Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG]: 'plaintext_value' forces delete and create instead of inplace update #2518

Open
1 task done
zilinjak opened this issue Dec 16, 2024 · 0 comments
Open
1 task done
Labels
Status: Triage This is being looked at and prioritized Type: Bug Something isn't working as documented

Comments

@zilinjak
Copy link

zilinjak commented Dec 16, 2024

Expected Behavior

When changing 'plaintext_value' we want to replace the value inplace, as we can do in github UI. The problem is that when we are changing a lot of secrets this leads to significant downtime - 5-10 minutes, because we can see something like

github_actions_environment_secret.AZURE_SP_PASS: Still creating... [1m20s elapsed]

Actual Behavior

The force replace firstly deletes the value and then creates it which leads to secret downtime. I think it would be better to update the value INPLACE

Terraform Version

Terraform v1.8.4
on darwin_arm64

  • provider registry.terraform.io/hashicorp/azurerm v3.106.1
  • provider registry.terraform.io/hashicorp/github v6.2.1
  • provider registry.terraform.io/rewe-digital/sonarcloud v0.5.2

Affected Resource(s)

  • github_dependabot_secret
  • github_actions_secret
  • github_actions_environment_secret

maybe more that setup secrets

Terraform Configuration Files

data "azurerm_key_vault" "example" {
  name                = "..."
  resource_group_name = "..."
}

data "azurerm_key_vault_secret" "AZURE_SP_PASS" {
  name         = "${var.sp_name}-password"
  key_vault_id = data.azurerm_key_vault.example.id
}

resource "github_actions_secret" "AZURE_SP_PASS" {
  secret_name      = var.sp_password_secret_name
  repository       = var.repository
  plaintext_value  = data.azurerm_key_vault_secret.AZURE_SP_PASS.value
}

Steps to Reproduce

No response

Debug Output

No response

Panic Output

No response

Code of Conduct

  • I agree to follow this project's Code of Conduct
@zilinjak zilinjak added Status: Triage This is being looked at and prioritized Type: Bug Something isn't working as documented labels Dec 16, 2024
@nickfloyd nickfloyd moved this from 🆕 Triage to 🔥 Backlog in 🧰 Octokit Active Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Status: Triage This is being looked at and prioritized Type: Bug Something isn't working as documented
Projects
None yet
Development

No branches or pull requests

1 participant