First time I’m creating a custom provider so I’m sorry if this is a silly question to ask. One of the resources is taking a Kubernetes secret and encrypting it as a sealed secret then pushing it to a Git repository.
I have noticed an issue with the Terraform diffing of this value. In the
ReadContext func I’m grabbing the requested resource from Git and then setting the value using the
Set func from
ResourceData. The problem is that this value is encrypted in Git and comparing it with the current value in the
main.tf will always trigger an update since that value is in cleartext.
I have tried using the
CustomizeDiff in the
schema.Resource, but I have not been able to working the way I want it to.
One way to solve this is to override the Terraform diffing by encrypting the value in
main.tf and comparing it with the value stored in Git.
Is this possible, or have I misunderstood the problem?