Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bucket(V1): pulumi refresh does not detect tag changes #3674

Closed
MitchellGerdisch opened this issue Mar 21, 2024 · 1 comment · Fixed by #3910
Closed

Bucket(V1): pulumi refresh does not detect tag changes #3674

MitchellGerdisch opened this issue Mar 21, 2024 · 1 comment · Fixed by #3910
Assignees
@t0yv0
Labels
area/refresh impact/reliability Something that feels unreliable or flaky kind/bug Some behavior is incorrect or out of spec resolution/fixed This issue was fixed service/s3 S3-related things (buckets, objects) size/S Estimated effort to complete (1-2 days).
Milestone
0.104

Comments

@MitchellGerdisch
Copy link

What happened?

Using aws.s3.Bucket() resource and setting a tag, if I change the tag outside of Pulumi and do a pulumi refresh the change is not detected.
Similarly, if I remove the tag outside of pulumi, a refresh does not detect the tag is gone.

Example

  1. pulumi new aws-python
  2. Modify code to add a tags={"mytag": "myvalue"} block to the bucket.
  3. pulumi up
  4. Edit or remove the tag in AWS
  5. pulumi refresh and see that no change is detected.

Output of pulumi about

CLI
Version 3.111.0
Go Version go1.22.1
Go Compiler gc

Plugins
NAME VERSION
aws 6.27.0
python unknown

Host
OS darwin
Version 13.6.3
Arch x86_64

This project is written in python: executable='/Users/mitch/Downloads/fxgt-workshop/test-tag-refresh/venv/bin/python3' version='3.10.11'

Current Stack: MitchGerdisch/test-tag-refresh/dev

TYPE URN
pulumi:pulumi:Stack urn:pulumi:dev::test-tag-refresh::pulumi:pulumi:Stack::test-tag-refresh-dev
pulumi:providers:aws urn:pulumi:dev::test-tag-refresh::pulumi:providers:aws::default_6_27_0
aws:s3/bucketV2:BucketV2 urn:pulumi:dev::test-tag-refresh::aws:s3/bucketV2:BucketV2::my-bucket

Found no pending operations associated with dev

Backend
Name pulumi.com
Token type personal

Dependencies:
NAME VERSION
pip 24.0
pulumi_aws 6.27.0
setuptools 69.2.0
wheel 0.43.0

Additional context

If I use aws.s3.BucketV2 the refresh works as expected.

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@MitchellGerdisch MitchellGerdisch added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels Mar 21, 2024
@mjeffryes mjeffryes added impact/reliability Something that feels unreliable or flaky area/refresh and removed needs-triage Needs attention from the triage team labels Mar 21, 2024
@t0yv0 t0yv0 mentioned this issue Apr 22, 2024
Closed
@t0yv0
Copy link
Member

t0yv0 commented Apr 24, 2024

I can confirm this is happening.

Using something like this to delete tags in the CLI:

aws s3api delete-bucket-tagging --bucket my-tf-test-bucket-grr

This works fine for BucketV2, confirmed:

const example = new aws.s3.BucketV2("my-bucket-v2", {
    bucket: "my-tf-test-bucket-grr",
    tags: {
        Name: "My bucket",
        Environment: "Dev",
    },
});

Digging in the code:

Bucket read writes to InContext.TagsOut
https://github.com/hashicorp/terraform-provider-aws/blob/master/internal/tags/context.go#L19

Processed by tagsResourceInterceptor maybe?
https://github.com/hashicorp/terraform-provider-aws/blob/master/internal/provider/intercept.go#L201

Or maybe by tagsReadFunc?
https://github.com/hashicorp/terraform-provider-aws/blob/master/internal/provider/tags_interceptor.go#L106

Since we're maintaining the legacy bucket by patches what likely happened here it stopped receiving the same interceptor treatment as the rest of the resources, so we need to find a way to reintroduce the same treatment.

@t0yv0 t0yv0 added the size/S Estimated effort to complete (1-2 days). label Apr 24, 2024
@t0yv0 t0yv0 added this to the 0.104 milestone Apr 24, 2024
@t0yv0 t0yv0 self-assigned this Apr 26, 2024
@t0yv0 t0yv0 mentioned this issue May 8, 2024
Merged
t0yv0 added a commit that referenced this issue May 10, 2024
@t0yv0
Fix aws.s3.Bucket tag drift detection (#3910)
53df635 
Make sure that `pulumi refresh` detects changes to bucket tagging.

The implementation restores aws_s3_legacy_bucket resource participation
in the generic tags interceptor.

Fixes #3674
@pulumi-bot pulumi-bot added the resolution/fixed This issue was fixed label May 10, 2024
@t0yv0 t0yv0 added the service/s3 S3-related things (buckets, objects) label May 10, 2024
t0yv0 added a commit to pulumi/pulumi-terraform-bridge that referenced this issue May 10, 2024
@t0yv0
Fix spurious ForcesProviderReplace activation
769c8ac 
The ForceProviderReplace setting introduces cascading replaces when a certain Provider-level configuration setting
changes. For example, changing the region in the AWS Provider is able to recreate all the affected resources in the new
desired region with this setting. There was however a practical problem fixed with this PR that caused accidental
re-creation of resources in the same region.

Specifically, some of the resources states provisioned by older versions of Pulumi CLI may not have oldInputs
sufficiently populated in the call to DetailedDiff. This caused ForceProviderReplace logic to assume that the region is
changing from "" to "us-east-1" where it did not, in fact, change. To compensate for this, the logic no longer initiates
cascading replace when the oldInputs map does not contain the value.

See also:

- pulumi/pulumi-aws#3826
- pulumi/pulumi-aws#3674
@t0yv0 t0yv0 mentioned this issue May 10, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@t0yv0 t0yv0

Labels
area/refresh impact/reliability Something that feels unreliable or flaky kind/bug Some behavior is incorrect or out of spec resolution/fixed This issue was fixed service/s3 S3-related things (buckets, objects) size/S Estimated effort to complete (1-2 days).
Projects
None yet
Milestone
0.104
Development

Successfully merging a pull request may close this issue.

Fix aws.s3.Bucket tag drift detection pulumi/pulumi-aws
4 participants
@t0yv0 @mjeffryes @MitchellGerdisch @pulumi-bot