Merge request approval rule `any_approver` fails during apply if present in GitLab project
Created by: petrmvala
GitLab Provider version
3.12.0
GitLab version
Gitlab 14.8 Edition Ultimate
Terraform version
1.1
Relevant Terraform Configuration
resource "gitlab_project_approval_rule" "codeowners" {
count = local.gitlab_protect_count == 1 && local.try_codeowners_file ? 1 : 0
project = var.gitlab_project
name = "Any approver"
rule_type = "any_approver"
approvals_required = 1
}
Relevant log output
│ Error: POST https://gitlab.i-am-not-telling-you.com/api/v4/projects/some-id/approval_rules: 400 {message: {name: [has already been taken]}, {rule_type: [any-approver for the project already exists]}}
│
│ with module.my_project.gitlab_project_approval_rule.codeowners[0],
│ on gcp_project/gitlab_protect.tf line 55, in resource "gitlab_project_approval_rule" "codeowners":
│ 55: resource "gitlab_project_approval_rule" "codeowners" {
Description
The any_approver
approval rule can be present only once in the GitLab project. From UI it gets created automatically when someone increases the number of approvers from 0 to a different number. Even when decreased back to 0, the rule still exists and is not deleted.
The rule can only be deleted via API. The Terraform plan does not detect the presence of this rule and therefore produces a valid plan which then fails to apply because API rejects the creation of a new rule.
Edited by Timo Furrer