Open tsanton opened 11 months ago
And here is the TF_LOG=debug: tf_log.txt
Hi @Tsanton,
Sorry that you are running into trouble here. This issue likely stems from the rotation_minutes
attribute being updated with an Unknown
value during planning as the timestamp()
function is not evaluated til the apply step. Unfortunately, due to the nature of this resource, we cannot fix this issue as it would cause preemptive rotations to occur. If you are using Terraform v1.5.0
and above you can use plantimestamp()
, which evaluates a timestamp during planning, instead to circumvent this error.
Terraform CLI and Provider Versions
Terraform v1.5.3 on linux_amd64
Terraform Configuration
Expected Behavior
Subsequent plan & apply actions to work, not reverting the time_rotation resource to "0001-01-01T00:00:00Z" & breaking due to provider bugs.
Actual Behavior
The first apply goes through and all is well. On subsequent plans and applies prior when
timestamp() > time_rotating.this.rotation_rfc3339
all is good. On subsequent plans and applies prior whentimestamp() < time_rotating.this.rotation_rfc3339
the time_rotating.this resource reports an updateApplying this breaks with the following error message:
Steps to Reproduce
terraform apply
2.terraform apply
(whentimestamp() < time_rotating.this.rotation_rfc3339
)How much impact is this issue causing?
Low
Logs
No response
Additional Information
It's a horrible implementation meant to POC a rotation strategy of client credentials. It will never actually be implemented as such, but for a quick and dirty demonstration of a rotation strategy with an initial offset of rotation time fixing this would be practical.
Code of Conduct