Inconsistent refresh behavior with Gateway resource's `image1url` field

[zbuchheit]

When I create a mist_device_gateway and a mist_device_image resource, I get constant refresh changes to image1_url field on mist_device_gateway resource. It appears it is because this field is a url that contains a JWT that keeps changing. I am not sure if this is intended or desired.

It leads to some inconsistent behavior also after running an apply after manual UI changes. A subsequent terraform apply after manual ui changes results in the following error

mist_device_gateway.gateway_one: Modifying... [name=gateway_one]
╷
│ Error: Provider produced inconsistent result after apply
│ 
│ When applying changes to mist_device_gateway.gateway_one, provider "provider[\"registry.terraform.io/juniper/mist\"]" produced an unexpected new value: .image1_url: was
│ cty.StringVal("https://api.mist.com/api/v1/forward/download?jwt=redacted"),
│ but now
│ cty.StringVal("https://api.mist.com/api/v1/forward/download?jwt=redacted").
│ 
│ This is a bug in the provider, which should be reported in the provider's own issue tracker.

[tmunzer]

Hi @zbuchheit ,

Yes, that's correct. The JWT token has a limited lifetime, so not sure it makes sense to keep this information in the states. What I can do is removing the image URL and just provide the information if the image is present or not.

Regards, Thomas

[zbuchheit]

It would be preferred to eliminate drift here if we can. There are ways to build drift detection to throw an error/alert users if manual changes have been detected so they can catch the changes and also audit what happened easier.