Error: Cannot create Secrets that use GCP Secrets Manager #1316
Description
When trying to create a new Secret that references a secret in GCP Secrets Manager, an error is thrown, as shown below. This happens with the latest Harness provider version - 0.39.4. Reverting back to 0.39.3 resolves the issue. The Harness Provider is adding an additional kmsKeyId element that is causing the error.
Error Message:
"Invalid request: Additional metadata values map must have only one key - version for secrets created using google secret manager.",
TF Code:
resource "harness_platform_secret_text" "secrets" {
for_each = local.secrets_map
org_id = var.org_id
project_id = var.project_id
identifier = each.key
name = each.value.name
secret_manager_identifier = "org.dvpsgkee424SecretManager"
value_type = "Reference"
value = each.value.reference
additional_metadata {
values {
version = "latest"
}
}
}
TF Code Rendered by Harness Provider (from TF_LOG):
| ---[ REQUEST ]---------------------------------------
| POST /gateway/ng/api/v2/secrets?accountIdentifier=Yv_sHmYKRK6v5wCAPN9r8A&orgIdentifier=coreIT&projectIdentifier=MobileTech HTTP/1.1\r
| Host: app.harness.io\r
| User-Agent: terraform-provider-harness-platform-0.39.4\r
| Content-Length: 395\r
| Accept: application/json\r
| Content-Type: application/json\r
| X-Api-Key: ****\r
| Accept-Encoding: gzip\r
| \r
| {
| "secret": {
| "type": "SecretText",
| "name": "MobileTech MobileFirst PROD User",
| "identifier": "MobileTech_MobileFirst_PROD_User",
| "orgIdentifier": "coreIT",
| "projectIdentifier": "MobileTech",
| "spec": {
| "type": "",
| "secretManagerIdentifier": "org.dvpsgkee424SecretManager",
| "valueType": "Reference",
| "value": "mobiletech_mobilefirst_prod#username",
| "additionalMetadata": {
| "values": {
| "kmsKeyId": "",
| "version": "latest"
| }
| }
| }
| }
| }
|
| -----------------------------------------------------