-
Notifications
You must be signed in to change notification settings - Fork 151
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Bug]: CLoudfront ignore_changes=['origins[*].originPath'] #3396
Comments
Thanks for reporting this @Rez0k and sorry that Pulumi is not working as expected for you. Could you please include a more complete program as well as output of |
pulumi about output:
complete program:
This is the program I have, I have a yaml config file that helps me to create the cloudfront distribution. |
Hi @Rez0k I'm having another look here, it would be really great to have a minimal fully working repro to make sure I narrow in on your exact issue. But it looks like I can make an educated guess. Consider this program: import pulumi
import pulumi_aws as aws
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origins=[aws.cloudfront.DistributionOriginArgs(
domain_name="mybucket2.s3.amazonaws.com", # change this
origin_id="myS3Origin",
connection_attempts=2,
connection_timeout=10,
)],
enabled=True,
default_cache_behavior=aws.cloudfront.DistributionDefaultCacheBehaviorArgs(
allowed_methods=[
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
cached_methods=[
"GET",
"HEAD",
],
target_origin_id="myS3Origin",
forwarded_values=aws.cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs(
query_string=False,
cookies=aws.cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs(
forward="none",
),
),
viewer_protocol_policy="allow-all",
min_ttl=0,
default_ttl=3600,
max_ttl=86400,
),
restrictions=aws.cloudfront.DistributionRestrictionsArgs(
geo_restriction=aws.cloudfront.DistributionRestrictionsGeoRestrictionArgs(
restriction_type="whitelist",
locations=[
"US",
"CA",
"GB",
"DE",
],
),
),
viewer_certificate=aws.cloudfront.DistributionViewerCertificateArgs(
cloudfront_default_certificate=True,
),
# opts=pulumi.ResourceOptions(ignore_changes=["origins[*].originPath"])) If I provision this in Pulumi, and then change the origin, I get a confusing diff. Due to the issue with how Pulumi handles set types: TF thinks that this change actually REMOVES one origin, and ADDS another origin instead of editing in-place, because it If at this point I add this:
Then it indeed suppresses the diff and pulumi up shows no changes as expected. However if I try to do this:
It fails to suppress the diff and actually seems to be a no-op, this is a known issue tracked below but essentially it pulumi/pulumi-terraform-bridge#1756 If I start from an empty state and do this:
Then Pulumi might be copying prior state (no origin) which is indeed an error. So this bit may be working as expected. |
#2095 is another issue that runs into very similar problems with this resource. I believe this is unrelated to using |
What happened?
Expected Behavior
When adding the ignore_changes=['origins[*].originPath'] to cloudfront.Distribution(opts=...) I expect the origin path to be ignored (we change the path very often)
If I try to ignore_changes=['origins'] I will get the error:
I have 2 origins, s3 bucket which has an origin_access_control_id and a lb origin which does not has origin_access_control_id
why am I getting this error?
If I remove the ignore_changes everything is working just fine.
note: I am using refresh: always
Actual Behavior
The origin path does get ignored but pulumi wants to change the origin(!) to a different one,
I have 2 origins, one that point to a load balancer and one that point to a s3 bucket.
I have origin_path set only on the s3 bucket origin, but when I use the ignore originPath, pulumi set the originPath to the lb instead of the s3!
Output of
pulumi about
CLI
Version 3.97.0
Go Version go1.21.5
Go Compiler gc
Host
OS ubuntu
Version 22.04
Arch x86_64
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered: