Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add ability to detect and update network tags. #469

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

add ability to detect and update network tags. #469

wants to merge 2 commits into from

Conversation

tall3n
Copy link

@tall3n tall3n commented Nov 24, 2021
edited
Loading

SUMMARY

When doing infrastructure as code it is expected that changes to code base will be reflected in the cloud platform. In this scenario changes to tags in the code base did not make its way to the cloud platform. This change rectifies this and follows the same principals as labels.

ISSUE TYPE
  • Feature Pull Request
COMPONENT NAME

gcp_compute_instance

ADDITIONAL INFORMATION

Tags are currently created on instance instantiation, this fix allows network tags to be updated using gitops methodologies. For example, down the road if network tags need to be added are removed they can be done so through code.

Testing Scenario:

Existing Instance with no network tags.

  1. Define Tags
  2. Ensure Tags are set properly

Existing Instance with network tags.

  1. Remove tags from module parameters
  2. Ensure Tags are removed

New Instance

  1. Create New Instance
  2. Ensure Tags are set as expected.
  1. Create Instance with No Tags
  2. Update Tags in Code
  3. Observe Tags did not change
Before:
  "tags": {
      "fingerprint": "42WmSpB8rSM="
  },

After:        
"tags": {
            "fingerprint": "s78FYhaXW7M=",
            "items": [
                "vpn"
            ]
        },

@dhendry
Copy link

dhendry commented Jan 14, 2022

@tall3n any update on this? The fact you cannot manage network tags via this module feels like its a huge problem - how do you manage firewall rules in a VPC otherwise?

Would be great to get this feature in - code changes look really minor.

cc: @rambleraptor as it looks like you are one of the main contributors here (thanks!)

@tall3n
Copy link
Author

tall3n commented Feb 11, 2022

@dhendry

Not sure why I didn't get alerted to your comment, apologize for the late reply.

The firewall rules wasn't a huge problem as much as getting instances post creation to have their instance tags manipulated by reruns.

Because of this issue, we started using pulumi for the infrastructure as we had better full comparative diffs/updates and it fit our flexibility needs on par with ansible.

Until we made the move to using pulumi i just used this code to maintain instance tags.

@toumorokoshi toumorokoshi added the enhancement New feature or request label Nov 12, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@tall3n @dhendry @toumorokoshi