fix: replace secret store on id change

humanitec · Oct 25, 2024 · 5c64614 · 5c64614
1 parent 7d080f1
commit 5c64614
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 0 deletions.
diff --git a/internal/provider/resource_secret_store.go b/internal/provider/resource_secret_store.go
@@ -9,6 +9,8 @@ import (
 	"github.com/hashicorp/terraform-plugin-framework/resource"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema"
 	"github.com/hashicorp/terraform-plugin-framework/resource/schema/booldefault"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
+	"github.com/hashicorp/terraform-plugin-framework/resource/schema/stringplanmodifier"
 	"github.com/hashicorp/terraform-plugin-framework/types"
 	"github.com/humanitec/humanitec-go-autogen"
 	"github.com/humanitec/humanitec-go-autogen/client"
@@ -92,6 +94,9 @@ func (*SecretStore) Schema(ctx context.Context, req resource.SchemaRequest, resp
 			"id": schema.StringAttribute{
 				MarkdownDescription: "The ID of the Secret Store.",
 				Required:            true,
+				PlanModifiers: []planmodifier.String{
+					stringplanmodifier.RequiresReplace(),
+				},
 			},
 			"primary": schema.BoolAttribute{
 				MarkdownDescription: "Whether the Secret Store is the Primary one for the organization.",

diff --git a/internal/provider/resource_secret_store_test.go b/internal/provider/resource_secret_store_test.go
@@ -15,6 +15,7 @@ import (
 
 func TestAccResourceSecretStore_AzureKV(t *testing.T) {
 	id := fmt.Sprintf("azurekv-test-%d", time.Now().UnixNano())
+	newId := fmt.Sprintf("azurekv-test-new-%d", time.Now().UnixNano())
 
 	resource.Test(t, resource.TestCase{
 		PreCheck:                 func() { testAccPreCheck(t) },
@@ -50,6 +51,17 @@ func TestAccResourceSecretStore_AzureKV(t *testing.T) {
 					resource.TestCheckResourceAttr("humanitec_secretstore.secret_store_azurekv_test", "azurekv.auth.client_id", "client-id-changed"),
 				),
 			},
+			// Replace and Read testing
+			{
+				Config: testAccSecretStoreAzureKV(newId, "tenant-id", "azurekv-url-changed", "client-id-changed", "client-secret"),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					resource.TestCheckResourceAttr("humanitec_secretstore.secret_store_azurekv_test", "id", newId),
+					resource.TestCheckResourceAttr("humanitec_secretstore.secret_store_azurekv_test", "primary", "false"),
+					resource.TestCheckResourceAttr("humanitec_secretstore.secret_store_azurekv_test", "azurekv.tenant_id", "tenant-id"),
+					resource.TestCheckResourceAttr("humanitec_secretstore.secret_store_azurekv_test", "azurekv.url", "azurekv-url-changed"),
+					resource.TestCheckResourceAttr("humanitec_secretstore.secret_store_azurekv_test", "azurekv.auth.client_id", "client-id-changed"),
+				),
+			},
 			// Delete testing automatically occurs in TestCase
 		},
 	})