Skip to content

Commit ad62ef3

Browse files
uibmuibm
authored
enhancement: improved error handling for vpc security group (IBM-Cloud#6182)
1 parent b5cce82 commit ad62ef3

9 files changed

+671
-289
lines changed

ibm/service/vpc/data_source_ibm_is_security_group.go

Lines changed: 67 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -4,12 +4,14 @@
44
package vpc
55

66
import (
7+
"context"
78
"fmt"
89
"log"
910
"reflect"
1011

1112
"github.com/IBM-Cloud/terraform-provider-ibm/ibm/flex"
1213
"github.com/IBM/vpc-go-sdk/vpcv1"
14+
"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
1315
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
1416
)
1517

@@ -35,7 +37,7 @@ const (
3537
func DataSourceIBMISSecurityGroup() *schema.Resource {
3638
return &schema.Resource{
3739

38-
Read: dataSourceIBMISSecurityGroupRuleRead,
40+
ReadContext: dataSourceIBMISSecurityGroupRuleRead,
3941

4042
Schema: map[string]*schema.Schema{
4143

@@ -193,7 +195,7 @@ func DataSourceIBMISSecurityGroup() *schema.Resource {
193195
}
194196
}
195197

196-
func dataSourceIBMISSecurityGroupRuleRead(d *schema.ResourceData, meta interface{}) error {
198+
func dataSourceIBMISSecurityGroupRuleRead(context context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics {
197199

198200
sgName := d.Get(isSgName).(string)
199201
vpcId := ""
@@ -208,17 +210,19 @@ func dataSourceIBMISSecurityGroupRuleRead(d *schema.ResourceData, meta interface
208210
if vpcNameOk, ok := d.GetOk(isSgVPCName); ok {
209211
vpcName = vpcNameOk.(string)
210212
}
211-
err := securityGroupGet(d, meta, sgName, vpcId, vpcName, rgId)
213+
err := securityGroupGet(context, d, meta, sgName, vpcId, vpcName, rgId)
212214
if err != nil {
213215
return err
214216
}
215217
return nil
216218
}
217219

218-
func securityGroupGet(d *schema.ResourceData, meta interface{}, name, vpcId, vpcName, rgId string) error {
220+
func securityGroupGet(context context.Context, d *schema.ResourceData, meta interface{}, name, vpcId, vpcName, rgId string) diag.Diagnostics {
219221
sess, err := vpcClient(meta)
220222
if err != nil {
221-
return err
223+
tfErr := flex.DiscriminatedTerraformErrorf(err, err.Error(), "(Data) ibm_is_security_group", "read", "initialize-client")
224+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
225+
return tfErr.GetDiag()
222226
}
223227

224228
// Support for pagination
@@ -239,9 +243,11 @@ func securityGroupGet(d *schema.ResourceData, meta interface{}, name, vpcId, vpc
239243
if start != "" {
240244
listSgOptions.Start = &start
241245
}
242-
sgs, response, err := sess.ListSecurityGroups(listSgOptions)
246+
sgs, _, err := sess.ListSecurityGroupsWithContext(context, listSgOptions)
243247
if err != nil || sgs == nil {
244-
return fmt.Errorf("[ERROR] Error Getting Security Groups %s\n%s", err, response)
248+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("ListSecurityGroupsWithContext failed: %s", err.Error()), "(Data) ibm_is_security_group", "read")
249+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
250+
return tfErr.GetDiag()
245251
}
246252
if *sgs.TotalCount == int64(0) {
247253
break
@@ -255,28 +261,42 @@ func securityGroupGet(d *schema.ResourceData, meta interface{}, name, vpcId, vpc
255261

256262
}
257263

258-
for _, group := range allrecs {
259-
if *group.Name == name {
264+
for _, securityGroup := range allrecs {
265+
if *securityGroup.Name == name {
260266

261-
d.Set(isSgName, *group.Name)
262-
d.Set(isSgVPC, *group.VPC.ID)
263-
d.Set(isSgVPCName, group.VPC.Name)
264-
d.Set(isSecurityGroupResourceGroup, group.ResourceGroup.ID)
265-
d.Set(isSgCRN, *group.CRN)
266-
tags, err := flex.GetGlobalTagsUsingCRN(meta, *group.CRN, "", isUserTagType)
267+
if err = d.Set("name", securityGroup.Name); err != nil {
268+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting name: %s", err), "(Data) ibm_is_security_group", "read", "set-name").GetDiag()
269+
}
270+
if err = d.Set("vpc", securityGroup.VPC.ID); err != nil {
271+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting vpc: %s", err), "(Data) ibm_is_security_group", "read", "set-vpc").GetDiag()
272+
}
273+
if err = d.Set("vpc_name", securityGroup.VPC.Name); err != nil {
274+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting vpc_name: %s", err), "(Data) ibm_is_security_group", "read", "set-vpc_name").GetDiag()
275+
}
276+
if err = d.Set("resource_group", securityGroup.ResourceGroup.ID); err != nil {
277+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting resource_group: %s", err), "(Data) ibm_is_security_group", "read", "set-resource_group").GetDiag()
278+
}
279+
if err = d.Set("crn", securityGroup.CRN); err != nil {
280+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting crn: %s", err), "(Data) ibm_is_security_group", "read", "set-crn").GetDiag()
281+
}
282+
tags, err := flex.GetGlobalTagsUsingCRN(meta, *securityGroup.CRN, "", isUserTagType)
267283
if err != nil {
268284
log.Printf(
269-
"An error occured during reading of security group (%s) tags : %s", *group.ID, err)
285+
"An error occured during reading of security group (%s) tags : %s", *securityGroup.ID, err)
286+
}
287+
if err = d.Set(isSgTags, tags); err != nil {
288+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting tags: %s", err), "(Data) ibm_is_security_group", "read", "set-tags").GetDiag()
270289
}
271-
d.Set(isSgTags, tags)
272-
accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *group.CRN, "", isAccessTagType)
290+
accesstags, err := flex.GetGlobalTagsUsingCRN(meta, *securityGroup.CRN, "", isAccessTagType)
273291
if err != nil {
274292
log.Printf(
275293
"Error on get of security group (%s) access tags: %s", d.Id(), err)
276294
}
277-
d.Set(isSecurityGroupAccessTags, accesstags)
295+
if err = d.Set(isSecurityGroupAccessTags, accesstags); err != nil {
296+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting access_tags: %s", err), "(Data) ibm_is_security_group", "read", "set-access_tags").GetDiag()
297+
}
278298
rules := make([]map[string]interface{}, 0)
279-
for _, sgrule := range group.Rules {
299+
for _, sgrule := range securityGroup.Rules {
280300
switch reflect.TypeOf(sgrule).String() {
281301
case "*vpcv1.SecurityGroupRuleSecurityGroupRuleProtocolIcmp":
282302
{
@@ -392,31 +412,45 @@ func securityGroupGet(d *schema.ResourceData, meta interface{}, name, vpcId, vpc
392412
}
393413
}
394414
}
415+
if err = d.Set(isSgRules, rules); err != nil {
416+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting rules: %s", err), "(Data) ibm_is_security_group", "read", "set-rules").GetDiag()
417+
}
418+
d.SetId(*securityGroup.ID)
395419

396-
d.Set(isSgRules, rules)
397-
d.SetId(*group.ID)
398-
399-
if group.ResourceGroup != nil {
400-
if group.ResourceGroup.Name != nil {
401-
d.Set(flex.ResourceGroupName, *group.ResourceGroup.Name)
420+
if securityGroup.ResourceGroup != nil {
421+
if securityGroup.ResourceGroup.Name != nil {
422+
if err = d.Set(flex.ResourceGroupName, securityGroup.ResourceGroup.Name); err != nil {
423+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting resource_group_name: %s", err), "(Data) ibm_is_security_group", "read", "set-resource_group_name").GetDiag()
424+
}
402425
}
403426
}
404427

405428
controller, err := flex.GetBaseController(meta)
406429
if err != nil {
407-
return err
430+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("GetBaseController failed: %s", err.Error()), "(Data) ibm_is_security_group", "read")
431+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
432+
return tfErr.GetDiag()
408433
}
409-
d.Set(flex.ResourceControllerURL, controller+"/vpc/network/securityGroups")
410-
if group.Name != nil {
411-
d.Set(flex.ResourceName, *group.Name)
434+
if err = d.Set(flex.ResourceControllerURL, controller+"/vpc/network/securityGroups"); err != nil {
435+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting resource_controller_url: %s", err), "(Data) ibm_is_security_group", "read", "set-resource_controller_url").GetDiag()
436+
}
437+
if securityGroup.Name != nil {
438+
if err = d.Set(flex.ResourceName, securityGroup.Name); err != nil {
439+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting resource_name: %s", err), "(Data) ibm_is_security_group", "read", "set-resource_name").GetDiag()
440+
}
412441
}
413442

414-
if group.CRN != nil {
415-
d.Set(flex.ResourceCRN, *group.CRN)
443+
if securityGroup.CRN != nil {
444+
if err = d.Set(flex.ResourceCRN, securityGroup.CRN); err != nil {
445+
return flex.DiscriminatedTerraformErrorf(err, fmt.Sprintf("Error setting resource_crn: %s", err), "(Data) ibm_is_security_group", "read", "set-resource_crn").GetDiag()
446+
}
416447
}
417448
return nil
418449
}
419450
}
420-
return fmt.Errorf("[ERROR] No Security Group found with name %s", name)
451+
err = fmt.Errorf("[ERROR] No Security Group found with name %s", name)
452+
tfErr := flex.TerraformErrorf(err, fmt.Sprintf("ListSecurityGroupsWithContext failed: %s", err.Error()), "(Data) ibm_is_security_group", "read")
453+
log.Printf("[DEBUG]\n%s", tfErr.GetDebugMessage())
454+
return tfErr.GetDiag()
421455

422456
}

0 commit comments

Comments
 (0)