Conversation
Contributor
There was a problem hiding this comment.
Pull request overview
This PR fixes a bug in the handling of empty except sets in the Elasticsearch security role resource's field security configuration. The issue occurred when the API returned a null except field, which was incorrectly converted to a null set instead of an empty set, causing drift detection problems in Terraform.
Key Changes:
- Wrap field security
grantandexceptslices withutils.NonNilSlice()to ensure consistent empty set handling - Add test coverage for empty
exceptsets in field security configuration
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
| File | Description |
|---|---|
| internal/elasticsearch/security/role/models.go | Added utils.NonNilSlice() wrapper to both grant and except field conversions to ensure nil slices are converted to empty slices before set creation |
| internal/elasticsearch/security/role/testdata/TestAccResourceSecurityRoleEmptySets/create/main.tf | Added explicit empty except = [] configuration to test empty set handling |
dimuon
approved these changes
Dec 22, 2025
tobio
added a commit
that referenced
this pull request
Dec 23, 2025
* origin/main: chore(deps): update kibana-openapi-spec digest to 7d69aeb (#1582) Fix handling of empty except set (#1581) Limit dashboards acc tests to 9.3 (#1566) chore(deps): update kibana-openapi-spec digest to 7648954 (#1578) chore(deps): update kibana-openapi-spec digest to bdb1d87 (#1577) chore(deps): update kibana-openapi-spec digest to fce45e2 (#1571) chore(deps): update docker.elastic.co/elasticsearch/elasticsearch docker tag to v9.2.3 (#1573) chore(deps): update docker.elastic.co/kibana/kibana docker tag to v9.2.3 (#1574) fix(deps): update module github.com/go-resty/resty/v2 to v2.17.1 (#1554) fix(ml): anomaly_detection_job import/refresh mismatch (#1550)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #1565