role password not updated during failure, also not adjusted in subsequent runs #557
Description
We've had a strange issue happen to us today.
We ran a collection of pipelines to update some of our databases where some of them failed on authentication to our Azure PostgreSQL severs.
╷
│ Error: Error connecting to PostgreSQL server our-server-name.postgres.database.azure.com (scheme: postgres): pq: The access token has expired. Please acquire a new token and retry.
│
│ with module.postgresql_database["db-name"].module.database_roles["role-name"].postgresql_role.user,
│ on ../../../../modules/azure-postgresql-user/main.tf line 101, in resource "postgresql_role" "user":
│ 101: resource "postgresql_role" "user" {
│
╵
These pipelines were also supposed to update some user passwords, as we rotate these passwords periodically.
Even though the pipelines failed; subsequent runs after this did not update the passwords of the users.
Since the rest of our terraform run did succeed; all the places where the old passwords were used were now updated with a new password except for the database.
I understand that doing a read back of an users' password is not possible.
I also understand that updating the password every run is not desirable.
But I also want to see what we can do to prevent this in the future.