Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updates to tags and ACLs should happen only for non new resources #5072

Closed
wants to merge 1 commit into from
Closed

Updates to tags and ACLs should happen only for non new resources #5072

wants to merge 1 commit into from

Conversation

domwong
Copy link
Contributor

@domwong domwong commented Jul 4, 2018
edited
Loading

Changes proposed in this pull request:

  • During creation of EC2 instances, an extra call to CreateTags is applied to the attached EBS volume. This is unnecessary since the tags are already created when passed to the initial RunInstances call. Remove this extra call.
  • diffTags incorrectly returns tags that exist in oldTags and newTags as needing to be created again. This causes unnecessary calls to CreateTags. Fix this to return only tags that need to be deleted and created.
  • During creation of S3 buckets, an extra call to PutObjectACL is applied to the S3 bucket. This is unnecessary since the ACLs are already created when passed to the initial CreateBucket call. Remove this extra call.

Output from acceptance testing:

$  make testacc TESTARGS='-run=TestAccAWSInstance.*Tag'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./... -v -run=TestAccAWSInstance.*Tag -timeout 120m
?   	github.com/terraform-providers/terraform-provider-aws	[no test files]
=== RUN   TestAccAWSInstance_volumeTags
--- PASS: TestAccAWSInstance_volumeTags (176.93s)
=== RUN   TestAccAWSInstance_volumeTagsComputed
--- PASS: TestAccAWSInstance_volumeTagsComputed (142.11s)
=== RUN   TestAccAWSInstance_forceNewAndTagsDrift
--- PASS: TestAccAWSInstance_forceNewAndTagsDrift (205.75s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	524.841s

$  make testacc TESTARGS='-run=TestAccAWSS3.*Tag'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./... -v -run=TestAccAWSS3.*Tag -timeout 120m
?   	github.com/terraform-providers/terraform-provider-aws	[no test files]
=== RUN   TestAccAWSS3BucketMetric_WithFilterPrefixAndMultipleTags
--- PASS: TestAccAWSS3BucketMetric_WithFilterPrefixAndMultipleTags (83.62s)
=== RUN   TestAccAWSS3BucketMetric_WithFilterPrefixAndSingleTag
--- PASS: TestAccAWSS3BucketMetric_WithFilterPrefixAndSingleTag (80.15s)
=== RUN   TestAccAWSS3BucketMetric_WithFilterMultipleTags
--- PASS: TestAccAWSS3BucketMetric_WithFilterMultipleTags (80.13s)
=== RUN   TestAccAWSS3BucketMetric_WithFilterSingleTag
--- PASS: TestAccAWSS3BucketMetric_WithFilterSingleTag (82.22s)
=== RUN   TestAccAWSS3MultiBucket_withTags
--- PASS: TestAccAWSS3MultiBucket_withTags (43.56s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	369.731s

NOTE: I have not run all the tests, only those listed above

@ghost ghost added the size/S Managed by automation to categorize the size of a PR. label Jul 4, 2018
domwong
domwong commented Jul 4, 2018
View reviewed changes
aws/resource_aws_instance.go
@@ -854,7 +854,7 @@ func resourceAwsInstanceUpdate(d *schema.ResourceData, meta interface{}) error {
}
}
if d.HasChange("volume_tags") {
if !d.IsNewResource() || !restricted {
if !d.IsNewResource() || restricted {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My understanding here is that "restricted" e.g. "gov cloud" accounts don't yet have the option to add tags at creation time so you need to set them afterwards. This change brings the behaviour in line with similar approach on line 848.

@domwong domwong changed the title [WIP] Updates to tags and ACLs should happen only for non new resources Updates to tags and ACLs should happen only for non new resources Jul 4, 2018
@bflad bflad added bug Addresses a defect in current functionality. service/ec2 Issues and PRs that pertain to the ec2 service. service/s3 Issues and PRs that pertain to the s3 service. labels Jul 5, 2018
@bflad
Copy link
Contributor

bflad commented Jul 5, 2018

Hi @domwong 👋 Thanks for submitting this!

Would it be possible to split this PR into multiple? Usually handling one resource or data source per PR (when possible) is easiest for the maintainers to get quickly reviewed and merged, especially when one specific code update might need additional work.

I do have a question about the following:

diffTags incorrectly returns tags that exist in oldTags and newTags as needing to be created again. This causes unnecessary calls to CreateTags. Fix this to return only tags that need to be deleted and created.

Does this logic potentially exist to handle tag value updates for an existing tag key? Some service APIs do not support updating an existing tag so therefore require delete and create.

@bflad bflad added the waiting-response Maintainers are waiting on response from community or contributor. label Jul 5, 2018
@domwong
Copy link
Contributor Author

domwong commented Jul 6, 2018

Hi @bflad,

Sure, will split this up and comment with new PR numbers here once done.

Does this logic potentially exist to handle tag value updates for an existing tag key? Some service APIs do not support updating an existing tag so therefore require delete and create.

That's a good point and one that I was not aware of. Will have a dig around and see which services this affects - sounds like I might have to drop that proposed change.

@domwong domwong mentioned this pull request Jul 6, 2018
Merged
@domwong
Copy link
Contributor Author

domwong commented Jul 6, 2018

Closing in favour of #5106 #5107 #5108

@domwong domwong closed this Jul 6, 2018
@ghost
Copy link

ghost commented Apr 4, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 4, 2020
@breathingdust breathingdust removed the waiting-response Maintainers are waiting on response from community or contributor. label Sep 17, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. service/ec2 Issues and PRs that pertain to the ec2 service. service/s3 Issues and PRs that pertain to the s3 service. size/S Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@domwong @bflad @breathingdust