Domain/issuer not returned for cloudflare_access_application in OIDC mode #4476

tomaciazek-covantis · 2024-10-30T10:18:19Z

Confirmation

This is a bug with an existing resource and is not a feature request or enhancement. Feature requests should be submitted with Cloudflare Support or your account team.
I have searched the issue tracker and my issue isn't already found.
I have replicated my issue using the latest version of the provider and it is still present.

Terraform and Cloudflare provider version

Terraform: 1.9.3
Cloudflare: 4.45.0

Affected resource(s)

cloudflare_access_application

Terraform configuration files

resource "cloudflare_access_application" "test" {
  account_id = var.cloudflare_account_id
  name       = "test"
  type       = "saas"
  saas_app {
    auth_type = "oidc"
  }
}

output "domain" {
  value = cloudflare_access_application.test.domain
}

Link to debug output

https://gist.github.com/tomaciazek-covantis/b0dd973a39a1fa82e64b0fc294c0d66f

Panic output

No response

Expected output

domain equal to the issuer URL

Actual output

domain = ""

Steps to reproduce

apply the provided resource

Additional factoids

I can see in the code of the provider that for app.AuthType == "oidc" the saas_app.idp_entity_id attribute is not read after creation. Perhaps this is the actual attribute that should be used instead of domain to retrieve the issuer. Alas, both are null.

References

It used to be possible to retrieve the issuer using the domain attribute, but now this possibility is gone since
#3468
Now if a domain is provided with OIDC application type, Terraform will panic because it produces inconsistent plan (the provided value of the attribute is overwritten after apply).

The text was updated successfully, but these errors were encountered:

github-actions · 2024-10-30T10:18:31Z

Community Note

Voting for Prioritization

Please vote on this issue by adding a 👍 reaction to the original post to help the community and maintainers prioritize this request.
Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

Volunteering to Work on This Issue

If you are interested in working on this issue, please leave a comment.
If this would be your first contribution, please review the contribution guide.

github-actions · 2024-10-30T10:18:58Z

Terraform debug log detected ✅

tomaciazek-covantis added kind/bug Categorizes issue or PR as related to a bug. needs-triage Indicates an issue or PR lacks a `triage/foo` label and requires one. labels Oct 30, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Domain/issuer not returned for cloudflare_access_application in OIDC mode #4476

Domain/issuer not returned for cloudflare_access_application in OIDC mode #4476

tomaciazek-covantis commented Oct 30, 2024 •

edited

Loading

github-actions bot commented Oct 30, 2024

github-actions bot commented Oct 30, 2024 •

edited

Loading

Domain/issuer not returned for cloudflare_access_application in OIDC mode #4476

Domain/issuer not returned for cloudflare_access_application in OIDC mode #4476

Comments

tomaciazek-covantis commented Oct 30, 2024 • edited Loading

Confirmation

Terraform and Cloudflare provider version

Affected resource(s)

Terraform configuration files

Link to debug output

Panic output

Expected output

Actual output

Steps to reproduce

Additional factoids

References

github-actions bot commented Oct 30, 2024

Community Note

github-actions bot commented Oct 30, 2024 • edited Loading

tomaciazek-covantis commented Oct 30, 2024 •

edited

Loading

github-actions bot commented Oct 30, 2024 •

edited

Loading