Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TestAccCloudWatchOidcManual does not refresh cleanly #3193

Closed
t0yv0 opened this issue Dec 27, 2023 · 2 comments
Closed

TestAccCloudWatchOidcManual does not refresh cleanly #3193

t0yv0 opened this issue Dec 27, 2023 · 2 comments
Assignees
@t0yv0
Labels
area/refresh kind/engineering Work that is not visible to an external user resolution/wont-fix This issue won't be fixed

Comments

@t0yv0
Copy link
Member

t0yv0 commented Dec 27, 2023

What happened?

Non-empty diff when refreshing the program provisioned by TestAccCloudWatchOidcManual.

Because explicit provider computes a fresh token for assumeRoleWithWebIdentity on every program
invocation, this generates non-empty changes on the pulumi:provider:aws resource
assumeRoleWithWebIdentity field and trips up the default checks which need to be disabled.

In addition to this there's a variety of other non-empty diffs that may have separate root causes:

			// ~ aws:iam:Role everyMinute updated (1s) [diff: ~managedPolicyArns]
			// ~ aws:cloudwatch:EventTarget everyMinute updated (1s) [diff: +runCommandTargets]
			// ~ aws:lambda:Function everyMinute updated (1s) [diff: +replacementSecurityGroupIds~code,lastModified]

The ~code diff is explained by pulumi/pulumi-terraform-bridge#1595

Example

See TestAccCloudWatchOidcManual

Output of pulumi about

N/A

Additional context

N/A

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
@t0yv0 t0yv0 added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels Dec 27, 2023
@iwahbe iwahbe removed the needs-triage Needs attention from the triage team label Dec 28, 2023
@t0yv0 t0yv0 mentioned this issue Apr 22, 2024
Closed
@t0yv0
Copy link
Member Author

t0yv0 commented Apr 25, 2024

~managedPolicyArns diff due to #2246

@t0yv0
Copy link
Member Author

t0yv0 commented Apr 25, 2024

#3868 tracks the refresh bits specifically now..

Because explicit provider computes a fresh token for assumeRoleWithWebIdentity on every program
invocation

This is just the way the program written and is fine, won't fix on that one.

@t0yv0 t0yv0 added kind/engineering Work that is not visible to an external user and removed kind/bug Some behavior is incorrect or out of spec labels Apr 25, 2024
@t0yv0 t0yv0 self-assigned this Apr 25, 2024
@t0yv0 t0yv0 added the resolution/wont-fix This issue won't be fixed label Apr 25, 2024
@t0yv0 t0yv0 closed this as completed Apr 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@t0yv0 t0yv0

Labels
area/refresh kind/engineering Work that is not visible to an external user resolution/wont-fix This issue won't be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@t0yv0 @iwahbe