Crash reading kubernetes_manifest remote object

[david-garcia-garcia]

Terraform Version, Provider Version and Kubernetes Version

Terraform version: 1.8.5
Kubernetes provider version:
Kubernetes version: 1.29.4

Affected Resource(s)

• kubernetes_manifest

Current deployed state:

# Please edit the object below. Lines beginning with a '#' will be ignored,
# and an empty file will abort the edit. If an error occurs while saving this file will be
# reopened with the relevant failures.
#
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
  creationTimestamp: "2024-07-02T13:32:06Z"
  generation: 7
  name: my-coraza-http-wasm-traefik
  namespace: traefik
  resourceVersion: "69273585"
  uid: 09342471-b20e-4c1a-8aa8-422e878f60b4
spec:
  plugin:
    coraza:
      directives:
      - SecRuleEngine On
      - SecDebugLog /dev/stdout
      - SecDebugLogLevel 9
      - SecRequestBodyAccess On
      - SecRequestBodyInMemoryLimit 256000
      - SecRequestBodyLimit 134217728
      - SecRule ARGS "@detectSQLi" "id:153,phase:2,deny,status:403,log,msg:'SQL Injection
        Detected in Argument'"
    coraza-http-wasm-traefik:
      directives:
      - SecRuleEngine On
      - SecDebugLog /dev/stdout
      - SecDebugLogLevel 9
      - SecRule ARGS "@detectSQLi" "id:153,phase:2,deny,status:403,log,msg:'SQL Injection
        Detected in Argument'"
      - SecRule REQUEST_URI "@detectSQLi" "id:152,phase:2,deny,status:403,log,msg:'SQL
        Injection Detected'"

Resource in TF

resource "kubernetes_manifest" "my_coraza_http_wasm_traefik" {
  provider = kubernetes.aks
  manifest = {
    apiVersion = "traefik.io/v1alpha1"
    kind       = "Middleware"
    metadata = {
      name      = "my-coraza-http-wasm-traefik"
      namespace = "${kubernetes_namespace.traefik.metadata[0].name}"
    }
    spec = {
      plugin = {
        coraza-http-wasm-traefik = {
          directives = [
            "SecRuleEngine On",
            "SecDebugLog /dev/stdout",
            "SecDebugLogLevel 9",
            "SecRule ARGS \"@detectSQLi\" \"id:153,phase:2,deny,status:403,log,msg:'SQL Injection Detected in Argument'\"",
            "SecRule REQUEST_URI \"@detectSQLi\" \"id:152,phase:2,deny,status:403,log,msg:'SQL Injection Detected'\""
          ]
        }
      }
    }
  }
  depends_on = [helm_release.traefik]
}

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key.

Debug Output

Panic Output

Steps to Reproduce

Expected Behavior

No error.

Actual Behavior

Stack trace from the terraform-provider-kubernetes_v2.30.0_x5.exe plugin:

panic: ElementKeyString("coraza-http-wasm-traefik"): can't use tftypes.Object["directives":tftypes.Tuple[tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String]] as tftypes.Object["directives":tftypes.Tuple[tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String, tftypes.String]]

goroutine 61 [running]:
github.com/hashicorp/terraform-plugin-go/tftypes.NewValue(...)
        github.com/hashicorp/[email protected]/tftypes/value.go:278
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.mapToTFMapValue(0x262be40?, {0x2ab4cf0?, 0xc0032835f0}, 0x0?, 0xc00258dc80)
        github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:247 +0x669
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.ToTFValue({0x24355c0?, 0xc003519ef0?}, {0x2ab4cf0, 0xc0032835f0}, 0xc0034ddca0?, 0x998b48?)
        github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:130 +0x974
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.mapToTFObjectValue(0x263fde0?, {0x2ab4c40?, 0xc0033fd6b0}, 0xc0034ddca0?, 0xc00258d938)
        github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:259 +0x308
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.ToTFValue({0x24355c0?, 0xc003519ec0?}, {0x2ab4c40, 0xc0033fd6b0}, 0x1?, 0xc001e46f68?)
        github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:128 +0x9aa
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.mapToTFObjectValue(0x263fde0?, {0x2ab4c40?, 0xc0034e2fc0}, 0x552?, 0xc00258d608)
        github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:259 +0x308
github.com/hashicorp/terraform-provider-kubernetes/manifest/payload.ToTFValue({0x24355c0?, 0xc003519bc0?}, {0x2ab4c40, 0xc0034e2fc0}, 0x0?, 0x0?)
        github.com/hashicorp/terraform-provider-kubernetes/manifest/payload/to_value.go:128 +0x9aa
github.com/hashicorp/terraform-provider-kubernetes/manifest/provider.(*RawProviderServer).ReadResource(0xc000066e00, {0x2aadb58, 0xc001c1edb0}, 0xc003d41580)
        github.com/hashicorp/terraform-provider-kubernetes/manifest/provider/read.go:164 +0x155d
github.com/hashicorp/terraform-plugin-mux/tf5muxserver.(*muxServer).ReadResource(0x2aadb90?, {0x2aadb58?, 0xc001c1eab0?}, 0xc003d41580)
        github.com/hashicorp/[email protected]/tf5muxserver/mux_server_ReadResource.go:35 +0x193
github.com/hashicorp/terraform-plugin-go/tfprotov5/tf5server.(*server).ReadResource(0xc000128320, {0x2aadb58?, 0xc001c1e300?}, 0xc00062c8a0)
        github.com/hashicorp/[email protected]/tfprotov5/tf5server/server.go:775 +0x4c3
github.com/hashicorp/terraform-plugin-go/tfprotov5/internal/tfplugin5._Provider_ReadResource_Handler({0x26a8020?, 0xc000128320}, {0x2aadb58, 0xc001c1e300}, 0xc003abfd00, 0x0)
        github.com/hashicorp/[email protected]/tfprotov5/internal/tfplugin5/tfplugin5_grpc.pb.go:482 +0x169
google.golang.org/grpc.(*Server).processUnaryRPC(0xc0001d0e00, {0x2aadb58, 0xc001c1e270}, {0x2ab6080, 0xc000105380}, 0xc001bf2fc0, 0xc000e7af00, 0x3b65768, 0x0)
        google.golang.org/[email protected]/server.go:1386 +0xe23
google.golang.org/grpc.(*Server).handleStream(0xc0001d0e00, {0x2ab6080, 0xc000105380}, 0xc001bf2fc0)
        google.golang.org/[email protected]/server.go:1797 +0x100c
google.golang.org/grpc.(*Server).serveStreams.func2.1()
        google.golang.org/[email protected]/server.go:1027 +0x8b
created by google.golang.org/grpc.(*Server).serveStreams.func2 in goroutine 69
        google.golang.org/[email protected]/server.go:1038 +0x135

Error: The terraform-provider-kubernetes_v2.30.0_x5.exe plugin crashed!

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment