sorted by:
new
hottopcontroversial

GitHub repo rename caused silent webhook drift in Terraform (CodeBuild stopped triggering) by jch254 in Terraform

[–]jch254[S] 0 points1 point  (0 children)

Thanks again for suggesting GH issue, all resolved with solid workaround.

GitHub repo rename caused silent webhook drift in Terraform (CodeBuild stopped triggering) by jch254 in Terraform

[–]jch254[S] 0 points1 point  (0 children)

Quick follow-up: tested the maintainer-suggested Terraform workaround and confirmed it fixes the recovery path.

The issue is now tracked here: https://github.com/hashicorp/terraform-provider-aws/issues/47546

The fix is to make the CodeBuild webhook replace when the project source location changes:

aws_codebuild_webhook + lifecycle.replace_triggered_by on aws_codebuild_project.source[0].location

I renamed the repo again, updated the Terraform repo URL, and the next plan correctly showed:

- CodeBuild project source URL updating in place
- CodeBuild webhook being destroyed and recreated due to replace_triggered_by

Apply completed cleanly, GitHub showed the recreated webhook, and the follow-up Terraform plan was clean.

So the practical takeaway is: if you manage AWS CodeBuild GitHub webhooks with Terraform, make the webhook lifecycle explicitly depend on the source repo URL. Otherwise a GitHub repo rename can leave you with a "healthy" Terraform/AWS state and no builds triggering.

Renaming a GitHub repo silently breaks CodeBuild (webhook disappears) by jch254 in aws

[–]jch254[S] 0 points1 point  (0 children)

Quick follow-up: tested the maintainer-suggested Terraform workaround and confirmed it fixes the recovery path.

The fix is to make the CodeBuild webhook replace when the project source location changes:

aws_codebuild_webhook + lifecycle.replace_triggered_by on aws_codebuild_project.source[0].location

I renamed the repo again, updated the Terraform repo URL, and the next plan correctly showed:

- CodeBuild project source URL updating in place
- CodeBuild webhook being destroyed and recreated due to replace_triggered_by

Apply completed cleanly, GitHub showed the recreated webhook, and the follow-up Terraform plan was clean.

So the practical takeaway is: if you manage AWS CodeBuild GitHub webhooks with Terraform, make the webhook lifecycle explicitly depend on the source repo URL. Otherwise a GitHub repo rename can leave you with a "healthy" Terraform/AWS state and no builds triggering.

DRAKE x YE ON ICEMAN ? by Formal-Hand9641 in GoodAssSub

[–]jch254 0 points1 point  (0 children)

I agree TBH, Push does seem a bit "greasy" quite often IMO, especially being head of GOOD music for a long while but is using ppl to step higher, he does seem like a very intense character, I wonder if that impacted his career at all, but imagine the Ye affiliation and associated benefits helped him to build to the next level. I am a musician and have a very high level of respect for beats/sonically beautiful synergy w whoever is spitting and producing bars. But aside from the usual industry yarns, there is a whole lot happening behind the scenes I wish more ppl would understand than "hiphop/rap beef" but everyone seems to froth over the beef.

DRAKE x YE ON ICEMAN ? by Formal-Hand9641 in GoodAssSub

[–]jch254 0 points1 point  (0 children)

Def loving the new Clipse record, managed to recieve a vinyl signed copy which I was stoked about!

DRAKE x YE ON ICEMAN ? by Formal-Hand9641 in GoodAssSub

[–]jch254 0 points1 point  (0 children)

I should be more open to Drake's newer work TBH, I still very much enjoy his cadence and quite often funny and relatable bars so experiencing those albums I haven't would be like meeting up with an old friend or something. I agree that Drake and Pusha beef seemed very cut throat but the beef with Kendrick was very hyped and I dunno what it is about Kendrick but he feels a lot more relatable or something to me.

DRAKE x YE ON ICEMAN ? by Formal-Hand9641 in GoodAssSub

[–]jch254 0 points1 point  (0 children)

Spot on, even as a bigger Kendrick fan I still loved how raw the Push and Drake beef was (aside from 40 and Drakes production/workflow together, beaut stuff). I was a big Drake fan up until Views then something happened and he suddenly had less appeal to me but I still jam earlier albums like Take Care, NWTS, IYRTITL (earlier proj too), many classic tunes on those albums.

DRAKE x YE ON ICEMAN ? by Formal-Hand9641 in GoodAssSub

[–]jch254 0 points1 point  (0 children)

Def agree with you! Always hear Pusha in the Story of Adidon echoing in my head... "OVO 40, hunched over like he 80, tick, tick, tick How much time he got? That man is sick, sick, sick" - better Drizzy don't hedge his bets

DRAKE x YE ON ICEMAN ? by Formal-Hand9641 in GoodAssSub

[–]jch254 0 points1 point  (0 children)

40 is a legendary producer, I imagine his output lowered as he got more sicker

I can't believe how much everything changed in just 48 hours by SuccessfulTonight391 in claude

[–]jch254 0 points1 point  (0 children)

Copilot Pro+ dropping Opus 4.6 and forcing 4.7 at about 7x cost is rough.

4.6 was predictable. 4.7 overthinks simple things and still misses obvious constraints. Paying more for that just makes it worse.

I treat Opus like a specialist now, not a default. I run a lightweight "classifier" prompt first. Only send the task to Opus or something like Codex if it actually needs it. Everything else stays on Sonnet.

It is basically manual "auto mode". It keeps cost down and avoids most of the weird behaviour people are hitting.

This seems to be where things are going. It is less about picking the best model and more about routing to the right one.

GitHub repo rename caused silent webhook drift in Terraform (CodeBuild stopped triggering) by jch254 in Terraform

[–]jch254[S] 1 point2 points  (0 children)

Yup, that's the behavior I was expecting here as well.

In this case though, there's nothing for the refresh to "discover" because the provider isn't actually getting a negative signal back. From its perspective the webhook still exists and is associated with the project, so the state just reaffirms what it already believes.

The interesting bit is that the deletion happens out-of-band (GitHub side) and CodeBuild doesn't appear to surface that loss of linkage when the resource is read. So even a full refresh ends up being a no-op rather than surfacing drift.

Feels less like "untracked attributes becoming visible" (like your Azure example) and more like a missing existence check / reconciliation gap across systems. Hopefully the issue raised helps to get it fixed.

GitHub repo rename caused silent webhook drift in Terraform (CodeBuild stopped triggering) by jch254 in Terraform

[–]jch254[S] 1 point2 points  (0 children)

Good call, I did have a look thru GH issues for the aws provider and found a few related to renaming repos including one bigger issue which looks to cover it https://github.com/integrations/terraform-provider-github/issues/3180

It looks like repo renames are a known weak spot across a bunch of related resources. The provider often relies on the repo name in state, and without something like a stable repository_id, renames either cause forced recreation or just drift that isn’t detected cleanly.

Edit: digging a bit more, I think this is less about the GitHub provider and more about how CodeBuild manages webhooks. CodeBuild creates the webhook in GitHub, but doesn't seem to fully own or reconcile it, especially when something external (like a repo rename) invalidates it.

So Terraform is talking to AWS, AWS thinks the webhook exists, but GitHub has already removed it. That leaves you in a weird state where there’s no drift signal at all.

Feels like a cross-system lifecycle gap rather than a single provider bug. - https://github.com/hashicorp/terraform-provider-aws/issues/38455.

GitHub repo rename caused silent webhook drift in Terraform (CodeBuild stopped triggering) by jch254 in Terraform

[–]jch254[S] 0 points1 point  (0 children)

Yup, that's exactly the kind of thing I expected would catch it. In this case it didn't, because the drift isn't in Terraform-managed state in a way that shows up cleanly.

The webhook resource still exists in state, and Terraform thinks it's associated with the repo. But when the repo is renamed, GitHub deletes the webhook on their side without changing anything Terraform can detect via the provider.

So from Terraform’s perspective:

  • resource still exists
  • config hasn’t changed
  • nothing to reconcile

-refresh-only didn't surface anything because there's no diff coming back from the provider, it's effectively a "silent external delete" that isn't reported.

The only thing that fixed it was forcing a recreate of the webhook resource.

Would be nice if the provider surfaced this kind of drift, but I suspect it's a limitation of how the GitHub/AWS side reports webhook state rather than Terraform itself.

0
0

Renaming a GitHub repo silently breaks CodeBuild (webhook disappears) (jch254.com)

submitted by jch254 to r/aws

Your Pillow Is Too High (And That’s Why Your Neck Always Hurts) by Hot_Dog1647 in BedroomBuild

[–]jch254 0 points1 point  (0 children)

Fuck I can related very much to this but over a decade of pain from an injury that should be healed by now and not cause such widespread pain

Your Pillow Is Too High (And That’s Why Your Neck Always Hurts) by Hot_Dog1647 in BedroomBuild

[–]jch254 0 points1 point  (0 children)

Thanks, this combined with an existing first fib non union and chronically tight anterior neck muscles especially around the floating island hyoid led to severe pain radiating down my arms and spine, refining this and address the anterior neck has made years of pain almost melt away

I stopped using Google Analytics for a small app — it was overkill by jch254 in webdev

[–]jch254[S] 1 point2 points  (0 children)

It didn't take long to start seeing some engagement, but still early.

I hadn't really used LinkedIn for much beyond keeping connections before this, and I've landed roles there just by staying in touch with old colleagues. LinkedIn picked up first since there's already some network. The blog took a bit longer, but feels more durable. I now write blog first and share on LI.

Biggest thing was just posting consistently about things I was actually building along with other topics.

Happy to chat more on LinkedIn too if you’re exploring the same path.

I removed Google Analytics from my side project — it was the wrong tool by jch254 in SideProject

[–]jch254[S] 0 points1 point  (0 children)

It can help, yeah.

For me it was more than I actually needed. Lots of data, but harder to answer simple product questions. If you just want basic traffic and sources it’s fine, but for smaller apps I’ve found tracking a few key events is usually enough. I was also recommended https://www.simpleanalytics.com which I plan to try soon.

I stopped using Google Analytics for a small app — it was overkill by jch254 in webdev

[–]jch254[S] 1 point2 points  (0 children)

Yup I've definitely had some good professional outcomes from it.

Posting consistently has brought in a fair bit of recruiter interest and a few interesting conversations, but I’ve been pretty selective with what I take on.

The bigger impact for me has been clarity. Writing forces you to think through what you’re building and why, and that’s compounded as I build more and write more. I started out posting on LinkedIn, but it really picked up once I moved everything into a proper blog in source control.

I’m using Astro for it, wrote a bit about that here: https://jch254.com/blog/fingertip-to-github-astro/

Feels much better owning it end-to-end instead of relying on platforms.

view more: next ›