terraform-provider-vault
terraform-provider-vault copied to clipboard
hashicorp
Data json read update
Description
The PR fixes the provider's behavior when resources (kv secrets version 1 and version 2) have been modified outside of terraform.
before the modification, when you create kv 2 secrets using the provider, modify the resource outside of vault using vault cli for example with the command vault patch, re-running terraform apply and checking the terraform state you would notice the data attribute correspond to what's in vault while data_json doesn't, and most importantly now the terraform state is different then what was specified in the terraform configuration file which is not the expected behavior from the provider.
The PR fixes this, so now if you re-run terraform apply, the provider deletes what's was modified outside of terraform and makes sure that vault state corresponds to what was specified in terraform configuration file.
The modifications were both applied to resource kv secret and resource kv secret V2
Relates to #1993
Output from acceptance testing:
$ make testacc TESTARGS="--run TestAccKVSecretV2_UpdateOutsideTerraform"
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test --run TestAccKVSecretV2_UpdateOutsideTerraform -timeout 30m ./...
? github.com/hashicorp/terraform-provider-vault [no test files]
? github.com/hashicorp/terraform-provider-vault/cmd/coverage [no test files]
? github.com/hashicorp/terraform-provider-vault/cmd/generate [no test files]
? github.com/hashicorp/terraform-provider-vault/helper [no test files]
? github.com/hashicorp/terraform-provider-vault/internal/consts [no test files]
? github.com/hashicorp/terraform-provider-vault/internal/identity/group [no test files]
? github.com/hashicorp/terraform-provider-vault/internal/identity/mfa [no test files]
? github.com/hashicorp/terraform-provider-vault/internal/pki [no test files]
ok github.com/hashicorp/terraform-provider-vault/codegen (cached) [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/internal/identity/entity (cached) [no tests to run]
? github.com/hashicorp/terraform-provider-vault/schema [no test files]
ok github.com/hashicorp/terraform-provider-vault/internal/provider (cached) [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/testutil (cached) [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/util (cached) [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/vault 2.742s
...
$make testacc TESTARGS="--run TestAccKVSecret_UpdateOutsideTerraform"
TF_ACC=1 go test --run TestAccKVSecret_UpdateOutsideTerraform -timeout 30m ./...
? github.com/hashicorp/terraform-provider-vault [no test files]
? github.com/hashicorp/terraform-provider-vault/cmd/coverage [no test files]
? github.com/hashicorp/terraform-provider-vault/cmd/generate [no test files]
? github.com/hashicorp/terraform-provider-vault/helper [no test files]
? github.com/hashicorp/terraform-provider-vault/internal/consts [no test files]
ok github.com/hashicorp/terraform-provider-vault/codegen 0.223s [no tests to run]
? github.com/hashicorp/terraform-provider-vault/internal/identity/group [no test files]
? github.com/hashicorp/terraform-provider-vault/internal/identity/mfa [no test files]
? github.com/hashicorp/terraform-provider-vault/internal/pki [no test files]
? github.com/hashicorp/terraform-provider-vault/schema [no test files]
ok github.com/hashicorp/terraform-provider-vault/internal/identity/entity 0.269s [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/internal/provider 0.455s [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/testutil 0.588s [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/util 0.738s [no tests to run]
ok github.com/hashicorp/terraform-provider-vault/vault 2.661s
