resource foreman_host not able to create host because of organization_id / location_id

[Elyytscha]

provider "foreman" {
  provider_loglevel = "INFO"
  provider_logfile = "terraform-provider-foreman.log"

  client_username = var.foreman_user
  client_password = var.foreman_password
  client_tls_insecure = "true"

  server_hostname = local.foreman_host
  server_protocol = "https"
  organization_id = "1"
  location_id = "10"
}

# Autogenerated example with required keys
resource "foreman_host" "test_host" {
  name = "testhost.domain.com"
  hostgroup_id = data.foreman_hostgroup.rocky9.id
  interfaces_attributes {
    type      = "interface"
    provision = true
    managed   = true
    subnet_id = data.foreman_subnet.infra.id
    ip        = "10.0.0.50"
  }
}

fails for me with

│ Error: HTTP Error:{
│   endpoint:   [https://foreman.domain.com/api/hosts]
│   statusCode: [422]
│   respBody:   [{
│   "error": {"id":null,"errors":{"organization_id":["can't be blank"]},"full_messages":["Organization can't be blank"]}
│ }
│ ]
│ }
│ 
│   with foreman_host.test_host,
│   on main.tf line 25, in resource "foreman_host" "test_host":
│   25: resource "foreman_host" "test_host" {

foreman version: 3.10.0
source = "terraform-coop/foreman"
version = "0.6.3"

[HectorIrr]

I believe that's because by adding quotes, you try to set both organization_id and location_id as strings.
What you want instead is for them to be integers (as they are IDs), so I think you should write:

  organization_id = 1
  location_id = 10

[Elyytscha]

i tried that already, i tried every variant which came to my mind, here the logs with debug with using no quotes:

provider "foreman" {
  organization_id = 1
  location_id = 10
  provider_loglevel = "DEBUG"
  provider_logfile = "terraform-provider-foreman.log"

  client_username = var.foreman_user
  client_password = var.foreman_password
  client_tls_insecure = "true"

  server_hostname = local.foreman_host
  server_protocol = "https"

}

2024/07/31 12:49:55 [DEBUG] Server: [{URL:{Scheme:https Opaque: User: Host:foreman.domain.com Path: RawPath: OmitHost:false ForceQuery:false RawQuery: Fragment: RawFragment:}}], ClientConfig: [{TLSInsecureEnabled:true NegotiateAuthEnabled:false LocationID:10 OrganizationID:1}]
2024/07/31 12:49:55 [DEBUG] Rest Client configured
2024/07/31 12:49:55 [TRACE] resource_foreman_host.go#resourceForemanHostCreate
2024/07/31 12:49:55 [TRACE] resource_foreman_host.go#buildForemanHost
2024/07/31 12:49:55 [TRACE] resource_foreman_host.go#buildForemanInterfacesAttributes
2024/07/31 12:49:55 [TRACE] mapToForemanInterfacesAttribute
2024/07/31 12:49:55 [DEBUG] m: [map[attached_devices: attached_to: bmc_provider: compute_attributes:map[network:vmware-network type:VirtualVmxnet3] id:0 identifier: ip:10.0.0.50 mac: managed:true name: password: primary:false provision:true subnet_id:1 type:interface username: virtual:false]], tempIntAttr: [{Id:0 SubnetId:1 Identifier: Name: Username: Password: Managed:true Provision:true Virtual:false Primary:false IP:10.0.0.50 MAC: Type:interface Provider: AttachedDevices: AttachedTo: ComputeAttributes:map[network:vmware-network type:VirtualVmxnet3] Destroy:false}]
2024/07/31 12:49:55 [DEBUG] ForemanHost: [&{ForemanObject:{Id:0 Name:testhost.domain.com CreatedAt: UpdatedAt:} Shortname: Build:true BuildStatus:0 BuildStatusLabel: ProvisionMethod:build DomainId:<nil> DomainName: OwnerId:<nil> OwnerType: EnvironmentId:<nil> HostgroupId:0xc00023eb40 ArchitectureId:<nil> SubnetId:<nil> OperatingSystemId:<nil> MediumId:<nil> ImageId:<nil> ModelId:<nil> PtableId:<nil> EnableBMC:false BMCSuccess:false Managed:true Comment: InterfacesAttributes:[{Id:0 SubnetId:1 Identifier: Name: Username: Password: Managed:true Provision:true Virtual:false Primary:false IP:10.0.0.50 MAC: Type:interface Provider: AttachedDevices: AttachedTo: ComputeAttributes:map[network:vmware-network type:VirtualVmxnet3] Destroy:false}] HostParameters:[{Name:function Value:rev-proxy}] ComputeAttributes:map[] ComputeResourceId:<nil> ComputeProfileId:<nil> PuppetClassIds:[] Token: ConfigGroupIds:[] PuppetAttributes:{Puppetclass_ids:[] ConfigGroup_ids:[]} RootPassword:}]
2024/07/31 12:49:55 [TRACE] foreman/api/host.go#CreateHost
2024/07/31 12:49:55 [DEBUG] client.go#WrapJSONWithTaxonomy: item map[host:0xc000258000 location_id:10 organization_id:1]
2024/07/31 12:49:55 [DEBUG] hJSONBytes: [{"host":{"id":0,"name":"testhost.domain.com","created_at":"","updated_at":"","build":true,"build_status":0,"build_status_label":"","provision_method":"build","hostgroup_id":44,"managed":true,"comment":"","interfaces_attributes":[{"subnet_id":1,"identifier":"","name":"","managed":true,"provision":true,"virtual":false,"primary":false,"ip":"10.0.0.50","mac":"","type":"interface","provider":"","compute_attributes":{"network":"vmware-network","type":"VirtualVmxnet3"}}],"host_parameters_attributes":[{"name":"function","value":"rev-proxy"}],"config_group_ids":null,"puppet_attributes":{"puppetclass_ids":null,"config_group_ids":null}},"location_id":10,"organization_id":1}]
2024/07/31 12:49:55 [DEBUG] method: [POST], endpoint: [/hosts]
2024/07/31 12:49:55 [DEBUG] reqURL: [https://foreman.domain.com/api/hosts]
2024/07/31 12:49:55 [DEBUG] CreatedHost: Retry #[0]
2024/07/31 12:49:55 [DEBUG] server response:{
  endpoint:   [https://foreman.domain.com/api/hosts]
  method:     [POST]
  statusCode: [422]
  respBody:   [{
  "error": {"id":null,"errors":{"organization_id":["can't be blank"]},"full_messages":["Organization can't be blank"]}
}
]
}
2024/07/31 12:49:55 [DEBUG] CreatedHost: Retry #[1]
2024/07/31 12:49:56 [DEBUG] server response:{
  endpoint:   [https://foreman.domain.com/api/hosts]
  method:     [POST]
  statusCode: [422]
  respBody:   [{
  "error": {"id":null,"errors":{"organization_id":["can't be blank"]},"full_messages":["Organization can't be blank"]}
}
]
}

foreman says:

2024-07-31T12:32:31 [I|app|dcf1d208] Started POST "/api/hosts" for 10.0.0.51 at 2024-07-31 12:32:31 +0200                                                                                                                                   
2024-07-31T12:32:31 [I|app|dcf1d208] Processing by Api::V2::HostsController#create as JSON                                                                                                                                                   
2024-07-31T12:32:31 [I|app|dcf1d208]   Parameters: {"host"=>{"id"=>0, "name"=>"testhost.domain.com", "created_at"=>"", "updated_at"=>"", "build"=>true, "build_status"=>0, "build_status_label"=>"", "provision_method"=>"build", "hostgroup_id"=>
44, "managed"=>true, "comment"=>"", "interfaces_attributes"=>[{"subnet_id"=>1, "identifier"=>"", "name"=>"", "managed"=>true, "provision"=>true, "virtual"=>false, "primary"=>false, "ip"=>"10.0.0.50", "mac"=>"", "type"=>"interface", "p
rovider"=>"", "compute_attributes"=>{"network"=>"vmware-network", "type"=>"VirtualVmxnet3"}}], "host_parameters_attributes"=>[{"name"=>"function", "value"=>"[FILTERED]"}], "config_group_ids"=>nil, "puppet_attributes"=>{"puppetclass_ids"
=>nil, "config_group_ids"=>nil}}, "location_id"=>10, "organization_id"=>1, "apiv"=>"v2"}                                                                                                                                                     
2024-07-31T12:32:31 [I|app|dcf1d208] Skipping user group update for user <redacted> as usergroup_sync is disabled                                                                                                                                
2024-07-31T12:32:31 [I|app|dcf1d208] Authorized user <redacted>                                                                                                                                                                      
2024-07-31T12:32:31 [W|app|dcf1d208] Scoped order is ignored, it's forced to be batch order.                                                                                                                                                 
2024-07-31T12:32:31 [W|app|dcf1d208] Not queueing Host::Managed: ["Organization can't be blank"]                                                                                                                                             
2024-07-31T12:32:31 [W|app|dcf1d208] Not queueing Host::Managed: ["Organization can't be blank"]                                                                                                                                             
2024-07-31T12:32:31 [W|app|dcf1d208] Not queueing Host::Managed: ["Organization can't be blank"]                                                                                                                                             
2024-07-31T12:32:31 [E|app|dcf1d208] Unprocessable entity Host::Managed (id: new):                                                                                                                                                           
 dcf1d208 |   Organization can't be blank                                                                                                                                                                                                    
 dcf1d208 |  

[Elyytscha]

What I have found is that the terraform provider sends the org and loc id like this and fails:

[
    {
        "host": {
        },
        "location_id": 10,
        "organization_id": 1
    }
]

and the foreman web ui sends it like this with a successfull host creation:

[
    {
        "host": {
          "location_id": 10,
          "organization_id": 1
        },
    }
]

[bitkeks]

Thanks for investigating further!

These look like two different usages to me: in the first one, where host: {} is empty and the loc and org are stated, it's request context data. In the second, the loc and org for the request are guessed by your credentials and your supplied parameters are passed into the host struct.

That this works is just a coincidence because the host struct accepts these keys.

The error is in the first scenario. We had this already in other cases, where the fields need to be omitted. It's the difference between WrapJSON and WrapJSONWithTaxonomy.

[Elyytscha]

Thanks for investigating further!

These look like two different usages to me: in the first one, where host: {} is empty and the loc and org are stated, it's request context data. In the second, the loc and org for the request are guessed by your credentials and your supplied parameters are passed into the host struct.

That this works is just a coincidence because the host struct accepts these keys.

The error is in the first scenario. We had this already in other cases, where the fields need to be omitted. It's the difference between WrapJSON and WrapJSONWithTaxonomy.

you have understood whats mainly the case but you overlooked the issue

first its the opposite, the first one (org and loc outside host) is for guessing user context (what the terraform provider tries to do) but it never was correctly implemented by foreman so they do not use this

the second -> host{organization,location} is for setting the actual loc and organization id, as the foreman webui does it, thats why the foreman web ui can provision a host successfully and this provider can't

the foreman terraform provider uses host:{} location: organization:, thats wrong because host{location, organization} is not set, so it fails

the foreman webui does set host{location,organization} so it can successfully create a host, the webui NEVER sets loc and organization OUTSIDE host, there is no case where the webui does this

to note, the foreman ui does not set location, organization outside of the host{} even when loc and organization are defaulting to what is configured for the user.