Description: We have had two severe outages recently related to a single curly brace
} that broke all logins. One was for a completely new Rule being added. The other one was for an Action that was modified through the Console.
The recommendation is to implement the following:
- For the Terraform Auth0 module, all scripts should be linted at a minimum before attempting to deploy.
- If a parsing error is caused by the execution of a newly deployed Rule or Action, all related changes should probably be rolled back, and at a minimum, the new Rule/Action reverted to the prior version (limited to one rollback to prevent a run away rollback). I know this may not be completely desirable for all deployments, but at a minimum, allow the script to be resilient and allow the last known, working configuration to be re-instated.
- Before a new rule is loaded into Auth0, a linter should be run on it to prevent blocking all logins.
Use-case: Basic Terraform Auth0-module deployment of Rules.