Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Item's are recreated whenever the item's vault is the vault's title #131

Open
bloudraak opened this issue Jan 13, 2024 · 1 comment
Open

Item's are recreated whenever the item's vault is the vault's title #131

bloudraak opened this issue Jan 13, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@bloudraak
Copy link

Your environment

Terraform Provider Version:
1.4.0

Connect Server Version:
N/A

CLI Version:
2.24.0

OS:
macOS 14.2.1 (23C71)

Terraform Version:

Terraform v1.5.7
on darwin_arm64

What happened?

On every apply, the item was destroyed and created, even though there were no changes to the item.

What did you expect to happen?

Once the item was created and there were no changes, the Terraform provider should not do anything whenever terraform apply is executed.

Steps to reproduce

Consider the following Terraform snippet

provider "onepassword" {
  service_account_token = "<token>"
}

resource "onepassword_item" "demo" {
  vault = "San Jose"
  title = "Demo"

  username = "admin"
  password = "password"
}

I ran the following commands:

terraform init
terraform apply
terraform apply
terraform apply
terraform apply

Notes & Logs

Outputs (vaultuuid and itemuuid was replaced)

-/+ resource "onepassword_item" "demo" {
      ~ id       = "vaults/vaultuuid/items/itemuuid" -> (known after apply)
      - tags     = [] -> null
      ~ uuid     = "itemuuid" -> (known after apply)
      ~ vault    = "vaultuuid" -> "San Jose" # forces replacement
        # (4 unchanged attributes hidden)
    }

It appears the resource is storing the vault uuid in the state file but needs help to handle the fact that the vault title is being passed in. Also, I'd like to point out a side effect on tags as it's being set to NULL, even though there were no changes.

When one specifies the vault uuid instead of the title, the item is updated due to the password mismatch, even though the password never changed. This only happens on the first apply after changing the vault to be a uuid. Subsequent apply calls behave as expected. Also note that the tags value are maintained.

 ~ resource "onepassword_item" "demo" {
        id       = "vaults/vaultuuid/items/itemuuid"
      ~ password = (sensitive value)
        tags     = []
        # (5 unchanged attributes hidden)
    }

The item's destruction is a problem since it results in data loss.
@bloudraak bloudraak added the bug Something isn't working label Jan 13, 2024
@volodymyrZotov
Copy link
Collaborator

That's for raising! We'll address this in a future release.

@edif2008 edif2008 mentioned this issue Apr 25, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bloudraak @volodymyrZotov