Provider produced inconsistent result after apply

[kdavis5]

Describe the bug

When pushing or creating a new administrative tag using the resource panos_panorama_administrative_tag.application_tag I get the error "Provider produced inconsistent result after apply"

When applying changes to panos_panorama_administrative_tag.application_tag,
provider "provider["registry.terraform.io/paloaltonetworks/panos"]"
produced an unexpected new value: Root resource was present, but now
absent.

I get a warning but the tag does look like it installs in panorama. The firewall team commits later.
Next time I run the terraform file it looks like the tag never made it into the state file because TF wants to create the tag again. Same error results each time I run it without any changes.

Expected behavior

to get message that tag is created and a clean apply. No errors.
since I made no changes to the TF file, I would expect TF reads that state file and i get the message "No changes. Your infrastructure matches the configuration."

Current behavior

the error "Provider produced inconsistent result after apply"

When applying changes to panos_panorama_administrative_tag.application_tag,
provider "provider["registry.terraform.io/paloaltonetworks/panos"]"
produced an unexpected new value: Root resource was present, but now
absent.

each time I run the tf file it wants to build the tag again.

panos_panorama_administrative_tag.application_tag will be created

• resource "panos_panorama_administrative_tag" "application_tag" {
  • comment = "built by terraform"
  • device_group = "shared"
  • id = (known after apply)
  • name = "hw_app:dept_fm_sedanshv"
    }

Here is the terraform resource block

create firewall application tag

resource "panos_panorama_administrative_tag" "application_tag" {
name = "hw_app:${local.aci_application_profile_name}"
comment = "built by terraform"
}

Possible solution

Not sure, error states: This is a bug in the provider, which should be reported in the provider's
own issue tracker.

Steps to reproduce

1. happens every time I use the resource to add an administrative tag to panorama

Screenshots

Context

I am using this resource to build out administrative tags to panorama so that they can be used as a tag to match components of an application and a predetermined security rule.

• Version used: Terraform v1.3.7 and Panorama version 10.2.4-h2 and Provider version 1.11.1

[welcome-to-palo-alto-networks]

🎉 Thanks for opening your first issue here! Welcome to the community!

[kdavis5]

Upgraded to Terraform 1.5.7 with no difference to outcome.
After my initial run, I don't see the resource in my state file. That would explain why it wants to re-create the object on each run. Provider is not adding this to the state file. Also validated that Panorama is in fact installing the tag.

[chris3ware]

I believe this is because of the colon in the tag name.

For example:

app:github produces the error described above even though the tag is added to panorama

but

app-github does not produce an error, the tag is added to panorama and the state file is updated.

[kdavis5]

chris3ware, I tested that and you are correct. It does appear to be an issue with that colon. So I wonder if this is by design or still a bug. I would love to have that colon since it matches our current conventions.