Setting default idle_session_lifetime on tenant import

[willvedd]

🔧 Changes

Sometimes when importing a auth0_tenant resource, the idle_session_lifetime field gets set to zero. Normally this isn't such a problem because subsequent plans or applies will have this value set to the default value of 72. However, the Auth0 CLI's auth0 tf generate command will get hung up on the zero value because it violates the schema's validation. This default is necessary because not all tenants will have the idle_session_lifetime value set, particularly if it is a new tenant.

📚 References

• TF Generate Command - Auth0 CLI

🔬 Testing

Manual verification on a new tenant. Difficult to add to acceptance tests because our testing tenants will always have this value set; it is important to have it not set for testing.

📝 Checklist

• All new/changed/fixed functionality is covered by tests (or N/A)
• I have added documentation for all new/changed functionality (or N/A)

[codecov-commenter]

Codecov Report

Merging #849 (730ec82) into main (b4d4962) will increase coverage by 0.02%.
The diff coverage is 100.00%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #849      +/-   ##
==========================================
+ Coverage   89.89%   89.92%   +0.02%     
==========================================
  Files         101      101              
  Lines       13785    13793       +8     
==========================================
+ Hits        12392    12403      +11     
+ Misses        989      987       -2     
+ Partials      404      403       -1     

Files	Coverage Δ
internal/auth0/tenant/flatten.go	100.00% <100.00%> (+4.91%)	⬆️
internal/auth0/tenant/resource.go	98.08% <100.00%> (ø)

[dangbert]

Thank you for the fix, I just ran into this issue with auth0 tf generate (I'm on auth0 version 1.1.2 7646242b292c208470ebd4c78360a695bbf56f1a and "1.0.0" of this provider).

If idle_session_lifetime and session_lifetime are both 0 for data "auth0_tenant" "this" {} (as well as my imported tenant) does that indicate the value is actually set to 0 or this is part of the problem addressed here?

I'm importing an existing tenant that has been functioning fine for our application, but I'm weary about changing these values.

[willvedd]

If idle_session_lifetime and session_lifetime are both 0 for data "auth0_tenant" "this" {} (as well as my imported tenant) does that indicate the value is actually set to 0 or this is part of the problem addressed here?

@dangbert both session lifetime values are required to be positive, non-zero values. The zeros you're seeing are the Go defaults being used in absence of the explicit values being returned from the tenant. In the Auth0 Management API, if the session lifetime values haven't been adjusted, they'll inherit the defaults and not be explicitly defined in your specific tenant object. The tenant that you're exporting to will behave the same as the existing tenant. Though I recommend to review the session lifetime values with your team to make sure they work for your particular business case.

[dangbert]

Thanks for the clarification @willvedd. That is indeed consistent with a later discussion I had with my team, so I've omitted the values as you suggested. Thanks for your fix and guidance, the timing was perfect 👍