Add skip_destory flag for Fleet Agent Policies #357
Conversation
- Add a flag which can skip the attempt to remove the Agent Policy from Fleet using the API. This is useful in cases where an Agent is not managed directly by Terraform and it is not safe to remove the policy, as there may still be agents assigned to the policy.
I did test it manually and it worked as expected. Only reason why I was opposed to adding an acceptance test for it was I didn't care for the idea of leaving around resources after a test. As long as we are okay with that, it's trivial to add the acceptance test and assert the resource is still there.
I'm a little fuzzy on this as well. I think it's redundant here since we are already actioning on deleting the resource from state. What we're bypassing is the call out to fleet to delete. |
I would rather have it cleaned up. I think the test could do this though. Use one of the hooks, verify through the API that the resource does exist, and then delete it. |
| ), | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func testAccResourceAgentPolicyCreate(id string) string { | ||
| func TestAccResourceAgentPolicySkipDestroy(t *testing.T) { |
| @@ -264,6 +270,11 @@ func resourceAgentPolicyRead(ctx context.Context, d *schema.ResourceData, meta i | |||
| } | |||
|
|
|||
| func resourceAgentPolicyDelete(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { | |||
| if d.Get("skip_destroy").(bool) { | |||
| tflog.Debug(ctx, "Skipping destroy of Agent Policy", map[string]interface{}{"policy_id": d.Id()}) | |||
There was a problem hiding this comment.
IMO this should be at a higher log level so it's clear to users that we're not destroying this policy during apply.
I made it debug level based on what I saw in the AWS provider (here's an example: https://github.com./hashicorp/terraform-provider-aws/blob/70260ef76efac73597e49841908e23e574d478e0/internal/service/logs/group.go#L211) Since it's an opt-in option, it'll never be enabled by default, so I'm okay with it being at debug level for this reason. Also, logs won't appear unless a user opts in with TF_LOG=level. Once this PR is merged, could we get a release cut for us (a 0.6.2, for instance)? This is currently blocking progress on us adopting the provider. |
I'll look at cutting a release this week. |
|
@taylor-swanson @ebeahan 0.6.2 got pushed out today. |
Add a flag which can skip the attempt to remove the Agent Policy from Fleet using the API. This is useful in cases where an Agent is not managed directly by Terraform and it is not safe to remove the policy, as there may still be agents assigned to the policy.