Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update normalize function to put in state file full certificate data instead of hashes #10849

Closed
wants to merge 5 commits into from
Closed

Update normalize function to put in state file full certificate data instead of hashes #10849

wants to merge 5 commits into from

Conversation

rdublenych
Copy link

@rdublenych rdublenych commented Nov 12, 2019
edited
Loading

The current behaviour of the resource is to put a hash of certificate data (private key, certificate body, chain code) in the state file.
It causes an error because the provider sends these hashes of unmodified fields instead of source data on resource update.

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Closes #10847.
Also, may fix #9809.

Release note for CHANGELOG:

NONE

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccXXX'
go test ./... -timeout=30s -parallel=4
?       github.com/terraform-providers/terraform-provider-aws   [no test files]
ok      github.com/terraform-providers/terraform-provider-aws/aws       18.835s
ok      github.com/terraform-providers/terraform-provider-aws/aws/internal/flatmap      (cached)
ok      github.com/terraform-providers/terraform-provider-aws/aws/internal/keyvaluetags (cached)
...

Test cases:

Update imported certificate

  1. import new certificate by using acm_certificate resource
  2. update certificate_body field
  3. update imported certificate

current version

Error: Error updating certificate: ValidationException: com.amazonaws.pki.acm.exceptions.external.ValidationException: Could not validate the certificate with the certificate chain.

result: imported certificate was not updated.

fixed version (pr)

Apply complete

result: imported certificate was updated successfully.

@rdublenych rdublenych requested a review from a team November 12, 2019 19:00
@ghost ghost added needs-triage Waiting for first response or review from a maintainer. service/iam Issues and PRs that pertain to the iam service. size/XS Managed by automation to categorize the size of a PR. labels Nov 12, 2019
@rdublenych rdublenych changed the title Update normalize function to put in state file full certificate data … Update normalize function to put in state file full certificate data instead of hashes Nov 12, 2019
@bflad bflad added this to the v3.0.0 milestone Nov 20, 2019
@bflad bflad added service/acm Issues and PRs that pertain to the acm service. bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Nov 20, 2019
@julienduchesne
Copy link
Contributor

julienduchesne commented Nov 27, 2019
edited
Loading

This was already fixed here: #9685
With a new test

@bflad bflad mentioned this pull request May 18, 2020
Closed
@breathingdust breathingdust mentioned this pull request May 19, 2020
Closed
@bflad bflad self-assigned this Jul 14, 2020
@bflad
Copy link
Contributor

bflad commented Jul 14, 2020

Hi @rdublenych 👋 Thank you for submitting this. As @julienduchesne mentions above, there was a previous contribution covering the intention of this pull request, at least with the aws_acm_certificate resource, which has been reviewed and merged. We intend to apply similar resource-level changes to cover the aws_iam_server_certificate resource without modifying these two functions as it will allow us to determine if the update can occur without calling the API. Thanks again for the contribution and if there are lingering issues after version 3.0.0 is released, please let us know.

@bflad bflad closed this Jul 14, 2020
@ghost
Copy link

ghost commented Jul 31, 2020

This has been released in version 3.0.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@ghost
Copy link

ghost commented Aug 14, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Aug 14, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@bflad bflad

Labels
bug Addresses a defect in current functionality. service/acm Issues and PRs that pertain to the acm service. service/iam Issues and PRs that pertain to the iam service. size/XS Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v3.0.0
3 participants
@rdublenych @julienduchesne @bflad