Import workers set value is ignored

[mbrancato]

PROBLEM SUMMARY

The recent change of import workers to 12 seems to have not just been a default value (when unspecified) but also it forces the workers to 12. This is causing configuration drift while using Terraform to configure Vault.

It look like we might be able to fix this if we weren't using the value of 3 import workers. https://github.com/Venafi/vault-pki-monitor-venafi/blob/3e387a143a3789a91df8980a0905e27347c32764/plugin/pki/path_roles.go#L603-L605

STEPS TO REPRODUCE

EXPECTED RESULTS

The import workers value would be the value set when the role is created

ACTUAL RESULTS

ENVIRONMENT DETAILS

COMMENTS/WORKAROUNDS

[tr1ck3r]

Thank you @mbrancato we're planning to address this by removing the deprecated "tpp" role parameters (tpp_import, tpp_import_timeout, and tpp_import_workers) and decreasing the default number of workers from 12 to 5. The "tpp" role parameters were deprecated when this solution was enhanced to support Venafi Cloud awhile back.

In the interim it looks like you should be able to temporarily workaround this issue by using the tpp_import_workers role parameter to specify a number of workers != 12 (and != 3). If you want for the number of workers to be 3, I think you may be able to specify both tpp_import_workers and venafi_import_workers = 3.

[mbrancato]

Hey @mr-tron and @tr1ck3r - we updated to v0.6.0+496 but we're still seeing the configuration drift.

The venafi_import_workers field keeps being reset to 12. The value set doesn't seem to matter, it always goes to 12.