Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

google_security_scanner_scan_config always requires recreation #4542

Closed
kpurdon opened this issue Sep 25, 2019 · 2 comments · Fixed by GoogleCloudPlatform/magic-modules#2376
Assignees
Labels

Comments

@kpurdon
Copy link

kpurdon commented Sep 25, 2019

Community Note

  • Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment
  • If an issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to "hashibot", a community member has claimed the issue already.

Terraform Version

v0.12.8

Affected Resource(s)

  • google_security_scanner_scan_config

Terraform Configuration Files

resource "google_security_scanner_scan_config" "ce" {
  project                           = var.gcp_project
  provider                          = "google-beta"
  display_name                      = "CE Web Application"
  starting_urls                     = ["https://${var.ce_domain_name}"]
  target_platforms                  = ["COMPUTE"]
  export_to_security_command_center = "ENABLED"

  authentication {
    custom_account {
      username  = var.web_security_scan_account_username
      password  = var.web_security_scan_account_password
      login_url = "https://${var.ce_domain_name}"
    }
  }

  schedule {
    schedule_time          = "2019-09-25T15:07:00Z" # 7am UTC, 3am EST
    interval_duration_days = 7
  }
}

Debug Output

Panic Output

Expected Behavior

After being created, this resource should not require recreation w/o changes.

Actual Behavior

The resource requires a recreate with no changes.

  # module.syndio_monitoring_ce.google_security_scanner_scan_config.ce must be replaced
-/+ resource "google_security_scanner_scan_config" "ce" {
      - blacklist_patterns                = [] -> null
        display_name                      = "CE Web Application"
        export_to_security_command_center = "ENABLED"
      ~ id                                = "projects/staging-e67bcca1/scanConfigs/5210846834327552" -> (known after apply)
        max_qps                           = 15
      ~ name                              = "projects/staging-e67bcca1/scanConfigs/5210846834327552" -> (known after apply)
        project                           = "staging-e67bcca1"
        starting_urls                     = [
            "https://gcp-ce-staging.synd.io",
        ]
        target_platforms                  = [
            "COMPUTE",
        ]
        user_agent                        = "CHROME_LINUX"

      ~ authentication {
          ~ custom_account {
                login_url = "https://gcp-ce-staging.synd.io"
              + password  = (sensitive value)
                username  = "[email protected]"
            }
        }

        schedule {
            interval_duration_days = 7
            schedule_time          = "2019-09-25T15:07:00Z"
        }
    }

Steps to Reproduce

  1. terraform plan
  2. terraform apply
  3. terraform plan

Important Factoids

References

N/A

@tysen
Copy link

tysen commented Sep 25, 2019

I'm looking into resolving this but the above PR requires some modifications to our code generation in order to work. The problem is that the API does not return the password in the response object so it looks like a diff to Terraform.

@ghost
Copy link

ghost commented Nov 8, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. If you feel I made an error 🤖 🙉 , please reach out to my human friends 👉 [email protected]. Thanks!

@ghost ghost locked and limited conversation to collaborators Nov 8, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants