Skip to content

k8s_acl rules trigger changes at each run ( sorting issue? ) #3233

New issue
New issue
Open
Bug
#3241
Open
k8s_acl rules trigger changes at each run ( sorting issue? )#3233
Bug
#3241
Assignees
Mia-Cross
Labels
k8sKubernetes Kapsule issues, bugs and feature requestspriority:highestBugs filled by customers, security issues
@enys

Description

@enys
enys
opened on Jul 28, 2025

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

2025-07-28T08:31:11.813Z [INFO] Terraform version: 1.12.2
2025-07-28T08:31:11.813Z [DEBUG] using github.com/hashicorp/go-tfe v1.74.1
2025-07-28T08:31:11.813Z [DEBUG] using github.com/hashicorp/hcl/v2 v2.23.1-0.20250203194505-ba0759438da2
2025-07-28T08:31:11.813Z [DEBUG] using github.com/hashicorp/terraform-svchost v0.1.1
2025-07-28T08:31:11.813Z [DEBUG] using github.com/zclconf/go-cty v1.16.2
2025-07-28T08:31:11.813Z [INFO] Go runtime version: go1.24.2

Affected Resource(s)

  • scaleway_k8s_acl

Terraform Configuration Files

# Copy-paste the minimal (if possible) terraform configuration to reproduce the bug here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key: https://keybase.io/hashicorp

Debug Output

Log is too sensitive. I'm reachable via slack if needed.

Panic Output

Expected Behavior

Once k8s_acl's are applied, terraform does not detect changes.

Actual Behavior

Changes are detected, acl rules are re-sorted and applied.
resulting in :

update
acl_rules {
update
description :
"Allow traffic for XXX home"
change to
"Allow traffic for YYY home"
no-op
id :
"e714fd1d-48e6-4b8b-ae3e-1eba1a3d3025"
update
ip :
"IP1/32"
change to
"IP2/32"

anonymised IP and descriptions.

Steps to Reproduce

Create a list of > 3 ACL base on https://registry.terraform.io/providers/scaleway/scaleway/latest/docs/resources/k8s_acl#basic

  1. terraform apply

Important Factoids

References

  • #0000

Slack thread : https://scaleway-community.slack.com/archives/CD9JPK4KF/p1752670758604459

Metadata

Metadata

Assignees

Labels

k8sKubernetes Kapsule issues, bugs and feature requestspriority:highestBugs filled by customers, security issues

Type

Bug

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions