search

1Password / terraform-provider-onepassword

Use the 1Password Terraform Provider to reference, create, or update items in your 1Password Vaults.
https://1password.com/secrets
MIT License
323 stars 44 forks source link

Provider produced inconsistent result after apply #170

Open maxexcloo opened 4 months ago

maxexcloo commented 4 months ago

Your environment

Terraform Provider Version: 2.0.0 CLI Version: 2.28.0 OS: macOS 14.5 Terraform Version: OpenTofu v1.7.1

What happened?

Was working fine, suddenly getting errors on apply today (even though resources haven't changed). Deleted resources in state and in the vault and attempted to recreate.

What did you expect to happen?

Update went as planned.

Notes & Logs

max.schaefer@macbook-pro-14:~/Projects/Terraform$ tofu apply -parallelism=1
random_password.website["photos.masked.com-cname-7"]: Refreshing state... [id=masked]
random_password.website["nocodb.masked.com-cname-6"]: Refreshing state... [id=masked]
random_password.website["debrid.masked.com-cname-2"]: Refreshing state... [id=masked]
random_password.website["chat.masked.com-cname-1"]: Refreshing state... [id=masked]
random_password.website["healthchecks.masked.com-cname-3"]: Refreshing state... [id=masked]
random_password.website["reader.masked.com-cname-9"]: Refreshing state... [id=masked]
random_password.website["kasm.masked.com-cname-4"]: Refreshing state... [id=masked]
random_password.website["n8n.masked.com-cname-5"]: Refreshing state... [id=masked]
data.github_user.config: Reading...
data.github_user.config: Read complete after 1s [id=masked]
tailscale_acl.config: Refreshing state... [id=masked]
data.onepassword_vault.infrastructure: Reading...
data.onepassword_vault.infrastructure: Read complete after 3s [id=masked]
data.oci_identity_availability_domain.config: Reading...
data.oci_identity_availability_domain.config: Read complete after 0s [id=masked]
oci_core_vcn.config: Refreshing state... [id=masked]
cloudflare_account.default: Refreshing state... [id=masked]
oci_core_default_security_list.config: Refreshing state... [id=masked]
oci_core_subnet.config: Refreshing state... [id=masked]
oci_core_internet_gateway.config: Refreshing state... [id=masked]
oci_core_default_dhcp_options.config: Refreshing state... [id=masked]
cloudflare_zone.default["masked.net"]: Refreshing state... [id=masked]
cloudflare_zone.default["maxmasked.com"]: Refreshing state... [id=masked]
cloudflare_zone.default["masked.com"]: Refreshing state... [id=masked]
cloudflare_zone.default["masked.xyz"]: Refreshing state... [id=masked]
local_file.pyinfra_inventory: Refreshing state... [id=masked]
local_file.ssh_config: Refreshing state... [id=masked]
random_password.server["mini-ubuntu.au.masked.net"]: Refreshing state... [id=masked]
random_password.server["oracle.au.masked.net"]: Refreshing state... [id=masked]
random_password.server["kr.masked.net"]: Refreshing state... [id=masked]
random_password.server["gen8.au.masked.net"]: Refreshing state... [id=masked]
random_password.server["mini.au.masked.net"]: Refreshing state... [id=masked]
random_password.server["au.masked.net"]: Refreshing state... [id=masked]
random_password.server["masked.kr.masked.net"]: Refreshing state... [id=masked]
random_password.server["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
random_password.server["masked-truenas.kr.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["masked.kr.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["mini.au.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["kr.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["mini-ubuntu.au.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["masked-truenas.kr.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["au.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["gen8.au.masked.net"]: Refreshing state... [id=masked]
tailscale_tailnet_key.config["oracle.au.masked.net"]: Refreshing state... [id=masked]
oci_core_default_route_table.config: Refreshing state... [id=masked]
cloudflare_record.router["au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.router["kr.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-txt-20"]: Refreshing state... [id=masked]
cloudflare_record.website["reader.masked.com-cname-9"]: Refreshing state... [id=masked]
cloudflare_record.website["nocodb.masked.com-cname-6"]: Refreshing state... [id=masked]
cloudflare_record.website["maxmasked.com-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.net-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.website["_dmarc.masked.com-txt-21"]: Refreshing state... [id=masked]
cloudflare_record.website["resend._domainkey.masked.com-txt-24"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.xyz-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.website["public.masked.com-cname-8"]: Refreshing state... [id=masked]
cloudflare_record.website["n8n.masked.com-cname-5"]: Refreshing state... [id=masked]
cloudflare_record.website["reddit.masked.com-cname-10"]: Refreshing state... [id=masked]
cloudflare_record.website["healthchecks.masked.com-cname-3"]: Refreshing state... [id=masked]
cloudflare_record.website["_github-pages-challenge-maxmasked.masked.com-txt-22"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-mx-16"]: Refreshing state... [id=masked]
cloudflare_record.website["send.masked.com-txt-25"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-mx-15"]: Refreshing state... [id=masked]
cloudflare_record.website["rsshub.masked.com-cname-11"]: Refreshing state... [id=masked]
cloudflare_record.website["google._domainkey.masked.com-txt-23"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-mx-13"]: Refreshing state... [id=masked]
cloudflare_record.website["debrid.masked.com-cname-2"]: Refreshing state... [id=masked]
cloudflare_record.website["chat.masked.com-cname-1"]: Refreshing state... [id=masked]
cloudflare_record.website["uptime.masked.com-cname-12"]: Refreshing state... [id=masked]
cloudflare_record.website["photos.masked.com-cname-7"]: Refreshing state... [id=masked]
cloudflare_record.website["send.masked.com-mx-18"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-mx-14"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-mx-17"]: Refreshing state... [id=masked]
cloudflare_record.website["kasm.masked.com-cname-4"]: Refreshing state... [id=masked]
cloudflare_record.website["masked.com-txt-19"]: Refreshing state... [id=masked]
proxmox_virtual_environment_download_file.masked["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
proxmox_virtual_environment_download_file.masked["masked-truenas.kr.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["mini.au.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["au.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["gen8.au.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["masked.kr.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["mini-ubuntu.au.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["oracle.au.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["masked-truenas.kr.masked.net"]: Refreshing state... [id=masked]
onepassword_item.server["kr.masked.net"]: Refreshing state... [id=masked]
oci_core_instance.config["oracle.au.masked.net"]: Refreshing state... [id=masked]
proxmox_virtual_environment_file.masked["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
openwrt_dhcp_host.au["gen8.au.masked.net"]: Refreshing state... [id=masked]
openwrt_dhcp_host.au["mini.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.server["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.server["gen8.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.server["mini.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.server["masked-truenas.kr.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.server["mini-ubuntu.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.server["masked.kr.masked.net"]: Refreshing state... [id=masked]
onepassword_item.website["photos.masked.com-cname-7"]: Refreshing state... [id=masked]
onepassword_item.website["chat.masked.com-cname-1"]: Refreshing state... [id=masked]
onepassword_item.website["kasm.masked.com-cname-4"]: Refreshing state... [id=masked]
onepassword_item.website["reader.masked.com-cname-9"]: Refreshing state... [id=masked]
onepassword_item.website["debrid.masked.com-cname-2"]: Refreshing state... [id=masked]
onepassword_item.website["n8n.masked.com-cname-5"]: Refreshing state... [id=masked]
onepassword_item.website["healthchecks.masked.com-cname-3"]: Refreshing state... [id=masked]
onepassword_item.website["nocodb.masked.com-cname-6"]: Refreshing state... [id=masked]
data.oci_core_vnic_attachments.config["oracle.au.masked.net"]: Reading...
data.oci_core_vnic_attachments.config["oracle.au.masked.net"]: Read complete after 0s [id=masked]
proxmox_virtual_environment_vm.masked["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
proxmox_virtual_environment_vm.masked["masked-truenas.kr.masked.net"]: Refreshing state... [id=masked]
data.oci_core_ipv6s.config["oracle.au.masked.net"]: Reading...
data.oci_core_ipv6s.config["oracle.au.masked.net"]: Read complete after 0s
data.oci_core_vnic.config["oracle.au.masked.net"]: Reading...
data.oci_core_vnic.config["oracle.au.masked.net"]: Read complete after 0s [id=masked]
cloudflare_record.server_oci_ipv6["oracle.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.server_oci_ipv4["oracle.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["mini.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["maxmasked.com-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["n8n.masked.com-cname-5"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["reader.masked.com-cname-9"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["masked.xyz-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["kasm.masked.com-cname-4"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["healthchecks.masked.com-cname-3"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["oracle.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["rsshub.masked.com-cname-11"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["chat.masked.com-cname-1"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["masked.net-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["debrid.masked.com-cname-2"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["nocodb.masked.com-cname-6"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["masked.kr.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["masked-truenas.kr.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["reddit.masked.com-cname-10"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["photos.masked.com-cname-7"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["kr.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["mini-ubuntu.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["uptime.masked.com-cname-12"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["masked-ubuntu.kr.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["masked.com-cname-0"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["gen8.au.masked.net"]: Refreshing state... [id=masked]
cloudflare_record.wildcard["public.masked.com-cname-8"]: Refreshing state... [id=masked]

OpenTofu used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

OpenTofu will perform the following actions:

  # onepassword_item.server["au.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["gen8.au.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["masked-truenas.kr.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["masked-ubuntu.kr.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["masked.kr.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["kr.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["mini-ubuntu.au.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["mini.au.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

  # onepassword_item.server["oracle.au.masked.net"] is tainted, so it must be replaced
-/+ resource "onepassword_item" "server" {
      ~ id = "masked" -> (known after apply)
      ~ uuid = "masked" -> (known after apply)
        # (5 unchanged attributes hidden)

      ~ section {
          ~ id = "masked" -> (known after apply)

          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
          ~ field {
              ~ id = "masked" -> (known after apply)
                # (3 unchanged attributes hidden)
            }
        }
    }

Plan: 9 to add, 0 to change, 9 to destroy.

Do you want to perform these actions?
  OpenTofu will perform the actions described above.
  Only 'yes' will be accepted to approve.

  Enter a value: yes

onepassword_item.server["kr.masked.net"]: Destroying... [id=masked]
onepassword_item.server["kr.masked.net"]: Destruction complete after 2s
onepassword_item.server["masked.kr.masked.net"]: Destroying... [id=masked]
onepassword_item.server["masked.kr.masked.net"]: Destruction complete after 2s
onepassword_item.server["au.masked.net"]: Destroying... [id=masked]
onepassword_item.server["au.masked.net"]: Destruction complete after 2s
onepassword_item.server["mini-ubuntu.au.masked.net"]: Destroying... [id=masked]
onepassword_item.server["mini-ubuntu.au.masked.net"]: Destruction complete after 2s
onepassword_item.server["oracle.au.masked.net"]: Destroying... [id=masked]
onepassword_item.server["oracle.au.masked.net"]: Destruction complete after 2s
onepassword_item.server["masked-truenas.kr.masked.net"]: Destroying... [id=masked]
onepassword_item.server["masked-truenas.kr.masked.net"]: Destruction complete after 2s
onepassword_item.server["masked-ubuntu.kr.masked.net"]: Destroying... [id=masked]
onepassword_item.server["masked-ubuntu.kr.masked.net"]: Destruction complete after 2s
onepassword_item.server["gen8.au.masked.net"]: Destroying... [id=masked]
onepassword_item.server["gen8.au.masked.net"]: Destruction complete after 2s
onepassword_item.server["mini.au.masked.net"]: Destroying... [id=masked]
onepassword_item.server["mini.au.masked.net"]: Destruction complete after 2s
onepassword_item.server["masked-ubuntu.kr.masked.net"]: Creating...
onepassword_item.server["gen8.au.masked.net"]: Creating...
onepassword_item.server["mini.au.masked.net"]: Creating...
onepassword_item.server["kr.masked.net"]: Creating...
onepassword_item.server["masked.kr.masked.net"]: Creating...
onepassword_item.server["au.masked.net"]: Creating...
onepassword_item.server["masked-truenas.kr.masked.net"]: Creating...
onepassword_item.server["mini-ubuntu.au.masked.net"]: Creating...
onepassword_item.server["oracle.au.masked.net"]: Creating...
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["mini-ubuntu.au.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new
│ value: .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["mini.au.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new value:
│ .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["oracle.au.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new value:
│ .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["gen8.au.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new value:
│ .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["au.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new value:
│ .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["masked.kr.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new value:
│ .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["masked-ubuntu.kr.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new
│ value: .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["kr.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new value:
│ .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
╵
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to onepassword_item.server["masked-truenas.kr.masked.net"], provider "provider[\"registry.opentofu.org/1password/onepassword\"]" produced an unexpected new
│ value: .section[0].label: was cty.StringVal(""), but now null.
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.
maxexcloo commented 4 months ago

Seems to be an issue since version 2.0.0 which was released just a few hours ago...

maxexcloo commented 4 months ago

This seems to be because my label for the section was empty, worked before and would like to keep using this behavior.

  section {
    label = ""

    ...
  }
pro4tlzz commented 4 months ago

This seems to be because my label for the section was empty, worked before and would like to keep using this behavior.

  section {
    label = ""

    ...
  }

I'm setting a value both for the label within the section and the field but also experiencing an error.


│ Error: Provider produced inconsistent result after apply
--
  | │
  | │ When applying changes to onepassword_item.super_secret_credential, provider "provider[\"registry.terraform.io/1password/onepassword\"]" produced an unexpected new value: .note_value: inconsistent values for sensitive attribute.
  | │
  | │ This is a bug in the provider, which should be reported in the provider's own issue tracker.

Terraform v1.7.5 provider registry.terraform.io/1password/onepassword 2.0.0 OS: Linux

Edit: ignore that actually, we were using the resource section incorrectly

DavidS-ovm commented 3 months ago

@pro4tlzz can you share a hint how you were using sections incorrectly? I'm also running into this issue, the item gets created just fine with all sections labeled, and I still get the "inconsistent values for sensitive attribute" errors...

DavidS-ovm commented 3 months ago

Further experimentation surfaced that the provider is not able to deal with empty values. I'll create a separate ticket for that. [edit: #185]

pro4tlzz commented 3 months ago

@pro4tlzz can you share a hint how you were using sections incorrectly? I'm also running into this issue, the item gets created just fine with all sections labeled, and I still get the "inconsistent values for sensitive attribute" errors...

Changed from something like

  section {
    label = "REDACTED"

    field {
      label   = "Instructions"
      purpose = "NOTES"
      type    = "STRING"
      value   = <<EOT
REDACTED
EOT
    }
  }
}

to

 title      = "REDACTED"
  category   = "login"
  url        = "REDACTED"
  username   = "REDACTED"
  password   = "REDACTED"
  note_value = <<EOT
REDACTED
EOT

Basically don't use section or field as objects, just set all these properties in the root context of the resource

JBG-brad commented 2 months ago

Just chiming in here that I had this same problem.

Since the types of documents that can be created are so limited, I use "login" and create sections. To avoid confusion, I used to est the username to "".

Setting the username to something aside from an empty string fixed the issue.


  username = "none"```