From 47b2d89cc91b98d9659bd74549ed7c022c77c92f Mon Sep 17 00:00:00 2001
From: Salim Afiune Maya <afiune@lacework.net>
Date: Thu, 23 Jul 2020 10:26:00 -0600
Subject: [PATCH] fix(gcp): suppress private key diff to avoid updates

When you run terraform apply after creating a gcp resource, we were
trying to update the `private_key` when it is a sensitive element and
the Lacework server, for security reasons, doesn't return that secret,
which means that the resource was always different.

We are adding a suppression to avoid updating the resource.

Closes https://github.com/terraform-providers/terraform-provider-lacework/issues/4

Signed-off-by: Salim Afiune Maya <afiune@lacework.net>
---
 lacework/resource_lacework_integration_gcp_at.go  | 5 +++++
 lacework/resource_lacework_integration_gcp_cfg.go | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/lacework/resource_lacework_integration_gcp_at.go b/lacework/resource_lacework_integration_gcp_at.go
index b9e0e19..cfc06d9 100644
--- a/lacework/resource_lacework_integration_gcp_at.go
+++ b/lacework/resource_lacework_integration_gcp_at.go
@@ -57,6 +57,11 @@ func resourceLaceworkIntegrationGcpAt() *schema.Resource {
 							Type:      schema.TypeString,
 							Required:  true,
 							Sensitive: true,
+							DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+								// @afiune we can't compare this element since our API, for security reasons,
+								// does NOT return the private key configured in the Lacework server
+								return true
+							},
 						},
 					},
 				},
diff --git a/lacework/resource_lacework_integration_gcp_cfg.go b/lacework/resource_lacework_integration_gcp_cfg.go
index 87efa08..73514fa 100644
--- a/lacework/resource_lacework_integration_gcp_cfg.go
+++ b/lacework/resource_lacework_integration_gcp_cfg.go
@@ -57,6 +57,11 @@ func resourceLaceworkIntegrationGcpCfg() *schema.Resource {
 							Type:      schema.TypeString,
 							Required:  true,
 							Sensitive: true,
+							DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+								// @afiune we can't compare this element since our API, for security reasons,
+								// does NOT return the private key configured in the Lacework server
+								return true
+							},
 						},
 					},
 				},