Apply Modes

Every formae apply requires a mode. The mode determines what formae is allowed to do — and more importantly, what it won't do.

Reconcile

formae apply --mode reconcile main.pkl

Reconcile brings reality in line with your code. Resources in your forma get created or updated. Resources that exist in the cloud but not in your forma get destroyed.

Use reconcile for:

  • Complete infrastructure deployments (Day-0)
  • Structural changes — adding or removing entire subsystems
  • Cleanup — when you intentionally want to remove resources not in your code

Patch

formae apply --mode patch change.pkl

Patch only creates or updates. It never destroys anything. Resources in your forma get created or updated. Everything else is left alone.

Use patch for:

  • Additive changes to existing infrastructure
  • Emergency fixes with minimal blast radius
  • Team-specific additions without affecting shared resources
  • Gradual adoption — incrementally bringing resources under management

The key difference: reconcile can destroy, patch cannot.

Hard vs soft reconcile

When someone changes a resource outside of formae — through the cloud console, another tool, or a script — those are out-of-band changes. Reconcile mode handles them in two ways.

Soft reconcile (default)

If formae detects out-of-band changes, it rejects the apply to protect you:

formae apply --mode reconcile main.pkl
# Fails — external changes detected

This gives you a chance to review what changed. Extract the current state, compare it with your code, and decide what to keep.

Hard reconcile

If you've reviewed the changes and want to overwrite them, use --force:

formae apply --mode reconcile --force main.pkl

Hard reconcile overwrites all out-of-band changes and brings the infrastructure exactly in line with your forma. Use it when your code is the authority and external changes should be discarded.

Tip: Soft reconcile is a safety net. Reach for --force only when you know what you're overwriting.

Resource replacement

Most property changes update a resource in place. But some properties are immutable — changing them triggers a destroy followed by a create:

myVpc = new vpc.Vpc {
  cidrBlock = "10.1.0.0/16"  // Immutable — triggers replacement
}

formae handles this automatically, but be aware: replacement means downtime for that resource and anything that depends on it. Simulation catches this before it happens:

formae apply --mode reconcile --simulate main.pkl

Check the simulation output for "replace" operations before applying.