Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Data loss (tag values) when updating oci_identity_domains_group with additional tags #2086

Open
jeliker opened this issue Apr 4, 2024 · 0 comments
Open

Data loss (tag values) when updating oci_identity_domains_group with additional tags #2086

jeliker opened this issue Apr 4, 2024 · 0 comments
Labels
bug

Comments

@jeliker
Copy link

jeliker commented Apr 4, 2024

Community Note

  • Please vote on this issue by adding a 馃憤 reaction to the original issue to help the community and maintainers prioritize this request
  • Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
  • If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

Terraform v1.7.4
on darwin_amd64
+ provider registry.terraform.io/oracle/oci v5.34.0

Affected Resource(s)

affected_resources = oci_identity_domains_group

Terraform Configuration Files

provider "oci" {
  ignore_defined_tags = ["Oracle-Tags.CreatedBy", "Oracle-Tags.CreatedOn"]
}

resource "oci_identity_domains_group" "the_group" {
  #Required
  display_name  = var.name
  idcs_endpoint = var.idcs_endpoint
  schemas = [
    "urn:ietf:params:scim:schemas:core:2.0:Group",
    "urn:ietf:params:scim:schemas:oracle:idcs:extension:dynamic:Group",
    "urn:ietf:params:scim:schemas:oracle:idcs:extension:OCITags",
    "urn:ietf:params:scim:schemas:oracle:idcs:extension:group:Group"
  ]

  #Optional
  urnietfparamsscimschemasoracleidcsextensiongroup_group {
    description = var.description
  }

  urnietfparamsscimschemasoracleidcsextension_oci_tags {
    #Optional
    defined_tags {
      #Required
      key       = "TestTag"
      namespace = "TestNS"
      value     = "TestValue"
    }
  }
}

Debug Output

Terraform will perform the following actions:

  # .oci_identity_domains_group.the_group will be updated in-place
  ~ resource "oci_identity_domains_group" "the_group" {
        id                                                    = "aa01eaac719441a2ba20206f8d910d07"
        # (12 unchanged attributes hidden)

      - timeouts {}

      ~ urnietfparamsscimschemasoracleidcsextension_oci_tags {
          ~ defined_tags {
              ~ key       = "CreatedBy" -> "TestTag"
              ~ namespace = "Oracle-Tags" -> "TestNS"
              ~ value     = "default/jeliker@example.com" -> "TestValue"
            }
          - defined_tags {
              - key       = "CreatedOn" -> null
              - namespace = "Oracle-Tags" -> null
              - value     = "2024-02-24T20:39:02.911Z" -> null
            }
        }

            # (1 unchanged block hidden)
        }

        # (2 unchanged blocks hidden)
    }

Plan: 0 to add, 1 to change, 0 to destroy.

Panic Output

Expected Behavior

Setting ignore_defined_tags should also prevent overwriting/removing tags sent through identity_domains resources.

Actual Behavior

Even with ignore_defined_tags set, tags for identity_domains resources (groups, users, dynamic groups) are being overwritten by apply operations that add new tags. The flag is working properly for non-identity_domain resources (vcns, subnets, compute)

Steps to Reproduce

  1. terraform apply then note intended changes to tags

Important Factoids

References
@jeliker jeliker added the bug label Apr 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@jeliker