tailscale_tailnet_key: only recreate reusable keys by default #310
Conversation
|
I ran through a few scenarios with this branch and everything looked good except for one update-in-place scenario. If I change Steps to reproduce
Output |
knyar
force-pushed
the
knyar/recreate
branch
from
08c25d7 to
1ffcfe1
Compare
Nice, thanks a lot for testing and for sharing this. This is not trivial to fix: the stage at which Terraform shows a simple diff happens before we have an opportunity to read the resource. I have addressed this by adding a custom diff function for the resource that now triggers recreation if a flag gets changed. It duplicates some logic of the Read function that similarly recreates the key when it expires, but I don't think there's an elegant single place we could do this in. PTAL? |
knyar
force-pushed
the
knyar/recreate
branch
from
1ffcfe1 to
fcdb8c7
Compare
I ran through the same scenario and others and this looks good to me! |
knyar
force-pushed
the
knyar/recreate
branch
from
fcdb8c7 to
647e950
Compare
This change partially reverts the behaviour introduced in #287 that currently results in single-use keys being recreated, triggering unnecessary updates to downstream Terraform resources. By default, the provider will now only recreate reusable keys, ignoring invalid single-use keys. This can also be changed now using a new `recreate_if_invalid` attribute. Fixes #306 Signed-off-by: Anton Tolchanov <[email protected]>
knyar
force-pushed
the
knyar/recreate
branch
from
647e950 to
de784be
Compare
|
@knyar Great, thanks! |
This change partially reverts the behaviour introduced in #287 that currently results in single-use keys being recreated, triggering unnecessary updates to downstream Terraform resources.
By default, the provider will now only recreate reusable keys, ignoring invalid single-use keys. This can also be changed now using a new
recreate_if_invalidattribute.Fixes #306