Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

change noise with cross_origin_auth #1029

Open
6 tasks done
DavidS-ovm opened this issue Sep 20, 2024 · 9 comments
Open
6 tasks done

change noise with cross_origin_auth #1029

DavidS-ovm opened this issue Sep 20, 2024 · 9 comments
Labels
🪲 bug Something isn't working

Comments

@DavidS-ovm
Copy link

DavidS-ovm commented Sep 20, 2024
edited
Loading

Checklist

  • I have looked into the README and have not found a suitable solution or answer.
  • I have looked into the documentation and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have upgraded to the latest version of this provider and the issue still persists.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Description

Since a few days I'm getting the following changes for every auth0_client on every run:

  # auth0_client.efg will be updated in-place
  ~ resource "auth0_client" "efg" {
      - cross_origin_auth                     = true -> null
        id                                    = "abcd"
        name                                  = "efg"
        # (28 unchanged attributes hidden)

        # (3 unchanged blocks hidden)
    }

This is causing severe issues as terraform propagates the (presumed, but not actually) updated client values into the rest of our infrastructure.

Expectation

No changes when nothing changes.

Reproduction

Run terraform with this resource:

resource "auth0_client" "efg" {
  name        = "efg"
  description = "Client used by efg"
  app_type    = "non_interactive"
}

Auth0 Terraform Provider version

1.6.0

Terraform version

1.9.5
@DavidS-ovm DavidS-ovm added the 🪲 bug Something isn't working label Sep 20, 2024
@jordanjennings
Copy link

We're also very recently experiencing this same issue and we're on Auth0 provider v1.0.0

@hoppalotta
Copy link

Same issue here. I have posted in the auth0 community about this as well.

Seems like this may have changed in the auth0 api without notice. The change described in the community thread does seem related, but the given change date of October 24, 2024 is about a month from today so that's odd.

@dan-cbm
Copy link

dan-cbm commented Sep 23, 2024

Also experiencing this, I can run terraform apply 5 times and the plan is the same each time 😢

@kayleabox
Copy link

It seems that setting crossOriginAuth to true in cdktf is clearing up this diff for me.

@dan-cbm
Copy link

dan-cbm commented Sep 23, 2024

@kayleabox yes me as well in terraform I explicitly set cross_origin_auth = true on my auth0_client resource and it fixed the problem after a single terraform apply

my current version is:

provider "registry.terraform.io/auth0/auth0" {
  version     = "1.6.1"

@hoppalotta
Copy link

hoppalotta commented Sep 25, 2024
edited
Loading

A post in the auth0 community forum indicates this is not a bug in the provider, but a change to a default in the auth0 api:

If a application/client did not have cross_origin_authenication defined, a default value has been specified to match the value that you see in the Admin Dashboard. Previously this attribute (cross_origin_authentication) was not stored and exposed on the client object.

That post also notes:

we will be removing cross_origin_auth to make this less confusing

If I'm reading this correctly, this may impact the cross_origin_auth argument on the auth0_client resource. Is there any specific guidance on how this will impact the provider or how we can prepare when this deprecation takes place on October 25, 2024?

@leontastic
Copy link

leontastic commented Oct 3, 2024
edited
Loading

Based on the docs, it looks like cross_origin_auth existed in many prior versions of this provider. I had this config specified for over 2 years and it was explicitly set to false. I remember noticing drift in the Terraform state when turning on cross origin authentication for one of my clients in December 2023 to see if embedded login still works (spoiler: it doesn't).

Now Terraform is reporting drift on every single client in my config:

      ~ cross_origin_auth                   = true -> false

I confirmed the option is turned on for all of these clients in the Dashboard as well. I am quite certain they were previously turned off.

Could someone from Auth0 confirm if there was an incident here that caused cross origin authentication to be turned on for all clients?

@DavidS-ovm
Copy link
Author

Hey folks, my account manager has advised me to contact Auth0 support to get this ticket prioritized with engineering. The current status is

I am just reaching out to update you that the internal ticket is still in progress.

I will return as soon as any updates occur.

from nine days ago on a ticket I opened three weeks ago. It might be useful if any customer on this ticket also contacted support pointing out that there is already an engineering ticket for this, and to add your weight (i.e. revenue) to that.

Thanks for listening.

@Inlustra
Copy link

Will also be reaching out and creating a ticket to get this sped up - so many useless changes appearing in our large monorepo tf

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
🪲 bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@jordanjennings @Inlustra @leontastic @kayleabox @hoppalotta @DavidS-ovm @dan-cbm