fix: IAM Policy 409 concurrent changes error - take 2

[tamir-deep]

Fixes hashicorp/terraform-provider-google#25305

There is already a backoff retry mechanism but it's broken due to wrapped error. The current usage for checking if it's googleapi error doesn't work well.

#15972 reverted #15825 due to regressions. However, the original IAM 409 concurrent error is now back due to that.

I debugged that specific error and found that the err var returned is by the type fmt.Errorf on level 0 and googleapi.Error on level 1.
errwrap simply doesn't detect it.

I wanted to avoid walking or unwrapping and make minimal changes as possible.

Given the fact we have to keep using errwrap for now, I added the same changes I did originally below the current errwrap code and also I added tests.

I tested the generated provider and it solves the 409 issue.

Tagging @slevenick @ScottSuarez @BBBmau for extra verification and input.

Release Note Template for Downstream PRs (will be copied)

See Write release notes for guidance.

iam: fixed error 409 concurrency policy changes by correctly detecting the error type.

[github-actions]

Hello! I am a robot. Tests will require approval from a repository maintainer to run.

Googlers: For automatic test runs see go/terraform-auto-test-runs.

@slevenick, a repository maintainer, has been assigned to review your changes. If you have not received review feedback within 2 business days, please leave a comment on this PR asking them to take a look.

You can help make sure that review is quick by doing a self-review and by running impacted tests locally.

[github-actions]

@slevenick This PR has been waiting for review for 3 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 1 week. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 2 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 3 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[tamir-deep]

@slevenick Can you take a look please?

[github-actions]

@slevenick This PR has been waiting for review for 3 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

[slevenick]

I think this is a better approach and shouldn't have the impact of the previous change. I'm going to get another pair of eyes on this as it's such a core part of shared provider functionality

[tamir-deep]

Sure thing

[github-actions]

@slevenick This PR has been waiting for review for 3 weekdays. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 1 week. Please take a look! Use the label disable-review-reminders to disable these notifications.

[github-actions]

@GoogleCloudPlatform/terraform-team @slevenick This PR has been waiting for review for 2 weeks. Please take a look! Use the label disable-review-reminders to disable these notifications.

[tamir-deep]

@slevenick got a chance to have someone else look at it? Seems like the bot assigned you again

[slevenick]

Thanks!

[modular-magician]

Hi there, I'm the Modular magician. I've detected the following information about your changes:

Diff report

Your PR generated some diffs in downstreams - here they are.

google provider: Diff ( 2 files changed, 12 insertions(+), 1 deletion(-))
google-beta provider: Diff ( 2 files changed, 12 insertions(+), 1 deletion(-))
terraform-google-conversion: Diff ( 1 file changed, 5 insertions(+))

[modular-magician]

Tests analytics

Total tests: 6011
Passed tests: 5376
Skipped tests: 634
Affected tests: 1

Click here to see the affected service packages

All service packages are affected

Action taken

Found 1 affected test(s) by replaying old test recordings. Starting RECORDING based on the most recent commit. Click here to see the affected tests

• TestAccAccessContextManager__service_perimeter_dry_run_egress_policy

Get to know how VCR tests work

[modular-magician]

🟢 Tests passed during RECORDING mode:
TestAccAccessContextManager__access_level [Debug log]
TestAccAccessContextManager__access_level_condition [Debug log]
TestAccAccessContextManager__access_level_custom [Debug log]
TestAccAccessContextManager__access_level_full [Debug log]
TestAccAccessContextManager__access_levels [Debug log]
TestAccAccessContextManager__access_policy [Debug log]
TestAccAccessContextManager__access_policy_scoped [Debug log]
TestAccAccessContextManager__authorized_orgs_desc [Debug log]
TestAccAccessContextManager__service_perimeter [Debug log]
TestAccAccessContextManager__service_perimeter_dry_run_egress_policy [Debug log]
TestAccAccessContextManager__service_perimeter_dry_run_ingress_policy [Debug log]
TestAccAccessContextManager__service_perimeter_update [Debug log]
TestAccAccessContextManager__service_perimeters [Debug log]

🔴 Tests failed when rerunning REPLAYING mode:
TestAccAccessContextManager__service_perimeter_dry_run_egress_policy [Error message] [Debug log]
TestAccAccessContextManager__service_perimeter_dry_run_ingress_policy [Error message] [Debug log]

Tests failed due to non-determinism or randomness when the VCR replayed the response after the HTTP request was made.

Please fix these to complete your PR. If you believe these test failures to be incorrect or unrelated to your change, or if you have any questions, please raise the concern with your reviewer.

---

🟢 All tests passed!

View the build log or the debug log for each test