Skip to content

Commit

Permalink
reverting to set. dont store kv secret value
Browse files Browse the repository at this point in the history
  • Loading branch information
x-delfino committed Jan 4, 2024
1 parent 3db3b88 commit 421d329
Show file tree
Hide file tree
Showing 3 changed files with 11 additions and 38 deletions.
5 changes: 3 additions & 2 deletions internal/services/containerapps/container_app_resource.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import (
"github.com/hashicorp/go-azure-helpers/resourcemanager/tags"
"github.com/hashicorp/go-azure-sdk/resource-manager/containerapps/2023-05-01/containerapps"
"github.com/hashicorp/go-azure-sdk/resource-manager/containerapps/2023-05-01/managedenvironments"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-provider-azurerm/internal/sdk"
"github.com/hashicorp/terraform-provider-azurerm/internal/services/containerapps/helpers"
"github.com/hashicorp/terraform-provider-azurerm/internal/services/containerapps/validate"
Expand Down Expand Up @@ -418,8 +419,8 @@ func (r ContainerAppResource) CustomizeDiff() sdk.ResourceFunc {
Func: func(ctx context.Context, metadata sdk.ResourceMetaData) error {
if metadata.ResourceDiff != nil && metadata.ResourceDiff.HasChange("secret") {
stateSecretsRaw, configSecretsRaw := metadata.ResourceDiff.GetChange("secret")
stateSecrets := stateSecretsRaw.([]interface{})
configSecrets := configSecretsRaw.([]interface{})
stateSecrets := stateSecretsRaw.(*schema.Set).List()
configSecrets := configSecretsRaw.(*schema.Set).List()
// Check there's not less
if len(configSecrets) < len(stateSecrets) {
return fmt.Errorf("cannot remove secrets from Container Apps at this time due to a limitation in the Container Apps Service. Please see `https://github.com/microsoft/azure-container-apps/issues/395` for more details")
Expand Down
31 changes: 0 additions & 31 deletions internal/services/containerapps/container_app_resource_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -699,12 +699,6 @@ resource "azurerm_container_app" "test" {
depends_on = [
azurerm_role_assignment.user_mi_key_vault_secrets
]
lifecycle {
ignore_changes = [
secret[0].value
]
}
}
`, r.templateNoProvider(data), data.RandomInteger, data.RandomString)
}
Expand Down Expand Up @@ -794,12 +788,6 @@ resource "azurerm_container_app" "test" {
depends_on = [
azurerm_role_assignment.mi_key_vault_secrets
]
lifecycle {
ignore_changes = [
secret[0].value
]
}
}
`, r.templateNoProvider(data), data.RandomInteger, data.RandomString)
}
Expand Down Expand Up @@ -895,12 +883,6 @@ resource "azurerm_container_app" "test" {
depends_on = [
azurerm_role_assignment.user_mi_key_vault_secrets
]
lifecycle {
ignore_changes = [
secret[0].value
]
}
}
`, r.templateNoProvider(data), data.RandomInteger, data.RandomString)
}
Expand Down Expand Up @@ -1006,13 +988,6 @@ resource "azurerm_container_app" "test" {
depends_on = [
azurerm_role_assignment.user_mi_key_vault_secrets
]
lifecycle {
ignore_changes = [
secret[0].value,
secret[1].value
]
}
}
`, r.templateNoProvider(data), data.RandomInteger, data.RandomString)
}
Expand Down Expand Up @@ -1091,12 +1066,6 @@ resource "azurerm_container_app" "test" {
identity = "System"
key_vault_secret_id = azurerm_key_vault_secret.test.id
}
lifecycle {
ignore_changes = [
secret[0].value
]
}
}
`, r.templateNoProvider(data), data.RandomInteger, data.RandomString)
}
Expand Down
13 changes: 8 additions & 5 deletions internal/services/containerapps/helpers/container_apps.go
Original file line number Diff line number Diff line change
Expand Up @@ -2213,7 +2213,7 @@ type Secret struct {

func SecretsSchema() *pluginsdk.Schema {
return &pluginsdk.Schema{
Type: pluginsdk.TypeList,
Type: pluginsdk.TypeSet,
Optional: true,
Sensitive: true,
Elem: &pluginsdk.Resource{
Expand Down Expand Up @@ -2255,7 +2255,7 @@ func SecretsSchema() *pluginsdk.Schema {

func SecretsDataSourceSchema() *pluginsdk.Schema {
return &pluginsdk.Schema{
Type: pluginsdk.TypeList,
Type: pluginsdk.TypeSet,
Computed: true,
Sensitive: true,
Elem: &pluginsdk.Resource{
Expand Down Expand Up @@ -2468,12 +2468,15 @@ func FlattenContainerAppSecrets(input *containerapps.SecretsCollection) []Secret
}
result := make([]Secret, 0)
for _, v := range input.Value {
result = append(result, Secret{
secret := Secret{
Identity: pointer.From(v.Identity),
KeyVaultSecretId: pointer.From(v.KeyVaultUrl),
Name: pointer.From(v.Name),
Value: pointer.From(v.Value),
})
}
if v.KeyVaultUrl == nil {
secret.Value = pointer.From(v.Value)
}
result = append(result, secret)
}

return result
Expand Down

0 comments on commit 421d329

Please sign in to comment.