is it possible to support prevent_deletion flag in the provider

[furkhat]

lifecycle {
  prevent_destroy = true
}

[furkhat]

@stefanandres It looks like lifecycle attributes supported by default. For the case we talked about, you would need to add

lifecycle {
  prevent_destroy = true
}

into metakube_node_deployment resources which prevents node deployments deletion if api returns 404 for the cluster.

---

Note that the message

Terraform detected the following changes made outside of Terraform since the
last "terraform apply":

means that resource was not found on the "server" during state refresh, therefore assumed to be deleted. Here terraform will try to just "forget" the resource, therefore adding lifecycle.prevent_destroy=true for such cases will not affect provider's behavior because it does not destroy the resource as such.

[baurmatt]

Just stumbled over this in https://code.syseleven.de/syseleven/metakube/terraform-module-metakube/-/blob/acdbde6b1814365e445ac86c8344a45d8604bba7/cluster.tf#L44.

The problem is that we cannot use lifecycle.prevent_destroy in the module because there is no way to make it configurable by module variables. -> hashicorp/terraform#18367

The idea is, that the provider supports this itself. Do you think that this is reasonable?

[baurmatt]

@furkhat What do you think? :)

[furkhat]

@baurmatt
Would you want prevent_destroy configuration for each resource type or globally for the whole provider? Is your main intention is to avoid assumed deletion when resource was not found during refresh?

[baurmatt]

@furkhat The cluster and node deployment resources would be fine. We want to ensure that it's not irreversible destroyed/recreated because of an unplanned/unseen change.