search

fluxcd / terraform-provider-flux

Terraform and OpenTofu provider for bootstrapping Flux
https://registry.terraform.io/providers/fluxcd/flux/latest
Apache License 2.0
368 stars 86 forks source link

[Bug]: flux_bootstrap does not reconcile if the flux-system GitRepository is monitoring a tag rather than a branch #712

Open sonalita opened 3 months ago

sonalita commented 3 months ago

Describe the bug

We run our GitRepository sources off a tag rather than a branch. If the flux_bootstrap Terraform resource detects a change, it does not reconcile unless we edit the GitRepository object on the cluster and remove the tag

Steps to reproduce

Add tag to GitRepository spec: interval: 1m0s ref: branch: main tag: 1.9.4-RC

Make a change in the bootstrap resource that will trigger a replace

The reconcile gets stuck in "still reconciling..." until the tag is removed.

Expected behavior

Terraform should reconcile the resource

Screenshots and recordings

No response

Terraform and provider versions

Terraform 1.6,6 Flux_bootstrap 1.,3.0

Terraform provider configurations

provider "flux" { kubernetes = { cluster_ca_certificate = base64decode(data.aws_eks_cluster.cluster.certificate_authority.0.data) exec = { api_version = local.cluster_config["aws_cli_client_authentication_api_version"] args = local.aws_eks_get_token_command command = "aws" } host = data.aws_eks_cluster.cluster.endpoint } git = { author_name = var.azuredevops_secret_username_flux_config branch = local.cluster_config["azuredevops_git_repo_branch_flux_config"] http = { username = var.azuredevops_secret_username_flux_config password = var.azuredevops_personal_access_token } url = "${local.cluster_config["azuredevops_org_service_url"]}/${local.cluster_config["azuredevops_project_name"]}/_git/${local.cluster_config["azuredevops_git_repository_name_flux_config"]}" } }

flux_bootstrap_git resource

resource "flux_bootstrap_git" "this" { components_extra = var.components_extra embedded_manifests = true image_pull_secret = var.artifactory_image_pull_secret_name network_policy = var.network_policy path = var.target_path registry = var.registry registry_credentials = "${var.artifactory_username}:${var.artifactory_api_key}" watch_all_namespaces = var.watch_all_namespaces

depends_on = [kubernetes_secret.flux_ado_secret] }

Flux version

2.3.0

Additional context

No response

Code of Conduct

Would you like to implement a fix?

None

swade1987 commented 3 months ago

@sonalita your GitRepository listed has both a branch and tag specified. Should it not just contain only the tag?