Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Digital Ocean destroy times out when getting permission denied #3778

Closed
1 task
bearjaws opened this issue Nov 25, 2024 · 2 comments
Closed
1 task

Digital Ocean destroy times out when getting permission denied #3778

bearjaws opened this issue Nov 25, 2024 · 2 comments
Labels
bug Something isn't working new Un-triaged issue

Comments

@bearjaws
Copy link

Expected Behavior

Should probably error out immediately with a permission denied error

Actual Behavior

Times out after 60 seconds, continues to long poll the droplet waiting for its state to change.

Steps to Reproduce

  1. Create a DO token with permissions to create droplets, but without permissions to DELETE a droplet
  2. Create a droplet using CDKTF digital ocean provider
  3. Deploy the stack
  4. Run cdktf destroy
  5. After 60 seconds it times out

Turn on debugging and observe

2024-11-25T09:53:39.496-0500 [INFO]  provider.terraform-provider-digitalocean_v2.44.1: 2024/11/25 09:53:39 [DEBUG] DELETE https://api.digitalocean.com/v2/droplets/459842266: timestamp=2024-11-25T09:53:39.470-0500
digitalocean-droplet  2024-11-25T09:53:39.618-0500 [INFO]  provider.terraform-provider-digitalocean_v2.44.1: 2024/11/25 09:53:39 [DEBUG] DigitalOcean API Response Details:
                      ---[ RESPONSE ]--------------------------------------
                      HTTP/2.0 403 Forbidden
                      Cf-Cache-Status: DYNAMIC
                      Cf-Ray: 8e827832befcbfae-ATL
                      Content-Type: application/json
                      Date: Mon, 25 Nov 2024 14:53:39 GMT
                      Ratelimit-Limit: 5000
                      Ratelimit-Remaining: 4952
                      Ratelimit-Reset: 1732549059
                      Server: cloudflare

Will then long poll waiting for the droplet state to change

2024-11-25T09:53:52.943-0500 [INFO]  provider.terraform-provider-digitalocean_v2.44.1: 2024/11/25 09:53:52 [DEBUG] GET https://api.digitalocean.com/v2/droplets/459842266: timestamp=2024-11-25T09:53:52.942-0500

Versions

language: typescript cdktf 0.20.10 node v20.12.0

do provider ^11.10.1
"registry.terraform.io/digitalocean/digitalocean": "2.44.1"

Providers

┌───────────────────────────┬──────────────────┬─────────┬────────────┬──────────────────────────────┬─────────────────┐
│ Provider Name │ Provider Version │ CDKTF │ Constraint │ Package Name │ Package Version │
├───────────────────────────┼──────────────────┼─────────┼────────────┼──────────────────────────────┼─────────────────┤
│ digitalocean/digitalocean │ 2.44.1 │ │ │ │ │
├───────────────────────────┼──────────────────┼─────────┼────────────┼──────────────────────────────┼─────────────────┤
│ digitalocean/digitalocean │ 2.44.1 │ ^0.20.0 │ │ @cdktf/provider-digitalocean │ 11.10.1 │

Gist

https://gist.github.com/bearjaws/fa7b3e8afc6955d4fc17ff486d64ddbf

Possible Solutions

Should detect 403 errors when calling DELETE

Workarounds

Turn on debugging to observe what 403 errors are preventing destroy

Anything Else?

No response

References

No response

Help Wanted

  • I'm interested in contributing a fix myself

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
@bearjaws bearjaws added bug Something isn't working new Un-triaged issue labels Nov 25, 2024
@bearjaws bearjaws changed the title Digital Ocean destroy times out when getting permission died Digital Ocean destroy times out when getting permission denied Nov 25, 2024
@DanielMSchmidt
Copy link
Contributor

This seems like a provider / permission issue with digital ocean, please check in with them

@DanielMSchmidt DanielMSchmidt closed this as not planned Won't fix, can't repro, duplicate, stale Dec 9, 2024
@bearjaws
Copy link
Author

bearjaws commented Dec 9, 2024

@DanielMSchmidt it is a permission error, but instead of showing a permission error, it times out after 60 seconds. Exiting with a timeout error, not a permission error.

Shouldn't an end user expect a permission error to show? I had to turn on trace debugging in order to find the error in the logs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working new Un-triaged issue
Projects
None yet
Development

No branches or pull requests

2 participants