search

juju / terraform-provider-juju

A Terraform provider for Juju
Apache License 2.0
19 stars 37 forks source link

Applying a plan does not update applications referencing a channel #417

Open alnvdl-work opened 6 months ago

alnvdl-work commented 6 months ago

Requirements

If an application is specifying the channel of a charm (and not a revision), then releasing a new revision to that channel and running terraform apply does not cause any updates. That's because the plan did not change in fact.

A workaround seems to be manually running juju refresh to update these applications.

Would it be possible to somehow have the Juju TF provider invoke juju refresh on the user's behalf for all applications that are not pinning a revision?

A documentation update would also be nice to explain this limitation and the possible workarounds if this can't be implemented by the provider.

Urgency

It would save us from a weird workaround

Notes & References

Related discussion: https://matrix.to/#/!tGlkJIgTBsNijRGgvq:ubuntu.com/$YWVorJ5jndh30P9q0NqqlYP4AzFxwo5H6SFqxpfpxVE?via=ubuntu.com&via=matrix.org

alnvdl-work commented 3 months ago

This limitation caused a headache today with IS. Context:

  1. IS was pinning an old revision of a charm in a TF plan (r43), because using channels means that charms don't get updated (and maybe they have other reasons?).
  2. However, the ubuntu-pro-client is updated in the machines via apt, which itself relies a kind-of-channel-based mechanism for package updates (e.g., *-updates).
  3. After the Pro client package was updated, the charm stopped working, because the newer version did not accept a config the way it was set by charm in r43.
  4. Just running juju refresh was not enough: applying the plan again reverted it to the old r43 revision. So IS needed to update the pinned version on their TF plan.

See the conversation around this: https://chat.canonical.com/canonical/pl/sx4cmx5gsfgxun1i3ra4658fph

This is just to say that the problem reported in this issue leads to TF plan developers pinning revisions, effectively defeating the purpose of having channels in the first place.

And having pinned revisions tends to introduce these kinds of problems, because despite the charm itself being pinned, some of the resources it depends on (e.g., deb packages, snaps) may get updated anyway.

As discussed in chats before, this may be due to a deeper disconnect between how Juju and Terraform work at a fundamental level. I'm not expecting an easy solution, I just wanted to highlight the implications of this issue.

FYI @cmisare, @mthaddon, @fbertetto