-
Notifications
You must be signed in to change notification settings - Fork 48
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
1Password Item update error when inserting fields #190
Comments
Hi @DavidS-ovm 👋 Thanks for your interest in our Terraform provider and for filing this issue. I’m hoping to clarify a few things:
I can also suggest the following workaround (which I will be the first to admit is not the most ideal solution, but I’ll include it here anyway just in case it’s helpful for your situation/anyone else who may come upon this issue): if the order of fields within the section is important, you could make note of the section’s names and values and then re-create the section on the item with the fields sorted in your preferred order. |
Yes.
It applied successfully when I moved the same additional fields to the end of the section.
my terraform manifest looks approximately like this: provider "onepassword" {
}
data "onepassword_vault" "env_vault" {
name = var.terraform_env_name
}
resource "onepassword_item" "environment_variables" {
vault = data.onepassword_vault.env_vault.uuid
title = var.terraform_env_name
category = "secure_note"
note_value = "MANAGED BY TERRAFORM - DO NOT EDIT MANUALLY\n\nAll the values for the ${var.terraform_env_name} environment"
section {
label = "generated"
field {
label = "description"
type = "STRING"
value = "These values are generated by the terraform deployment and any changes will be overwritten"
}
field {
label = "some_secret"
type = "STRING"
value = module.some_module.some_secret
} our CI pipelines for this basically boil down to
|
I'd like to note that I encountered this issue after updating today as well. In my case, I have a loop which records tokens in a secure note. They're Docker account PATs assigned to individual customers who fetch a private image, so tokens with the unique email as a key. I have a local variable which contains a list of users. I for_each over the list, storing the generated token in a secure note section. When I insert a new value, instead of just creating a new entry in the item's section, what happens is all of the lexicographically subsequent entries have their label and value changed. I suspect this is because the elements in a section are handled as an ordered list instead of a dictionary/hash/associative array. The final element is created as new, and all of the other elements are changed. Which is kinda weird, since the provider enforcing unique labels implies that the elements should be able to just be treated as a dict with the label as a key instead of the field ID. Relevant code looks like this: section {
label = "user_tokens"
dynamic "field" {
for_each = local.dev_emails
content {
label = field.key
type = "STRING"
value = dockerhub_token.token[field.key].token
}
}
} It'd be nice if the provider could consider a label existing on another ID as being that element instead of insisting on generating a chain of changes. Perhaps generate a set of fields keyed on label and calculate a difference instead of just treating it as a linear array. I actually don't care about the order, but the plan sequence seems to run into a problem where creating the "new" field conflicts with an existing field which is going to be relabeled. My current workaround is to delete the entire section manually and then apply. I suppose I could use the time provider and sort by the creation time, but I'd very much rather not . :D |
Your environment
Terraform v1.5.7
on linux_amd64
What happened?
When inserting fields at the beginning of a section:
What did you expect to happen?
New fields get correctly inserted.
Notes
the same configuration change was applied successfully after moving the new fields to the bottom of their section.
The text was updated successfully, but these errors were encountered: