Deleting doks PAT is not detected by provider

[dmikalova]

Bug Report

---

Describe the bug

I cleaned out my PATs including the ones generated by doks. When rerunning terraform plan and apply, this is not noticed by the provider, so the kube_config output does not update.

Affected Resource(s)

• digitalocean_kubernetes_cluster

Expected Behavior

After deleting the PAT that is output in kube_config, and then rerunning plan, the provider should notice that the PAT is gone and plan to generate a new one.

Actual Behavior

The PAT is not regenerated, and the old kube_config persists. Other modules using terraform_remote_state will get unauthorized errors.

[baznikin]

Confirm! I got my PAT deleted yesterday, replaced it in provider config, but doks token do not renewed in state so all my attempts to use kubernetes provider lead to Unauthorized errors. Same for helm provider - Kubernetes cluster unreachable: the server has asked for the client to provide credentials.

Steps to reproduce:

1. work with DO via Terraform (in order to fill/refresh terraform state) - create digitalocean_kubernetes_cluster and some resources using kubernetes provider
2. delete used PAT token
3. add new token
4. try to apply or refresh again

[baznikin]

Workaround - remove cluster from state and import it back:

$ terraform state rm module.k8s.digitalocean_kubernetes_cluster.cluster
Removed module.k8s.digitalocean_kubernetes_cluster.cluster
Successfully removed 1 resource instance(s).
$ terraform import module.k8s.digitalocean_kubernetes_cluster.cluster 3299306e-aea3-4b55-ab66-redacted      

Import successful!

The resources that were imported are shown above. These resources are now in
your Terraform state and will henceforth be managed by Terraform.