Closed VenelinMartinov closed 2 weeks ago
Here's an AWS example to illustrate:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const cfg = new pulumi.Config();
const step = cfg.requireNumber("step");
console.log("step", step);
const current = aws.s3.getCanonicalUserId({});
const example = new aws.s3.BucketV2("example");
const exampleBucketOwnershipControls = new aws.s3.BucketOwnershipControls("example", {
bucket: example.id,
rule: {
objectOwnership: "BucketOwnerPreferred",
},
});
const exampleBucketAclV2 = new aws.s3.BucketAclV2("example-bucket", {
bucket: example.id,
accessControlPolicy: {
grants: (step === 0) ? [
{
grantee: {
id: current.then(current => current.id),
type: "CanonicalUser",
},
permission: "READ_ACP",
},
{
grantee: {
type: "Group",
uri: "http://acs.amazonaws.com/groups/s3/LogDelivery",
},
permission: "READ_ACP",
},
] : [
{
grantee: {
id: current.then(current => current.id),
type: "CanonicalUser",
},
permission: "READ_ACP",
},
{
grantee: {
type: "Group",
uri: "http://acs.amazonaws.com/groups/s3/LogDelivery2",
},
permission: "READ",
},
{
grantee: {
type: "Group",
uri: "http://acs.amazonaws.com/groups/s3/LogDelivery",
},
permission: "READ_ACP",
},
],
owner: {
id: current.then(current => current.id),
},
},
}, {
dependsOn: [exampleBucketOwnershipControls],
// ignoreChanges: step === 0 ? [] : ["accessControlPolicy.grants[0].permission"]
});
export const bucketId = exampleBucketAclV2.id;
Repro:
#!/usr/bin/env bash
set -euo pipefail
pulumi destroy --yes
pulumi config set step 0
pulumi up --yes --skip-preview
pulumi config set step 1
rm "$PWD/preview.json"
rm "$PWD/up.json"
PULUMI_DEBUG_GRPC="$PWD/preview.json" pulumi preview --diff
PULUMI_DEBUG_GRPC="$PWD/up.json" pulumi up --yes --skip-preview
Shows this diff:
~ aws:s3/bucketAclV2:BucketAclV2: (update)
[id=example-a331d64]
[urn=urn:pulumi:dev::e1::aws:s3/bucketAclV2:BucketAclV2::example-bucket]
[provider=urn:pulumi:dev::e1::pulumi:providers:aws::default_6_45_0::153e26c0-d2dc-484a-b5c2-15b17d914601]
~ accessControlPolicy: {
~ grants: [
~ [0]: {
+ __defaults: []
~ grantee : {
+ __defaults : []
- displayName : ""
- emailAddress: ""
+ id : "e07865a5679c7977370948f1f1e51c21b12d8cfdd396a7e3172275d9164e01b8"
~ type : "Group" => "CanonicalUser"
- uri : "http://acs.amazonaws.com/groups/s3/LogDelivery"
}
permission: "READ_ACP"
}
~ [1]: {
+ __defaults: []
~ grantee : {
+ __defaults : []
- displayName : "aws-contact+dev-sandbox"
- emailAddress: ""
- id : "e07865a5679c7977370948f1f1e51c21b12d8cfdd396a7e3172275d9164e01b8"
~ type : "CanonicalUser" => "Group"
+ uri : "http://acs.amazonaws.com/groups/s3/LogDelivery2"
}
~ permission: "READ_ACP" => "READ"
}
+ [2]: {
+ grantee : {
+ type : "Group"
+ uri : "http://acs.amazonaws.com/groups/s3/LogDelivery"
}
+ permission: "READ_ACP"
}
]
}
The desired diff would simply show that this element got added:
{
grantee: {
type: "Group",
uri: "http://acs.amazonaws.com/groups/s3/LogDelivery2",
},
permission: "READ",
},
This is excellent to track in addition to https://github.com/pulumi/pulumi-terraform-bridge/issues/186 that talks about in-place changes to set elements. The issue tracked here is an addition or removal of elements and not an in-place change.
I think we should be able to address both classes of issues along the lines outlined in https://github.com/pulumi/pulumi-terraform-bridge/issues/2200
This issue has been addressed in PR #2405 and shipped in release v3.92.0.
What happened?
changing
"setProps": []interface{}{"val2", "val3"}
to"setProps": []interface{}{"val1", "val2", "val3"}
produces:The detailed diff shows 2 elements added and 1 changed but only 1 element was added.
Similarly:
Changing
"setProps": []interface{}{"val1", "val2", "val3"}
to"setProps": []interface{}{"val1", "val3"}
produces:Which shows 2 elements being removed but only 1 was removed
Example
https://github.com/pulumi/pulumi-terraform-bridge/pull/2159/files
set element removed middle
andset element added front
Output of
pulumi about
.
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).