Problem when setting explicit tags for some AWS resources

[Roman-Simik]

Hey guys, I have recently got into problem or atleast weird functioning of some resources in AWS provider, I will try to explain

What happened?

When I deploy some AWS resouces (for example: EC2 Address, EC2 Subnet, EC2 VPC), crossplane automatically adds by itself some tags, and that's a problem:

Why?

• Because I deploy this resources through argoCD (I have stored the yamls in the Git, and ArgoCD is automatically syncing it and applying, but it will always result in OutOfSync mode, because the desired state will always differ from the deployed yaml (It is explained in How to reproduce below)

PS: This is not happening for other resources like EC2 NatGateway or EC2 Subnet, because on this resources crossplane is not setting another tags by itself

How can we reproduce it?

You can reproduce it pretty easily

1. Deploy EC2 VPC with some explicit tags set

forProvider:
 ...
 tags:
  - key: Name
    value: production-vpc

2. In the deployed yaml in k8s you will also see

forProvider:
 ...
 tags:
  - key: Name
    value: production-vpc
  - key: crossplane-kind
    value: production-vpc
  - key: crossplane-providerconfig
    value: default

• The problem is that ArgoCD wants to have there only single tag, which is defined by me, but this never happens because crossplane will always add there the other tags...
• This is the difference which ArgoCD is always reporting and trying to fix, (it is basically in infinite loop)
  

What environment did it happen in?

Crossplane version: 1.9.0 deployed by original Helm Chart
CloudProvider: self hosted on AWS
Kubernetes version: 1.21

[haarchri]

we have resources with default tags
so as workaround for argo you can add these tags explicitly - does this work in your case ?

[Roman-Simik]

Hi, yes as workaround this works. But I think it can be pain in the ass to always remember this, or for any newcomers...

[github-actions]

Crossplane does not currently have enough maintainers to address every issue and pull request. This issue has been automatically marked as stale because it has had no activity in the last 90 days. It will be closed in 14 days if no further activity occurs. Leaving a comment starting with /fresh will mark this issue as not stale.

[daniel-garcia]

/fresh

[MisterMX]

Related to #494 and #1436. Probably the same issue. Might be able to fix it the same way as in #1895.

Please note that it is intentional for subnets that tags are not removed automatically because tags are added automatically by other AWS services like ELB.

[MisterMX]

I had a second look at this and this is actually by design. External tags are added on purpose. The best way to solve this is by adding the additional tags to your ArgoCD manifest.

We could think about removing the whole tag initialization completely since it does not provide real value and I am unsure why they were added in the first place. However, this would be a breaking change. We don't plan to do this on our own. So if someone wants to work on this feature, feel free to open a PR and assign me as a reviewer.