azurerm_storage_container has wrong external-name in composition after creation

noyoshi commented 2 years ago

What happened?

Created a composition that has a storage container (container.storage.azure.jet.crossplane.io) resource
Created a claim for the composition
Confirmed container was created in azure, external-name set to what was provided
Once the container was created, the Crossplane observer failed, and the external name was set to
```
<storageAccountName>.blob.core.windows.net/<containerName>
```

Details from the describe output:

Events:
  Type     Reason                         Age                    From                                                              Message
  ----     ------                         ----                   ----                                                              -------
  Normal   PendingExternalResource        4m28s (x4 over 5m17s)  managed/storage.azure.jet.crossplane.io/v1alpha2, kind=container  Waiting for external resource existence to be confirmed
  Normal   CreatedExternalResource        4m19s (x3 over 5m32s)  managed/storage.azure.jet.crossplane.io/v1alpha2, kind=container  Successfully requested creation of external resource
  Warning  CannotObserveExternalResource  30s (x35 over 4m)      managed/storage.azure.jet.crossplane.io/v1alpha2, kind=container  cannot run refresh: refresh failed: only lowercase alphanumeric characters and hyphens allowed in "name": "MY_ACCOUNT.blob.core.windows.net/test-lz-cnvnd": : File name: main.tf.json

How can we reproduce it?

Create a composition with a storage container in it, and observe the behavior.

What environment did it happen in?

Crossplane version: v1.6.1 provider-jet-azure version: v0.6.0 kubernetes version: 1.21.7

noyoshi commented 2 years ago

Creating the container without going through a composition works. I suspect it has something to do with how the external name is modified once the resource is created.

sergenyalcin commented 2 years ago

Hi @noyoshi could you please share with us the Composite Resource Definition (XRD), Composition and Claim you used in the try that you observed the error above? By this way, I can try to reproduce and investigate the issue easily. Thanks!

noyoshi commented 2 years ago

@sergenyalcin sure, here you go

CRD

apiVersion: apiextensions.crossplane.io/v1
kind: CompositeResourceDefinition
metadata:
  name: xexampledeployments.infra.example.com
spec:
  group: infra.example.com
  names:
    kind: XExampleDeployment
    plural: xexampledeployments
  claimNames:
    kind: ExampleDeployment
    plural: exampledeployments

  versions:

  - name: v1alpha1
    additionalPrinterColumns:
    served: true
    referenceable: true
    schema:
      openAPIV3Schema:
        type: object
        properties:
          spec:
            type: object
            properties:
              uid:
                type: string
              generated:
                type: object
                properties:
                  resourceGroupName:
                    type: string
                  storageAccountName:
                    type: string

Composition:

apiVersion: apiextensions.crossplane.io/v1
kind: Composition
metadata:
  name: example-deployment
  labels:
    crossplane.io/xrd: xexampledeployments.infra.example.com
    provider: provider-jet-azure
spec:
  writeConnectionSecretsToNamespace: crossplane-system
  compositeTypeRef:
    apiVersion: infra.example.com/v1alpha1
    kind: XExampleDeployment
  resources:

  # Resource group for all azure resources
  - name: resource-group
    base:
      apiVersion: azure.jet.crossplane.io/v1alpha2
      kind: ResourceGroup
      spec:
        forProvider:
          location: West US 2
        providerConfigRef:
          name: azurejetconfig
    patches:
    - type: CombineFromComposite
      combine:
        variables:
        - fromFieldPath: spec.uid
        strategy: string
        string:
          fmt: "rg-%s"
      toFieldPath: metadata.annotations[crossplane.io/external-name]
    - type: ToCompositeFieldPath
      fromFieldPath: metadata.name
      toFieldPath: spec.generated.resourceGroupName

  - name: storage-account
    base:
      apiVersion: storage.azure.jet.crossplane.io/v1alpha2
      kind: Account
      spec:
        forProvider:
          location: West US 2
          accountTier: Standard
          accountKind: StorageV2
          minTlsVersion: TLS1_2
          accountReplicationType: RAGRS
          tags:
            application: crossplane
        providerConfigRef:
          name: azurejetconfig
        writeConnectionSecretToRef:
          namespace: crossplane-system
          name: test-secret-storage
    patches:
    - type: PatchSet
      patchSetName: resource-group-name
    - type: ToCompositeFieldPath
      fromFieldPath: metadata.name
      toFieldPath: spec.generated.storageAccountName
    - type: CombineFromComposite
      combine:
        variables:
        - fromFieldPath: spec.uid
        strategy: string
        string:
          fmt: "test%s"
      toFieldPath: metadata.annotations[crossplane.io/external-name]

  - name: container
    base:
      apiVersion: storage.azure.jet.crossplane.io/v1alpha2
      kind: Container
      spec:
        forProvider:
          containerAccessType: private
        providerConfigRef:
          name: azurejetconfig
    patches:
    - type: FromCompositeFieldPath
      fromFieldPath: spec.generated.storageAccountName
      toFieldPath: spec.forProvider.storageAccountNameRef.name
    - type: CombineFromComposite
      combine:
        variables:
        - fromFieldPath: spec.uid
        strategy: string
        string:
          fmt: "test%s"
      toFieldPath: metadata.annotations[crossplane.io/external-name]
  patchSets:
  - name: resource-group-name
    patches:
    - type: FromCompositeFieldPath
      fromFieldPath: spec.generated.resourceGroupName
      toFieldPath: spec.forProvider.resourceGroupNameRef.name

claim:

apiVersion: infra.example.com/v1alpha1
kind: ExampleDeployment
metadata:
  namespace: crossplane-system
  name: example
spec:
  uid: as098fhjalsk
  compositionRef:
    name: example-deployment

noyoshi commented 2 years ago

After the container is created, I end up getting:

NAME                                                            READY   SYNCED   EXTERNAL-NAME                                     AGE
container.storage.azure.jet.crossplane.io/example-x77lf-4bc4d   False   False    test09asd8fh.blob.core.windows.net/test09asd8fh   2m50s

tgdfool2 commented 2 years ago

I noticed the same behavior, even without using compositions. With the following simple example:

---
apiVersion: storage.azure.jet.crossplane.io/v1alpha2
kind: Account
metadata:
  name: testolivierstorage
  annotations:
    crossplane.io/external-name: testolivierstorage
spec:
  forProvider:
    resourceGroupNameRef:
      name: test-olivier-rg
    location: "West Europe"
    accountTier: "Standard"
    accountReplicationType: "LRS"
    tags:
      provisioner: crossplane
  providerConfigRef:
    name: default
  writeConnectionSecretToRef:
    name: testolivierstorage
    namespace: crossplane-system

---
apiVersion: storage.azure.jet.crossplane.io/v1alpha2
kind: Container
metadata:
  name: testoliviercontainer
  annotations:
    crossplane.io/external-name: testoliviercontainer
spec:
  forProvider:
    containerAccessType: private
    storageAccountNameRef:
      name: testolivierstorage
  providerConfigRef:
    name: default

It looks like the external name is overwritten:

NAME                                                             READY   SYNCED   EXTERNAL-NAME                                                   AGE
container.storage.azure.jet.crossplane.io/testoliviercontainer   False   False    testolivierstorage.blob.core.windows.net/testoliviercontainer   4m45s

And this results in the following error message:

  Type     Reason                         Age                   From                                                              Message
  ----     ------                         ----                  ----                                                              -------
  Normal   CreatedExternalResource        5m9s                  managed/storage.azure.jet.crossplane.io/v1alpha2, kind=container  Successfully requested creation of external resource
  Warning  CannotObserveExternalResource  9s (x186 over 4m51s)  managed/storage.azure.jet.crossplane.io/v1alpha2, kind=container  cannot run refresh: refresh failed: only lowercase alphanumeric characters and hyphens allowed in "name": "testolivierstorage.blob.core.windows.net/testoliviercontainer": : File name: main.tf.json

ulucinar commented 2 years ago

Thank you folks. @sergenyalcin is investigating the issue.

sergenyalcin commented 2 years ago

Hi @noyoshi, @tgdfool2 and @ulucinar I investigated this issue. It seems that after consumed a new terrajet version in provider-jet-azure, a configuration problem for storage_container and storage_blob has become visible. I opened a PR to fixing the issue.

noyoshi commented 2 years ago

Awesome! Thank you!! Getting close to the day where we can provision an entire stack of our service via Crossplane. :)

crossplane-contrib / provider-jet-azure