Skip to content

fix(spartan): drop broken Terraform validations on RPC ingress vars#22786

Merged
alexghr merged 3 commits into
merge-train/spartanfrom
claudebox/nightly-spartan-failure-0425
Apr 25, 2026
Merged

fix(spartan): drop broken Terraform validations on RPC ingress vars#22786
alexghr merged 3 commits into
merge-train/spartanfrom
claudebox/nightly-spartan-failure-0425

Conversation

@AztecBot

@AztecBot AztecBot commented Apr 25, 2026
edited
Loading

Copy link
Copy Markdown
Collaborator

The Nightly Spartan Scenario CI broke on v5.0.0-nightly.20260425 (run). Both ci-network-scenario (1) and (2) jobs died inside terraform plan for deploy-aztec-infra after about 5 seconds.

Root cause

The RPC_INGRESS_LOG_SAMPLE_RATE variable added in #21591 (chore: setup CloudDNS and CloudArmor) had this validation:

condition = var.RPC_INGRESS_LOG_SAMPLE_RATE == null || (var.RPC_INGRESS_LOG_SAMPLE_RATE >= 0 && var.RPC_INGRESS_LOG_SAMPLE_RATE <= 1)

|| does not short-circuit inside a Terraform validation condition — Terraform eagerly evaluates the var.X >= 0 subexpression, and null >= 0 errors with argument must not be null, aborting the plan. next-scenario does not set this var, so deploy_network.sh writes the default literal null into the generated terraform.tfvars, which trips the validation.

Yesterday's nightly tag (v5.0.0-nightly.20260424 at 848af53aa) was cut before that commit landed.

Fix

Drop the validation blocks on the variables that #21591 added: RPC_INGRESS_LOG_SAMPLE_RATE and RPC_INGRESS_SESSION_AFFINITY. Both are forwarded into the GCE BackendConfig, which validates the values server-side; the Terraform-level checks were duplicating that validation and the LOG_SAMPLE_RATE one was outright broken.

Full analysis (failure logs, reproduction, etc.): https://gist.github.com/AztecBot/14f1172ad743662595c1bdc630958d99

@AztecBot AztecBot added ci-draft Run CI on draft PRs. claudebox Owned by claudebox. it can push to this PR. labels Apr 25, 2026
@AztecBot AztecBot changed the title fix(spartan): allow null RPC_INGRESS_LOG_SAMPLE_RATE in Terraform validation fix(spartan): drop broken RPC_INGRESS_LOG_SAMPLE_RATE Terraform validation Apr 25, 2026
@AztecBot AztecBot changed the title fix(spartan): drop broken RPC_INGRESS_LOG_SAMPLE_RATE Terraform validation fix(spartan): drop broken Terraform validations on RPC ingress vars Apr 25, 2026
@alexghr alexghr marked this pull request as ready for review April 25, 2026 05:15
@alexghr alexghr enabled auto-merge (squash) April 25, 2026 05:16
@alexghr alexghr merged commit 0d02475 into merge-train/spartan Apr 25, 2026
21 of 30 checks passed
@alexghr alexghr deleted the claudebox/nightly-spartan-failure-0425 branch April 25, 2026 05:17
This was referenced Apr 25, 2026
Merged
Closed
chrismarino pushed a commit to chrismarino/aztec-packages that referenced this pull request May 5, 2026
@AztecBot
feat: merge-train/spartan (AztecProtocol#22779)
68f8b05 
BEGIN_COMMIT_OVERRIDE
chore(node): fix p2p services start-stop (AztecProtocol#22776)
fix(spartan): break stale terraform state locks on ephemeral namespaces
(AztecProtocol#22777)
fix(spartan): drop broken Terraform validations on RPC ingress vars
(AztecProtocol#22786)
END_COMMIT_OVERRIDE
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@alexghr alexghr alexghr approved these changes

Assignees

No one assigned

Labels

ci-draft Run CI on draft PRs. ci-skip claudebox Owned by claudebox. it can push to this PR.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AztecBot @alexghr