Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

onepassword_item update behaviour #201

Open
odise opened this issue Oct 25, 2024 · 0 comments
Open

onepassword_item update behaviour #201

odise opened this issue Oct 25, 2024 · 0 comments
Labels
bug Something isn't working

Comments

@odise
Copy link

odise commented Oct 25, 2024

Your environment

Terraform Provider Version: 2.1.2

OS: macOS Sonoma

Terraform Version: 1.5.7

What happened?

The current implementation of the provider does not handle manually item property changes very well. Mainly for username and url the behaviour is strange in various ways. Example:

resource "onepassword_item" "test" {
  vault = data.onepassword_vault.acceptance-tests.uuid
  title = "TestItemResourceIntegrationUsername-D2AbjK"
  category = "login"
  username = null
  password_recipe {}
  url = null
}
  1. Setting username and url to null will not touch the item property in 1Password. Thats desired behaviour.
  2. Setting username and url to a valid String e.g."xxx" will overwrite underlaying values. Thats also expected.
  3. Setting username and url to "" will result in When applying changes to onepassword_item.test, provider produced an unexpected new value: .username: was cty.StringVal(""), but now null error message. See below.
  4. Setting username and url to null after manually changed those properties beforehand will result in overwriting the value in 1Password. This is not expected (see below).

What did you expect to happen?

The following behaviour would be expected based on the scenarios 3 and 4 from above:

  • username and url = "": this should "reset" the property in 1Password i.e. the value of this property should be unset after apply.
  • username and url = null or not set in resource: should leave the value for the item in 1Password untouched i.e. ignored by Terraform.

Steps to reproduce

Imagine the following test scenario:

  1. create an item leaving username and url unset in onepassword_item
  2. manually set those item properties
  3. reapply the resource -> no changes should be planed
  4. set the item properties in Terraform e.g. username = "test" and reapply -> properties should be set by Terraform
  5. unset the item properties in Terraform e.g. username = "" and reapply -> properties should be empty (unset i.e. without value) again

Notes & Logs

We use the provider to create items that are populated with values derived directly from Terraform resources as well as placeholder items with predefined properties that are not set and needs to stay untouched by Terraform. The 1.4 version of the provider was able to handle those scenarios however it disappear with version 2.

Sadly the unit tests implemented are not very flexible and it seems to me that some integration tests will be needed to make sure the behaviour is like described above. Do you have any integration tests available or planned? I'm happy to share mine ;).
@odise odise added the bug Something isn't working label Oct 25, 2024
@odise odise mentioned this issue Oct 25, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@odise