Closed miagao closed 1 month ago
@miagao the public_key field is readonly - you can't specify it in configuration for postgres connector. The problem is caused by the fact that API returns value that differs from the value you've specified. Please check our docs for postgres_rds https://fivetran.com/docs/rest-api/connectors/config#postgresql And for mysql_rds https://fivetran.com/docs/rest-api/connectors/config#mysql
And here are setup guide for SSH tunnel: https://fivetran.com/docs/connectors/databases/connection-options#sshtunnel You need to get the value that API returns in this field and add it to authorized_keys on your side.
Also we have special datasource that allows you to retrieve the SSH public_key value for the specific group (destination): https://registry.terraform.io/providers/fivetran/fivetran/latest/docs/data-sources/group_ssh_key
@miagao the public_key field is readonly - you can't specify it in configuration for postgres connector. The problem is caused by the fact that API returns value that differs from the value you've specified. Please check our docs for postgres_rds https://fivetran.com/docs/rest-api/connectors/config#postgresql And for mysql_rds https://fivetran.com/docs/rest-api/connectors/config#mysql
And here are setup guide for SSH tunnel: https://fivetran.com/docs/connectors/databases/connection-options#sshtunnel You need to get the value that API returns in this field and add it to authorized_keys on your side.
Thanks, In that case I'll open another one to make this transparent to the user. The config.public_key key should be read only too . At least the error message should reflect this. Also the documentation does not say it is read only, leading me to believe I could change this sometime in the future. Ideally the attempt to change this should be caught during the plan phase, not in the apply.
this should not be allowed:
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# module.fivetran.fivetran_connector.connector_resource["raw_nebula_content"] will be updated in-place
~ resource "fivetran_connector" "connector_resource" {
id = "XXX"
name = "YYY"
# (4 unchanged attributes hidden)
~ config {
# Warning: this attribute value will no longer be marked as sensitive
# after applying this change. The value is unchanged.
~ public_key = (sensitive value)
# (13 unchanged attributes hidden)
}
# (1 unchanged block hidden)
}
Because then during the apply phase it will fail with an inconsistency, as noted below :
Error: Provider produced inconsistent result after apply
When applying changes to
module.fivetran.fivetran_connector.connector_resource["raw_nebula_content"],
provider
"module.fivetran.provider[\"registry.terraform.io/fivetran/fivetran\"]"
produced an unexpected new value: .config.public_key: inconsistent values for
sensitive attribute.
This is a bug in the provider, which should be reported in the provider's own
issue tracker.
Error: Terraform exited with code 1.
Describe the bug Terraform apply fails with exit > 0 when configuring the tunnel public key for the ssh tunnel in the fivetran_connector resource.
To Reproduce
Expected behavior To pass and apply the public ssh key to the tunnel.
Logs & Output
Plugin version: provider "registry.terraform.io/fivetran/fivetran" { version = "1.1.22" }
Additional context To avoid errors during the deployment pipeline, in terraform apply, I ignored the changes in the public key with the below configuration, but I am likely to lose when the public key changes.