Can't disable container expiration policy

Created by: woz5999

GitLab Provider version

3.14.0

GitLab version

GitLab Enterprise Edition 15.1.0-pre ea5b0ffad8f

Terraform version

Terraform v1.1.2 on darwin_amd64

Relevant Terraform Configuration

resource "gitlab_project" "default" {
  approvals_before_merge                           = var.approvals_before_merge
  archived                                         = var.archived
  container_registry_enabled                       = var.container_registry_enabled
  default_branch                                   = var.default_branch
  initialize_with_readme                           = var.initialize_with_readme
  issues_enabled                                   = var.issues_enabled
  lfs_enabled                                      = var.lfs_enabled
  merge_method                                     = var.merge_method
  merge_requests_enabled                           = var.merge_requests_enabled
  name                                             = var.name
  namespace_id                                     = var.namespace_id
  only_allow_merge_if_all_discussions_are_resolved = var.only_allow_merge_if_all_discussions_are_resolved
  only_allow_merge_if_pipeline_succeeds            = var.only_allow_merge_if_pipeline_succeeds
  path                                             = var.path
  pipelines_enabled                                = var.pipelines_enabled
  remove_source_branch_after_merge                 = var.remove_source_branch_after_merge
  request_access_enabled                           = var.request_access_enabled
  shared_runners_enabled                           = var.shared_runners_enabled
  snippets_enabled                                 = var.snippets_enabled
  squash_option                                    = var.squash_option
  tags                                             = var.tags
  visibility_level                                 = var.visibility_level
  wiki_enabled                                     = var.wiki_enabled

  container_expiration_policy {
    enabled = false

    # cadence = var.container_registry_enabled ? var.container_expiration_policy_cadence : null
    # enabled = var.container_registry_enabled
    # keep_n  = var.container_registry_enabled ? var.container_expiration_policy_keep_n : null
  }
}

Relevant log output

~ container_expiration_policy {
          ~ enabled     = true -> false
            # (3 unchanged attributes hidden)
        }

Description

We used the terraform to enable the container expiration policy. After deciding to back out of this decision, it is not possible to disable the container expiration policy via the provider. Even though the plan shows the correct change, applying the change has no effect. The policy still shows enabled in the UI and a subsequent tf plan shows the same outstanding changes.

I can disable the policy just fine via the UI and API, but the tf provider is definitely broken when it comes to setting disabling the policy.

It seems like this was possibly discovered initially here: https://github.com/gitlabhq/terraform-provider-gitlab/issues/1039

Edited Dec 07, 2022 by Timo Furrer