search

hashicorp / terraform-provider-vault

Terraform Vault provider
https://www.terraform.io/docs/providers/vault/
Mozilla Public License 2.0
457 stars 536 forks source link

[Bug]: GitHub auth resources not recreated if deleted outside of Terraform #2123

Open czembower opened 7 months ago

czembower commented 7 months ago

Terraform Core Version

1.6.6

Terraform Vault Provider Version

3.23.0

Vault Server Version

1.15.4

Affected Resource(s)

vault_github_auth_backend
vault_github_team
vault_github_user

Expected Behavior

If a GitHub mount, team, or user mapping has been deleted outside of Terraform, the provider should recreate it without error.

Actual Behavior

Terraform fails. Similar errors are thrown for team and user mappings:

Planning failed. Terraform encountered an error while generating this plan.

│ Error: error reading github auth mount from '"auth/github"': auth mount github not present
│
│   with vault_github_auth_backend.this,
│   on auth_methods.tf line 80, in resource "vault_github_auth_backend" "this":
│   80: resource "vault_github_auth_backend" "this" {
│

Relevant Error/Panic Output Snippet

No response

Terraform Configuration Files

resource "vault_github_auth_backend" "this" {
  organization = "org1"
}

resource "vault_github_user" "this" {
  backend  = vault_github_auth_backend.this.id
  user     = "user1"
  policies = [vault_policy.admin.name]
}

resource "vault_github_team" "this" {
  backend  = vault_github_auth_backend.this.id
  team     = "team1"
  policies = [vault_policy.admin.name]
}

Steps to Reproduce

  1. Apply Terraform configuration
  2. Disable the GitHub auth method, or delete a user/team mapping outside of Terraform, e.g. vault auth disable github
  3. Run Terraform plan/apply

Debug Output

No response

Panic Output

No response

Important Factoids

No response

References

No response

Would you like to implement a fix?

Yes