TRACKAI-2061: Pass-through unconfigurable connection options (#786)

* Fixing type conversion and re-recording tests * Adding gosec ignore * Updates to changelog * Fixing link * Fixing changelog * Fixing changelog --------- Co-authored-by: Will Vedder <[email protected]>
auth0 · Aug 23, 2023 · d4c7874 · d4c7874
1 parent c6e2185
commit d4c7874
Show file tree

Hide file tree

Showing 9 changed files with 419 additions and 174 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,10 @@
+## 0.50.1
+
+BUG FIXES:
+
+- `resource/auth0_connection`: Passing-through critical connection options for following connection types: Ping Federate, AD, Azure AD, SAML([#786](https://github.com/auth0/terraform-provider-auth0/pull/786))
+
+
 ## 0.50.0
 
 FEATURES:

diff --git a/go.mod b/go.mod
@@ -3,7 +3,7 @@ module github.com/auth0/terraform-provider-auth0
 go 1.20
 
 require (
-	github.com/auth0/go-auth0 v0.17.2
+	github.com/auth0/go-auth0 v0.17.3
 	github.com/google/go-cmp v0.5.9
 	github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320
 	github.com/hashicorp/go-multierror v1.1.1
@@ -19,7 +19,7 @@ require (
 	github.com/Masterminds/semver/v3 v3.1.1 // indirect
 	github.com/Masterminds/sprig/v3 v3.2.2 // indirect
 	github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 // indirect
-	github.com/PuerkitoBio/rehttp v1.1.0 // indirect
+	github.com/PuerkitoBio/rehttp v1.2.0 // indirect
 	github.com/agext/levenshtein v1.2.3 // indirect
 	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
 	github.com/armon/go-radix v1.0.0 // indirect
@@ -66,13 +66,13 @@ require (
 	github.com/vmihailenco/msgpack/v5 v5.3.5 // indirect
 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 	github.com/zclconf/go-cty v1.13.2 // indirect
-	golang.org/x/crypto v0.11.0 // indirect
+	golang.org/x/crypto v0.12.0 // indirect
 	golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df // indirect
 	golang.org/x/mod v0.11.0 // indirect
-	golang.org/x/net v0.11.0 // indirect
-	golang.org/x/oauth2 v0.8.0 // indirect
-	golang.org/x/sys v0.10.0 // indirect
-	golang.org/x/text v0.11.0 // indirect
+	golang.org/x/net v0.14.0 // indirect
+	golang.org/x/oauth2 v0.11.0 // indirect
+	golang.org/x/sys v0.11.0 // indirect
+	golang.org/x/text v0.12.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/genproto v0.0.0-20230410155749-daa745c078e1 // indirect
 	google.golang.org/grpc v1.56.1 // indirect

diff --git a/go.sum b/go.sum
@@ -8,8 +8,8 @@ github.com/Masterminds/sprig/v3 v3.2.2/go.mod h1:UoaO7Yp8KlPnJIYWTFkMaqPUYKTfGFP
 github.com/Microsoft/go-winio v0.5.2 h1:a9IhgEQBCUEk6QCdml9CiJGhAws+YwffDHEMp1VMrpA=
 github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8 h1:wPbRQzjjwFc0ih8puEVAOFGELsn1zoIIYdxvML7mDxA=
 github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8/go.mod h1:I0gYDMZ6Z5GRU7l58bNFSkPTFN6Yl12dsUlAZ8xy98g=
-github.com/PuerkitoBio/rehttp v1.1.0 h1:JFZ7OeK+hbJpTxhNB0NDZT47AuXqCU0Smxfjtph7/Rs=
-github.com/PuerkitoBio/rehttp v1.1.0/go.mod h1:LUwKPoDbDIA2RL5wYZCNsQ90cx4OJ4AWBmq6KzWZL1s=
+github.com/PuerkitoBio/rehttp v1.2.0 h1:V8MGVcDwR+u/xwLlMrw5YZONDm3JISEKqwJTiIuJA+s=
+github.com/PuerkitoBio/rehttp v1.2.0/go.mod h1:LUwKPoDbDIA2RL5wYZCNsQ90cx4OJ4AWBmq6KzWZL1s=
 github.com/acomagu/bufpipe v1.0.4 h1:e3H4WUzM3npvo5uv95QuJM3cQspFNtFBzvJ2oNjKIDQ=
 github.com/agext/levenshtein v1.2.3 h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo=
 github.com/agext/levenshtein v1.2.3/go.mod h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
@@ -19,8 +19,8 @@ github.com/apparentlymart/go-textseg/v13 v13.0.0/go.mod h1:ZK2fH7c4NqDTLtiYLvIkE
 github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 github.com/armon/go-radix v1.0.0 h1:F4z6KzEeeQIMeLFa97iZU6vupzoecKdU5TX24SNppXI=
 github.com/armon/go-radix v1.0.0/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
-github.com/auth0/go-auth0 v0.17.2 h1:qEttAY4yYeEJl6wu0iOwlet26wUKA2G5YOUomfuxcy4=
-github.com/auth0/go-auth0 v0.17.2/go.mod h1:Hlp4kYcvn2JSD1tAmPQ8DD7MMoiO0bwVJwTHXqJbDDE=
+github.com/auth0/go-auth0 v0.17.3 h1:HjepTdrzDo3hPe6W/y+IbQfgs0414JGdQKOzgAYr+Nc=
+github.com/auth0/go-auth0 v0.17.3/go.mod h1:gQV9wI/TEqcxQ5FKQhImNbNl5+fL3fSpEfsl76I0Nd4=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0 h1:0NmehRCgyk5rljDQLKUO+cRJCnduDyn11+zGZIc9Z48=
 github.com/aybabtme/iocontrol v0.0.0-20150809002002-ad15bcfc95a0/go.mod h1:6L7zgvqo0idzI7IO8de6ZC051AfXb5ipkIJ7bIA2tGA=
 github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
@@ -187,8 +187,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20200414173820-0848c9571904/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20200820211705-5c72a883971a/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.11.0 h1:6Ewdq3tDic1mg5xRO4milcWCfMVQhI4NkqWWvqejpuA=
-golang.org/x/crypto v0.11.0/go.mod h1:xgJhtzW8F9jGdVFWZESrid1U1bjeNy4zgy5cRr/CIio=
+golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
+golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
 golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df h1:UA2aFVmmsIlefxMk29Dp2juaUSth8Pyn3Tq5Y5mJGME=
 golang.org/x/exp v0.0.0-20230626212559-97b1e661b5df/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
 golang.org/x/mod v0.11.0 h1:bUO06HqtnRcc/7l71XBe4WcqTZ+3AH1J59zWDDwLKgU=
@@ -197,10 +197,10 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn
 golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210510120150-4163338589ed/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.11.0 h1:Gi2tvZIJyBtO9SDr1q9h5hEQCp/4L2RQ+ar0qjx2oNU=
-golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
-golang.org/x/oauth2 v0.8.0 h1:6dkIjl3j3LtZ/O3sTgZTMsLKSftL/B8Zgq4huOIIUu8=
-golang.org/x/oauth2 v0.8.0/go.mod h1:yr7u4HXZRm1R1kBWqr/xKNqewf0plRYoB7sla+BCIXE=
+golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
+golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
+golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU=
+golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -214,15 +214,15 @@ golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
-golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
-golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
+golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=

diff --git a/internal/auth0/connection/expand.go b/internal/auth0/connection/expand.go
@@ -82,21 +82,21 @@ func expandConnection(d *schema.ResourceData, api *management.Management) (*mana
 			connection.Options, diagnostics = expandConnectionOptionsOkta(d, options)
 		case management.ConnectionStrategyAD:
 			connection.ShowAsButton = showAsButton
-			connection.Options, diagnostics = expandConnectionOptionsAD(options)
+			connection.Options, diagnostics = expandConnectionOptionsAD(d, options, api)
 		case management.ConnectionStrategyAzureAD:
 			connection.ShowAsButton = showAsButton
-			connection.Options, diagnostics = expandConnectionOptionsAzureAD(d, options)
+			connection.Options, diagnostics = expandConnectionOptionsAzureAD(d, options, api)
 		case management.ConnectionStrategyEmail:
 			connection.Options, diagnostics = expandConnectionOptionsEmail(options)
 		case management.ConnectionStrategySAML:
 			connection.ShowAsButton = showAsButton
-			connection.Options, diagnostics = expandConnectionOptionsSAML(options)
+			connection.Options, diagnostics = expandConnectionOptionsSAML(d, options, api)
 		case management.ConnectionStrategyADFS:
 			connection.ShowAsButton = showAsButton
 			connection.Options, diagnostics = expandConnectionOptionsADFS(options)
 		case management.ConnectionStrategyPingFederate:
 			connection.ShowAsButton = showAsButton
-			connection.Options, diagnostics = expandConnectionOptionsPingFederate(options)
+			connection.Options, diagnostics = expandConnectionOptionsPingFederate(d, options, api)
 		default:
 			diagnostics = append(diagnostics, diag.Diagnostic{
 				Severity: diag.Error,
@@ -542,7 +542,11 @@ func expandConnectionOptionsEmail(config cty.Value) (*management.ConnectionOptio
 	return options, diag.FromErr(err)
 }
 
-func expandConnectionOptionsAD(config cty.Value) (*management.ConnectionOptionsAD, diag.Diagnostics) {
+func expandConnectionOptionsAD(
+	d *schema.ResourceData,
+	config cty.Value,
+	api *management.Management,
+) (*management.ConnectionOptionsAD, diag.Diagnostics) {
 	options := &management.ConnectionOptionsAD{
 		DomainAliases:        value.Strings(config.GetAttr("domain_aliases")),
 		TenantDomain:         value.String(config.GetAttr("tenant_domain")),
@@ -555,6 +559,21 @@ func expandConnectionOptionsAD(config cty.Value) (*management.ConnectionOptionsA
 		BruteForceProtection: value.Bool(config.GetAttr("brute_force_protection")),
 	}
 
+	if !d.IsNewResource() {
+		conn, err := api.Connection.Read(d.Id())
+		if err != nil {
+			return options, diag.FromErr(err)
+		}
+
+		existingOptions := conn.Options.(*management.ConnectionOptionsAD)
+
+		// Passing-through unconfigurable connection option values to prevent them from being erased on remote.
+		options.Certs = existingOptions.Certs
+		options.AgentIP = existingOptions.AgentIP
+		options.AgentVersion = existingOptions.AgentVersion
+		options.AgentMode = existingOptions.AgentMode
+	}
+
 	options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
 	if options.GetSetUserAttributes() == "on_each_login" {
 		options.SetUserAttributes = nil // This needs to be omitted to have the toggle enabled in the UI.
@@ -569,6 +588,7 @@ func expandConnectionOptionsAD(config cty.Value) (*management.ConnectionOptionsA
 func expandConnectionOptionsAzureAD(
 	d *schema.ResourceData,
 	config cty.Value,
+	api *management.Management,
 ) (*management.ConnectionOptionsAzureAD, diag.Diagnostics) {
 	options := &management.ConnectionOptionsAzureAD{
 		ClientID:            value.String(config.GetAttr("client_id")),
@@ -588,6 +608,22 @@ func expandConnectionOptionsAzureAD(
 		TrustEmailVerified:  value.String(config.GetAttr("should_trust_email_verified_connection")),
 	}
 
+	if !d.IsNewResource() {
+		conn, err := api.Connection.Read(d.Id())
+		if err != nil {
+			return options, diag.FromErr(err)
+		}
+
+		existingOptions := conn.Options.(*management.ConnectionOptionsAzureAD)
+
+		// Passing-through unconfigurable connection option values to prevent them from being erased on remote.
+		options.AppDomain = existingOptions.AppDomain
+		options.Thumbprints = existingOptions.Thumbprints
+		options.CertRolloverNotification = existingOptions.CertRolloverNotification
+		options.Granted = existingOptions.Granted
+		options.TenantID = existingOptions.TenantID
+	}
+
 	options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
 	if options.GetSetUserAttributes() == "on_each_login" {
 		options.SetUserAttributes = nil // This needs to be omitted to have the toggle enabled in the UI.
@@ -657,7 +693,11 @@ func expandConnectionOptionsOkta(
 	return options, diag.FromErr(err)
 }
 
-func expandConnectionOptionsSAML(config cty.Value) (*management.ConnectionOptionsSAML, diag.Diagnostics) {
+func expandConnectionOptionsSAML(
+	d *schema.ResourceData,
+	config cty.Value,
+	api *management.Management,
+) (*management.ConnectionOptionsSAML, diag.Diagnostics) {
 	options := &management.ConnectionOptionsSAML{
 		Debug:              value.Bool(config.GetAttr("debug")),
 		SigningCert:        value.String(config.GetAttr("signing_cert")),
@@ -679,6 +719,24 @@ func expandConnectionOptionsSAML(config cty.Value) (*management.ConnectionOption
 		MetadataURL:        value.String(config.GetAttr("metadata_url")),
 	}
 
+	if !d.IsNewResource() {
+		conn, err := api.Connection.Read(d.Id())
+		if err != nil {
+			return options, diag.FromErr(err)
+		}
+
+		existingOptions := conn.Options.(*management.ConnectionOptionsSAML)
+
+		// Passing-through unconfigurable connection option values to prevent them from being erased on remote.
+		options.BindingMethod = existingOptions.BindingMethod
+		options.CertRolloverNotification = existingOptions.CertRolloverNotification
+		options.AgentIP = existingOptions.AgentIP
+		options.AgentVersion = existingOptions.AgentVersion
+		options.AgentMode = existingOptions.AgentMode
+		options.ExtGroups = existingOptions.ExtGroups
+		options.ExtProfile = existingOptions.ExtProfile
+	}
+
 	options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
 	if options.GetSetUserAttributes() == "on_each_login" {
 		options.SetUserAttributes = nil // This needs to be omitted to have the toggle enabled in the UI.
@@ -739,7 +797,9 @@ func expandConnectionOptionsADFS(config cty.Value) (*management.ConnectionOption
 }
 
 func expandConnectionOptionsPingFederate(
+	d *schema.ResourceData,
 	config cty.Value,
+	api *management.Management,
 ) (*management.ConnectionOptionsPingFederate, diag.Diagnostics) {
 	options := &management.ConnectionOptionsPingFederate{
 		SigningCert:         value.String(config.GetAttr("signing_cert")),
@@ -754,6 +814,40 @@ func expandConnectionOptionsPingFederate(
 		NonPersistentAttrs:  value.Strings(config.GetAttr("non_persistent_attrs")),
 	}
 
+	if !d.IsNewResource() {
+		conn, err := api.Connection.Read(d.Id())
+		if err != nil {
+			return options, diag.FromErr(err)
+		}
+
+		existingOptions := conn.Options.(*management.ConnectionOptionsPingFederate)
+
+		// Passing-through unconfigurable connection option values to prevent them from being erased on remote.
+		options.APIEnableUsers = existingOptions.APIEnableUsers
+		options.SignOutEndpoint = existingOptions.SignOutEndpoint
+		options.Subject = existingOptions.Subject
+		options.DisableSignout = existingOptions.DisableSignout
+		options.UserIDAttribute = existingOptions.UserIDAttribute
+		options.Debug = existingOptions.Debug
+		options.ProtocolBinding = existingOptions.ProtocolBinding
+		options.RequestTemplate = existingOptions.RequestTemplate
+		options.BindingMethod = existingOptions.BindingMethod
+		options.Thumbprints = existingOptions.Thumbprints
+		options.Expires = existingOptions.Expires
+		options.MetadataURL = existingOptions.MetadataURL
+		options.FieldsMap = existingOptions.FieldsMap
+		options.MetadataXML = existingOptions.MetadataXML
+		options.EntityID = existingOptions.EntityID
+		options.CertRolloverNotification = existingOptions.CertRolloverNotification
+		options.SigningKey = existingOptions.SigningKey
+		options.DecryptionKey = existingOptions.DecryptionKey
+		options.AgentIP = existingOptions.AgentIP
+		options.AgentVersion = existingOptions.AgentVersion
+		options.AgentMode = existingOptions.AgentMode
+		options.ExtGroups = existingOptions.ExtGroups
+		options.ExtProfile = existingOptions.ExtProfile
+	}
+
 	options.SetUserAttributes = value.String(config.GetAttr("set_user_root_attributes"))
 	if options.GetSetUserAttributes() == "on_each_login" {
 		options.SetUserAttributes = nil // This needs to be omitted to have the toggle enabled in the UI.

diff --git a/internal/config/config.go b/internal/config/config.go
@@ -13,7 +13,7 @@ import (
 	"github.com/auth0/terraform-provider-auth0/internal/mutex"
 )
 
-const providerName = "Terraform-Provider-Auth0"
+const providerName = "Terraform-Provider-Auth0" //#nosec G101 -- provider name not secret
 
 var version = "dev"