Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cloudflare_zone_settings_override trying to write a read-only resource #808

Closed
kda-jt opened this issue Sep 28, 2020 · 2 comments
Closed

cloudflare_zone_settings_override trying to write a read-only resource #808

kda-jt opened this issue Sep 28, 2020 · 2 comments

Comments

@kda-jt
Copy link

kda-jt commented Sep 28, 2020

Hi there !

TL;DR
I believe I have found a bug affecting the cloudflare_zone_settings_override resource. Whenever applying that resource, apply fails with Error: invalid zone setting "image_resizing" (value: ) found - cannot be set as it is read only.

Terraform Version

  • Terraform version: v0.12.29
  • Cloudflare provider version: v2.11.0

Affected Resource(s)

  • cloudflare_zone_settings_override

Terraform Configuration Files

resource "cloudflare_zone" "zone" {
  zone = var.zone_name
  type = "partial"
}

resource "cloudflare_zone_settings_override" "zone_settings_override" {
  zone_id = cloudflare_zone.zone.id
  settings {
    always_online            = "on"
    always_use_https         = "on"
    automatic_https_rewrites = "off"
    brotli                   = "off"
    browser_cache_ttl        = 14400
    browser_check            = "on"
    cache_level              = "aggressive"
    challenge_ttl            = 1800
    cname_flattening         = "flatten_at_root"
    development_mode         = "off"
    email_obfuscation        = "on"
    h2_prioritization        = "off"
    hotlink_protection       = "off"
    http2                    = "on"
    http3                    = "off"
#  image_resizing           = "off" # This line is deliberately commented out
    ip_geolocation           = "on"
    ipv6                     = "on"
    max_upload               = 100
    min_tls_version          = "1.2"
    minify {
      css  = "off"
      html = "off"
      js   = "off"
    }

    mirage = "off"
    mobile_redirect {
      mobile_subdomain = ""
      status           = "off"
      strip_uri        = false
    }

    opportunistic_encryption    = "off"
    opportunistic_onion         = "on"
    origin_error_page_pass_thru = "off"
    polish                      = "off"
    prefetch_preload            = "off"
    privacy_pass                = "off"
    pseudo_ipv4                 = "off"
    response_buffering          = "off"
    rocket_loader               = "off"
    security_header {
      enabled            = false
      include_subdomains = false
      max_age            = 0
      nosniff            = false
      preload            = false
    }

    security_level              = "medium" 
    server_side_exclude         = "off"
    sort_query_string_for_cache = "off"
    ssl                         = "strict"
    universal_ssl               = "on"
    tls_1_2_only                = "off"
    tls_1_3                     = "on"
    tls_client_auth             = "off"
    true_client_ip_header       = "off"
    waf                         = "on"
    webp                        = "off"
    websockets                  = "on"
    zero_rtt                    = "off"
  }
}

Expected Behavior

Apply completes successfully without trying to overwrite the image_resizing.

Actual Behavior

Apply fails with

Error: invalid zone setting "image_resizing" (value: ) found - cannot be set as it is read only

Steps to Reproduce

Run terraform apply on this code with the above mentioned versions.

Important Factoids

I'm trying to run this on a zone in an Enterprise plan, so that shouldn't be an issue.

Possible solutions?

Aside from removing the image_resizing block from resource_cloudflare_zone_settings_override.go, I have no ideas.

I thought that the Cloudflare API had recently made that read-only, but it doesn't look like it according to the API docs. And it does not look like a permissions issue in my setup, I have the zone_settings:edit permission mentioned in the API doc.

Any help on this one ?
@kda-jt
Copy link
Author

kda-jt commented Oct 16, 2020

In case anyone is reading this, here's some info about how I "fixed" this issue.

  • Moved to Terraform 0.13.4
  • Kept the same Cloudflare provider version 2.11.0
  • Removed the reference to this resource in my state file with terraform state rm cloudflare_zone_settings_override.zone_settings_override
  • terraform apply and lo and behold, it works.

I have no idea how this behaviour came about, and no idea about how it went away.

HTH

I'll go ahead and close this issue, and let the maintainers focus on the brilliant work they're doing. Thanks again to them

@kda-jt kda-jt closed this as completed Oct 16, 2020
@ChristophShyper ChristophShyper mentioned this issue Feb 19, 2021
Closed
@vital4ik
Copy link

are there plans to fix this properly? our workloads keep crashing on this randomly

boekkooi-lengoo pushed a commit to boekkooi-lengoo/terraform-provider-cloudflare that referenced this issue Feb 28, 2022
@jacobbednarz
Merge pull request cloudflare#808 from zakcutner/ratelimit-counting-e…
c92a2be 
…xpression

Change ratelimit `mitigation_expression` to `counting_expression`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vital4ik @kda-jt