-
Notifications
You must be signed in to change notification settings - Fork 743
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
github_actions_organization_secret always applies the value, even if it's unchanged #749
Comments
We're running into this issue as well. Any thoughts on how this could be fixed? |
Well, this is probably linked to my earlier fix. The whole idea of declaring resources with Terraform is for Terraform to make sure that the remote state matches the declared state. If you want Terraform to be blind to external changes, please explicitly set |
I think that's the whole problem, that |
@jvanbrunschot have you tried ignoring |
@marcinwyszynski sory for the slow response but adding both |
We also have a related use case where The @jcudit What are your thoughts about introducing an additional attribute allowing users to choose the preferred behaviour? Example:
|
@sivapalan that is a solid suggestion. Happy to help support an implementation if anyone wants to pick this up! From a code organization perspective, we've got a few different types of secrets that would benefit from such a flag. However, we've yet to refactor shared code for each secret type which may complicate or cause drift depending on how this gets implemented. |
I gave it a try with #1351, but I am bending my brain regarding how to think about the unit-testing environment. I put some breakpoints to see how I could get to the Some support is appreciated |
@yordis how are you executing your unit tests? Would you mind sharing (redacted) environment variables and the command you're using to execute them? Side note: that drift-detection snippet is sprinkled all over our code. I wonder if there's a nice way to refactor that so the logic can be shared rather than duplicated. |
Just adding a voice here, it's been a while, wondering if anybody has a workaround. We create some empty secrets in TF, and let users fill them in. lifecycle {
ignore_changes = [
plaintext_value,
encrypted_value,
]
} I see the |
As I mentioned in #1351 I tried the integration testing guideline multiple times, but it didn't work. As shown in the video, I tested by running the code in the test environment. I would appreciate it if someone took the lead in helping to do an integration test out of the generated binary using that branch.* I helped as much as possible, but I couldn't allocate more time to the problem since I was repeatedly trying the same things. Hopefully, it is a small thing to ask. |
I can look into this during the weekend sometime, I think I have an idea as to how this can be fixed. |
What do you mean by that? To make it clear, the feature "works" as far as I can tell since I did test it. |
Sorry, my mistake. I missed what you mentioned about it working in your local environment. Based on the test I thought it wasn't working. I'll run tests on it and get back to you this weekend. |
@o-sama did you get to test the binary? |
Any update on this? It does not work yet. |
Terraform Version
Terraform v0.13.5
Affected Resource(s)
Please list the resources as a list, for example:
Terraform Configuration Files
Expected Behavior
In this example, I'm giving providing a list of repositories that can access the secret. You can see I'm using
(placeholder)
as the plaintext value, with the idea that I would go into Github outside of TF and add in the real value once.When I change the list of repositories, I expect that the real value I inputted would remain the same.
Actual Behavior
However, it actually replaces the real value with the placeholder.
Steps to Reproduce
github_actions_organization_secret
resource to create a value likeFOO
with a default value of(placeholder)
terraform apply
the change/creationHello World
selected_repository_ids
and apply the change(placeholder)
and not the expectedHello World
The text was updated successfully, but these errors were encountered: