diff options
| author | Florian Klink <flokli@flokli.de> | 2024-09-01T12·35+0300 |
|---|---|---|
| committer | clbot <clbot@tvl.fyi> | 2024-09-01T13·18+0000 |
| commit | ebf4647976857e574c8984d1b3580ae4343772e0 (patch) | |
| tree | 177fbfdcff15d5cb6d38fbdea846a0a16911626d | |
| parent | e74378a3246bf8abd539ee1fce60bdcb494010fe (diff) | |
fix(ops/keycloak): ignore delete_default_mappers field r/8633
Without this, terraform wants to recreate the resource, just because we
do /not/ want to delete the default mappers:
```
# keycloak_ldap_user_federation.tvl_ldap must be replaced
-/+ resource "keycloak_ldap_user_federation" "tvl_ldap" {
+ delete_default_mappers = false # forces replacement
~ id = "4e68e9f0-7aba-4465-8357-f2af6a55fd0e" -> (known after apply)
name = "tvl-ldap"
~ use_truststore_spi = "ALWAYS" -> "ONLY_FOR_LDAPS"
# (27 unchanged attributes hidden)
}
```
Keycloak lists the a few mappers. which are likely the default ones,
but in any case, we don't want to recreate this resource.
Change-Id: I170a91a44b2efa426fae268cf7fc97a7f28a5760
Reviewed-on: https://cl.tvl.fyi/c/depot/+/12412
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Autosubmit: flokli <flokli@flokli.de>
| -rw-r--r-- | ops/keycloak/user_sources.tf | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/ops/keycloak/user_sources.tf b/ops/keycloak/user_sources.tf index 01307fff8df5..f4207ba87bd9 100644 --- a/ops/keycloak/user_sources.tf +++ b/ops/keycloak/user_sources.tf @@ -22,6 +22,13 @@ resource "keycloak_ldap_user_federation" "tvl_ldap" { "inetOrgPerson", "organizationalPerson", ] + + lifecycle { + # Without this, terraform wants to recreate the resource. + ignore_changes = [ + delete_default_mappers + ] + } } # keycloak_oidc_identity_provider.github will be destroyed |