You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently, all credential resources cause diffs between runs.
This is because they store the value from the read response, which always has the sensitive attributes (such as ssh_key_data) returning $encrypted$.
There are 3 solutions as I see it:
AWX API needs to be changed to return a verifiable attribute, such as private key hash (unlikely)
Store the private key from the create resource call and remove storing it from the read response. Benefit is the state knows the exact key and compare it to the input.
Suppress the diff using DiffSupprrssFunc on the key data attribute in the schema that suppresses if the old value is "$encrypted$". Issue here is if the user does change key_data, it won't be picked up.
The text was updated successfully, but these errors were encountered:
Currently, all credential resources cause diffs between runs.
This is because they store the value from the read response, which always has the sensitive attributes (such as
ssh_key_data) returning$encrypted$.There are 3 solutions as I see it:
The text was updated successfully, but these errors were encountered: