Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Terraform updating dependency layer object when content hasn't changed #844

Merged
merged 2 commits into from
Oct 4, 2024
Merged

Fix Terraform updating dependency layer object when content hasn't changed #844

merged 2 commits into from
Oct 4, 2024

Conversation

reweeden
Copy link
Contributor

@reweeden reweeden commented Oct 3, 2024

While doing Cumulus upgrades, I noticed that on every update Terraform was adding something like this to the plan:

 # module.thin_egress_app.aws_s3_bucket_object.lambda_code_dependency_archive will be updated in-place
  ~ resource "aws_s3_bucket_object" "lambda_code_dependency_archive" {
      ~ etag                          = "661d0e0eb0bc955857a7a71087a4208a-2" -> "96bac3b47b39d00107729959bc6689d3"
        id                            = "96bac3b47b39d00107729959bc6689d3.zip"
        tags                          = {}
      + version_id                    = (known after apply)
        # (20 unchanged attributes hidden)
    }

The etag attribute has a warning about using it for files larger than 16MB as it can cause this behavior where the etag after uploading with a multipart upload does not match the full source code hash causing Terraform to needlessly update the object.

While I was at it I also applied the tags variable to the bucket objects as well.

@reweeden
Replace etag with source_hash
1971902 
This avoids the etag behavior for multipart uploads from forcing an 
object update even when the source hasn't changed.
@reweeden
Add tags to bucket objects
3eb4866
@mattp0
Copy link
Contributor

mattp0 commented Oct 3, 2024

"Triggers updates when the value changes."

Won't this cause updates not to occur when the content changes ?

@reweeden
Copy link
Contributor Author

reweeden commented Oct 3, 2024
edited
Loading

"Triggers updates when the value changes."

Won't this cause updates not to occur when the content changes ?

That's what source_hash is for. Also the key is the hash of the content, so that will change also triggering an update.

@reweeden reweeden changed the title Improve Terraform update behavior Fix Terraform updating dependency layer object when content hasn't changed Oct 3, 2024
@reweeden reweeden merged commit 66d96f7 into devel Oct 4, 2024
9 of 10 checks passed
@reweeden reweeden deleted the rew/terraform-s3-object-hash branch October 4, 2024 15:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gjclark gjclark gjclark approved these changes

@mckadesorensen mckadesorensen mckadesorensen approved these changes

@mattp0 mattp0 mattp0 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@reweeden @mattp0 @mckadesorensen @gjclark