Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

removing vpcConfig from CallbackFunction does not result in change detection #2580

Closed
lalitkapoor opened this issue Jun 28, 2023 · 5 comments
Assignees
Labels
area/providers bug/diff kind/bug related to Pulumi generating wrong diffs on preview or up. customer/feedback Feedback from customers impact/quality impact/usability Something that impacts users' ability to use the product easily and intuitively kind/bug Some behavior is incorrect or out of spec resolution/fixed This issue was fixed

Comments

@lalitkapoor
Copy link
Contributor

lalitkapoor commented Jun 28, 2023

What happened?

I want to remove the VPC configuration from a lambda function, but doing so and running pulumi up does not detect any changes.

Expected Behavior

pulumi up should detect the change in configuration

Steps to reproduce

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
import * as awsx from "@pulumi/awsx";

const STACK = pulumi.getStack().trim();

const CIDR_BLOCK = "10.0.0.0/16";

// Construct a VPC
const vpc = new awsx.ec2.Vpc("main", {
  cidrBlock: CIDR_BLOCK,
  subnets: [
    { type: "public", name: "main-public" },
    { type: "private", name: "main-private" },
    { type: "isolated", name: "db" }
  ],
  tags: { env: STACK }
});

var securityGroupIds: pulumi.Input<pulumi.Input<string>[]> = [];

const defaultSecurityGroup = new aws.ec2.SecurityGroup("default", {
  vpcId: vpc.id,
  ingress: [],
  egress: [
    {
      protocol: "-1",
      fromPort: 0,
      toPort: 0,
      cidrBlocks: ["0.0.0.0/0"],
      ipv6CidrBlocks: ["::/0"]
    }
  ]
});

securityGroupIds.push(defaultSecurityGroup.id);

const testHandler = function(
  vpc: awsx.ec2.Vpc,
  securityGroupIds: pulumi.Input<string>[]
) {
  return new aws.lambda.CallbackFunction(`test-${STACK}`, {
    tags: { env: STACK },
    runtime: "nodejs16.x",
    policies: [
      aws.iam.ManagedPolicy.LambdaFullAccess,
      aws.iam.ManagedPolicy.CloudWatchFullAccess,
      aws.iam.ManagedPolicy.CloudWatchEventsFullAccess,
      aws.iam.ManagedPolicy.AWSLambdaVPCAccessExecutionRole
    ],
    vpcConfig: {
      subnetIds: vpc.privateSubnetIds,
      securityGroupIds: securityGroupIds
    },
    callbackFactory: () => {
      return async (request: awsx.apigateway.Request) => {
        console.log(request.body);
        return { statusCode: 202 };
      };
    }
  });
};

const test = testHandler(vpc, securityGroupIds);
export const testId = test.id;

Note vpcConfig . If I remove vpcConfig from the callback function configuration and run pulumi up it does not detect any changes.

Output of pulumi about

CLI          
Version      3.73.0
Go Version   go1.20.5
Go Compiler  gc

Plugins
NAME            VERSION
aws             5.10.0
aws             4.38.1
aws-apigateway  0.0.6
docker          3.1.0
nodejs          unknown

Host     
OS       darwin
Version  13.3.1
Arch     arm64

Additional context

No response

Contributing

Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).

@lalitkapoor lalitkapoor added kind/bug Some behavior is incorrect or out of spec needs-triage Needs attention from the triage team labels Jun 28, 2023
@kpitzen
Copy link
Contributor

kpitzen commented Jun 29, 2023

Hi @lalitkapoor - thank you for submitting this issue! Your repro seems comprehensive enough for us to take a look at this, so we'll get it lined up as soon as we can. Thank you again!

@kpitzen kpitzen added impact/usability Something that impacts users' ability to use the product easily and intuitively area/providers impact/quality and removed needs-triage Needs attention from the triage team labels Jun 29, 2023
@lalitkapoor
Copy link
Contributor Author

@kpitzen While this issue is being addressed, is there a recommended work around?

@lalitkapoor
Copy link
Contributor Author

@kpitzen bump for any advice here. Thanks.

@mnlumi mnlumi added the customer/feedback Feedback from customers label Aug 9, 2023
@lukehoban
Copy link
Contributor

This does appear to be a bug in the diff logic, most likely in tfbridge.

While this issue is being addressed, is there a recommended work around?

A workaround though is to change the vpcConfig to this instead of removing it:

    vpcConfig: {
      subnetIds: [],
      securityGroupIds: [],
    },

I tried that out and it does correctly remove the VPC configuration on the lambda.

@t0yv0 t0yv0 added the bug/diff kind/bug related to Pulumi generating wrong diffs on preview or up. label Aug 9, 2023
@mikhailshilkov mikhailshilkov added this to the 0.94 milestone Sep 1, 2023
@mikhailshilkov mikhailshilkov modified the milestones: 0.94, 0.95 Sep 29, 2023
@mikhailshilkov mikhailshilkov removed this from the 0.95 milestone Oct 18, 2023
@VenelinMartinov VenelinMartinov added the resolution/fixed This issue was fixed label Jan 2, 2024
@VenelinMartinov
Copy link
Contributor

This issue seems to have been fixed in recent versions of the aws provider. I tested this with 5.10.0 and it reproduced but with 6.17.0 running the steps does produce a diff in the lambda function, although there's nothing in the detailed diff.

I also verified that the state is correctly updated after running pulumi up after commenting out the vpcConfig.

The issue with makeDetailedDiff is tracked under pulumi/pulumi-terraform-bridge#1504

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area/providers bug/diff kind/bug related to Pulumi generating wrong diffs on preview or up. customer/feedback Feedback from customers impact/quality impact/usability Something that impacts users' ability to use the product easily and intuitively kind/bug Some behavior is incorrect or out of spec resolution/fixed This issue was fixed
Projects
None yet
Development

No branches or pull requests

7 participants