Skip to content

Resource coderd_user: Plan fails when user was deleted outside of terraform #208

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
michvllni opened this issue Apr 11, 2025 · 2 comments · Fixed by #209
Closed

Resource coderd_user: Plan fails when user was deleted outside of terraform #208

michvllni opened this issue Apr 11, 2025 · 2 comments · Fixed by #209
Assignees
@ethanndickson

Comments

@michvllni
Copy link

michvllni commented Apr 11, 2025
edited
Loading

When a user created via the coderd provider is removed outside of terraform, the plan fails because it cannot find the user.

resource "coderd_user" "user" {
  username = "myuser"
  email = "myuser@myorg.com"
  name = "My User"
  roles = []
  login_type = "oidc"
}
╷
│ Error: Client Error
│ 
│   with coderd_user.user,
│   on users.tf line 1, in resource "coderd_user" "user":
│    1: resource "coderd_user" "user" {
│ 
│ Unable to get current user, got error: GET
│ https://<REDACTED url>/api/v2/users/<REDACTED user id>:
│ unexpected status code 400: "user" must be an existing uuid or username.
│ 	Error: queried user="<REDACTED user id>"
╵

I would have expected the provider to mark this as deleted instead of running into an error
@michvllni michvllni changed the title Plan fails when user was deleted outside of terraform Resource coderd_user: Plan fails when user was deleted outside of terraform Apr 11, 2025
@ethanndickson ethanndickson self-assigned this Apr 14, 2025
@ethanndickson
Copy link
Member

ethanndickson commented Apr 14, 2025
edited
Loading

Unlike all the other resources, it looks like we send a 400 if the User is missing, instead of a 404, so this was missed by #102..
I'll update the provider to handle that.

However, I can't reproduce your issue exactly. FWICT api/v2/users/{ID} queries continue to work after the user is deleted, as the DB query doesn't filter out users where deleted is true. What version of Coder are you running?

EDIT: This is just because I'm authorized as Owner. Not sure if that's by design, but it kinda makes sense.

@michvllni
Copy link
Author

michvllni commented Apr 14, 2025
edited
Loading

I'm using coder version 2.20.0 with coder provider version 2.3.0 and coder provider version 0.0.10

However, I might have misunderstood something. I didn't know that coder doesnt completely remove the just but just adds a deleted flag.

In my case, I reset my database to have a fresh start as I broke some stuff and wanted to test a green-field-ish deployment.

So the user actually was not in the database, but still in the terraform state

@ethanndickson ethanndickson mentioned this issue Apr 14, 2025
Merged
ethanndickson added a commit that referenced this issue Apr 16, 2025
@ethanndickson
fix: handle user deletion config drift (#209)
5503d71 
Closes #208.

Querying `api/v2/users/{ID}` returns a valid response for deleted users, as deleted users in `coderd` are merely tombstoned. To handle this, we perform an additional query by username. If the user has been deleted, the username will be available, or belong to a user with a different ID, in which case we can mark the user resource as deleted.

Also has the `isNotFound` check include the specific response for when a user does not exist:
```
sdkErr.StatusCode() == http.StatusBadRequest && strings.Contains(sdkErr.Message, "must be an existing uuid or username")
```
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ethanndickson ethanndickson

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: handle user deletion config drift coder/terraform-provider-coderd
2 participants
@ethanndickson @michvllni