EKS server does not update status during an K8s version upgrade

[stevendborrelli]

Is there an existing issue for this?

• [X] I have searched the existing issues

Affected Resource(s)

eks.aws.upbound.io - Cluster

Resource MRs required to reproduce the bug

Use configuration-aws-eks along with a cluster-xr to create an eks cluster:

configuration.yaml

```yaml apiVersion: pkg.crossplane.io/v1 kind: Configuration metadata: name: configuration-aws-eks spec: package: xpkg.upbound.io/upbound/configuration-aws-eks:v0.9.0 ```

xr.yaml

```yaml apiVersion: aws.platform.upbound.io/v1alpha1 kind: XNetwork metadata: name: configuration-aws-eks spec: parameters: id: configuration-aws-eks region: us-west-2 --- apiVersion: aws.platform.upbound.io/v1alpha1 kind: XEKS metadata: name: configuration-aws-eks spec: parameters: deletionPolicy: Delete providerConfigName: default id: configuration-aws-eks region: us-west-2 version: "1.27" iam: # replace with your custom arn like: # roleArn: arn:aws:iam::123456789:role/AWSReservedSSO_AdministratorAccess_d703c73ed340fde7 roleArn: "arn:aws:iam::609897127049:user/steven" nodes: count: 1 instanceType: t3.small writeConnectionSecretToRef: name: configuration-aws-eks-kubeconfig namespace: upbound-system ```

Steps to Reproduce

• Install configuration
• deploy xr.yaml to create the network and cluster
• update xr.yaml to version 1.28
• observe cluster events and conditions, review cluster in the AWS Console

What happened?

Once an updated XR manifest is applied with version 1.28, the upgrade immediately starts. spec.forProvider.version is at 1.28 while spec.AtProvider.version is at 1.27 during the cluster upgrade, but the conditions don't show it is in an upgrading state. The k8s api server is available during the upgrade, so the cluster is not in an unready state during upgrade.

Relevant Error Output Snippet

`spec.forProvider.version` is at 1.28 while `spec.AtProvider.version` is at 1.27 during the cluster upgrade, but the conditions don't show it is in an upgrading state. The k8s api server is available 

Name:         configuration-aws-eks-jwtq2
Namespace:    
Labels:       crossplane.io/claim-name=
              crossplane.io/claim-namespace=
              crossplane.io/composite=configuration-aws-eks
Annotations:  crossplane.io/composition-resource-name: kubernetesCluster
              crossplane.io/external-create-pending: 2024-03-01T01:24:53Z
              crossplane.io/external-create-succeeded: 2024-03-01T01:24:53Z
              crossplane.io/external-name: configuration-aws-eks-jwtq2
API Version:  eks.aws.upbound.io/v1beta1
Kind:         Cluster
Metadata:
  Creation Timestamp:  2024-03-01T01:22:50Z
  Finalizers:
    finalizer.managedresource.crossplane.io
  Generate Name:  configuration-aws-eks-
  Generation:     5
  Owner References:
    API Version:           aws.platform.upbound.io/v1alpha1
    Block Owner Deletion:  true
    Controller:            true
    Kind:                  XEKS
    Name:                  configuration-aws-eks
    UID:                   1df3a831-09d6-40f0-bc8a-2f48a48e505e
  Resource Version:        14774
  UID:                     fa20b0bb-28cf-4c65-ae2e-4651cabe05da
Spec:
  Deletion Policy:  Delete
  For Provider:
    Kubernetes Network Config:
      Ip Family:        ipv4
      serviceIpv4Cidr:  10.100.0.0/16
    Region:             us-west-2
    Role Arn:           arn:aws:iam::609897127049:role/configuration-aws-eks-p5dsw
    Role Arn Ref:
      Name:  configuration-aws-eks-p5dsw
    Role Arn Selector:
      Match Controller Ref:  true
      Match Labels:
        Role:  controlplane
    Tags:
      Crossplane - Kind:            cluster.eks.aws.upbound.io
      Crossplane - Name:            configuration-aws-eks-jwtq2
      Crossplane - Providerconfig:  default
    Version:                        1.28
    Vpc Config:
      Endpoint Private Access:  true
      Endpoint Public Access:   true
      Index:                    0
      Subnet Id Refs:
        Name:  configuration-aws-eks-pqbwh
        Name:  configuration-aws-eks-nldp4
      Subnet Id Selector:
        Match Labels:
          Access:                                       public
          networks.aws.platform.upbound.io/network-id:  configuration-aws-eks
      Subnet Ids:
        subnet-050c705c91037c792
        subnet-0f7d5bf6da274305c
  Init Provider:
  Management Policies:
    *
  Provider Config Ref:
    Name:  default
Status:
  At Provider:
    Arn:  arn:aws:eks:us-west-2:609897127049:cluster/configuration-aws-eks-jwtq2
    Certificate Authority:
      Data:      LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURCVENDQWUyZ0F3SUJBZ0lJYlZrWUE4V1lJYkl3RFFZSktvWklodmNOQVFFTEJRQXdGVEVUTUJFR0ExVUUKQXhNS2EzVmlaWEp1WlhSbGN6QWVGdzB5TkRBek1ERXdNVEkwTXpSYUZ3MHpOREF5TWpjd01USTVNelJhTUJVeApFekFSQmdOVkJBTVRDbXQxWW1WeWJtVjBaWE13Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLCkFvSUJBUURNQThDbi9zblI5QURXUSs0V1dCWmhkM2gxZGZyRmFFNU5kKzZEc2NzZEtjSTU1cVludkdRRGxKVjUKWUYzemN0SUZqWHdMRVQvM0FBSHU0UUlMamlLaWpqUkIrSFgza1Ura2F3WjVTZUNQYWxJanoyMFl2emg3SVVhQQpzNGhVV1hWREhhMDJqNzR3YjAyUDlDRG4vY3J3a0c0ZnFHMGJXeVJkNXVjeHNTV1FLWjZtV0ZQb3NWWDEzSWRnCmZWMEtMUXdEOXdiV2ZFZzUvaEZERjlVekVuUVdPMUxBOXVRZytZUndxOGhUYkNndVk2bEJaeWxpOUxUSGVpYmgKWnExTHIrZUFMa0gwUkJ6TUVreDY2TlZsVEd1MnBJOHY0NzdoVm9MeUJhNkpIRHU1WHpyM2VOOWlmWTNTZmJzVAp5aU9hTUxwQ2FHeUdYZzEyTnlCVDlVMFo0ckJoQWdNQkFBR2pXVEJYTUE0R0ExVWREd0VCL3dRRUF3SUNwREFQCkJnTlZIUk1CQWY4RUJUQURBUUgvTUIwR0ExVWREZ1FXQkJSa2dzcGVBWVdXeEdFL3ord0djaG90NTVBWFl6QVYKQmdOVkhSRUVEakFNZ2dwcmRXSmxjbTVsZEdWek1BMEdDU3FHU0liM0RRRUJDd1VBQTRJQkFRQVo3Wm8rL1QxdQpEWjV3VFFjQVUwNC9QUHUwa2tyVDBDZThXTFZjRnZCZ0hjOUNhYi9nTE9nWW9zWFRjeEdxeUtjTnJLM2lpdDE3Ci9WT0t3VFpLOGU0NXVtWlYrMitWY0F0MFpqUEkrNW8zd1B3T0l1d2c1ODRVa0hOQ1ZUOGdCOGt5QVRrRkJwUDEKR0xhUkN2S0F1ZmJ2ZzlKc0N3QVFNSXhLaldHQkdURVNIK2VIMnd3VHBBZ21tSWt1T1VJOXRIb00vdDJzR0ZpaQpoZXVtdmJabjBxVGhReUloRHJINmtQczFWNnA2Z0pRNFpBWUhYYXY1U3pVTzYwQmFyV05PcWIvTEtjdWFZMjhUCmZUZHpiMkpwVXlnMG84WVFEZmhZTSs3REJUQllKdEl4MnluUnVHRjRPV2k3R1g2OTFoMWxrNXVzUmZodXlIenAKb2FoQUZpZ3BFTUppCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
    Created At:  2024-03-01 01:24:55.448 +0000 UTC
    Endpoint:    https://21768A30074FEB6E1E7CCF9AE1C96B69.gr7.us-west-2.eks.amazonaws.com
    Id:          configuration-aws-eks-jwtq2
    Identity:
      Oidc:
        Issuer:  https://oidc.eks.us-west-2.amazonaws.com/id/21768A30074FEB6E1E7CCF9AE1C96B69
    Kubernetes Network Config:
      Ip Family:        ipv4
      serviceIpv4Cidr:  10.100.0.0/16
      serviceIpv6Cidr:  
    Platform Version:   eks.11
    Role Arn:           arn:aws:iam::609897127049:role/configuration-aws-eks-p5dsw
    Status:             ACTIVE
    Tags:
      Crossplane - Kind:            cluster.eks.aws.upbound.io
      Crossplane - Name:            configuration-aws-eks-jwtq2
      Crossplane - Providerconfig:  default
    Tags All:
      Crossplane - Kind:            cluster.eks.aws.upbound.io
      Crossplane - Name:            configuration-aws-eks-jwtq2
      Crossplane - Providerconfig:  default
    Version:                        1.27
    Vpc Config:
      Cluster Security Group Id:  sg-09fc7c80e23e60edf
      Endpoint Private Access:    true
      Endpoint Public Access:     true
      Index:                      0
      Public Access Cidrs:
        0.0.0.0/0
      Subnet Ids:
        subnet-050c705c91037c792
        subnet-0f7d5bf6da274305c
      Vpc Id:  vpc-0870865bb22dbde98
  Conditions:
    Last Transition Time:  2024-03-01T01:24:53Z
    Reason:                ReconcileSuccess
    Status:                True
    Type:                  Synced
    Last Transition Time:  2024-03-01T01:33:42Z
    Reason:                Available
    Status:                True
    Type:                  Ready
    Last Transition Time:  2024-03-01T01:33:40Z
    Reason:                Success
    Status:                True
    Type:                  LastAsyncOperation
Events:
  Type     Reason                           Age                From                                              Message
  ----     ------                           ----               ----                                              -------
  Warning  CannotResolveResourceReferences  83m (x3 over 83m)  managed/eks.aws.upbound.io/v1beta1, kind=cluster  cannot resolve references: mg.Spec.ForProvider.RoleArn: referenced field was empty (referenced resource may not yet be ready)
  Warning  CannotResolveResourceReferences  82m (x4 over 83m)  managed/eks.aws.upbound.io/v1beta1, kind=cluster  cannot resolve references: mg.Spec.ForProvider.VPCConfig[i3].SubnetIds: referenced field was empty (referenced resource may not yet be ready)
  Normal   CreatedExternalResource          81m                managed/eks.aws.upbound.io/v1beta1, kind=cluster  Successfully requested creation of external resource
  Normal   UpdatedExternalResource          7m43s              managed/eks.aws.upbound.io/v1beta1, kind=cluster  Successfully requested update of external resource

### Crossplane Version

1.15.0

### Provider Version

1.1.1

### Kubernetes Version

Client Version: v1.29.0 Kustomize Version: v5.0.4-0.20230601165947-6ce0bf390ce3 Server Version: v1.27.3

### Kubernetes Distribution

Kind

### Additional Info

_No response_

[github-actions[bot]]

This provider repo does not have enough maintainers to address every issue. Since there has been no activity in the last 90 days it is now marked as stale. It will be closed in 14 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

[ytsarev]

/fresh