infisical icon indicating copy to clipboard operation
infisical copied to clipboard
verified publisher icon Infisical

Terraform provider has inconsistent results

Open hobbica98 opened this issue 1 year ago • 2 comments

When using the terraform provider for infisical_integration_aws_secrets_manager the results are inconsistent and forces it to be recreated each time

│ Error: Provider produced inconsistent result after apply │ │ When applying changes to module.infisical-websol-servers["websol-sales"].infisical_integration_aws_secrets_manager.secrets-manager-integration, provider "provider["registry.terraform.io/infisical/infisical"]" produced an │ unexpected new value: .environment: was cty.StringVal("dev"), but now cty.StringVal(""). │ │ This is a bug in the provider, which should be reported in the provider's own issue tracker.

hobbica98 avatar Oct 18 '24 14:10 hobbica98

The team at infisical will likely need to see more than just the log error. Right now, it's vaguely possible to guess at what you're doing, but most of the data in that log segment has to do with your usage/implementation of the module.

Could you show the code for that particular invocation so that folks can take a look at whats going on? Even if you have to sanitize it, it will be more useful to have an idea what specifically is going on.

Daemoen avatar Oct 29 '24 19:10 Daemoen

terraform { required_version = ">= 1.0.0" # Ensure that the Terraform version is 1.0.0 or higher

required_providers { aws = { source = "hashicorp/aws" # Specify the source of the AWS provider version = "~> 4.0" # Use a version of the AWS provider that is compatible with version } infisical = { source = "Infisical/infisical" version = "0.11.6" } } }

provider "infisical" { host = "https://infisical.***" client_id = var.infisical_client_id client_secret = var.infisical_client_secret }

provider "aws" { region = var.aws_region profile = var.aws_profile }

resource "infisical_project" "test" { name = "test-project" slug = "test-project" }

resource "aws_secretsmanager_secret" "test-project" { name = "test-project" tags = { Name = "test-project" Environment = "test" } }

data "aws_iam_user" "infisical-terraform" { user_name = "infisical-terraform" provider = aws

}

resource "aws_iam_access_key" "infisical-terraform" { user = data.aws_iam_user.infisical-terraform.user_name provider = aws }

resource "infisical_integration_aws_secrets_manager" "secrets-manager-integration" { project_id = infisical_project.test.id aws_region = var.aws_region environment = "dev"

secret_path = "/" lifecycle { ignore_changes = [integration_auth_id, integration_id, environment] } secrets_manager_path = aws_secretsmanager_secret.test-project.name mapping_behavior = "many-to-one" # Optional, default is many-to-one

access_key_id = aws_iam_access_key.infisical-terraform.id secret_access_key = aws_iam_access_key.infisical-terraform.secret }

resource "infisical_secret" "secrets" { workspace_id = infisical_project.test.id env_slug = "dev" name = "test-project" value = "test-project" folder_path = "/" }

hobbica98 avatar Apr 24 '25 15:04 hobbica98