Open F21 opened 1 week ago
Terraform debug log detected :white_check_mark:
Voting for Prioritization
Volunteering to Work on This Issue
We're also experiencing this problem, and see the same problematic log (also when building the provider from master today):
.config[0].client_secret: planned value cty.StringVal("**********************************") does not match config value cty.StringVal("1234567890") nor prior value cty.StringVal("")
What's interesting is that we didn't see this 3 days ago, running the same version, so I suspect there might have been some API change that triggered this.
Changing the StateFunc
for the client_secret
schema to simply return ""
fixes this issue, but recreates an issue we experienced last week where changing the input to the client_secret
field didn't trigger an update to the resource or upstream configuration.
Confirmation
Terraform and Cloudflare provider version
Terraform v1.9.8 on linux_amd64
Affected resource(s)
cloudflare_zero_trust_access_identity_provider
Terraform configuration files
Link to debug output
https://gist.github.com/F21/25df3576a43e4f48c548879da9ba493f
Panic output
No response
Expected output
The
cloudflare_zero_trust_access_identity_provider.config.client_secret
should not be updated when the secret has not changed.Actual output
Terraform attempts to update
cloudflare_zero_trust_access_identity_provider.config.client_secret
even when theclient_secret
has not changed.Steps to reproduce
terraform apply
and accept.terraform apply
orterraform plan
and see that it tries to updatecloudflare_zero_trust_access_identity_provider.config.client_secret
even when the secret is the same.Additional factoids
This is because the
client_secret
is stored asCONCEALED_STRING
in the state. Therefore, unless theclient_secret
is literallyCONCEALED_STRING
, terraform will always thing it has changed.References
No response