Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Force new root CA resource creation on out of band changes #1432

Merged
merged 8 commits into from
May 6, 2022
Merged

Force new root CA resource creation on out of band changes #1432

merged 8 commits into from
May 6, 2022

Conversation

benashz
Copy link
Contributor

@benashz benashz commented May 3, 2022
edited
Loading

This fix will trigger the recreation a pki_secret_backend_root_cert resource
for the following scenarios:

  • the secret engine's mount has been removed
  • the CA certificate has been regenerated outside of Terraform.

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Closes #939

Release note for CHANGELOG:

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccXXX'
$ time make testacc TESTARGS='-v -test.run TestPkiSecretBackendRootCertificate_basic'

==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test -v -v -test.run TestPkiSecretBackendRootCertificate_basic -timeout 30m ./...

ok      github.com/hashicorp/terraform-provider-vault/util      (cached) [no tests to run]
=== RUN   TestPkiSecretBackendRootCertificate_basic
--- PASS: TestPkiSecretBackendRootCertificate_basic (11.66s)
PASS
ok      github.com/hashicorp/terraform-provider-vault/vault     (cached)
make testacc TESTARGS='-v -test.run TestPkiSecretBackendRootCertificate_basic  4.29s user 4.48s system 132% cpu 6.621 total


...

@github-actions github-actions bot added the size/L label May 3, 2022
@benashz benashz force-pushed the VAULT-1317/pki-root-cert-recreate branch from 7067d08 to 7abee15 Compare May 3, 2022 22:08
@benashz benashz added this to the 3.6.0 milestone May 3, 2022
vinay-gopalan
vinay-gopalan approved these changes May 6, 2022
View reviewed changes
Copy link
Contributor

@vinay-gopalan vinay-gopalan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

@benashz benashz merged commit f1c1d18 into main May 6, 2022
@benashz benashz deleted the VAULT-1317/pki-root-cert-recreate branch May 6, 2022 21:11
marcboudreau pushed a commit to marcboudreau/terraform-provider-vault that referenced this pull request Nov 6, 2022
@benashz
Force new root CA resource creation on out of band changes (hashicorp…
6842a72 
…#1432)

This fix will trigger the recreation a pki_secret_backend_root_cert resource
for the following scenarios:

- the secret engine's mount has been removed
- the CA certificate has been regenerated outside of Terraform.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vinay-gopalan vinay-gopalan vinay-gopalan approved these changes

Assignees

@vinay-gopalan vinay-gopalan

Labels
documentation size/XL
Projects
None yet
Milestone
3.6.0
Development

Successfully merging this pull request may close these issues.

vault_pki_secret_backend_root_cert not properly refreshing state
2 participants
@benashz @vinay-gopalan