Skip to content

Commit

Permalink
SecretManager Secret: Prevent recreation for "automatic" to "auto" (#…
Browse files Browse the repository at this point in the history
…9030) (#6325)

Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
modular-magician authored and trodge committed Sep 21, 2023
1 parent fbe1c75 commit 780283b
Show file tree
Hide file tree
Showing 2 changed files with 35 additions and 2 deletions.
3 changes: 3 additions & 0 deletions .changelog/9030.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:bug
secretmanager: fixed an issue in `google_secretmanager_secret` where replacing `replication.automatic` with `replication.auto` would destroy and recreate the resource
```
Original file line number Diff line number Diff line change
Expand Up @@ -18,18 +18,46 @@
package secretmanager

import (
"context"
"fmt"
"log"
"reflect"
"strings"
"time"

"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"

"github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource"
transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport"
)

// Prevent ForceNew when upgrading replication.automatic -> replication.auto
func secretManagerSecretAutoCustomizeDiff(_ context.Context, diff *schema.ResourceDiff, meta interface{}) error {
oAutomatic, nAutomatic := diff.GetChange("replication.0.automatic")
_, nAuto := diff.GetChange("replication.0.auto")
autoLen := len(nAuto.([]interface{}))

// Do not ForceNew if we are removing "automatic" while adding "auto"
if oAutomatic == true && nAutomatic == false && autoLen > 0 {
return nil
}

if diff.HasChange("replication.0.automatic") {
if err := diff.ForceNew("replication.0.automatic"); err != nil {
return err
}
}

if diff.HasChange("replication.0.auto") {
if err := diff.ForceNew("replication.0.auto"); err != nil {
return err
}
}

return nil
}

func ResourceSecretManagerSecret() *schema.Resource {
return &schema.Resource{
Create: resourceSecretManagerSecretCreate,
Expand All @@ -47,6 +75,10 @@ func ResourceSecretManagerSecret() *schema.Resource {
Delete: schema.DefaultTimeout(20 * time.Minute),
},

CustomizeDiff: customdiff.All(
secretManagerSecretAutoCustomizeDiff,
),

Schema: map[string]*schema.Schema{
"replication": {
Type: schema.TypeList,
Expand All @@ -60,7 +92,6 @@ after the Secret has been created.`,
"auto": {
Type: schema.TypeList,
Optional: true,
ForceNew: true,
Description: `The Secret will automatically be replicated without any restrictions.`,
MaxItems: 1,
Elem: &schema.Resource{
Expand Down Expand Up @@ -90,7 +121,6 @@ encryption is used.`,
Type: schema.TypeBool,
Optional: true,
Deprecated: "`automatic` is deprecated and will be removed in a future major release. Use `auto` instead.",
ForceNew: true,
Description: `The Secret will automatically be replicated without any restrictions.`,
ExactlyOneOf: []string{"replication.0.automatic", "replication.0.user_managed", "replication.0.auto"},
},
Expand Down

0 comments on commit 780283b

Please sign in to comment.