Terraform tries to update auth configure while ignored

[pascal89]

Bug report

• I confirm this is a bug with Supabase, not with my own application.
• I confirm I have searched the Docs, GitHub Discussions, and Discord.

Describe the bug

When trying to import a Supabase project into the Terraform state file, while also updating the network config, terraform apply throws an error it isn't able to update the auth config. I didn't expect it to do so, as I explicitly ignored the changes for the auth config. Also, when looking at the plan, it only states it will update the network config.

Plan result:

  # supabase_project.development will be imported
    resource "supabase_project" "development" {
        id              = "omitted"
        name            = "bip-dev"
        organization_id = "omitted"
        region          = "eu-central-1"
    }

  # supabase_settings.development will be updated in-place
  # (imported from "omitted")
~ resource "supabase_settings" "development" {
        api         = jsonencode(
            {
                db_extra_search_path = "public, extensions"
                db_schema            = "api"
                max_rows             = 1000
            }
        )
        auth        = jsonencode(
                omitted: "omitted"
            }
        )
        database    = jsonencode({})
        id          = "omitted"
      ~ network     = jsonencode(
          ~ {
              ~ restrictions = [
                    "omitted/32",
                    "omitted/32",
                  + "omitted/32",
                ]
            }
        )
        project_ref = "omitted"
    }

Apply result:

│ Error: Client Error
│ 
│   with supabase_settings.development,
│   on main.tf line 40, in resource "supabase_settings" "development":
│   40: resource "supabase_settings" "development" {
│ 
│ Unable to update auth settings, got status 401: {"message":"Custom SMTP
│ required to configure SMTP_SENDER_NAME or RATE_LIMIT_EMAIL_SENT. Missing
│ SMTP_ADMIN_EMAIL, SMTP_HOST, SMTP_PORT, SMTP_USER, SMTP_PASS fields."}
╵

To Reproduce

Steps to reproduce the behavior, please provide code snippets or a repository:

1. Having an existing Supabase project with the following network restrictions in place: 2 allowed IP addresses.

2. Having the following Terraform config:

   import {
     id       = "omitted"
     to       = supabase_project.development
     provider = supabase
   }
   
   resource "supabase_project" "development" {
     organization_id   = var.supabase_organization_id
     name              = "bip-dev"
     provider          = supabase
     region            = "eu-central-1" # Central EU (Frankfurt)
     database_password = "NOT_MAINTAINED_THROUGH_TERRAFORM"
   
     lifecycle {
       ignore_changes = [
         database_password
       ]
     }
   }
   
   import {
     id       = "omitted"
     to       = supabase_settings.development
     provider = supabase
   }
   
   resource "supabase_settings" "development" {
     project_ref = supabase_project.development.id
     provider    = supabase
   
     network = jsonencode({
       restrictions = local.supabase_pip_allow_list #This now contains 3 IP addresses
     })
   
     lifecycle {
       ignore_changes = [
         api,
         auth,
         database,
         pooler,
         storage
       ]
     }
   }
   

3. Run terraform plan

4. Run terraform apply

Expected behavior

I would only expect Terraform to add my Supabase objects to the Terraform state and to only update the Supabase network restrictions config.

Screenshots

n.a.

System information

• Linux 5.15.0-1082-azure
• Terraform 1.11.3
  • Supabase provider 1.5.1