Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

proxmox_virtual_environment_user_token does not update privilege_separation = false #1641

Open
geoffreytran opened this issue Nov 18, 2024 · 2 comments
Open

proxmox_virtual_environment_user_token does not update privilege_separation = false #1641

geoffreytran opened this issue Nov 18, 2024 · 2 comments
Labels
🐛 bug Something isn't working size/S

Comments

@geoffreytran
Copy link

Describe the bug
When privilege_separation is disabled, the resource returns a null token. In addition the second issue is the resource is missing the ability to set acls for when the default privilege_separate is enabled

To Reproduce
Steps to reproduce the behavior:

# Create a new role and user for the CSI plugin
resource "proxmox_virtual_environment_role" "csi" {
  role_id    = "CSI"
  
  privileges = [
    "VM.Audit",
    "VM.Config.Disk",
    "Datastore.Allocate",
    "Datastore.AllocateSpace",
    "Datastore.Audit"
  ]
}

resource "proxmox_virtual_environment_user" "kubernetes_csi" {
  user_id  = "kubernetes-csi@pve"
  comment  = "Managed by Terraform"

  acl {
    path      = "/"
    propagate = true
    role_id   = proxmox_virtual_environment_role.csi.role_id
  }
}

resource "proxmox_virtual_environment_user_token" "kubernetes_csi_token" {
  comment         = "Managed by Terraform"
  expiration_date = "2033-01-01T22:00:00Z"
  token_name      = "kubernetes-csi-token"
  user_id         = proxmox_virtual_environment_user.kubernetes_csi.user_id

  privileges_separation = false
}
@geoffreytran geoffreytran added the 🐛 bug Something isn't working label Nov 18, 2024
@geoffreytran
Copy link
Author

User error, looks like the resource doesn't handle changing the attribute after it has been created. It causes the token values to be reset to null.

@geoffreytran geoffreytran closed this as not planned Won't fix, can't repro, duplicate, stale Nov 18, 2024
@bpg
Copy link
Owner

bpg commented Dec 8, 2024
edited
Loading

the resource doesn't handle changing the attribute after it has been created.

That seems to be a bug.

Also, privileges separation should be false/deactivated by default.

@bpg bpg reopened this Dec 8, 2024
@bpg bpg changed the title proxmox_virtual_environment_user_token does not work with privilege_separation = false proxmox_virtual_environment_user_token does not update privilege_separation = false Dec 8, 2024
@bpg bpg moved this from 📥 Inbox to ☑️ Todo in terraform-provider-proxmox Dec 8, 2024
@bpg bpg mentioned this issue Dec 8, 2024
Closed
@bpg bpg added the size/S label Dec 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🐛 bug Something isn't working size/S
Projects
terraform-provider-proxmox
Status: ☑️ Todo
Milestone
No milestone
Development

No branches or pull requests
2 participants
@geoffreytran @bpg