Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

several attributes cause plan spam with their defaults #930

Open
6 tasks done
DavidS-ovm opened this issue Mar 10, 2024 · 1 comment
Open
6 tasks done

several attributes cause plan spam with their defaults #930

DavidS-ovm opened this issue Mar 10, 2024 · 1 comment
Labels
🪲 bug Something isn't working

Comments

@DavidS-ovm
Copy link

Checklist

  • I have looked into the README and have not found a suitable solution or answer.
  • I have looked into the documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have upgraded to the latest version of this provider and the issue still persists.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Description

Several attributes across the module cause spurious plan changes when the attributes should be set to their defaults.

This happens at least for auth0_connection.set_user_root_attributes, auth0_client.sso, and auth0_client.organization_require_behavior.

This might only happen after touching the attribute once.

Expectation

terraform resources should not show up in the plan if there is no actual change.

Reproduction

  1. Given...

this resource decl

resource "auth0_connection" "customer_connection" {
  name         = var.terraform_env_name == "prod" ? "customer" : "dev"
  display_name = "customer SSO (${var.terraform_env_name})"
  strategy     = "samlp"

  options {
    debug         = var.terraform_env_name != "prod"
    tenant_domain = var.auth0_domain

    metadata_xml = file(var.terraform_env_name == "prod" ? "sso-metadata/customer.xml" : "sso-metadata/dev.xml")

    # TODO
    icon_url = "https://saml.provider/assets/logo.png"

    signature_algorithm = "rsa-sha256"
    digest_algorithm    = "sha256"
  }
}
  1. When ...

running terraform plan

  1. Then ...

This message pops up, while set_user_root_attributes defaults to on_each_login

  # auth0_connection.customer_connection will be updated in-place
  ~ resource "auth0_connection" "customer_connection" {
        id                   = "con_REDACTED"
        name                 = "dev"
        # (6 unchanged attributes hidden)

      ~ options {
          - set_user_root_attributes             = "on_each_login" -> null
            # (36 unchanged attributes hidden)
        }
    }

Auth0 Terraform Provider version

registry.terraform.io/auth0/auth0 v1.2.0

Terraform version

Terraform v1.5.7
@DavidS-ovm DavidS-ovm added the 🪲 bug Something isn't working label Mar 10, 2024
@ad8lmondy
Copy link

ad8lmondy commented Mar 12, 2024
edited
Loading

Yes, I can confirm I see the same issue with Terraform v1.6.2 and

  required_providers {
    auth0 = {
      source  = "auth0/auth0"
      version = "1.1.2"
    }

see:

  # module.sre__auth0-module.auth0_client.application["Studio"] will be updated in-place
  ~ resource "auth0_client" "application" {
        id                                    = "xxx"
        name                                  = "STAGE: Studio "
      - sso                                   = true -> null
        # (22 unchanged attributes hidden)

        # (3 unchanged blocks hidden)
    }

  # module.sre__auth0-module.auth0_client.application["M-Files and HubShare"] will be updated in-place
  ~ resource "auth0_client" "application" {
        id                                    = "x"
        name                                  = "STAGE: M-Files and HubShare"
      - sso                                   = true -> null
        # (21 unchanged attributes hidden)

        # (3 unchanged blocks hidden)
    }

  # module.sre__auth0-module.auth0_client.application["Product Support Portal"] will be updated in-place
  ~ resource "auth0_client" "application" {
        id                                    = "xxx"
        name                                  = "STAGE: Product Support Portal"
      - sso                                   = true -> null
        # (21 unchanged attributes hidden)

        # (3 unchanged blocks hidden)
    }

  # module.sre__auth0-module.auth0_connection.aad["AAD"] will be updated in-place
  ~ resource "auth0_connection" "aad" {
        id                   = "con_xyz"
        name                 = "AAD"
        # (6 unchanged attributes hidden)

      ~ options {
          - set_user_root_attributes               = "on_each_login" -> null
            # (37 unchanged attributes hidden)
        }
    }

always show up on a plan, even if it's just been applied.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🪲 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ad8lmondy @DavidS-ovm