Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Resources are missing ignore_changes = [tags] leading to churn when tags are applied using policy #3669

Closed
marrobi opened this issue Aug 11, 2023 · 1 comment · Fixed by #3670
Closed

Resources are missing ignore_changes = [tags] leading to churn when tags are applied using policy #3669

marrobi opened this issue Aug 11, 2023 · 1 comment · Fixed by #3670
Assignees
@marrobi
Labels
bug Something isn't working

Comments

@marrobi
Copy link
Member

marrobi commented Aug 11, 2023

Resources are missing ignore_changes = [tags] leading to churn when tags are applied using policy.

lifecycle { ignore_changes = [tags] }

Needs adding to all resources that have tags applied by the Azure TRE.
@marrobi marrobi added the bug Something isn't working label Aug 11, 2023
@marrobi marrobi self-assigned this Aug 11, 2023
@marrobi
Copy link
Member Author

marrobi commented Aug 11, 2023

Using this script to resolve:

import os
import re

# Find all Terraform files in the repository skipping any directories named .terraform
files = []
for root, dirs, filenames in os.walk('.'):
    if '.terraform' in dirs:
        dirs.remove('.terraform')
    for filename in filenames:
        if filename.endswith('.tf'):
            files.append(os.path.join(root, filename))


# Loop through each file
for file in files:
    print(f'Processing {file}')
    with open(file, 'r') as f:
        content = f.readlines()
        # Loop through each line in the file
        i = 0
        while i < len(content):
            line = content[i]
            # Check if the line defines a resource
            if re.match(r'resource "[^"]+" "[^"]+" \{', line):
                # Find the position of the closing curly brace of the resource
                brace_count = 0
                j = i
                while (j == i or brace_count > 0) and j < len(content):
                    if '{' in content[j]:
                        brace_count += content[j].count('{')
                    if '}' in content[j]:
                        brace_count -= content[j].count('}')
                    j += 1
                end = j
                # Define the resource variable
                resource = ''.join(content[i:end])
                # Check if the resource has a "tags" attribute but no "lifecycle" attribute
                if re.search(r'tags\s*=', resource) and not re.search(r'lifecycle\s*{', resource):
                    # Add the "lifecycle" block to the resource
                    content[i:end] = content[i:end - 1] + [f'\n  lifecycle {{ ignore_changes = [tags] }}\n'] + content[end - 1:end]
                    # output the resource and file name
                    print(f'Added lifecycle block to resource in {file}')
                # Move the index to the end of the resource
                i = end
            else:
                i += 1
        with open(file, 'w') as f:
            f.writelines(content)

@marrobi marrobi mentioned this issue Aug 11, 2023
Merged
marrobi added a commit to marrobi/AzureTRE that referenced this issue Aug 14, 2023
@marrobi
Resources are missing ignore_changes = [tags] leading to churn when t…
0df7e30 
…ags are applied using policy

Fixes microsoft#3669
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@marrobi marrobi

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Apply missing lifecycle blocks to ignore tags marrobi/AzureTRE
1 participant
@marrobi