-
Notifications
You must be signed in to change notification settings - Fork 626
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changing a Cloudflare Worker Secret results in a delete; then create #4145
Comments
Community NoteVoting for Prioritization
Volunteering to Work on This Issue
|
Thank you for reporting this issue! For maintainers to dig into issues it is required that all issues include the entirety of This issue has been marked with |
changing the side note: including a graph with three lines and no context is of no use to helping describe the problem here 🙂 |
The graph was referring to the deployments above it - showing the extra deployments created by changing the value. I would expect that the provider never "destroys" the cloudflare secret unless the resource itself is deleted; only updates it via put - even in a case where managing multiple secrets - that it would only ever create a single deployment. Maybe it's better to suggest something like |
as i mentioned above, this isn't possible to differentiate in all scenarios hence why the replacement causes a new resource to be created. if you don't want this behaviour, you'll need to use the meta-arguments or a two phase apply.
terraform operates on a per resource operation; using bulk endpoints requires additional parsing and overhead that we don't want to capture in the provider. this is why we have individual endpoints that support all the CRUD lifecycle operations. |
How would moving to a |
Tested this - using |
Confirmation
Terraform and Cloudflare provider version
Terraform v1.9.5
on darwin_arm64
Affected resource(s)
cloudflare_worker_secret
Terraform configuration files
Example:
Link to debug output
Unable to link due to security.
Panic output
No crash/panic.
Expected output
I would expect that the provider not destroy; and rather recognize that the value just needed to be updated/set again.
The cloudflare API supports the PUT endpoint; and the provider should not destroy the resource.
https://developers.cloudflare.com/api/operations/namespace-worker-put-script-secrets
Actual output
Resource was destroyed in one operation; which resulted in multiple deployments for a worker; one of which had the wrong (ie - none) value for the secret as it was deleted.
Steps to reproduce
Additional factoids
No response
References
No response
The text was updated successfully, but these errors were encountered: