Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error creating keycloak_attribute_importer_identity_provider_mapper #474

Closed
embody opened this issue Jan 27, 2021 · 2 comments · Fixed by #556
Closed

Error creating keycloak_attribute_importer_identity_provider_mapper #474

embody opened this issue Jan 27, 2021 · 2 comments · Fixed by #556

Comments

@embody
Copy link

embody commented Jan 27, 2021

When I try to create a keycloak_attribute_importer_identity_provider_mapper for a keycloak_saml_identity_provider, Terraform runs into a crash. You can find the repo file in the main.txt attachment.
When I comment out the mapper on the first apply, the Identity Provider is created. If I now uncomment the mapper and apply again, the mapper is created correctly.
But if I try to apply both together, it runs to the crash.log that I've attached.

On top of the callstack I find the following error:

Error: rpc error: code = Unavailable desc = transport is closingpanic: runtime error: invalid memory address or nil pointer dereference 2021-01-27T16:22:24.411+0100 [DEBUG] plugin.terraform-provider-keycloak_v2.2.0.exe: [signal 0xc0000005 code=0x0 addr=0x8 pc=0xaae32e] 2021-01-27T16:22:24.411+0100 [DEBUG] plugin.terraform-provider-keycloak_v2.2.0.exe: 2021-01-27T16:22:24.411+0100 [DEBUG] plugin.terraform-provider-keycloak_v2.2.0.exe: goroutine 100 [running]: 2021-01-27T16:22:24.411+0100 [DEBUG] plugin.terraform-provider-keycloak_v2.2.0.exe: github.com/mrparkers/terraform-provider-keycloak/keycloak.(*KeycloakClient).NewIdentityProviderMapper(0xc00011c420, 0x0, 0xc00011c420, 0x0)

Am I doing something unintended here or is this a bug?

crash.log
main.txt
@mrparkers mrparkers mentioned this issue Jul 6, 2021
Merged
@mrparkers
Copy link
Contributor

Hi @embody, apologies for getting back to this so late.

The reason this config isn't working is because Terraform is trying to create the keycloak_saml_identity_provider resource in parallel with the keycloak_attribute_importer_identity_provider_mapper resource. You can use variable interpolation within the keycloak_attribute_importer_identity_provider_mapper resource to instruct Terraform to create the SAML identity provider first. The following config should work:

resource "keycloak_saml_identity_provider" "production_adfs" {
    realm        = "myRealm"
    alias        = "myAlias"
    enabled      = true
    entity_id = "foo" // this is now a required attribute, so this may be different for you

    single_sign_on_service_url = "https://adfs.local/adfs/ls/"
}

resource "keycloak_attribute_importer_identity_provider_mapper" "lastName_mapper" {  
  realm = "myRealm"
  name = "last_name"
  identity_provider_alias = keycloak_saml_identity_provider.production_adfs.alias
  attribute_name = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
  user_attribute = "lastName"
}

That being said, the provider shouldn't ever panic, even with a bad configuration, so I submitted #556 to fix this.

Thanks for the bug report!

@embody
Copy link
Author

embody commented Jul 7, 2021

Thanks for the explanation! Using variable interpolation did the trick 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix possible panic when creating identity provider mappers keycloak/terraform-provider-keycloak
2 participants
@mrparkers @embody