search

crossplane-contrib / provider-upjet-gcp

GCP Provider for Crossplane.
https://marketplace.upbound.io/providers/upbound/provider-family-gcp/
Apache License 2.0
68 stars 75 forks source link

Restarting GCP provider pod results in incorrect ID in the status of Topic and Subscription #410

Closed ZhiminXiang closed 6 months ago

ZhiminXiang commented 1 year ago

We noticed that after restarting the GCP provider pod, the ID in the status of Topic and Subscription was changed to an incorrect value.

Here are the steps to reproduce this issue.

  1. Create a following topic: 
    apiVersion: pubsub.gcp.upbound.io/v1beta1
kind: Topic
metadata:
name: debug-topic
spec:
deletionPolicy: Delete
forProvider:
messageRetentionDuration: 3600s
messageStoragePolicy:
- allowedPersistenceRegions:
  - us-central1
  - us-central2
  - us-east1
  - us-east4
  - us-east5
  - us-south1
project: ca-zhimin-test
managementPolicies:
- '*'
providerConfigRef:
name: default

    In our case, we explicitly set the project field in the spec.forProvider to the value ca-zhimin-test. This value is different from the projectID in the default providerConfig. (The reason is that we have multi-tenant model. So we built our custom webhook to set the right project for each tenant.)

Here is the default providerConfig.

apiVersion: gcp.upbound.io/v1beta1
kind: ProviderConfig
metadata:
  name: default
spec:
  credentials:
    impersonateServiceAccount:
      name: ""
    source: InjectedIdentity
  projectID: ca-paas-platform-dev

  1. After creating the Topic, the ID in the status of the Topic used the project ca-zhimin-test, which is correct

    status:
atProvider:
id: projects/ca-zhimin-test/topics/debug-topic-sbt7s-74h9j

  2. Restart the GCP provider controller.

  3. After the GCP provider controller was successfully started, the ID of the status was changed to use the projectID in the providerConfig

    status:
atProvider:
id: projects/ca-paas-platform-dev/topics/debug-topic-sbt7s-74h9j

The actual topic was NOT moved to ca-paas-platform-dev, and still existed in the GCP project ca-zhimin-test, which is good. Only the ID of the status is incorrect.

This is problematic for the use case of setting up dead letter topic in the subscription as this could result in failing to create the subscription because crossplane tried to look up the topic based on the incorrect ID in the status.

turkenf commented 1 year ago

A potential solution would be to change the external-name configuration from TemplatedStringAsIdentifier("name", "projects/{{ .setup.configuration.project }}/topics/{{ .external_name }}") to TemplatedStringAsIdentifier("name", "projects/{{ if .parameters.project }}{{ .parameters.project }}{{ else }}{{ .setup.configuration.project }}{{ end }}/topics/{{ .external_name }}").

github-actions[bot] commented 7 months ago

This provider repo does not have enough maintainers to address every issue. Since there has been no activity in the last 90 days it is now marked as stale. It will be closed in 14 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

github-actions[bot] commented 6 months ago

This issue is being closed since there has been no activity for 14 days since marking it as stale. If you still need help, feel free to comment or reopen the issue!