search

pulumi / pulumi-gcp

A Google Cloud Platform (GCP) Pulumi resource package, providing multi-language access to GCP
Apache License 2.0
182 stars 52 forks source link

Labels do not import cleanly #2390

Open iwahbe opened 2 weeks ago

iwahbe commented 2 weeks ago

Describe what happened

I expect that refresh works well with unmanaged labels.

We should be able to run for the sample program pulumi up --yes && pulumi refresh --yes && pulumi preview --expect-no-changes.

Sample program

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import { local } from "@pulumi/command";

const gcpConfig = new pulumi.Config("gcp");

const provider = new gcp.Provider("provider", {
  project: gcpConfig.require("project"),
  region: gcpConfig.require("region"),
  defaultLabels: {
    "default-empty": "",
  },
});

const r = new gcp.kms.KeyRing("ring", {
  location: "us-east1",
}, {provider});

const k = new gcp.kms.CryptoKey("key", {
  keyRing: r.id,
  labels: {
    "static": "value",
    //    "empty": "",
  },
}, {deletedWith: r, provider});

export const create = pulumi.interpolate`gcloud kms keys update ${k.id} --keyring=${r.id} --update-labels=unmanaged=value,unmanaged_empty=`;

new local.Command("cmd", {
  create,
}, { deletedWith: k });

export const labels =  k.labels;
export const pulumiLabels = pulumi.unsecret(k.pulumiLabels);
export const effectiveLabels = pulumi.unsecret(k.effectiveLabels);

Log output

NA

Affected Resource(s)

No response

Output of pulumi about

NA

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

VenelinMartinov commented 2 weeks ago

Which bit does not work here?

VenelinMartinov commented 2 weeks ago

Also is this different with storage Bucket? If so, then this might be a duplicate of https://github.com/pulumi/pulumi-gcp/issues/1959

iwahbe commented 2 weeks ago

When we run the normal cycle, we see that pulumi refresh --yes doesn't generate any diff. When the refresh runs (--yes), no changes are shown but the next pulumi up will add the missing unmanaged labels to effectiveLabels.

This is primarily about the refresh behavior, so it is not a duplicate of https://github.com/pulumi/pulumi-gcp/issues/1959.

VenelinMartinov commented 2 weeks ago

Does that happen without the refresh? AFAIK up actually does an implicit Read of the labels on the cloud resource

VenelinMartinov commented 2 weeks ago

Either way, this doesn't seem like a huge issue to me - effectiveLabels is meant to represent the actual labels on the resource, so it is expected to change when unmanaged labels change.

iwahbe commented 2 weeks ago

Does that happen without the refresh? AFAIK up actually does an implicit Read of the labels on the cloud resource

Only with refresh.

Either way, this doesn't seem like a huge issue to me - effectiveLabels is meant to represent the actual labels on the resource, so it is expected to change when unmanaged labels change.

pulumi up --yes && pulumi refresh --yes && pulumi preview --expect-no-changes should always succeed. In the case of the above, the refresh should show a diff (but doesn't) and the second update shouldn't have a diff (but it has the diff that refresh should have had).

The final result is correct, but the order is very wrong.