Open ChrisCAG opened 3 months ago
hey @ChrisCAG . i've faced similar issue with other resources when pass and some value for password are used. The problem is LM api returns password as ** so it always thinks that you try to change it. eg for my psql devices i have custom properties like
custom_properties = flatten([
[for key, value in local.pws_for_properties[each.value.instance_key].psql_cred : {
name = "jdbc.postgres.${key}.pass"
value = value
}],
[
{
name = "system.categories"
value = each.value.system_categories
}
],
])
so i had to use
lifecycle {
ignore_changes = [
custom_properties,
host_group_ids,
]
}
this makes my plan clean.. but if i want to add more users / passwords i need to comment custom_properties in lifecycle block apply a code and uncomment it back..
for extra in logicmonitor_device_group basically i had to use the same approach..
ignore_changes = [
extra,
]
}
because it was constantly spamming with changes i've never made
Yeah, my aim is to incorporate this all into an automated CI/CD Pipeline to avoid state drift, keeping main as a good state only.
obviously not being able to automate changes to properties or host groups isnt ideal.
I used a combination of ignore_changes
+ replace_triggered_by
to get over this issue.
Cumbersome, but hopefully this is a helpful workaround:
https://developer.hashicorp.com/terraform/language/resources/terraform-data#example-usage-data-for-replace_triggered_by
could I get an example of the code you've used for the above? forcing a replacement may mean we lose device specific configuration & tuning each time we replace it?
I have the following configuration set on a device group.
When ever I run a plan for terraform, its constantly trying to remove configuration I've not specified
As you can see from the output, its trying to change a sensitive value constantly, (even though the vault is not updated) and its constantly trying to strip out the extra block.
if i add the following block to my configuration
I get the following error after an apply.
Expected outcome here is "your environment matches configuration"