SecretManager Secret: Prevent recreation for "automatic" to "auto" (#9030) (#6325)

Signed-off-by: Modular Magician <[email protected]>

Author: modular-magician

.changelog/9030.txt

@@ -0,0 +1,3 @@
+```release-note:bug
+secretmanager: fixed an issue in `google_secretmanager_secret` where replacing `replication.automatic` with `replication.auto` would destroy and recreate the resource
+```

google-beta/services/secretmanager/resource_secret_manager_secret.go

@@ -18,18 +18,46 @@
 package secretmanager
 
 import (
+	"context"
 	"fmt"
 	"log"
 	"reflect"
 	"strings"
 	"time"
 
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 
 	"github.com/hashicorp/terraform-provider-google-beta/google-beta/tpgresource"
 	transport_tpg "github.com/hashicorp/terraform-provider-google-beta/google-beta/transport"
 )
 
+// Prevent ForceNew when upgrading replication.automatic -> replication.auto
+func secretManagerSecretAutoCustomizeDiff(_ context.Context, diff *schema.ResourceDiff, meta interface{}) error {
+	oAutomatic, nAutomatic := diff.GetChange("replication.0.automatic")
+	_, nAuto := diff.GetChange("replication.0.auto")
+	autoLen := len(nAuto.([]interface{}))
+
+	// Do not ForceNew if we are removing "automatic" while adding "auto"
+	if oAutomatic == true && nAutomatic == false && autoLen > 0 {
+		return nil
+	}
+
+	if diff.HasChange("replication.0.automatic") {
+		if err := diff.ForceNew("replication.0.automatic"); err != nil {
+			return err
+		}
+	}
+
+	if diff.HasChange("replication.0.auto") {
+		if err := diff.ForceNew("replication.0.auto"); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
 func ResourceSecretManagerSecret() *schema.Resource {
 	return &schema.Resource{
 		Create: resourceSecretManagerSecretCreate,
@@ -47,6 +75,10 @@ func ResourceSecretManagerSecret() *schema.Resource {
 			Delete: schema.DefaultTimeout(20 * time.Minute),
 		},
 
+		CustomizeDiff: customdiff.All(
+			secretManagerSecretAutoCustomizeDiff,
+		),
+
 		Schema: map[string]*schema.Schema{
 			"replication": {
 				Type:     schema.TypeList,
@@ -60,7 +92,6 @@ after the Secret has been created.`,
 						"auto": {
 							Type:        schema.TypeList,
 							Optional:    true,
-							ForceNew:    true,
 							Description: `The Secret will automatically be replicated without any restrictions.`,
 							MaxItems:    1,
 							Elem: &schema.Resource{
@@ -90,7 +121,6 @@ encryption is used.`,
 							Type:         schema.TypeBool,
 							Optional:     true,
 							Deprecated:   "`automatic` is deprecated and will be removed in a future major release. Use `auto` instead.",
-							ForceNew:     true,
 							Description:  `The Secret will automatically be replicated without any restrictions.`,
 							ExactlyOneOf: []string{"replication.0.automatic", "replication.0.user_managed", "replication.0.auto"},
 						},