New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update certificate ready_for_renewal during refresh? #278
Conversation
… in locally_signed_cert and self_signed_cert resources (#268)
res.Diagnostics.AddWarning( | ||
"Certificate is ready for renewal at time of creation", | ||
fmt.Sprintf("Early renewal hours (%d) is greater than or equal to validity period hours (%d)", newState.EarlyRenewalHours.Value, newState.ValidityPeriodHours.Value), | ||
) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Was there a specific ask for this warning diagnostic? Practitioners may be intentionally setting their configurations so certificates are recreated every run. Otherwise, we will need an opt-out mechanism, since there is nothing like that available in core.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This was mentioned by @apparentlymart in slack.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Created a followup issue for this, since we should consider whether it should happen now, in the future, or differently by enforcing >= 1 instead of 0: #282 👍
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for creating the follow-up issue. I've removed the warning diagnostics for now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me once sdk is updated. 👍
Closes: #268
Requires Adding RefreshState test step to be merged, tagged and released so that tests verifyingterraform refresh
behaviour in isolation can run. Build will fail until theRefreshState
test step is available.