terraform-provider-auth0 icon indicating copy to clipboard operation
terraform-provider-auth0 copied to clipboard

Published 20 hours ago verified publisher icon auth0

auth0_client_grant scopes false differences

Open bennesp opened this issue 1 year ago • 1 comments

Checklist

  • [X] I have looked into the README and have not found a suitable solution or answer.
  • [X] I have looked into the documentation and have not found a suitable solution or answer.
  • [X] I have searched the issues and have not found a suitable solution or answer.
  • [X] I have upgraded to the latest version of this provider and the issue still persists.
  • [X] I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • [X] I agree to the terms within the Auth0 Code of Conduct.

Description

Sorting of the property scopes of resource auth0_client_grant is reporting in the plan a difference but it is very difficult to spot real differences because of the sorting. In fact, the plan tells that some scopes will be removed and the same scopes will be added in different lines

Example of plan:


  ~ resource "auth0_client_grant" "my_api" {
      ~ scopes    = [
          - "read:users",
          - "update:users",
          - "delete:users",
          + "create:clients",
          + "create:organization_connections",
          + "create:organization_member_roles",
          + "create:organization_members",
          + "create:organizations",
          + "create:resource_servers",
          + "create:role_members",
          + "create:roles",
          + "create:user_tickets",
            "create:users",
          - "read:users_app_metadata",
          - "update:users_app_metadata",
          - "delete:users_app_metadata",
            "create:users_app_metadata",
          - "create:user_tickets",
          - "read:clients",
          - "update:clients",
            "delete:clients",
          - "create:clients",
          - "read:client_keys",
          - "read:resource_servers",
          - "update:resource_servers",
          + "delete:organization_connections",
          + "delete:organization_member_roles",
          + "delete:organizations",
            "delete:resource_servers",
          - "create:resource_servers",
          - "read:logs",
          - "read:roles",
          - "create:roles",
          - "delete:roles",
          - "update:roles",
          - "create:role_members",
          - "read:role_members",
            "delete:role_members",
          + "delete:roles",
          + "delete:users",
          + "delete:users_app_metadata",
          + "read:client_credentials",
          + "read:client_keys",
          + "read:clients",
          + "read:logs",
          + "read:organization_member_roles",
            "read:organizations",
          - "update:organizations",
          - "create:organizations",
          - "delete:organizations",
          - "create:organization_members",
          - "create:organization_connections",
          + "read:resource_servers",
          + "read:role_members",
          + "read:roles",
          + "read:users",
          + "read:users_app_metadata",
          + "update:clients",
            "update:organization_connections",
          - "delete:organization_connections",
          - "create:organization_member_roles",
          - "read:organization_member_roles",
          - "delete:organization_member_roles",
          - "read:client_credentials",
          + "update:organizations",
          + "update:resource_servers",
          + "update:roles",
          + "update:users",
          + "update:users_app_metadata",
        ]
        # (2 unchanged attributes hidden)
    }

Expectation

I would expect scopes to be a set and not a list, so that real differences would be far easier to spot and no false differences are reported

Reproduction

  1. Create a client
  2. Assign some scopes from terraform and some scopes from the UI to the client using auth0_client_grant
  3. Run terraform plan

Auth0 Terraform Provider version

1.6.1

Terraform version

1.8.0

bennesp avatar Oct 01 '24 09:10 bennesp

@bennesp Hello, hope you're well.

I'm trying to understand the steps to reproduce this.

  1. Create a client
  2. Assign some scopes from terraform
  3. Assign some scopes from UI to the client using auth0_client_grant?

Did you mean just assign some scope from UI? If so, you might have to import the state of the client since it has been updated externally (outside of terraform)

I'd be happy to connect and understand the issue that you're facing. Thanks!

duedares-rvj avatar Oct 21 '24 05:10 duedares-rvj

Thank you for the answer and the patience

Did you mean just assign some scope from UI?

Yes, "using auth0_client_grant" is a typo

Today I tried again to run a terraform plan and I did not received any issue, unlike 3 weeks ago.

I will keep trying in our configurations in the next days and let you know if this issue re-appear.

Thank you

bennesp avatar Nov 13 '24 15:11 bennesp

Lovely! Delighted to hear that you are no more facing the issue. I'm going to close this issue for now, but do not hesitate to create a new one if it re-appears. We'd be happy to triage and assist you!

Thanks again!

duedares-rvj avatar Nov 14 '24 17:11 duedares-rvj