terratag icon indicating copy to clipboard operation
terratag copied to clipboard

Published 20 hours ago verified publisher icon env0

Is there a method for defining a "LastChange" tag?

Open dsfrederic opened this issue 2 years ago • 8 comments

I've tried adding this functionality into TF directly, but I wasn't able to get it to work properly. The tag was updated even though there was no change to the actual resource.

dsfrederic avatar Sep 28 '21 10:09 dsfrederic

Hi @dsfrederic - Thanks for opening the issue. Can you please elaborate a bit more what exactly do you mean? And what is exactly the use case?

omry-hay avatar Sep 29 '21 09:09 omry-hay

Hi @omry-hay,

I want to be able to timestamp all my resources that were deployed/changed/updated during my apply phase. If there were no changes to resource X. The timestamp tag for this resource should not be updated.

dsfrederic avatar Sep 30 '21 12:09 dsfrederic

@omry-hay any update on this feature request?

dsfrederic avatar Apr 12 '22 10:04 dsfrederic

Hi @dsfrederic We currently don't have an ETA for this feature request as this is quite a specific use case that would be difficult to implement.

Yet we're going to consider solving it in the upcoming weeks. I'll update the issue by then.

yaronya avatar Apr 14 '22 13:04 yaronya

Hey @dsfrederic Would having the ability to ignore specific resources, let's say by type + name, would make sense to you and assist your use case?

yaronya avatar May 12 '22 21:05 yaronya

I don't think so. There should be a way to check if resource X is part of the plan. If so update the tag

dsfrederic avatar May 13 '22 05:05 dsfrederic

Hey again @dsfrederic Terratag executes before the plan, so that can't be achieved.

Can you maybe suggest a more generic solution to your specific use case? I thought of maybe ignoring resources by some attribute path and its value. As an example, for your use case, you can tell terratag to skip resources that have the tags.timestamp attribute with some specific timestamp.

Would that work for you? if not, any other generic feature request would be welcome.

yaronya avatar Jul 10 '22 18:07 yaronya

Could you make terratag use a plan file, if given, as a filter? In such case, terratag would only update the tags of those resources in the plan.

So the workflow would be terraform plan -out plan-file, terratag -filter plan-file (modifies the plan file with updated tags), terraform apply plan-file.

This plays well with other tooling. Eg lots of devops teams generate plan anyways, to use with infracost (to see cost increase of a planned set of changes).

CC @yaronya

schollii avatar Aug 30 '22 12:08 schollii

Hi @schollii This is indeed an option, but still feels quite a specific use case of modifying (or not modifying) tags of changed/unchanged resources. I must say that we haven't heard this kind of feature request much.

Yet it sounds like something that could be handy to some, so would you be interested in contributing such feature?

yaronya avatar Oct 13 '22 05:10 yaronya

Interested for sure, but whether I can find the time is another matter. If anyone else is interested please just post here, or maybe someone is interested in tag-teaming with me on this. I have lots of programming experience just not much time these days.

schollii avatar Oct 13 '22 14:10 schollii

I had another look at the terratag docs and I think what I propose is too error prone. Eg consider the following scenario:

  1. I have a clean state
  2. I make a mod to one resource in tf file, say resource A
  3. I run plan, shows resource A, and I save plan to a file
  4. I run terratag on that plan (assuming that idea got implemented): now the resource A config has an additional tag (eg, LastChange=)
  5. Now instead of running terraform plan to see that A has both the mod that I made AND the LastChange tag, I undo the change I made to A, instead I change another resource, say B
  6. Now terraform plan shows resource B change, plus tag-change on A, save plan to file
  7. I re-run terratag on that plan: now both A and B are in it, so both A and B will get the new LastChange with the new timestamp

It's up to me to remember to remove the tag from A before step 6 so that the above does not happen.

Actually the following scenario also fails:

  1. I have a clean state, and some resources (perhaps all) have the LastChange tag thanks to having run terratag previously
  2. I make a mod to one resource in tf file, say resource A
  3. I run terraform plan, shows resource A, and I save plan to a file
  4. I run terratag on that plan (assuming that idea got implemented): now the tag has a new value
  5. I run terraform plan: I see that all resources have a new value for the LastChange tag, not just resource A

As discussed in https://github.com/hashicorp/terraform/issues/32018, my latest thought is that this kind of feature should be provided by the terraform provider (eg aws, azure, gcp providers).

schollii avatar Oct 23 '22 01:10 schollii