@swetli Any luck with this? I have excactly the same problem :/

s0lvang picture s0lvang on 28 Aug 2020

For those having my issue - just manually edit the version to 0.13.0 and increase the serial in the azure blob storage to 0.13.0.

swetli picture swetli on 1 Sep 2020
👍1

Terraform 0.13.2 was released today: https://www.terraform.io/downloads.html

alisdair picture alisdair on 2 Sep 2020
🎉6

Terraform 0.13.2 was released today: https://www.terraform.io/downloads.html

When will the new version be available from apt?

para0056 picture para0056 on 2 Sep 2020

I managed to run a successful 0.13.2 Azure DevOps Pipeline. Previously failing on a terraform validate, now passing.

jwshive picture jwshive on 2 Sep 2020
🎉7 🚀1

@jwshive how did you manage to do that? I specified in my Pipeline.yaml file that terraform should use v 0.13.2 but during the run it uses v 0.13.1 and i got the error described above.

MercedesYenzzz picture MercedesYenzzz on 7 Sep 2020

In my build pipeline, I just have this and updated it accordingly

      - task: TerraformInstaller@0
        displayName: 'Install Terraform 0.13.2'
        inputs:
          terraformVersion: '0.13.2'

My release pipeline is as such

steps:
- task: ms-devlabs.custom-terraform-tasks.custom-terraform-installer-task.TerraformInstaller@0
  displayName: 'Install Terraform 0.13.2'
  inputs:
    terraformVersion: 0.13.2

If you're doing testing on a non-master git branch and you update the yml on the devops web ui, you're updating the master branch but may be running against a non-master branch. That's about the only thing I can think of that might be different.

jwshive picture jwshive on 7 Sep 2020

You have to mention, that you have to install the Terraform Extension (the first one!) in order to get the task to work.

DieselMeister picture DieselMeister on 7 Sep 2020

Correct. I assumed that since they were getting the error for 0.13.1 that they had the extension installed.

jwshive picture jwshive on 7 Sep 2020

The wrong version is now default on the agent in azure devops. We run into this error today. Thanks to you, we could solve it. So thank you!

DieselMeister picture DieselMeister on 7 Sep 2020

I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

hashibot[bot] picture hashibot[bot] on 13 Oct 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

rnowosielski picture rnowosielski  ยท  3Comments
rkulagowski picture rkulagowski  ยท  3Comments
shanmugakarna picture shanmugakarna  ยท  3Comments
rjinski picture rjinski  ยท  3Comments
Seraf picture Seraf  ยท  3Comments