You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The problem in that loop is that userData gets assigned a pointer to serviceAccount. Exact match will only happen once, but the loop will go on and the underlying value of serviceAccount keeps getting reassigned as you iterate.
userData will end up pointing to the last item in serviceAccounts no matter what.
Steps to Reproduce
Assuming these service account resources have been created previously:
(and assuming they'll be returned in this order by the users list API, unsure what determines that)
Update: this was observed unter provider version 3.41.0, which is based on go 1.20
The latest version of the provider is built on golang 1.23, which includes this change in behaviour for loop variables: https://go.dev/blog/loopvar-preview
Datadog Terraform Provider Version
v3.41.0
Terraform Version
v1.8.3
What resources or data sources are affected?
Terraform Configuration Files
Relevant debug or panic output
No response
Expected Behavior
Assuming the response body on
/api/v2/users?filter=Foo
is something like:We've got two service accounts that match the filter, but only one that matches exactly.
So my expectation is that service account
1234
will get picked.Actual Behavior
The provider doesn't complain about finding more than one match, but it will pick the last match in the list returned by the API. This is caused by this code: https://github.com/DataDog/terraform-provider-datadog/blob/master/datadog/fwprovider/data_source_datadog_service_account.go#L169-L192
The problem in that loop is that
userData
gets assigned a pointer toserviceAccount
. Exact match will only happen once, but the loop will go on and the underlying value ofserviceAccount
keeps getting reassigned as you iterate.userData
will end up pointing to the last item inserviceAccounts
no matter what.Steps to Reproduce
Assuming these service account resources have been created previously:
(and assuming they'll be returned in this order by the users list API, unsure what determines that)
Sourcing the first SA by name:
This will attach the Role to the second Service Account ("Foo - Plus"), regardless of exact_match.
Important Factoids
No response
References
No response
The text was updated successfully, but these errors were encountered: