Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

eks module tries to force cluster recreation if no cluster_security_group_id specified #1892

Closed
davidaah opened this issue Feb 22, 2022 · 3 comments · Fixed by #1934
Closed

eks module tries to force cluster recreation if no cluster_security_group_id specified #1892

davidaah opened this issue Feb 22, 2022 · 3 comments · Fixed by #1934

Comments

@davidaah
Copy link

davidaah commented Feb 22, 2022
edited
Loading

Description

There seems to be a regression of a very old issue #798 where if
cluster_security_group_id is not specified and creation is disabled, the EKS module will try and replace the cluster every time.

Technically, the EKS module documentation does indicate cluster_security_group_id is a required parameter if create_cluster_security_group is set to false, however it is an optional parameter in the dependent aws_eks_cluster module and it should not be required since EKS creates a baseline cluster security group on cluster creation no matter what.

I think this should be as simple as wrapping this line in compact() --
https://github.com/terraform-aws-modules/terraform-aws-eks/blob/master/main.tf#L16 to restore the previous behavior of removing any empty string values

Versions

  • Terraform:
    • Terraform v1.1.4 on darwin_amd64
  • Provider(s):
    • provider registry.terraform.io/hashicorp/aws v3.74.3
    • provider registry.terraform.io/hashicorp/cloudinit v2.2.0
    • provider registry.terraform.io/hashicorp/tls v3.1.0
  • Module:
    • 18.2.7

Reproduction

Steps to reproduce the behavior:

  • Run terraform plan/terraform apply
  • After first apply, re-run terraform plan
      ~ vpc_config {
          ~ cluster_security_group_id = "sg-XXXXXX" -> (known after apply)
          ~ security_group_ids        = [ # forces replacement
              + "",
            ]
          ~ vpc_id                    = "vpc-YYYYY" -> (known after apply)
            # (4 unchanged attributes hidden)
        }

Code Snippet to Reproduce

module "eks" {
  source  = "terraform-aws-modules/eks/aws"
  version = "18.7.2"

  cluster_name                    = "test-cluster"
...

  create_cluster_security_group = false
  create_node_security_group    = false
...
}

Expected behavior

Modules should not detect any changes

Actual behavior

Module thinks something has changed and tries to destroy
@drunkirishcoder
Copy link

can confirm, ran into this bug too, and compact fixes it.

@davidaah davidaah mentioned this issue Mar 1, 2022
Closed
1 task
@bryantbiggs bryantbiggs mentioned this issue Mar 10, 2022
Merged
1 task
@antonbabenko
Copy link
Member

This issue has been resolved in version 18.10.1 🎉

@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 13, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@drunkirishcoder @antonbabenko @bryantbiggs @davidaah