Comments (4)
Managed to solve issue, still not sure what was exact cause and if secrets are updating or not but in my case it was lack of wildcard access to directories at service access token.
~ #33 (comment)
from terraform-provider-infisical.
I'm also running into this and I can't figure out why. I have to drop them, delete them from state, and try again. The service token in use has RW access to /**
from terraform-provider-infisical.
@DanielHougaard can you please talk a look when you have time?
from terraform-provider-infisical.
If it helps, here are some of the relevant logs from my attempts to change an existing secret. What catches my eye is the response: [response={"statusCode":400,"message":"Secret already exist","error":"BadRequest"}]
Excerpts were just executed now, keys have since been rotated again in case I missed a redaction.
Plan
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
�[33m~�[0m update in-place�[0m
Terraform will perform the following actions:
�[1m # infisical_secret.aws_access_key_id_dev�[0m will be updated in-place
�[0m �[33m~�[0m�[0m resource "infisical_secret" "aws_access_key_id_dev" {
�[33m~�[0m�[0m last_updated = "Friday, 05-Apr-24 22:21:34 CDT" -> (known after apply)
name = "AWS_ACCESS_KEY_ID"
�[33m~�[0m�[0m value = "REDACTED" �[33m->�[0m�[0m "REDACTED"
�[90m# (3 unchanged attributes hidden)�[0m�[0m
}
�[1mPlan:�[0m 0 to add, 1 to change, 0 to destroy.
�[0m2024-04-09T11:22:45.246-0500 [INFO] backend/local: apply calling Apply
Apply
�[0m�[1minfisical_secret.aws_access_key_id_dev: Modifying... [name=AWS_ACCESS_KEY_ID]�[0m�[0m
2024-04-09T11:22:46.369-0500 [INFO] Starting apply for infisical_secret.aws_access_key_id_dev
2024-04-09T11:22:46.369-0500 [DEBUG] infisical_secret.aws_access_key_id_dev: applying the planned Update change
2024-04-09T11:22:46.370-0500 [DEBUG] provider.terraform-provider-infisical_v0.4.0: Calling provider defined Resource Configure: @module=sdk.framework tf_req_id=b18c88af-b139-c23a-0200-d5f93f089cc8 tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/[email protected]/internal/fwserver/server_updateresource.go:55 tf_provider_addr=registry.terraform.io/infisical/infisical tf_resource_type=infisical_secret timestamp=2024-04-09T11:22:46.370-0500
2024-04-09T11:22:46.370-0500 [DEBUG] provider.terraform-provider-infisical_v0.4.0: Called provider defined Resource Configure: tf_provider_addr=registry.terraform.io/infisical/infisical tf_req_id=b18c88af-b139-c23a-0200-d5f93f089cc8 tf_resource_type=infisical_secret tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/[email protected]/internal/fwserver/server_updateresource.go:57 @module=sdk.framework timestamp=2024-04-09T11:22:46.370-0500
2024-04-09T11:22:46.370-0500 [DEBUG] provider.terraform-provider-infisical_v0.4.0: Calling provider defined Resource Update: @caller=github.com/hashicorp/[email protected]/internal/fwserver/server_updateresource.go:121 @module=sdk.framework tf_provider_addr=registry.terraform.io/infisical/infisical tf_resource_type=infisical_secret tf_rpc=ApplyResourceChange tf_req_id=b18c88af-b139-c23a-0200-d5f93f089cc8 timestamp=2024-04-09T11:22:46.370-0500
2024-04-09T11:22:47.502-0500 [DEBUG] provider.terraform-provider-infisical_v0.4.0: Called provider defined Resource Update: tf_req_id=b18c88af-b139-c23a-0200-d5f93f089cc8 tf_rpc=ApplyResourceChange tf_provider_addr=registry.terraform.io/infisical/infisical tf_resource_type=infisical_secret @caller=github.com/hashicorp/[email protected]/internal/fwserver/server_updateresource.go:123 @module=sdk.framework timestamp=2024-04-09T11:22:47.502-0500
2024-04-09T11:22:47.502-0500 [ERROR] provider.terraform-provider-infisical_v0.4.0: Response contains error diagnostic: diagnostic_summary="Error updating secret" tf_resource_type=infisical_secret tf_proto_version=6.3 diagnostic_detail="Couldn't save encrypted secrets to Infiscial, unexpected error: CallUpdateSecretsV3: Unsuccessful response. Please make sure your secret path, workspace and environment name are all correct [response={"statusCode":400,"message":"Secret already exist","error":"BadRequest"}]" tf_rpc=ApplyResourceChange @caller=github.com/hashicorp/[email protected]/tfprotov6/internal/diag/diagnostics.go:55 @module=sdk.proto diagnostic_severity=ERROR tf_provider_addr=registry.terraform.io/infisical/infisical tf_req_id=b18c88af-b139-c23a-0200-d5f93f089cc8 timestamp=2024-04-09T11:22:47.502-0500
2024-04-09T11:22:47.533-0500 [DEBUG] State storage *statemgr.Filesystem declined to persist a state snapshot
2024-04-09T11:22:47.533-0500 [ERROR] vertex "infisical_secret.aws_access_key_id_dev" error: Error updating secret
�[33m╷�[0m�[0m
�[33m│�[0m �[0m�[1m�[33mWarning: �[0m�[0m�[1mResource targeting is in effect�[0m
�[33m│�[0m �[0m
�[33m│�[0m �[0m�[0mYou are creating a plan with the -target option, which means that the
�[33m│�[0m �[0mresult of this plan may not represent all of the changes requested by the
�[33m│�[0m �[0mcurrent configuration.
�[33m│�[0m �[0m
�[33m│�[0m �[0mThe -target option is not for routine use, and is provided only for
�[33m│�[0m �[0mexceptional situations such as recovering from errors or mistakes, or when
�[33m│�[0m �[0mTerraform specifically suggests to use it as part of an error message.
�[33m╵�[0m�[0m
�[33m╷�[0m�[0m
�[33m│�[0m �[0m�[1m�[33mWarning: �[0m�[0m�[1mApplied changes may be incomplete�[0m
�[33m│�[0m �[0m
�[33m│�[0m �[0m�[0mThe plan was created with the -target option in effect, so some changes
�[33m│�[0m �[0mrequested in the configuration may have been ignored and the output values
�[33m│�[0m �[0mmay not be fully updated. Run the following command to verify that no other
�[33m│�[0m �[0mchanges are pending:
�[33m│�[0m �[0m terraform plan
�[33m│�[0m �[0m
�[33m│�[0m �[0mNote that the -target option is not suitable for routine use, and is
�[33m│�[0m �[0mprovided only for exceptional situations such as recovering from errors or
�[33m│�[0m �[0mmistakes, or when Terraform specifically suggests to use it as part of an
�[33m│�[0m �[0merror message.
�[33m╵�[0m�[0m
�[31m╷�[0m�[0m
�[31m│�[0m �[0m�[1m�[31mError: �[0m�[0m�[1mError updating secret�[0m
�[31m│�[0m �[0m
�[31m│�[0m �[0m�[0m with infisical_secret.aws_access_key_id_dev,
�[31m│�[0m �[0m on aws_iam_terraform.tf line 14, in resource "infisical_secret" "aws_access_key_id_dev":
�[31m│�[0m �[0m 14: resource "infisical_secret" "aws_access_key_id_dev" �[4m{�[0m�[0m
�[31m│�[0m �[0m
�[31m│�[0m �[0mCouldn't save encrypted secrets to Infiscial, unexpected error:
�[31m│�[0m �[0mCallUpdateSecretsV3: Unsuccessful response. Please make sure your secret
�[31m│�[0m �[0mpath, workspace and environment name are all correct
�[31m│�[0m �[0m[response={"statusCode":400,"message":"Secret already
�[31m│�[0m �[0mexist","error":"BadRequest"}]
�[31m╵�[0m�[0m
from terraform-provider-infisical.
Related Issues (5)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from terraform-provider-infisical.