Stop considering AWS initialized fields in diff

Signed-off-by: Martin Baillie <martin@baillie.id> (cherry picked from commit 8296667)
crossplane-contrib · Nov 13, 2023 · 8ff01e1 · 8ff01e1
1 parent d0f2ff9
commit 8ff01e1
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 6 deletions.
diff --git a/pkg/clients/iam/role.go b/pkg/clients/iam/role.go
@@ -79,7 +79,6 @@ func GenerateRoleObservation(role iamtypes.Role) v1beta1.RoleExternalStatus {
 
 // GenerateRole assigns the in RoleParamters to role.
 func GenerateRole(in v1beta1.RoleParameters, role *iamtypes.Role) error {
-
 	if in.AssumeRolePolicyDocument != "" {
 		s, err := legacypolicy.CompactAndEscapeJSON(in.AssumeRolePolicyDocument)
 		if err != nil {
@@ -179,7 +178,10 @@ func IsRoleUpToDate(in v1beta1.RoleParameters, observed iamtypes.Role) (bool, st
 		return false, "", err
 	}
 
-	diff := cmp.Diff(desired, &observed, cmpopts.IgnoreInterfaces(struct{ resource.AttributeReferencer }{}), cmpopts.IgnoreFields(observed, "AssumeRolePolicyDocument"), cmpopts.IgnoreTypes(document.NoSerde{}), cmpopts.SortSlices(lessTag))
+	diff := cmp.Diff(desired, &observed,
+		cmpopts.IgnoreInterfaces(struct{ resource.AttributeReferencer }{}),
+		cmpopts.IgnoreFields(observed, "AssumeRolePolicyDocument", "CreateDate", "PermissionsBoundary.PermissionsBoundaryType"),
+		cmpopts.IgnoreTypes(document.NoSerde{}), cmpopts.SortSlices(lessTag))
 	if diff == "" && policyUpToDate {
 		return true, diff, nil
 	}

diff --git a/pkg/clients/iam/role_test.go b/pkg/clients/iam/role_test.go
@@ -46,10 +46,12 @@ var (
 		  }
 		]
 	   }`
-	roleID   = "some Id"
-	roleName = "some name"
-	tagKey   = "key"
-	tagValue = "value"
+	roleID             = "some Id"
+	roleName           = "some name"
+	tagKey             = "key"
+	tagValue           = "value"
+	permissionBoundary = "arn:aws:iam::111111111111:policy/permission-boundary"
+	createDate         = time.Now()
 )
 
 func roleParams(m ...func(*v1beta1.RoleParameters)) *v1beta1.RoleParameters {
@@ -271,6 +273,38 @@ func TestIsRoleUpToDate(t *testing.T) {
 			want:     true,
 			wantDiff: "",
 		},
+		"AWSInitializedFields": {
+			args: args{
+				role: iamtypes.Role{
+					AssumeRolePolicyDocument: escapedPolicyJSON(),
+					CreateDate:               &createDate,
+					Description:              &description,
+					MaxSessionDuration:       pointer.ToIntAsInt32(1),
+					Path:                     pointer.ToOrNilIfZeroValue("/"),
+					PermissionsBoundary: &iamtypes.AttachedPermissionsBoundary{
+						PermissionsBoundaryArn:  &permissionBoundary,
+						PermissionsBoundaryType: "Policy",
+					},
+					Tags: []iamtypes.Tag{{
+						Key:   pointer.ToOrNilIfZeroValue("key1"),
+						Value: pointer.ToOrNilIfZeroValue("value1"),
+					}},
+				},
+				p: v1beta1.RoleParameters{
+					Description:              &description,
+					AssumeRolePolicyDocument: assumeRolePolicyDocument,
+					MaxSessionDuration:       pointer.ToIntAsInt32(1),
+					Path:                     pointer.ToOrNilIfZeroValue("/"),
+					PermissionsBoundary:      &permissionBoundary,
+					Tags: []v1beta1.Tag{{
+						Key:   "key1",
+						Value: "value1",
+					}},
+				},
+			},
+			want:     true,
+			wantDiff: "",
+		},
 		"DifferentPolicy": {
 			args: args{
 				role: iamtypes.Role{