New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Don't delete a physical id if it was just created #15982
Comments
Is this essentially reference counting for ids? We'd persist a map of type+id to ref count (per provider?). Seems to solve the "interruption" case. |
We had a lively discussion and I'm going to post some notes here that helped me frame this problem and solution space. There are four possible logical desired states: AB, A, B, and {}. There are two physical desired states: R and {}. Desired correspondence:
Assuming here that the ID returned by provider from Create call is exactly what can be used to reason about "sameness"
Scenario A -> B transition Current behavior - pulumi does not identify A and B. Nor does provider. Desired state not achieved - get to {}. provider.Check(B) Option 1 (this ticket) Change the engine to not actually issue provider.Delete() for a URN disappearing from state if one of the Option 2 In the provider state, at the point of provider.Create(B) remember B.id just got created. Option 3 Edit Check() protocol to allow to allocate ID to inputs, if feasible. provider.Check(B) Eron was pointing out that this is somewhat interesting but not quite suitable since Check requires old inputs to be sent, and we won't know which ones those should be until we decide identity, so this does not quite map nicely. |
Here's a valid use-case where multiple logical resources refer to the same physical resource. A Pulumi YAML program using "patch" resources, with two name: myprogram
runtime: yaml
resources:
cm1:
type: kubernetes:core/v1:ConfigMapPatch
properties:
metadata:
name: example
data:
foo: bar
cm2:
type: kubernetes:core/v1:ConfigMapPatch
properties:
metadata:
name: example
data:
biz: bam Note that the If |
Some related issues: Importantly 9925 points out that ID tracking isn't enough if the same resource gets touched by multiple stacks. ID tracking probably is enough for intrastack operations, but I'm not 100% sure that it's a safe change for the engine to start assuming that ID strictly means a unique physical resource. There are resources like command & random that don't really have "physical" resources and could possibly create two distinct resources with the same ID. Even for real physical resources we don't currently mandate that ID alone must be uniquely defining, and a provider may use ID + some of the resources inputs to find the actual instance to operate on. |
Eron had some good arguments, and as a result he convinced me and I now think we should not pursue this change as written.
Here is an alternative proposal for allowing providers to warn (or fail in strict mode) at preview time with the
In order for the provider to have a chance to emit this warning, we need to extend the protocol to allow preview of |
I lifted this to #16004 for separate discussion. |
There are situations where Pulumi can plan a Create/Delete that result in a resource being created and then immediately deleted in the same operation. I'm proposing that we detect these situations and no-op the delete.
For example in pulumi/pulumi-kubernetes#2948 a new resource is created and an old one is deleted, but their inputs are such that the operation is effectively an update. This isn't something the provider can detect at diff time, but it is something the engine can detect because the physical ID returned by the provider is unchanged.
Our current behavior seems to assume Create will always return a new physical id distinct from anything we plan on deleting. If the provider's Create returns an id that already exists in our state, we should recognize that a new physical resource was not created so there is nothing "old" to delete.
I can't think of a situation where the current behavior is valid or expected, but if we're concerned about preserving backwards-compatibility we could allow providers to opt-in to this new behavior via Configure.
Edge cases to think through:
Related #918
Related #6078
Internal https://pulumi.slack.com/archives/CVC1YFDNX/p1713468828983919?thread_ts=1713303598.172839&cid=CVC1YFDNX
The text was updated successfully, but these errors were encountered: