search

fivetran / terraform-provider-fivetran

Terraform Provider for Fivetran
https://fivetran.com
Apache License 2.0
40 stars 24 forks source link

Removing `secrets_list` causes internal connector error #355

Closed nbaju1 closed 4 weeks ago

nbaju1 commented 2 months ago

Describe the bug We're currently in the process of migrating our Lambda connectors to be managed by Terraform. Each connector is being imported into a separate state. For some of the connectors we are also removing the secrets on the connector. When this is done with the TF configuration below (by not defining the secrets_list variable), the connector shows the following error:

"Setup test failed with "java.lang.NullPointerException: Cannot invoke "java.util.List.isEmpty()" because "credentials.secretsList" is null"

The fix we currently use it so manually add and remove a secret from the connector in the UI.

This might be an issue with how we define our Terraform configuration for the secrets, so any tips on a better approach is appreciated.

To Reproduce

data "fivetran_group" "lambda_connectors" {
  id = "<redacted>"
}

data "fivetran_destination" "destination" {
  id = "<redacted>"
}

variable "secrets_list" {
  description = "Dictionary of secrets"
  type = list(object({
    key   = string
    value = string
  }))
  default = []
}

resource "fivetran_connector" "lambda_connector" {
  group_id          = data.fivetran_group.lambda_connectors.id
  service           = "aws_lambda"
  networking_method = "Directly"
  config {
    bucket          = "<bucket_name>"
    external_id     = "<redacted>"
    function        = "<lambda_name>"
    region          = "<region>"
    role_arn        = "<role_arn>"
    sync_method     = "CLOUD_STORAGE"
    connection_type = "Directly"
    dynamic "secrets_list" {
      for_each = var.secrets_list
      content {
        key   = secrets_list.value.key
        value = secrets_list.value.value
      }
  destination_schema {
    name = "<schema_name>"
  }
}

Expected behavior Connector is updated without the need for manual intervention.

Logs & Output (Contracted)

          - secrets_list {
              # At least one attribute in this block is (or was) sensitive,
              # so its contents will not be displayed.
            }
        }

Plugin version: 1.2.8

fivetran-aleksandrboldyrev commented 4 weeks ago

Fixed on API side