Skip to content
Permalink

Comparing changes

This is a direct comparison between two commits made in this repository or its related repositories. View the default comparison for this range or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: tailscale/terraform-provider-tailscale
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: 08c25d7a94d9aa03d2ff282f9d5fad553c4df0c5
Choose a base ref
..
head repository: tailscale/terraform-provider-tailscale
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: 1ffcfe1dff21af276a3487872fa626d1b6330aeb
Choose a head ref
Showing with 38 additions and 9 deletions.
  1. +38 −9 tailscale/resource_tailnet_key.go
47 changes: 38 additions & 9 deletions tailscale/resource_tailnet_key.go
Original file line number Diff line number Diff line change
@@ -18,6 +18,7 @@ func resourceTailnetKey() *schema.Resource {
CreateContext: resourceTailnetKeyCreate,
DeleteContext: resourceTailnetKeyDelete,
UpdateContext: schema.NoopContext,
CustomizeDiff: resourceTailnetKeyDiff,
Schema: map[string]*schema.Schema{
"reusable": {
Type: schema.TypeBool,
@@ -164,20 +165,48 @@ func resourceTailnetKeyDelete(ctx context.Context, d *schema.ResourceData, m int
}
}

func resourceTailnetKeyRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
client := m.(*tailscale.Client)
key, err := client.GetKey(ctx, d.Id())

// shouldRecreateIfInvalid determines if a resource should be recreated when
// it's invalid, based on the values of `reusable` and `recreate_if_invalid` fields.
func shouldRecreateIfInvalid(reusable bool, recreateIfInvalid string) bool {
// By default, we automatically recreate reusable keys, but ignore invalid single-use
// keys, assuming they have successfully been used, and recreating them might trigger
// unnecessary updates of other Terraform resources that depend on the key.
recreateIfInvalid := d.Get("reusable").(bool)
if wantRecreate := d.Get("recreate_if_invalid").(string); wantRecreate == "always" {
recreateIfInvalid = true
} else if wantRecreate == "never" {
recreateIfInvalid = false
if recreateIfInvalid == "always" {
return true
}
if recreateIfInvalid == "never" {
return false
}
return reusable
}

// resourceTailnetKeyDiff makes sure a resource is recreated when a `recreate_if_invalid`
// field changes in a way that requires it.
func resourceTailnetKeyDiff(ctx context.Context, d *schema.ResourceDiff, m interface{}) error {
old, new := d.GetChange("recreate_if_invalid")
if old == new {
return nil
}

recreateIfInvalid := shouldRecreateIfInvalid(d.Get("reusable").(bool), d.Get("recreate_if_invalid").(string))
if !recreateIfInvalid {
return nil
}

client := m.(*tailscale.Client)
key, err := client.GetKey(ctx, d.Id())
if tailscale.IsNotFound(err) || (err == nil && key.Invalid) {
d.ForceNew("recreate_if_invalid")
}
return nil
}

func resourceTailnetKeyRead(ctx context.Context, d *schema.ResourceData, m interface{}) diag.Diagnostics {
recreateIfInvalid := shouldRecreateIfInvalid(d.Get("reusable").(bool), d.Get("recreate_if_invalid").(string))

client := m.(*tailscale.Client)
key, err := client.GetKey(ctx, d.Id())

switch {
case tailscale.IsNotFound(err):
if recreateIfInvalid {