search

tailscale / terraform-provider-tailscale

Terraform provider for Tailscale
https://registry.terraform.io/providers/tailscale/tailscale
MIT License
255 stars 46 forks source link

tailscale_tailnet_key.description length is not validated - going over the API limit causes permadiff #320

Closed grelland closed 6 months ago

grelland commented 7 months ago

Describe the bug When setting the description fíeld on tailscale_tailnet_key_ the provider does not do validation on the length, or at least does not validate it according to the API rules, causing a long (above 50) character description to be accepted into the state.

This, in turn, causes a permadiff situation where the resource keeps being recreated (causing a new key to be created) on each apply.

To Reproduce Steps to reproduce the behaviour:

resource "tailscale_tailnet_key" "foobar" {
  expiry          = 123456
  description = "This description is too long and will be cut to 50 chars by the Tailscale API"
}

On initial terraform plan (and then apply):

 # tailscale_tailnet_key.foobar will be created
+ resource "tailscale_tailnet_key" "foobar" {
      + created_at    = (known after apply)
      + description   = "This description is too long and will be cut to 50 chars by the Tailscale API"
      .... snip....
    }

On next run of terraform plan

  # tailscale_tailnet_key.foobar must be replaced
-/+ resource "tailscale_tailnet_key" "foobar" {
      ~ description   = "This description is too long and will be cut to 50" -> "This description is too long and will be cut to 50 chars by the Tailscale API" # forces replacement
      ... snip ...
    }

Expected behaviour The provider should not accept a description which violates the max length and should fail at the plan stage.

Desktop (please complete the following information):