Provider does not auth with \n in private_key

[Tmanoche]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

Terraform Version and Provider Version

Terraform v1.7.5
on linux_amd64

• provider registry.terraform.io/hashicorp/time v0.11.2
• provider registry.terraform.io/oracle/oci v5.46.0

Affected Resource(s)

affected_resources = terraform

Terraform Configuration Files

terraform {
  required_version = ">= 1.7.0"
  required_providers {
    oci = {
      source                = "oracle/oci"
      version               = "5.46.0"
    }
  }

  cloud {
    organization = "[redacted]"
    workspaces {
      name = "temptest"
    }
  }
}

provider "oci" {
  region = "us-sanjose-1"
}

Debug Output

https://gist.github.com/Tmanoche/4641860c452e6794f040bfbc4851c637

Panic Output

Expected Behavior

We should be able to use an example private key format in our TF_VAR_private_key:

TF_VAR_private_key="-----BEGIN PRIVATE KEY-----\nREDACTED\n-----END PRIVATE KEY-----"

We cannot paste keys with actual new lines in Terraform Cloud, so we must use \n.

Actual Behavior

Error:

Planning failed. Terraform encountered an error while generating this plan.

╷
│ Error: can not create client, bad configuration: did not find a proper configuration for private key
│ 
│   with provider["registry.terraform.io/oracle/oci"].oci-home,
│   on main.tf line 19, in provider "oci":
│   19: provider "oci" {
│ 
╵
╷
│ Error: can not create client, bad configuration: did not find a proper configuration for private key
│ 
│   with provider["registry.terraform.io/oracle/oci"],
│   on main.tf line 24, in provider "oci":
│   24: provider "oci" {
│ 
╵

Steps to Reproduce

1. Export all of the necessary variables for the OCI provider:
   TF_VAR_user_ocid
   TF_VAR_fingerprint
   TF_VAR_tenancy_ocid
   TF_VAR_private_key

2. Run terraform plan.

3. You will run into an auth error.

Important Factoids

I tested provider changes locally to fix this issue.

I changed these lines:
https://github.com/oracle/terraform-provider-oci/blob/master/internal/provider/provider.go#L553-L555

To:

	if privateKey, hasPrivateKey := p.D.GetOkExists(globalvar.PrivateKeyAttrName); hasPrivateKey {
		keyData := privateKey.(string)
		keyData = strings.ReplaceAll(keyData, "\\n", "\n") // Ensure \n is replaced by actual newlines
		return oci_common.PrivateKeyFromBytes([]byte(keyData), &password)
	}
	

When I run terraform plan with a dev config pointing to my updated test provider, the private key is able to auth just fine. When I point back to the latest OCI provider, it fails. All with the same environment/env vars.

References

[tf-oci-pub]

Thank you for reporting the issue. We observed the affected resources are not provided in the description or it's incorrect. We request you to add it in issue description as mentioned in below format.
Example: affected_resources = oci_core_instance , oci_core_instances

If it's not related to any particular resource then mention affected resource as terraform.
Example: affected_resources = terraform

As this works through automation, request you to follow exact syntax.

[Tmanoche]

Updated with affected resources