Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Diff State Detection After Provider Pod Restart #159

Open
1 task done
ducet8 opened this issue Oct 16, 2024 · 0 comments
Open
1 task done

[Bug]: Diff State Detection After Provider Pod Restart #159

ducet8 opened this issue Oct 16, 2024 · 0 comments
Labels
bug Something isn't working needs:triage

Comments

@ducet8
Copy link

ducet8 commented Oct 16, 2024
edited
Loading

Is there an existing issue for this?

  • I have searched the existing issues

Affected Resource(s)

groups.azuread.upbound.io/v1beta1 - Group

Resource MRs required to reproduce the bug

  - name: environment-aad-group
    base:
      apiVersion: groups.azuread.upbound.io/v1beta1
      kind: Group
      spec:
        forProvider:
          assignableToRole: true
          securityEnabled: true
        managementPolicies: ["Create", "Delete", "Observe"]
    patches:
    - type: FromCompositeFieldPath
      fromFieldPath: spec.claimRef.name
      transforms:
      - type: string
        string:
          fmt: "%s-portal-api"
      toFieldPath: metadata.name
      policy:
        fromFieldPath: Required
    - type: FromCompositeFieldPath
      fromFieldPath: spec.claimRef.name
      transforms:
      - type: string
        string:
          fmt: "%s-portal-api"
      toFieldPath: spec.forProvider.displayName
      policy:
        fromFieldPath: Required
    - type: ToCompositeFieldPath
      fromFieldPath: metadata.name
      toFieldPath: metadata.annotations.environmentAadGroupName
    - type: ToCompositeFieldPath
      fromFieldPath: status.atProvider.objectId
      toFieldPath: metadata.annotations.environmentAadGroupObjectId
    - type: ToCompositeFieldPath
      fromFieldPath: status.atProvider.id
      toFieldPath: metadata.annotations.environmentAadGroupId
apiVersion: groups.azuread.upbound.io/v1beta2
kind: Group
metadata:
  annotations:
    crossplane.io/composition-resource-name: environment-aad-group
    crossplane.io/external-create-pending: "2024-10-29T01:31:06Z"
    crossplane.io/external-create-succeeded: "2024-10-29T01:31:06Z"
  creationTimestamp: "2024-07-25T16:16:46Z"
  finalizers:
  - finalizer.managedresource.crossplane.io
  generateName: core-demo-env-9d7bf-
  generation: 2
  labels:
    crossplane.io/claim-name: core-demo-env
    crossplane.io/claim-namespace: crossplane-launchdeck-demo-env
    crossplane.io/composite: core-demo-env-9d7bf
  name: core-demo-env-portal-api
  ownerReferences:
  - apiVersion: launchdeck.tech/v1alpha1
    blockOwnerDeletion: true
    controller: true
    kind: XLaunchdeckDevEnv
    name: core-demo-env-9d7bf
    uid: <>
  resourceVersion: "102323870"
  uid: <>
spec:
  deletionPolicy: Delete
  forProvider:
    assignableToRole: true
    displayName: core-demo-env-portal-api
    securityEnabled: true
  initProvider: {}
  managementPolicies:
  - Create
  - Delete
  - Observe
  providerConfigRef:
    name: default

Steps to Reproduce

Create group
Restart the provider-azuread pod

What happened?

A new group is created with the same name but a different ID. This causes members, roleassignments, etc to be left in the wrong group.

Relevant Error Output Snippet

2024-10-16T18:31:36Z DEBUG provider-azuread Instance state not found in cache, reconstructing... {"uid": "38504fef-a5f8-4d32-8b10-4c5c45c06c7e", "name": "core-dev-env-portal-api", "gvk": "groups.azuread.upbound.io/v1beta1, Kind=Group"}
2024-10-16T18:31:36Z DEBUG provider-azuread Observing the external resource {"uid": "38504fef-a5f8-4d32-8b10-4c5c45c06c7e", "name": "core-dev-env-portal-api", "gvk": "groups.azuread.upbound.io/v1beta1, Kind=Group"}
2024-10-16T18:31:36Z DEBUG provider-azuread Diff detected {"uid": "38504fef-a5f8-4d32-8b10-4c5c45c06c7e", "name": "core-dev-env-portal-api", "gvk": "groups.azuread.upbound.io/v1beta1, Kind=Group", "instanceDiff": "*terraform.InstanceDiff{mu:sync.Mutex{state:0, sema:0x0}, Attributes:map[string]*terraform.ResourceAttrDiff{\"assignable_to_role\":*terraform.ResourceAttrDiff{Old:\"\", New:\"true\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, \"auto_subscribe_new_members\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"display_name\":*terraform.ResourceAttrDiff{Old:\"\", New:\"core-dev-env-portal-api\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"external_senders_allowed\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"hide_from_address_lists\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"hide_from_outlook_clients\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"mail\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"mail_nickname\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:true, Sensitive:false, Type:0x0}, \"members.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"object_id\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"onpremises_domain_name\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"onpremises_group_type\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"onpremises_netbios_name\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"onpremises_sam_account_name\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"onpremises_security_identifier\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"onpremises_sync_enabled\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"owners.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"preferred_language\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"prevent_duplicate_names\":*terraform.ResourceAttrDiff{Old:\"\", New:\"false\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"proxy_addresses.#\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"security_enabled\":*terraform.ResourceAttrDiff{Old:\"\", New:\"true\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"visibility\":*terraform.ResourceAttrDiff{Old:\"\", New:\"\", NewComputed:true, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}, \"writeback_enabled\":*terraform.ResourceAttrDiff{Old:\"\", New:\"false\", NewComputed:false, NewRemoved:false, NewExtra:interface {}(nil), RequiresNew:false, Sensitive:false, Type:0x0}}, Destroy:false, DestroyDeposed:false, DestroyTainted:false, RawConfig:cty.NilVal, RawState:cty.NilVal, RawPlan:cty.NilVal, Meta:map[string]interface {}(nil)}"}
2024-10-16T18:31:36Z DEBUG provider-azuread Async create starting... {"trackerUID": "38504fef-a5f8-4d32-8b10-4c5c45c06c7e", "resourceName": "core-dev-env-portal-api", "gvk": "groups.azuread.upbound.io/v1beta1, Kind=Group", "tfID": ""}
2024-10-16T18:31:36Z DEBUG provider-azuread Successfully requested creation of external resource {"controller": "managed/groups.azuread.upbound.io/v1beta1, kind=group", "request": {"name":"core-dev-env-portal-api"}, "uid": "38504fef-a5f8-4d32-8b10-4c5c45c06c7e", "version": "81160356", "external-name": "", "external-name": ""}

Crossplane Version

1.16.0

Provider Version

1.5.0

Kubernetes Version

1.29.6

Kubernetes Distribution

AKS

Additional Info

No response
@ducet8 ducet8 added bug Something isn't working needs:triage labels Oct 16, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working needs:triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ducet8