search

pulumi / pulumi-gcp

A Google Cloud Platform (GCP) Pulumi resource package, providing multi-language access to GCP
Apache License 2.0
182 stars 52 forks source link

GCP bucket gets updated everytime after going from version 6.X to 7.x #1378

Open fbarrerafalabella opened 10 months ago

fbarrerafalabella commented 10 months ago

What happened?

I updated the pulumi-gcp package to 7.2.1 from 6.55.1 and now everytime I perform a pulumi up it detects it needs to update the bucket component, but when getting the details, no change is shown, I wonder if on other projects this will result on pulumi trying to re-create the component

Example

Previewing update (staging):
     Type                   Name                 Plan       Info
     pulumi:pulumi:Stack    api-gateway-staging             2 messages
 ~   └─ gcp:storage:Bucket  api-gateway          update

Diagnostics:
  pulumi:pulumi:Stack (api-gateway-staging):
    (node:50494) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
    (Use `node --trace-deprecation ...` to show where the warning was created)

Resources:
    ~ 1 to update
    59 unchanged

Do you want to perform this update? details
  pulumi:pulumi:Stack: (same)
    [urn=urn:pulumi:staging::api-gateway::pulumi:pulumi:Stack::api-gateway-staging]
    ~ gcp:storage/bucket:Bucket: (update) 🔒
        [id=api-gateway-47d88fc]
        [urn=urn:pulumi:staging::api-gateway::gcp:storage/bucket:Bucket::api-gateway]
        [provider=urn:pulumi:staging::api-gateway::pulumi:providers:gcp::default_7_2_1::a04f4d95-7ec2-47ea-9cc9-4bce938b4b76]
        forceDestroy: false
        location    : "US"
        name        : "api-gateway-47d88fc"
        storageClass: "STANDARD"
        versioning  : {
            enabled   : true
        }

Output of pulumi about

pulumi about
CLI
Version      3.94.2
Go Version   go1.21.4
Go Compiler  gc

Plugins
NAME    VERSION
nodejs  unknown

Host
OS       darwin
Version  14.1.1
Arch     x86_64

This project is written in nodejs: executable='/usr/local/bin/node' version='v21.1.0'

Backend
Name           MacBook-Pro-de-soporte-3.local
URL            gs://linio-support-pulumi-state
User           fernando.barrera
Organizations
Token type     personal

Pulumi locates its logs in /var/folders/wp/6_z83s8d3y93lr__9qm9_3jh0000gp/T/ by default
warning: Failed to get information about the Pulumi program's dependencies: could not find either /Users/fernando.barrera/Documents/GitHub/falabella/linio-infrastructure/applications/api-gateway/yarn.lock or /Users/fernando.barrera/Documents/GitHub/falabella/linio-infrastructure/applications/api-gateway/package-lock.json
warning: Failed to get information about the current stack: No current stack

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

iwahbe commented 10 months ago

Hi @fbarrerafalabella. I'm sorry to hear that. Can you please include some code that reproduces your issue. I tried with this program:

name: dev-yaml
runtime: yaml
resources:
  gcp:
    type: pulumi:providers:gcp
    options:
      # version: 6.55.1 # <- start here, run `pulumi up`, then move to `7.2.1`.
      version: 7.2.1
    defaultProvider: true
  bucket:
    type: gcp:storage:Bucket
    properties:
      location: us-west1
      name: example-140879
      project: ${gcp_project}
      publicAccessPrevention: enforced
      uniformBucketLevelAccess: true

☝️ diffs cleanly after upgrading. Can you please include code that reproduces this issue? It might be what fields you have set on the bucket.

fbarrerafalabella commented 10 months ago

I am using typescript as runtime and this is the fragment of code that is presenting this behaviour

new gcp.storage.Bucket(
    config.projectName,
    {
      location: 'US',
      versioning: {
        enabled: true,
      },
    },
    { protect: true }
  );

let me prepare a simpler complete code that reproduces it and I will share it in here

neelance commented 8 months ago

We're seeing the same problem with gcp.storage.Bucket and gcp.certificateauthority.CaPool. After a lot of trial and error I managed to reproduce it for Bucket:

  1. Deploy a new bucket:

    new gcp.storage.Bucket("test", {
location: "us",
});

  2. Export the stack: pulumi stack export > stack.json

  3. Edit the stack.json and delete the effectiveLabels from the outputs section. This is one of the fields that it missing on the bucket that we're having issues with.

  4. Import the stack: pulumi stack import --file stack.json

  5. Deploy the stack: pulumi up. Observe an update to the bucket.

  6. Deploy the stack again: pulumi up. Observe that there is still an update. This should never happen.

neelance commented 8 months ago

I have now added a workaround to our codebase by adding ignoreChanges: ["effectiveLabels"] to the gcp.storage.Bucket and ignoreChanges: ["issuancePolicy"] to the gcp.certificateauthority.CaPool.