d.GetOk("delete_when_absent") in resource_okta_profile_mapping.go breaks the old checking.

[jz-latitude]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version

~> 1.0.0

terraform-provider-okta Version

~> 4.9.0

Affected Resource(s)

-> resource_okta_profile_mapping

Terraform Configuration Files

# Copy-paste your Terraform configurations here - for large Terraform configs,
# please use a service like Dropbox and share a link to the ZIP file. For
# security, you can also encrypt the files using our GPG public key: https://keybase.io/hashicorp

Debug Output

    deleteWhenAbsent, ok := d.GetOk("delete_when_absent")

        errorString := fmt.Sprintf("[WARN] READ DELETEWHENABSENT:%v type: %T, ok: %v\n\n\n\n\n\n\n\n", deleteWhenAbsent, deleteWhenAbsent, ok)
        panic(errorString)

DELETEWHENABSENT:false type: bool, ok: false

Panic Output

Expected Behavior

if "delete_when_absent" set to false, it should not delete existing mappings on the server.

Can this be done in the Admin UI?

Can this be done in the actual API call?

Actual Behavior

it plans to delete the change outside of Terraform.

Steps to Reproduce

1. terraform apply

Important Factoids

References

https://github.com/okta/terraform-provider-okta/pull/2004/files

Analysis

v, ok := d.GetOK() return the value and ok , but ok means if the value is ZeorValue, However boolean's ZeorValue is false, so when the field was set to false, ok is false

• 0000

[jz-latitude]

https://github.com/okta/terraform-provider-okta/pull/2032 a PR was created

[duytiennguyen-okta]

What is the tf script you're using?

[jz-latitude]

@duytiennguyen-okta

this is my tf file:

data "okta_user_profile_mapping_source" "user" {}

resource "okta_profile_mapping" "custom-mappings" {
  for_each = toset( [
    var.app_one,
    var.app_two,
  ] )

  source_id = data.okta_user_profile_mapping_source.user.id
  target_id = each.key

  delete_when_absent = false // Warning: do not remove! some mappings are inherited from "okta" user profile and are not declared here
  always_apply = true

  mappings {
    id = "birthdate"
    expression  = "user.${okta_user_schema_property.date_of_birth.index}"
    push_status = "PUSH"
  }
}

we have some mappings set outside of terraform, after using the latest one, although setting delete_when_absent = false , terraform will plan to delete them.

[firuznz]

+1