Object isn't updated and shows the following error in Status:
conditions:
- lastTransitionTime: '2024-04-29T17:01:55Z'
message: >-
update failed: async update failed: refuse to update the external
resource because the following update requires replacing it: cannot
change the value of the argument "member" from
"serviceAccount:project.svc.id.goog[ns/ksa1]" to
"serviceAccount:project.svc.id.goog[ns/ksa2]"
reason: ReconcileError
status: 'False'
type: Synced
- lastTransitionTime: '2024-04-29T16:52:36Z'
reason: Available
status: 'True'
type: Ready
- lastTransitionTime: '2024-04-29T17:01:55Z'
message: >-
async update failed: refuse to update the external resource because the
following update requires replacing it: cannot change the value of the
argument "member" from
"serviceAccount:project.svc.id.goog[ns/ksa1]" to
"serviceAccount:project.svc.id.goog[ns/ksa2]"
reason: AsyncUpdateFailure
status: 'False'
type: LastAsyncOperation
Relevant Error Output Snippet
Now, if we try to delete the resource,we get a 404:
conditions:
- lastTransitionTime: '2024-04-29T15:48:11Z'
message: >-
delete failed: async delete failed: failed to delete the resource: [{0
Error retrieving IAM policy for service account '': googleapi: got HTTP
response code 404 with body: <!DOCTYPE html>
<html lang=en>
<meta charset=utf-8>
<meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
<title>Error 404 (Not Found)!!1</title>
<style>
*{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
</style>
<a href=//www.google.com/><span id=logo aria-label=Google></span></a>
<p><b>404.</b> <ins>That’s an error.</ins>
<p>The requested URL <code>/v1/:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false</code> was not found on this server. <ins>That’s all we know.</ins>
[]}]
reason: ReconcileError
status: 'False'
type: Synced
- lastTransitionTime: '2024-04-29T17:08:01Z'
reason: Deleting
status: 'False'
type: Ready
- lastTransitionTime: '2024-04-29T15:48:11Z'
message: >-
async delete failed: failed to delete the resource: [{0 Error retrieving
IAM policy for service account '': googleapi: got HTTP response code 404
with body: <!DOCTYPE html>
<html lang=en>
<meta charset=utf-8>
<meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
<title>Error 404 (Not Found)!!1</title>
<style>
*{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoration:none}a img{border:0}@media screen and (max-width:772px){body{background:none;margin-top:0;max-width:none;padding-right:0}}#logo{background:url(//www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png) no-repeat;margin-left:-5px}@media only screen and (min-resolution:192dpi){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat 0% 0%/100% 100%;-moz-border-image:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) 0}}@media only screen and (-webkit-min-device-pixel-ratio:2){#logo{background:url(//www.google.com/images/branding/googlelogo/2x/googlelogo_color_150x54dp.png) no-repeat;-webkit-background-size:100% 100%}}#logo{display:inline-block;height:54px;width:150px}
</style>
<a href=//www.google.com/><span id=logo aria-label=Google></span></a>
<p><b>404.</b> <ins>That’s an error.</ins>
<p>The requested URL <code>/v1/:getIamPolicy?alt=json&options.requestedPolicyVersion=3&prettyPrint=false</code> was not found on this server. <ins>That’s all we know.</ins>
[]}]
Before trying to update it, the object could be removed successfully
Is there an existing issue for this?
Affected Resource(s)
cloudplatform.gcp.upbound.io/v1beta1 - ServiceAccountIAMMember
Resource MRs required to reproduce the bug
No response
Steps to Reproduce
Apply this manifest:
The resource is created correctly Once it is created, apply an updated version of the same resource changing spec.forProvider.member
What happened?
Object isn't updated and shows the following error in Status:
Relevant Error Output Snippet
Now, if we try to delete the resource,we get a 404:
Before trying to update it, the object could be removed successfully
Crossplane Version
1.15.0
Provider Version
1.1.0
Kubernetes Version
Client Version: version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.12", GitCommit:"12031002905c0410706974560cbdf2dad9278919", GitTreeState:"clean", BuildDate:"2024-03-15T02:15:31Z", GoVersion:"go1.21.8", Compiler:"gc", Platform:"linux/amd64"} Kustomize Version: v5.0.1 Server Version: version.Info{Major:"1", Minor:"27", GitVersion:"v1.27.11-gke.1062000", GitCommit:"d08e2b8d118069b27c15a6a241af87c9bbba7fdc", GitTreeState:"clean", BuildDate:"2024-02-26T09:17:18Z", GoVersion:"go1.21.7 X:boringcrypto", Compiler:"gc", Platform:"linux/amd64"}
Kubernetes Distribution
GKE
Additional Info
No response