search

CiscoDevNet / terraform-provider-ise

Terraform Cisco ISE Provider
https://registry.terraform.io/providers/CiscoDevNet/ise/latest
Mozilla Public License 2.0
3 stars 1 forks source link

ise_repository resource triggers in-place upgrade when no changes were made #59

Open grg1bbs opened 2 months ago

grg1bbs commented 2 months ago

ISE version = 3.3 p2 Terraform version = 1.8.4 Provider version = 0.2.1

Issue description

When running a subsequent apply without any changes made to the ise_repository resource block, TF triggers an in-place upgrade to the resource.

Expected behaviour

No update to the resource should be triggered when no changes are made.

Example TF code

resource "ise_repository" "patch" {
  name        = "patch"
  protocol    = "FTP"
  path        = "/ise/patch"
  server_name = "w10tools.domain.local"
  user_name   = "username"
  password    = "password"
  enable_pki  = false
}

Example TF output

  # ise_repository.patch will be updated in-place
  ~ resource "ise_repository" "patch" {
      + enable_pki  = false
        id          = "patch"
        name        = "patch"
        # (5 unchanged attributes hidden)
    }
kuba-mazurkiewicz commented 1 month ago

Hey @grg1bbs,

attribute enable_pki is not send in GET request during refresh, which means that it should be marked as write only. I fixed that and opened PR https://github.com/CiscoDevNet/terraform-provider-ise/issues/59. This change in provider works same way as lifecycle ignore_changes block. So if you need a quick workaround add following block to your resource definition:

resource "ise_repository" "patch" {
  name        = "patch"
  protocol    = "FTP"
  path        = "/ise/patch"
  server_name = "w10tools.domain.local"
  user_name   = "username"
  password    = "password"
  enable_pki  = true

  lifecycle {
    ignore_changes = [
      enable_pki
    ]
  }
}
danischm commented 1 month ago

Fixed here: https://github.com/CiscoDevNet/terraform-provider-ise/commit/479742e9945413edf01efb935b2f63582315b9e6