Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pagerduty_service_integration shouldn't allow setting integration_key, at least for "API V2" #549

Closed
flokli opened this issue Jul 22, 2022 · 4 comments · Fixed by #775
Closed

pagerduty_service_integration shouldn't allow setting integration_key, at least for "API V2" #549

flokli opened this issue Jul 22, 2022 · 4 comments · Fixed by #775

Comments

@flokli
Copy link

flokli commented Jul 22, 2022

The example at https://registry.terraform.io/providers/PagerDuty/pagerduty/latest/docs/resources/service_integration lists the following example code:

resource "pagerduty_service_integration" "apiv2" {
  name            = "API V2"
  type            = "events_api_v2_inbound_integration"
  integration_key = "12345678910testtesttesttesttes"
  service         = pagerduty_service.example.id
}

I used some code like this to create a pagerduty_service_integration with a key generated from terraform:

Terraform Configuration Files

resource "pagerduty_service" "service" {
  name     = "test"

  acknowledgement_timeout = "null"
  alert_creation          = "create_alerts_and_incidents"
  auto_resolve_timeout    = "null"
  escalation_policy       = "some-escalation-policy"

  incident_urgency_rule {
    type    = "constant"
    urgency = "severity_based"
  }
}

resource "pagerduty_service_integration" "svc_apiv2_integration" {
  name            = "Events API V2"
  type            = "events_api_v2_inbound_integration"
  integration_key = random_password.integration_key_apiv2.result
  service         = pagerduty_service.service.id
}

resource "random_password" "integration_key_apiv2" {
  length   = 30
  special  = false
}

However, setting the integration_key like this doesn't seem to be supported.

During a terraform apply, terraform tries to change the key over and over again. It seems the key is created by pagerduty, and whatever is passed in here is ignored.

I'm not sure if there's other services where integration_key can be set, but in the case of "API v2", the terraform provider should probably refuse setting integration_key. And the apiv2 example really shouldn't showcase setting an integration_key that's entirely ignored.

It looks like the actual key generated by pagerduty is available in a resource attribute later on, so I'd be happy to use that.
That attribute should probably be marked as sensitive.

Terraform Version

Terraform v1.1.7
on linux_amd64

  • provider registry.terraform.io/hashicorp/random v3.1.0
  • provider registry.terraform.io/pagerduty/pagerduty v2.5.2

Affected Resource(s)

Please list the resources as a list, for example:

  • pagerduty_service_integration
@Priyankadumre
Copy link

hello @flokli

i am getting same issue, do you got any solution so far for integration_key?
Any reason why it is generated by terraform and its not taking hardcoded values.

Any responses would be helpful, Thanks in advance

@MarcClusterman
Copy link

Saw this concern too, and agree that this attribute should be marked as sensitive.

@rawat-he
Copy link

I am facing the similar issue, underlying POST/PUT API request body do not supports integration_key.

I was hoping to use the hard-coded integration_key values.

@m1n9o
Copy link

m1n9o commented Apr 17, 2023

I am facing the exactly same issue, and struggling to see what's going on!

@imjaroiswebdev imjaroiswebdev mentioned this issue Nov 29, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
5 participants
@flokli @rawat-he @m1n9o @Priyankadumre @MarcClusterman