How this provider reacts with secrets ?

Jeoffreybauvin commented 1 year ago

Hi,

I'm trying to debug why my terraform apply is not idempotent :

  # airflow_connection.airflow_connection["np6_api_key_display"] will be updated in-place
  ~ resource "airflow_connection" "airflow_connection" {
      ~ extra         = jsonencode(
          ~ {
              ~ api_key = "***" -> "myapikey"
            }
        )
        id            = "np6_api_key_display"
        # (3 unchanged attributes hidden)
    }

I saw this : https://github.com/apache/airflow/blob/3b3650e87d093d57a97b8701834c568f67327ab4/airflow/utils/log/secrets_masker.py#L59

How this provider reacts with this kind of secret ?

DrFaust92 commented 10 months ago

The provider does nothing explict about secrets. the above diff is a change made on the ariflow server side (this is how the code youve sent relates to it)

we can make a change to explictly supress diff for those keys. wdyt?

Jeoffreybauvin commented 10 months ago

@DrFaust92 I think it's a good idea :).

PedroMartinSteenstrup commented 2 months ago

@DrFaust92 if you maybe have a decent idea of the scope of the change (beyond that issue), I'd be happy to try to contribute here

DrFaust92 / terraform-provider-airflow

How this provider reacts with secrets ? #34