google_cloud_run_domain_mapping must be replaced

[itmayziii]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

v0.13.4

Affected Resource(s)

• google_cloud_run_domain_mapping

Terraform Configuration Files

# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/cloud_run_domain_mapping
resource "google_cloud_run_domain_mapping" "frona_cms_api_cloud_run" {
  project = google_project.project.project_id

  location = "us-central1"
  name     = "cms-api.frona.io"

  metadata {
    namespace = google_project.project.project_id
    annotations = {
      "run.googleapis.com/launch-stage" = "BETA"
    }
  }

  spec {
    route_name = google_cloud_run_service.frona_cms_api.name
  }
}

Expected Behavior

Terraform should not attempt to replace the google_cloud_domain_mapping resource because it will lead to downtime as Google will then have to re-provision an SSL certificate.

Actual Behavior

The google_cloud_domain_mapping is replaced on every terraform apply which leads to downtime.

Steps to Reproduce

1. Create a google_cloud_run_service resource.
2. Create a google_cloud_run_domain_mapping
3. Run terraform apply
4. Run terraform plan and you will see subsequent plans show the google_cloud_run_domain_mapping is to be replaced.

[edwardmedia]

I do see the issue https://paste.googleplex.com/5651860913389568
#7736

[slevenick]

Unfortunately this is tricky. It appears that several annotations are added by the API automatically, and Terraform is trying to remove them (which causes it to try to destroy them)

This is actually intentional Terraform behavior, and there is not a reasonable way for us to detect that some fields in the annotations map are intentional and some aren't. By adding the annotations field with "run.googleapis.com/launch-stage" = "BETA" you are stating that Terraform should track changes to the annotations field, which is why this probably shows up now.

I would suggest adding a lifecycle directive to ignore changes to that field to prevent the recreation as documented here: https://www.terraform.io/docs/configuration/resources.html#ignore_changes

Does that work for you?

[slevenick]

Hm, actually there may be a way to do this. Will investigate

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!