Skip to content

Commit 7c189e0

Browse files
uibmuibm
committed
t1
1 parent 8b3c166 commit 7c189e0

File tree

3 files changed

+348
-149
lines changed

3 files changed

+348
-149
lines changed

ibm/service/vpc/resource_ibm_is_security_group.go

Lines changed: 129 additions & 54 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,9 @@ import (
1313

1414
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
1515
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/validate"
16+
"github.com/IBM/go-sdk-core/v5/core"
1617
"github.com/IBM/vpc-go-sdk/vpcv1"
18+
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
1719
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/customdiff"
1820
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
1921
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
@@ -32,12 +34,12 @@ const (
3234
func ResourceIBMISSecurityGroup() *schema.Resource {
3335

3436
return &schema.Resource{
35-
Create: resourceIBMISSecurityGroupCreate,
36-
Read: resourceIBMISSecurityGroupRead,
37-
Update: resourceIBMISSecurityGroupUpdate,
38-
Delete: resourceIBMISSecurityGroupDelete,
39-
Exists: resourceIBMISSecurityGroupExists,
40-
Importer: &schema.ResourceImporter{},
37+
CreateContext: resourceIBMISSecurityGroupCreate,
38+
ReadContext: resourceIBMISSecurityGroupRead,
39+
UpdateContext: resourceIBMISSecurityGroupUpdate,
40+
DeleteContext: resourceIBMISSecurityGroupDelete,
41+
Exists: resourceIBMISSecurityGroupExists,
42+
Importer: &schema.ResourceImporter{},
4143

4244
CustomizeDiff: customdiff.All(
4345
customdiff.Sequence(
@@ -177,10 +179,12 @@ func ResourceIBMISSecurityGroupValidator() *validate.ResourceValidator {
177179
return &ibmISSecurityGroupResourceValidator
178180
}
179181

180-
func resourceIBMISSecurityGroupCreate(d *schema.ResourceData, meta interface{}) error {
182+
func resourceIBMISSecurityGroupCreate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
181183
sess, err := vpcClient(meta)
182184
if err != nil {
183-
return err
185+
tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "create", "initialize-client")
186+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
187+
return tfErr.GetDiag()
184188
}
185189
vpc := d.Get(isSecurityGroupVPC).(string)
186190

@@ -200,9 +204,11 @@ func resourceIBMISSecurityGroupCreate(d *schema.ResourceData, meta interface{})
200204
name = nm.(string)
201205
createSecurityGroupOptions.Name = &name
202206
}
203-
sg, response, err := sess.CreateSecurityGroup(createSecurityGroupOptions)
207+
sg, _, err := sess.CreateSecurityGroup(createSecurityGroupOptions)
204208
if err != nil {
205-
return fmt.Errorf("[ERROR] Error while creating Security Group %s\n%s", err, response)
209+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("CreateSecurityGroupWithContext failed: %s", err.Error()), "ibm_is_security_group", "create")
210+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
211+
return tfErr.GetDiag()
206212
}
207213
d.SetId(*sg.ID)
208214
v := os.Getenv("IC_ENV_TAGS")
@@ -222,45 +228,68 @@ func resourceIBMISSecurityGroupCreate(d *schema.ResourceData, meta interface{})
222228
"Error on create of Security Group (%s) access tags: %s", d.Id(), err)
223229
}
224230
}
225-
return resourceIBMISSecurityGroupRead(d, meta)
231+
return resourceIBMISSecurityGroupRead(context, d, meta)
226232
}
227233

228-
func resourceIBMISSecurityGroupRead(d *schema.ResourceData, meta interface{}) error {
234+
func resourceIBMISSecurityGroupRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
229235
sess, err := vpcClient(meta)
230236
if err != nil {
231-
return err
237+
tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "initialize-client")
238+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
239+
return tfErr.GetDiag()
232240
}
233241
id := d.Id()
234242

235243
getSecurityGroupOptions := &vpcv1.GetSecurityGroupOptions{
236244
ID: &id,
237245
}
238-
group, response, err := sess.GetSecurityGroup(getSecurityGroupOptions)
246+
securityGroup, response, err := sess.GetSecurityGroupWithContext(context, getSecurityGroupOptions)
239247
if err != nil {
240248
if response != nil && response.StatusCode == 404 {
241249
d.SetId("")
242250
return nil
243251
}
244-
return fmt.Errorf("[ERROR] Error getting Security Group : %s\n%s", err, response)
252+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("GetSecurityGroupWithContext failed: %s", err.Error()), "ibm_is_security_group", "read")
253+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
254+
return tfErr.GetDiag()
245255
}
246-
tags, err := flex.GetGlobalTagsUsingCRN(meta, *group.CRN, "", isUserTagType)
256+
tags, err := flex.GetGlobalTagsUsingCRN(meta, *securityGroup.CRN, "", isUserTagType)
247257
if err != nil {
248258
log.Printf(
249259
"Error getting Security Group tags : %s\n%s", d.Id(), err)
250260
}
251-
accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *group.CRN, "", isAccessTagType)
261+
accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *securityGroup.CRN, "", isAccessTagType)
252262
if err != nil {
253263
log.Printf(
254264
"Error on get of Security Group (%s) access tags: %s", d.Id(), err)
255265
}
256-
d.Set(isSecurityGroupTags, tags)
257-
d.Set(isSecurityGroupAccessTags, accesstags)
258-
d.Set(isSecurityGroupCRN, *group.CRN)
259-
d.Set(isSecurityGroupName, *group.Name)
260-
d.Set(isSecurityGroupVPC, *group.VPC.ID)
266+
if err = d.Set(isSecurityGroupTags, tags); err != nil {
267+
err = fmt.Errorf("Error setting tags: %s", err)
268+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-tags").GetDiag()
269+
}
270+
if err = d.Set(isSecurityGroupAccessTags, accesstags); err != nil {
271+
err = fmt.Errorf("Error setting access_tags: %s", err)
272+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-access_tags").GetDiag()
273+
}
274+
if err = d.Set("crn", securityGroup.CRN); err != nil {
275+
err = fmt.Errorf("Error setting crn: %s", err)
276+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-crn").GetDiag()
277+
}
278+
if !core.IsNil(securityGroup.Name) {
279+
if err = d.Set("name", securityGroup.Name); err != nil {
280+
err = fmt.Errorf("Error setting name: %s", err)
281+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-name").GetDiag()
282+
}
283+
}
284+
if !core.IsNil(securityGroup.VPC) {
285+
if err = d.Set(isSecurityGroupVPC, *securityGroup.VPC.ID); err != nil {
286+
err = fmt.Errorf("Error setting vpc: %s", err)
287+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-vpc").GetDiag()
288+
}
289+
}
261290
rules := make([]map[string]interface{}, 0)
262-
if len(group.Rules) > 0 {
263-
for _, rule := range group.Rules {
291+
if len(securityGroup.Rules) > 0 {
292+
for _, rule := range securityGroup.Rules {
264293
switch reflect.TypeOf(rule).String() {
265294
case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp":
266295
{
@@ -376,26 +405,50 @@ func resourceIBMISSecurityGroupRead(d *schema.ResourceData, meta interface{}) er
376405
}
377406
}
378407
}
379-
d.Set(isSecurityGroupRules, rules)
380-
d.SetId(*group.ID)
381-
if group.ResourceGroup != nil {
382-
d.Set(isSecurityGroupResourceGroup, group.ResourceGroup.ID)
383-
d.Set(flex.ResourceGroupName, group.ResourceGroup.Name)
408+
if err = d.Set(isSecurityGroupRules, rules); err != nil {
409+
err = fmt.Errorf("Error setting rules: %s", err)
410+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-rules").GetDiag()
411+
}
412+
413+
d.SetId(*securityGroup.ID)
414+
if securityGroup.ResourceGroup != nil {
415+
if err = d.Set(isSecurityGroupResourceGroup, securityGroup.ResourceGroup.ID); err != nil {
416+
err = fmt.Errorf("Error setting resource_group: %s", err)
417+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-resource_group").GetDiag()
418+
}
419+
if err = d.Set(flex.ResourceGroupName, securityGroup.ResourceGroup.Name); err != nil {
420+
err = fmt.Errorf("Error setting resource_group_name: %s", err)
421+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-resource_group_name").GetDiag()
422+
}
384423
}
385424
controller, err := flex.GetBaseController(meta)
386425
if err != nil {
387-
return err
426+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("GetBaseController failed: %s", err.Error()), "ibm_is_security_group", "read")
427+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
428+
return tfErr.GetDiag()
429+
}
430+
431+
if err = d.Set(flex.ResourceControllerURL, controller+"/vpc-ext/network/securityGroups"); err != nil {
432+
err = fmt.Errorf("Error setting resource_controller_url: %s", err)
433+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-resource_controller_url").GetDiag()
434+
}
435+
if err = d.Set(flex.ResourceName, *securityGroup.Name); err != nil {
436+
err = fmt.Errorf("Error setting resource_name: %s", err)
437+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-resource_name").GetDiag()
438+
}
439+
if err = d.Set(flex.ResourceCRN, *securityGroup.CRN); err != nil {
440+
err = fmt.Errorf("Error setting resource_crn: %s", err)
441+
return flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "read", "set-resource_crn").GetDiag()
388442
}
389-
d.Set(flex.ResourceControllerURL, controller+"/vpc-ext/network/securityGroups")
390-
d.Set(flex.ResourceName, *group.Name)
391-
d.Set(flex.ResourceCRN, *group.CRN)
392443
return nil
393444
}
394445

395-
func resourceIBMISSecurityGroupUpdate(d *schema.ResourceData, meta interface{}) error {
446+
func resourceIBMISSecurityGroupUpdate(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
396447
sess, err := vpcClient(meta)
397448
if err != nil {
398-
return err
449+
tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "update", "initialize-client")
450+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
451+
return tfErr.GetDiag()
399452
}
400453
id := d.Id()
401454
name := ""
@@ -421,7 +474,7 @@ func resourceIBMISSecurityGroupUpdate(d *schema.ResourceData, meta interface{})
421474
name = d.Get(isSecurityGroupName).(string)
422475
hasChanged = true
423476
} else {
424-
return resourceIBMISSecurityGroupRead(d, meta)
477+
return resourceIBMISSecurityGroupRead(context, d, meta)
425478
}
426479

427480
if hasChanged {
@@ -433,34 +486,42 @@ func resourceIBMISSecurityGroupUpdate(d *schema.ResourceData, meta interface{})
433486
}
434487
securityGroupPatch, err := securityGroupPatchModel.AsPatch()
435488
if err != nil {
436-
return fmt.Errorf("[ERROR] Error calling asPatch for SecurityGroupPatch: %s", err)
489+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("securityGroupPatchModel.AsPatch() failed: %s", err.Error()), "ibm_is_security_group", "update")
490+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
491+
return tfErr.GetDiag()
437492
}
438493
updateSecurityGroupOptions.SecurityGroupPatch = securityGroupPatch
439-
_, response, err := sess.UpdateSecurityGroup(updateSecurityGroupOptions)
494+
_, _, err = sess.UpdateSecurityGroupWithContext(context, updateSecurityGroupOptions)
440495
if err != nil {
441-
return fmt.Errorf("[ERROR] Error Updating Security Group : %s\n%s", err, response)
496+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("UpdateSecurityGroupWithContext failed: %s", err.Error()), "ibm_is_security_group", "update")
497+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
498+
return tfErr.GetDiag()
442499
}
443500
}
444-
return resourceIBMISSecurityGroupRead(d, meta)
501+
return resourceIBMISSecurityGroupRead(context, d, meta)
445502
}
446503

447-
func resourceIBMISSecurityGroupDelete(d *schema.ResourceData, meta interface{}) error {
504+
func resourceIBMISSecurityGroupDelete(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
448505
sess, err := vpcClient(meta)
449506
if err != nil {
450-
return err
507+
tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "delete", "initialize-client")
508+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
509+
return tfErr.GetDiag()
451510
}
452511
id := d.Id()
453512

454513
getSecurityGroupOptions := &vpcv1.GetSecurityGroupOptions{
455514
ID: &id,
456515
}
457-
_, response, err := sess.GetSecurityGroup(getSecurityGroupOptions)
516+
_, response, err := sess.GetSecurityGroupWithContext(context, getSecurityGroupOptions)
458517
if err != nil {
459518
if response != nil && response.StatusCode == 404 {
460519
d.SetId("")
461520
return nil
462521
}
463-
return fmt.Errorf("[ERROR] Error Getting Security Group (%s): %s\n%s", id, err, response)
522+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("GetSecurityGroupWithContext failed: %s", err.Error()), "ibm_is_security_group", "delete")
523+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
524+
return tfErr.GetDiag()
464525
}
465526

466527
start := ""
@@ -469,9 +530,11 @@ func resourceIBMISSecurityGroupDelete(d *schema.ResourceData, meta interface{})
469530
for {
470531
listSecurityGroupTargetsOptions := sess.NewListSecurityGroupTargetsOptions(id)
471532

472-
groups, response, err := sess.ListSecurityGroupTargets(listSecurityGroupTargetsOptions)
533+
groups, _, err := sess.ListSecurityGroupTargetsWithContext(context, listSecurityGroupTargetsOptions)
473534
if err != nil || groups == nil {
474-
return fmt.Errorf("[ERROR] Error Getting Security Group Targets %s\n%s", err, response)
535+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("ListSecurityGroupTargetsWithContext failed: %s", err.Error()), "ibm_is_security_group", "delete")
536+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
537+
return tfErr.GetDiag()
475538
}
476539
if *groups.TotalCount == int64(0) {
477540
break
@@ -492,7 +555,7 @@ func resourceIBMISSecurityGroupDelete(d *schema.ResourceData, meta interface{})
492555
if securityGroupTargetReference != nil && securityGroupTargetReference.ID != nil {
493556

494557
deleteSecurityGroupTargetBindingOptions := sess.NewDeleteSecurityGroupTargetBindingOptions(id, *securityGroupTargetReference.ID)
495-
response, err = sess.DeleteSecurityGroupTargetBinding(deleteSecurityGroupTargetBindingOptions)
558+
response, err = sess.DeleteSecurityGroupTargetBindingWithContext(context, deleteSecurityGroupTargetBindingOptions)
496559
if err != nil {
497560
if response != nil {
498561
if response.StatusCode == 404 {
@@ -501,11 +564,15 @@ func resourceIBMISSecurityGroupDelete(d *schema.ResourceData, meta interface{})
501564
log.Printf("[DEBUG] Security group target(%s) binding is in deleting status, waiting till target is removed", *securityGroupTargetReference.ID)
502565
_, err = isWaitForTargetDeleted(sess, id, *securityGroupTargetReference.ID, securityGroupTargetReferenceIntf, d.Timeout(schema.TimeoutDelete))
503566
if err != nil {
504-
return err
567+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("isWaitForTargetDeleted failed: %s", err.Error()), "ibm_is_security_group", "delete")
568+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
569+
return tfErr.GetDiag()
505570
}
506571
}
507572
} else {
508-
return fmt.Errorf("[ERROR] Error deleting security group target binding while deleting security group : %s\n%s", err, response)
573+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("DeleteSecurityGroupTargetBindingWithContext failed: %s", err.Error()), "ibm_is_security_group", "delete")
574+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
575+
return tfErr.GetDiag()
509576
}
510577
}
511578

@@ -516,7 +583,7 @@ func resourceIBMISSecurityGroupDelete(d *schema.ResourceData, meta interface{})
516583
deleteSecurityGroupOptions := &vpcv1.DeleteSecurityGroupOptions{
517584
ID: &id,
518585
}
519-
response, err = sess.DeleteSecurityGroup(deleteSecurityGroupOptions)
586+
response, err = sess.DeleteSecurityGroupWithContext(context, deleteSecurityGroupOptions)
520587

521588
if err != nil {
522589
if response != nil {
@@ -526,11 +593,15 @@ func resourceIBMISSecurityGroupDelete(d *schema.ResourceData, meta interface{})
526593
log.Printf("[DEBUG] Security group(%s) has target bindings is in deleting, will wait till target is removed", id)
527594
_, err = isWaitForSgCleanup(sess, id, allrecs, d.Timeout(schema.TimeoutDelete))
528595
if err != nil {
529-
return err
596+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("isWaitForSgCleanup failed: %s", err.Error()), "ibm_is_security_group", "delete")
597+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
598+
return tfErr.GetDiag()
530599
}
531600
}
532601
} else {
533-
return fmt.Errorf("[ERROR] Error Deleting Security Group : %s\n%s", err, response)
602+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("DeleteSecurityGroupWithContext failed: %s", err.Error()), "ibm_is_security_group", "delete")
603+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
604+
return tfErr.GetDiag()
534605
}
535606
}
536607
d.SetId("")
@@ -540,7 +611,9 @@ func resourceIBMISSecurityGroupDelete(d *schema.ResourceData, meta interface{})
540611
func resourceIBMISSecurityGroupExists(d *schema.ResourceData, meta interface{}) (bool, error) {
541612
sess, err := vpcClient(meta)
542613
if err != nil {
543-
return false, err
614+
tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "ibm_is_security_group", "exists", "initialize-client")
615+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
616+
return false, tfErr
544617
}
545618
id := d.Id()
546619

@@ -552,7 +625,9 @@ func resourceIBMISSecurityGroupExists(d *schema.ResourceData, meta interface{})
552625
if response != nil && response.StatusCode == 404 {
553626
return false, nil
554627
}
555-
return false, fmt.Errorf("[ERROR] Error getting Security Group: %s\n%s", err, response)
628+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("GetSecurityGroup failed: %s", err.Error()), "ibm_is_security_group", "exists")
629+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
630+
return false, tfErr
556631
}
557632
return true, nil
558633
}

0 commit comments

Comments
 (0)