update ssh settings

provider/alicloud/main.tf

@@ -80,6 +80,11 @@ resource "alicloud_security_group_rule" "allow_all_ingress" {
 resource "alicloud_key_pair" "ssh-key" {
   key_name   = "ssh-key-${time_static.id.unix}"
   public_key = file(var.ssh_pubkey_path)
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 data "alicloud_images" "ubuntu" {

provider/aws/main.tf

@@ -97,6 +97,11 @@ resource "aws_network_interface" "default" {
 resource "aws_key_pair" "ssh-key" {
   key_name   = "ssh-key-${time_static.id.unix}"
   public_key = file(var.ssh_pubkey_path)
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 

provider/azure/main.tf

@@ -189,6 +189,12 @@ resource "azurerm_linux_virtual_machine" "host" {
     ]
   }
 
+  lifecycle {
+    ignore_changes = [
+      admin_ssh_key
+    ]
+  }
+
 }
 
 /*

provider/digitalocean/main.tf

@@ -48,9 +48,13 @@ provider "digitalocean" {
 }
 
 resource "digitalocean_ssh_key" "tf-kube" {
-  count      = fileexists("${var.ssh_pubkey_path}") ? 1 : 0
   name       = "tf-kube-${time_static.id.unix}"
   public_key = file("${var.ssh_pubkey_path}")
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 resource "digitalocean_droplet" "host" {
@@ -60,7 +64,7 @@ resource "digitalocean_droplet" "host" {
   size               = var.size
   backups            = false
   private_networking = true
-  ssh_keys           = digitalocean_ssh_key.tf-kube.*.id
+  ssh_keys           = [digitalocean_ssh_key.tf-kube.id]
   vpc_uuid           = digitalocean_vpc.kube-vpc.id
 
   count = var.hosts

provider/google/main.tf

@@ -136,6 +136,12 @@ resource "google_compute_instance" "host" {
     ]
   }
 
+  lifecycle {
+    ignore_changes = [
+      metadata["ssh-keys"]
+    ]
+  }
+
 }
 
 /*

provider/hcloud/main.tf

@@ -48,17 +48,22 @@ variable "ssh_pubkey_path" {
 }
 
 resource "hcloud_ssh_key" "tf-kube" {
-  count      = fileexists("${var.ssh_pubkey_path}") ? 1 : 0
   name       = "tf-kube-${time_static.id.unix}"
   public_key = file("${var.ssh_pubkey_path}")
+
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 resource "hcloud_server" "host" {
   name        = format(var.hostname_format, count.index + 1)
   location    = var.location
   image       = var.image
   server_type = var.type
-  ssh_keys    = hcloud_ssh_key.tf-kube.*.id
+  ssh_keys    = [hcloud_ssh_key.tf-kube.id]
 
   count = var.hosts
 

provider/huaweicloud/main.tf

@@ -82,6 +82,11 @@ resource "huaweicloud_networking_secgroup_rule" "allow_all_ingress" {
 resource "huaweicloud_compute_keypair" "ssh-key" {
   name       = "ssh-key-${time_static.id.unix}"
   public_key = file(var.ssh_pubkey_path)
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 data "huaweicloud_images_image" "ubuntu" {

provider/linode/main.tf

@@ -42,18 +42,21 @@ variable "ssh_pubkey_path" {
 }
 
 resource "linode_sshkey" "tf-kube" {
-  count = fileexists("${var.ssh_pubkey_path}") ? 1 : 0
-  label = "tf-kube-${time_static.id.unix}"
-  #ssh_key    = file("${var.ssh_pubkey_path}")
+  label   = "tf-kube-${time_static.id.unix}"
   ssh_key = chomp(file(var.ssh_pubkey_path))
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 resource "linode_instance" "host" {
   label           = format(var.hostname_format, count.index + 1)
   region          = var.location
   image           = var.image
   type            = var.type
-  authorized_keys = linode_sshkey.tf-kube.*.ssh_key
+  authorized_keys = [linode_sshkey.tf-kube.ssh_key]
   private_ip      = true
   swap_size       = 2048
 

provider/ovh/main.tf

@@ -108,16 +108,20 @@ provider "openstack" {
 }
 
 resource "openstack_compute_keypair_v2" "tf-kube" {
-  count      = fileexists("${var.ssh_pubkey_path}") ? 1 : 0
   name       = "tf-kube-${time_static.id.unix}"
   public_key = file("${var.ssh_pubkey_path}")
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 resource "openstack_compute_instance_v2" "host" {
   name        = format(var.hostname_format, count.index + 1)
   image_name  = var.image
   flavor_name = var.size
-  key_pair    = openstack_compute_keypair_v2.tf-kube[0].name
+  key_pair    = openstack_compute_keypair_v2.tf-kube.name
 
   # Important: orders of network declaration matters because
   # public network is attached on ens4, so keep it at the end of the list

provider/scaleway/main.tf

@@ -38,9 +38,13 @@ variable "ssh_pubkey_path" {
 }
 
 resource "scaleway_account_ssh_key" "tf-kube" {
-  count      = fileexists("${var.ssh_pubkey_path}") ? 1 : 0
   name       = "tf-kube-${time_static.id.unix}"
   public_key = file("${var.ssh_pubkey_path}")
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 provider "scaleway" {

provider/vultr/main.tf

@@ -72,17 +72,21 @@ data "vultr_os" "os" {
 
 
 resource "vultr_ssh_key" "tf-kube" {
-  count   = fileexists("${var.ssh_pubkey_path}") ? 1 : 0
   name    = "tf-kube-${time_static.id.unix}"
   ssh_key = file("${var.ssh_pubkey_path}")
+  lifecycle {
+    ignore_changes = [
+      public_key
+    ]
+  }
 }
 
 resource "vultr_server" "host" {
   hostname               = format(var.hostname_format, count.index + 1)
   region_id              = data.vultr_region.region.id
   os_id                  = data.vultr_os.os.id
   plan_id                = data.vultr_plan.plan.id
-  ssh_key_ids            = vultr_ssh_key.tf-kube.*.id
+  ssh_key_ids            = [vultr_ssh_key.tf-kube.id]
   network_ids            = [vultr_network.kube-vpc.id]
   enable_private_network = true