Upgrade to proxmox_virtual_environment_download_file in a non-destructive way

[aleprovencio]

Describe the bug
I'm trying to migrate from proxmox_virtual_environment_file to the recently added proxmox_virtual_environment_download_file, and of course, also the resources that depend on it.

I would like to do this in a non-destructive way, but unfortunately I still couldn't manage to do so.

The steps of what I'm trying are described below, and also the final terraform plan that suggests destructive changes.

To Reproduce
Steps to reproduce the behavior:

1. Remove from state resources that depend on proxmox_virtual_environment_file: terraform state rm proxmox_virtual_environment_container.renovate

2. On code, remove proxmox_virtual_environment_file and add proxmox_virtual_environment_download_file

3. On code, comment out resources that depend on proxmox_virtual_environment_file (i.e. proxmox_virtual_environment_container.renovate)

4. Run terraform apply

5. Notice that the only change here is the destruction on proxmox_virtual_environment_file and creation of proxmox_virtual_environment_download_file

6. On code, undo changes of step 3, by uncommenting those resources (i.e. proxmox_virtual_environment_container.renovate)

7. On code, update references on those resources (i.e. proxmox_virtual_environment_container.renovate) from proxmox_virtual_environment_file to proxmox_virtual_environment_download_file

8. Import resources that depend now depend on proxmox_virtual_environment_download_file: terraform import proxmox_virtual_environment_container.renovate pve-prod/5523

9. terraform plan

10. Notice that the generated plan will recreate proxmox_virtual_environment_container.renovate (below is its output)

Please also provide a minimal Terraform configuration that reproduces the issue.

terraform plan output:

Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
-/+ destroy and then create replacement

Terraform will perform the following actions:

  # proxmox_virtual_environment_container.renovate must be replaced
-/+ resource "proxmox_virtual_environment_container" "renovate" {
      ~ id            = "5523" -> (known after apply)
      + start_on_boot = true
        tags          = [
            "infra",
        ]
      + unprivileged  = true # forces replacement
      + vm_id         = 5523 # forces replacement
        # (4 unchanged attributes hidden)

      + features {
          + fuse    = true
          + keyctl  = false
          + nesting = true
        }

      ~ initialization {
            # (1 unchanged attribute hidden)

          + user_account { # forces replacement
              + keys = [ # forces replacement
                  + <<-EOT
                        ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMM4R2IdvscFaFtPKUf4pPpG/X7w80ihUwvfrvbY4DwX aleprovencio@arch
                    EOT,
                ]
            }

            # (1 unchanged block hidden)
        }

      ~ operating_system {
          + template_file_id = "local:vztmpl/debian-12-standard_12.0-1_amd64.tar.zst" # forces replacement
            # (1 unchanged attribute hidden)
        }

        # (3 unchanged blocks hidden)
    }

Plan: 1 to add, 0 to change, 1 to destroy.

renovate.tf

resource "proxmox_virtual_environment_container" "renovate" {
  description  = "Managed by Terraform"
  tags         = ["infra"]
  node_name    = var.pve_node_name
  vm_id        = 5523
  unprivileged = true

  initialization {
    hostname = "renovate"

    ip_config {
      ipv4 {
        address = "${var.renovate_ip_address}/24"
        gateway = var.gateway_address
      }
    }

    user_account {
      keys = [
        file("${var.aleprovencio-infra-tf_ssh_publickey_path}")
      ]
    }
  }

  operating_system {
    template_file_id = proxmox_virtual_environment_download_file.debian_container_template.id
    type             = "debian"
  }

  features {
    fuse    = true # NOTE: necessary for docker
    nesting = true # NOTE: necessary for docker and avoid login delays
  }

  memory {
    dedicated = 1024
    swap      = 512
  }

  network_interface {
    name        = "eth0"
    mac_address = var.renovate_mac_address
  }

  disk {
    datastore_id = var.vm_ct_datastore
    size         = 8
  }

  provisioner "remote-exec" {
    inline = [
      "apt update -qq",
      local.upgrade_cmd,
      "apt install sudo", # NOTE: necessary for debian and ansible
    "echo Done!"]

    connection {
      host        = var.renovate_ip_address
      type        = "ssh"
      user        = "root"
      private_key = file("${var.aleprovencio-infra-tf_ssh_privatekey_path}")

    }
  }

  # reboot
  #NOTE: https://github.com/hashicorp/terraform/issues/17844#issuecomment-1135724599
  provisioner "local-exec" {
    command = <<-EOT
      ssh ${local.ssh_args} root@${var.renovate_ip_address} '(sleep 2; reboot)&'; sleep 3
      until ssh ${local.ssh_args} -o ConnectTimeout=2 root@${var.renovate_ip_address} true 2> /dev/null
      do
        echo "Waiting for OS to reboot and become available..."
        sleep 3
      done
    EOT
  }

  provisioner "local-exec" {
    command = "ANSIBLE_HOST_KEY_CHECKING=False ../.venv/bin/ansible-playbook -u root -i '${var.renovate_ip_address},' --private-key ${var.aleprovencio-infra-tf_ssh_privatekey_path}  ../playbooks/add-ansible-user.yml"
  }

}

Expected behavior
Machines did not have to be recreated

• Single or clustered Proxmox: single
• Provider version (ideally it should be the latest version): 0.46.1
• Terraform version: 1.6.6
• OS (where you run Terraform from): Archlinux
• Debug logs (TF_LOG=DEBUG terraform apply): Not needed