Cloudflare record content always causes updates even when the value doesn't change

[alexluong]

Confirmation

• This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
• I have searched the issue tracker and my issue isn't already found.
• I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform v1.8.5
on darwin_arm64

• provider registry.terraform.io/cloudflare/cloudflare v4.40.0

Affected resource(s)

• cloudflare_record

Terraform configuration files

locals {
  ipv6 = "my_ipv6"
}

resource "cloudflare_record" "my_record" {
  zone_id = cloudflare_zone.my_zone.id
  type    = "AAAA"
  name    = "v6"
  content = local.ipv6
  proxied = true
  ttl     = 1
}

Link to debug output

https://gist.github.com/alexluong/aebb6f23c57805ff87316f8dd74667ac

Panic output

No response

Expected output

After the initial terraform apply, subsequent runs won't show any changes.

Actual output

Terraform registers that the record is always changing, causing "cloudflare_record.my_record will be updated in-place" on every terraform plan.

Steps to reproduce

1. Set up a new Cloudflare Record resource where the content is a variable (either a local variable or coming from another resource)
2. Run terraform apply to apply the change
3. Run terraform apply again immediately

Additional factoids

No response

References

Maybe this is fixed by #3776, I'm not sure. It seems this resource & field is actively being worked on.

[github-actions]

Community Note

Voting for Prioritization

• Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

• If you are interested in working on this issue, please leave a comment.
• If this would be your first contribution, please review the contribution guide.

[jacobbednarz]

the issue here is that you're using the shortened IPv6 address and we don't flatten it in the provider. if you use the expanded version for now, you won't see the drift.

[alexluong]

Just to make sure I understand you correctly:

I'm using the IPv6 value from Vultr provider. You're saying that they use the shortened IPv6 version which causes a drift because CF provider would store the full version in the state. So until it's fixed, my best approach to resolve the issue is to transform the shortened IPv6 somehow to its full version before sending to CF.

Does that sound right? I'm not super fluent in networking so just want to make sure I'm not misunderstanding anything here.

Thanks!

[jacobbednarz]

ipv6 addresses allow you to represent values in multiple ways while all meaning the same thing. two examples:

• 1050:0000:0000:0000:0005:0600:300c:326b can be written as 1050:0:0:0:5:600:300c:326b ( leading zeros can be omitted)
• ff06:0:0:0:0:0:0:c3 can be written as ff06::c3 (double colons can represent "empty" or a series of 0s)

by the sounds of things, another provider is giving you the trimmed version while cloudflare is always expanding or padding it.

you can always use ignore_changes on the IP field in the meantime to keep sane diffs but be aware if it does actually change, it will be missed.

[alexluong]

Thanks for the explanation @jacobbednarz, I appreciate it. Since this issue remains open, I assume yall plan to support this use case in the future, correct? No rush, just want to understand if I need to come up with a long-term fix for this or not.

No rush either way, it's a personal use case so I can make do with some oddity if it will be addressed later. Also open to potentially making a PR if that's something you may find helpful.

[jacobbednarz]

this isn't something on the team's radar right now. i'm focused elsewhere but can review a PR if you'd like to send one over.

[github-actions]

This functionality has been released in v4.41.0 of the Terraform Cloudflare Provider.

Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!