-
Notifications
You must be signed in to change notification settings - Fork 9.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix permanent diff on aws_opsworks ssh_key and password #10175
Fix permanent diff on aws_opsworks ssh_key and password #10175
Conversation
… SshKey When these values are missing from the map, Terraform attempts to continuous reapply the same property values each time
Paging @apparentlymart since he started this work in #176. Would you be able to review this? |
@xsalazar is this the same issue affecting |
@wagner Yeah, it looks like there's an issue in there as well. It's the same mapping pattern, but the existing code for getting the You can also double check the AWS API and see that the |
This change will ignore the dummy placeholders returned from the AWS API
Would @apparentlymart or @bflad be able to check out this PR? It would close quite a few tickets and is pretty straightforward. |
Looks good! We just need a documentation update, similar to https://www.terraform.io/docs/providers/aws/r/emr_cluster.html#kerberos_attributes-1 |
@aeschright done! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for this patch! 🌟
--- PASS: TestAccAWSOpsworksStack_CustomCookbooks_SetPrivateProperties (35.92s)
This has been released in version 2.39.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
Summary
Previously, there was an issue when using
custom_cookbooks_source
in theaws_opsworks_stack
resource, Terraform would continuously reapply changes to bothssh_key
andpassword
despite no changes actually happening.This is because, on read, the
resourceAwsOpsworksSetStackCustomCookbooksSource
method would create an intermediate map before attempting to update the resource data. However, map entries for bothPassword
andSshKey
were removed, since the AWS API will return*****FILTERED*****
for sensitive data.Since these entries were removed, they would be read as empty strings, and when Terraform compared these read values to the values in code, there would always be a difference between the code and empty string. Thus, every
terraform apply
would claim a difference and rewrite those values.To solve this issue, the old value from the resource data is copied into the intermediate map and Terraform will no longer think it detects changes to these properties where there are none.
Community Note
Related Issues
#165
#176
#421
#4411
hashicorp/terraform#6203
hashicorp/terraform#6648
hashicorp/terraform#3635
hashicorp/terraform#6192
hashicorp/terraform#6826
hashicorp/terraform#10675
hashicorp/terraform#4790
hashicorp/terraform#17959
Release Notes
Release note for CHANGELOG:
Test
Output from acceptance testing: