terraformterraform-provider-cloudflare

terraform plan resource cloudflare_list always wants to update in-place without changes

I've used terraform code like the example below to successfully create a list of IP addresses:

resource "cloudflare_list" "example" {
  account_id  = "f037e56e89293a057740de681ac9abbe"
  name        = "example_list"
  description = "example IPs for a list"
  kind        = "ip"

  item {
    value {
      ip = "192.0.2.0"
    }
    comment = "one"
  }

  item {
    value {
      ip = "192.0.2.1"
    }
    comment = "two"
  }
}

However, terraform plan always wants to swap the items around, e.g.:

  # cloudflare_list.example will be updated in-place
  ~ resource "cloudflare_list" "example" {
        id          = "xxxxxxxxxxxxxxxxxxxxxx"
        name        = "example_list"
        # (3 unchanged attributes hidden)

      ~ item {
          ~ comment = "one" -> "two"

          ~ value {
              ~ ip = "192.0.2.0" -> "192.0.2.1"
            }
        }
      ~ item {
          ~ comment = "two" -> "one"

          ~ value {
              ~ ip = "192.0.2.1" -> "192.0.2.0"
            }
        }
    }

It's a list, so I don't care if it gets swapped around, so I did apply, hoping that it was a one time thing. I got Apply complete! Resources: 0 added, 1 changed, 0 destroyed.

But once again, the next terraform plan shows the same thing. On the Cloudflare UI the list is unchanged. How do I fix this loop to get the desired "Your infrastructure is up-to-date"? Thank you.

My configuration is:

Terraform v1.3.3
on linux_amd64
+ provider registry.terraform.io/cloudflare/cloudflare v3.26.0
Solution

  • It's a known bug, check https://github.com/cloudflare/terraform-provider-cloudflare/issues/1827

    The workaround involves changing the order of items in your manifest to match cloudflare internal order. Try the following:

    resource "cloudflare_list" "example" {
  account_id  = "f037e56e89293a057740de681ac9abbe"
  name        = "example_list"
  description = "example IPs for a list"
  kind        = "ip"

  item {
    value {
      ip = "192.0.2.1"
    }
    comment = "two"
  }

  item {
    value {
      ip = "192.0.2.0"
    }
    comment = "one"
  }

}

    As per this comment

    Slight-workaround seems to be having the list items in the terraform to exactly match the order that it was created in (so manually reordering the list in terraform after applying it). It seems to be closely related to alphanumeric sorting allows for a subsequent plan/apply to not require changes.

    Edit: The sorting is actually alphanumeric, but you need to remove the special chars like /-_ and then sort the list, so the following is the correct order as Cloudflare sees it: