Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WAF V1 Provider #22378

Closed
JeremyPDC opened this issue Dec 30, 2021 · 7 comments · Fixed by #22978
Closed

WAF V1 Provider #22378

JeremyPDC opened this issue Dec 30, 2021 · 7 comments · Fixed by #22978
Labels
bug Addresses a defect in current functionality. crash Results from or addresses a Terraform crash or kernel panic. service/waf Issues and PRs that pertain to the waf service.

Comments

@JeremyPDC
Copy link

Using terraform version 1.0.11 and provider release 3.70.0.

When adding a new WEB ACL using WAF v1.

Resources used are the following.

resource "aws_wafregional_byte_match_set"
resource "aws_wafregional_rule"
resource "aws_wafregional_web_acl"

Plan worked fine but when running apply saw the following error.

https://gist.github.com/JeremyPDC/443f8b5b142a581f4166f65b5fb3387c

Looking into this it appears to be a problem with the following.

https://github.com/hashicorp/terraform-provider-aws/blob/main/internal/service/waf/helpers.go#L274

Fixed the provider in our terraform to version 3.61.0 which I think moves the code back to this.

Priority: aws.Int64(int64(rule["priority"].(int))),

from this

Priority: aws.Int64(rule["priority"].(int64)),

That fixed the problem.
@github-actions github-actions bot added needs-triage Waiting for first response or review from a maintainer. service/waf Issues and PRs that pertain to the waf service. labels Dec 30, 2021
@JeremyPDC JeremyPDC mentioned this issue Dec 30, 2021
Closed
@ewbankkit ewbankkit added bug Addresses a defect in current functionality. crash Results from or addresses a Terraform crash or kernel panic. and removed needs-triage Waiting for first response or review from a maintainer. labels Dec 31, 2021
@ewbankkit
Copy link
Contributor 

[10:37:29][Step 5/5] Stack trace from the terraform-provider-aws_v3.70.0_x5 plugin:
[10:37:29][Step 5/5] 
[10:37:29][Step 5/5] panic: interface conversion: interface {} is int, not int64
[10:37:29][Step 5/5] 
[10:37:29][Step 5/5] goroutine 190 [running]:
[10:37:29][Step 5/5] github.com/hashicorp/terraform-provider-aws/internal/service/waf.ExpandActivatedRule(...)
[10:37:29][Step 5/5] 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/hashicorp/terraform-provider-aws/internal/service/waf/helpers.go:274
[10:37:29][Step 5/5] github.com/hashicorp/terraform-provider-aws/internal/service/waf.DiffRuleGroupActivatedRules(0xef18990, 0x0, 0x0, 0xc0018a1330, 0x1, 0x1, 0xc002041730, 0xc000eae400, 0xc000eae000)
[10:37:29][Step 5/5] 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/hashicorp/terraform-provider-aws/internal/service/waf/helpers.go:246 +0xe33
[10:37:29][Step 5/5] github.com/hashicorp/terraform-provider-aws/internal/service/wafregional.updateWafRuleGroupResourceWR.func1(0xc001c9b0a0, 0xef18990, 0xc002041730, 0x0, 0x0)
[10:37:29][Step 5/5] 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/hashicorp/terraform-provider-aws/internal/service/wafregional/rule_group.go:249 +0xd0
[10:37:29][Step 5/5] github.com/hashicorp/terraform-provider-aws/internal/service/wafregional.(*WafRegionalRetryer).RetryWithToken.func1(0x2)
[10:37:29][Step 5/5] 	/opt/teamcity-agent/work/5d79fe75d4460a2f/src/github.com/hashicorp/terraform-provider-aws/internal/service/wafregional/token_handlers.go:36 +0x1fc
[10:37:29][Step 5/5] github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource.RetryContext.func1(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
[10:37:29][Step 5/5] 	/opt/teamcity-agent/work/5d79fe75d4460a2f/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/v2@v2.9.0/helper/resource/wait.go:27 +0x5b
[10:37:29][Step 5/5] github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource.(*StateChangeConf).WaitForStateContext.func1(0xc00203f680, 0xc00157f8f0, 0xc00254b9e0, 0xc002059780, 0xc000f7b658, 0xc000f7b650)
[10:37:29][Step 5/5] 	/opt/teamcity-agent/work/5d79fe75d4460a2f/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/v2@v2.9.0/helper/resource/state.go:110 +0x2e9
[10:37:29][Step 5/5] created by github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource.(*StateChangeConf).WaitForStateContext
[10:37:29][Step 5/5] 	/opt/teamcity-agent/work/5d79fe75d4460a2f/pkg/mod/github.com/hashicorp/terraform-plugin-sdk/v2@v2.9.0/helper/resource/state.go:83 +0x1c6
[10:37:29][Step 5/5] 
[10:37:29][Step 5/5] Error: The terraform-provider-aws_v3.70.0_x5 plugin crashed!
[10:37:29][Step 5/5] 
[10:37:29][Step 5/5] This is always indicative of a bug within the plugin. It would be immensely
[10:37:29][Step 5/5] helpful if you could report the crash with the plugin's maintainers so that it
[10:37:29][Step 5/5] can be fixed. The output above should help diagnose the issue.

@zalaps
Copy link

zalaps commented Jan 21, 2022

@JeremyPDC
I'm facing this issue in version = "3.73.0".
Has this been dispatched in any of releases?

@JeremyPDC
Copy link
Author

JeremyPDC commented Jan 21, 2022
edited by ewbankkit
Loading

I have not seen a fix. If you lock your version of terraform it will work. Though probably not ideal.

This is what ours is locked at for the moment.

terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      # This needs to be fixed due to a bug found in the waf provider code
      version = "3.61.0"
    }
  }
}

@zalaps
Copy link

zalaps commented Jan 21, 2022
edited
Loading

terraform { required_providers { aws = { source = "hashicorp/aws" # This needs to be fixed due to a bug found in the waf provider code version = "3.61.0" } } }

Forcing version to stay at 3.61.0 worked smoothly. I was able to get ipset, rule, rule group and web-acl successfully. Strangely, I was not able to visualize created resources on AWS Console. Later realized that WAFv2 will not display it as it has different set of APIs. Out of curiosity checked in WAF Classic as well, couldn't find any resources on Console UI.

Anyways, I moved to WAFv2. Worked OK with 3.73.0.

Thanks @JeremyPDC for quick response. Have a good weekend!

@ewbankkit ewbankkit mentioned this issue Jan 26, 2022
Closed
@ewbankkit
Copy link
Contributor

Related: #19613.

@davewongillies
Copy link
Contributor

We're seeing this with 3.69.0 as well.

@anGie44 anGie44 mentioned this issue Feb 6, 2022
Merged
@ewbankkit ewbankkit mentioned this issue Feb 17, 2022
Merged
@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators May 16, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. crash Results from or addresses a Terraform crash or kernel panic. service/waf Issues and PRs that pertain to the waf service.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

waf/helpers: prevent panic during ExpandActivatedRule method hashicorp/terraform-provider-aws
4 participants
@davewongillies @ewbankkit @zalaps @JeremyPDC