Skip to content

feat: Long-running operation improvements for mongodbatlas_encryption_at_rest_private_endpoint resource #3561

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 22 commits into from
Aug 12, 2025
Merged

feat: Long-running operation improvements for mongodbatlas_encryption_at_rest_private_endpoint resource #3561

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
cddcf57
implement timeout for create and delete
oarbusi Aug 6, 2025
5d6e1f9
implement delete_on_create_timeout
oarbusi Aug 6, 2025
df219b9
implement test
oarbusi Aug 6, 2025
695283b
data sources fix
oarbusi Aug 6, 2025
4344479
docs and changelog
oarbusi Aug 6, 2025
5858275
fix unit test
oarbusi Aug 6, 2025
37c287e
test fixes
oarbusi Aug 6, 2025
72aca36
fix test
oarbusi Aug 7, 2025
d77b328
use shared resources to avoid CANNOT_DISABLE_ENCRYPTION_AT_REST_DUE_T…
oarbusi Aug 7, 2025
6fe7345
non parallel test
oarbusi Aug 7, 2025
90bb920
try new project for ear
oarbusi Aug 7, 2025
26b8dc7
create project
oarbusi Aug 7, 2025
8c61292
Merge branch 'CLOUDP-320243-dev-2.0.0' into CLOUDP-334357
oarbusi Aug 7, 2025
06aad46
change description
oarbusi Aug 7, 2025
4aa5b41
use configured project
oarbusi Aug 8, 2025
622b1a1
use correct projectn
oarbusi Aug 8, 2025
dcade6f
Merge branch 'CLOUDP-320243-dev-2.0.0' into CLOUDP-334357
oarbusi Aug 8, 2025
bf15a87
clean up shared resources
oarbusi Aug 8, 2025
7547e48
skip test
oarbusi Aug 8, 2025
c246282
Update .changelog/3561.txt
oarbusi Aug 11, 2025
d73d690
Merge branch 'CLOUDP-320243-dev-2.0.0' into CLOUDP-334357
oarbusi Aug 11, 2025
bb81f45
changes from dev
oarbusi Aug 11, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions .changelog/3561.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
```release-note:enhancement
resource/mongodbatlas_encryption_at_rest_private_endpoint: Adds `timeouts` attribute for create, update and delete operations
```

```release-note:enhancement
resource/mongodbatlas_encryption_at_rest_private_endpoint: Adds `delete_on_create_timeout` attribute to indicate whether to delete the resource if its creation times out
```
13 changes: 13 additions & 0 deletions docs/resources/encryption_at_rest_private_endpoint.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -99,13 +99,26 @@ resource "mongodbatlas_encryption_at_rest_private_endpoint" "endpoint" {
- `project_id` (String) Unique 24-hexadecimal digit string that identifies your project.
- `region_name` (String) Cloud provider region in which the Encryption At Rest private endpoint is located.

### Optional

- `delete_on_create_timeout` (Boolean) Indicates whether to delete the created resource if a timeout is reached when waiting for completion. When set to `true` and timeout occurs, it triggers the cleanup and returns immediately without waiting for deletion to complete. When set to `false`, the timeout will not trigger resource deletion. If you suspect a transient error when the value is `true`, wait before retrying to allow resource deletion to finish. Default is `true`.
- `timeouts` (Attributes) (see [below for nested schema](#nestedatt--timeouts))

### Read-Only

- `error_message` (String) Error message for failures associated with the Encryption At Rest private endpoint.
- `id` (String) Unique 24-hexadecimal digit string that identifies the Private Endpoint Service.
- `private_endpoint_connection_name` (String) Connection name of the Azure Private Endpoint.
- `status` (String) State of the Encryption At Rest private endpoint.

<a id="nestedatt--timeouts"></a>
### Nested Schema for `timeouts`
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@oarbusi I think we should leave a short why the update is not there, thoughts?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The update does not have timeout because the update operation is not supported in this resource. Considering that there's a note in the resource doc stating that update is not supported, I think it's not necessary to mention why there's no timeout for the update


Optional:

- `create` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
- `delete` (String) A string that can be [parsed as a duration](https://pkg.go.dev/time#ParseDuration) consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.

## Import
Encryption At Rest Private Endpoint resource can be imported using the project ID, cloud provider, and private endpoint ID. The format must be `{project_id}-{cloud_provider}-{private_endpoint_id}` e.g.

Expand Down
12 changes: 12 additions & 0 deletions internal/common/cleanup/handle_timeout.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (

"github.com/hashicorp/terraform-plugin-framework-timeouts/resource/timeouts"
"github.com/hashicorp/terraform-plugin-framework/diag"
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/retry"
"github.com/mongodb/terraform-provider-mongodbatlas/internal/common/constant"
)
Expand Down Expand Up @@ -99,3 +100,14 @@ func ResolveTimeout(ctx context.Context, t *timeouts.Value, operationName string
}
return timeoutDuration
}

// ResolveDeleteOnCreateTimeout returns true if delete_on_create_timeout should be enabled.
// Default behavior is true when not explicitly set to false.
func ResolveDeleteOnCreateTimeout(deleteOnCreateTimeout types.Bool) bool {
// If null or unknown, default to true
if deleteOnCreateTimeout.IsNull() || deleteOnCreateTimeout.IsUnknown() {
return true
}
// Otherwise use the explicit value
return deleteOnCreateTimeout.ValueBool()
}
4 changes: 2 additions & 2 deletions internal/service/encryptionatrestprivateendpoint/data_source.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ func (d *encryptionAtRestPrivateEndpointDS) Schema(ctx context.Context, req data
}

func (d *encryptionAtRestPrivateEndpointDS) Read(ctx context.Context, req datasource.ReadRequest, resp *datasource.ReadResponse) {
var earPrivateEndpointConfig TFEarPrivateEndpointModel
var earPrivateEndpointConfig TFEarPrivateEndpointModelDS
resp.Diagnostics.Append(req.Config.Get(ctx, &earPrivateEndpointConfig)...)
if resp.Diagnostics.HasError() {
return
Expand All @@ -48,5 +48,5 @@ func (d *encryptionAtRestPrivateEndpointDS) Read(ctx context.Context, req dataso
return
}

resp.Diagnostics.Append(resp.State.Set(ctx, NewTFEarPrivateEndpoint(*endpointModel, projectID))...)
resp.Diagnostics.Append(resp.State.Set(ctx, NewTFEarPrivateEndpointDS(*endpointModel, projectID))...)
}
17 changes: 14 additions & 3 deletions internal/service/encryptionatrestprivateendpoint/data_source_schema.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,19 @@ func DSAttributes(withArguments bool) map[string]schema.Attribute {
}
}

// TFEarPrivateEndpointModelDS represents the model for data sources (without timeout fields)
type TFEarPrivateEndpointModelDS struct {
CloudProvider types.String `tfsdk:"cloud_provider"`
ErrorMessage types.String `tfsdk:"error_message"`
ProjectID types.String `tfsdk:"project_id"`
ID types.String `tfsdk:"id"`
PrivateEndpointConnectionName types.String `tfsdk:"private_endpoint_connection_name"`
RegionName types.String `tfsdk:"region_name"`
Status types.String `tfsdk:"status"`
}

type TFEncryptionAtRestPrivateEndpointsDSModel struct {
CloudProvider types.String `tfsdk:"cloud_provider"`
ProjectID types.String `tfsdk:"project_id"`
Results []TFEarPrivateEndpointModel `tfsdk:"results"`
CloudProvider types.String `tfsdk:"cloud_provider"`
ProjectID types.String `tfsdk:"project_id"`
Results []TFEarPrivateEndpointModelDS `tfsdk:"results"`
}
17 changes: 15 additions & 2 deletions internal/service/encryptionatrestprivateendpoint/model.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ func NewEarPrivateEndpointReq(tfPlan *TFEarPrivateEndpointModel) *admin.EARPriva
}

func NewTFEarPrivateEndpoints(projectID, cloudProvider string, sdkResults []admin.EARPrivateEndpoint) *TFEncryptionAtRestPrivateEndpointsDSModel {
results := make([]TFEarPrivateEndpointModel, len(sdkResults))
results := make([]TFEarPrivateEndpointModelDS, len(sdkResults))
for i := range sdkResults {
result := NewTFEarPrivateEndpoint(sdkResults[i], projectID)
result := NewTFEarPrivateEndpointDS(sdkResults[i], projectID)
results[i] = result
}
return &TFEncryptionAtRestPrivateEndpointsDSModel{
Expand All @@ -42,3 +42,16 @@ func NewTFEarPrivateEndpoints(projectID, cloudProvider string, sdkResults []admi
Results: results,
}
}

// NewTFEarPrivateEndpointDS creates a new data source model without timeout fields
func NewTFEarPrivateEndpointDS(apiResp admin.EARPrivateEndpoint, projectID string) TFEarPrivateEndpointModelDS {
return TFEarPrivateEndpointModelDS{
ProjectID: types.StringValue(projectID),
CloudProvider: conversion.StringNullIfEmpty(apiResp.GetCloudProvider()),
ErrorMessage: conversion.StringNullIfEmpty(apiResp.GetErrorMessage()),
ID: conversion.StringNullIfEmpty(apiResp.GetId()),
RegionName: conversion.StringNullIfEmpty(apiResp.GetRegionName()),
Status: conversion.StringNullIfEmpty(apiResp.GetStatus()),
PrivateEndpointConnectionName: conversion.StringNullIfEmpty(apiResp.GetPrivateEndpointConnectionName()),
}
}
2 changes: 1 addition & 1 deletion internal/service/encryptionatrestprivateendpoint/model_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,7 @@ func TestEncryptionAtRestPrivateEndpointPluralDSSDKToTFModel(t *testing.T) {
expectedTFModel: &encryptionatrestprivateendpoint.TFEncryptionAtRestPrivateEndpointsDSModel{
CloudProvider: types.StringValue(testCloudProvider),
ProjectID: types.StringValue(testProjectID),
Results: []encryptionatrestprivateendpoint.TFEarPrivateEndpointModel{
Results: []encryptionatrestprivateendpoint.TFEarPrivateEndpointModelDS{
{
CloudProvider: types.StringValue(testCloudProvider),
ErrorMessage: types.StringNull(),
Expand Down
30 changes: 27 additions & 3 deletions internal/service/encryptionatrestprivateendpoint/resource.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"github.com/hashicorp/terraform-plugin-framework/path"
"github.com/hashicorp/terraform-plugin-framework/resource"

"github.com/mongodb/terraform-provider-mongodbatlas/internal/common/cleanup"
"github.com/mongodb/terraform-provider-mongodbatlas/internal/common/conversion"
"github.com/mongodb/terraform-provider-mongodbatlas/internal/common/retrystrategy"
"github.com/mongodb/terraform-provider-mongodbatlas/internal/common/validate"
Expand Down Expand Up @@ -63,13 +64,28 @@ func (r *encryptionAtRestPrivateEndpointRS) Create(ctx context.Context, req reso
return
}

finalResp, err := waitStateTransition(ctx, projectID, cloudProvider, createResp.GetId(), connV2.EncryptionAtRestUsingCustomerKeyManagementApi)
createTimeout := cleanup.ResolveTimeout(ctx, &earPrivateEndpointPlan.Timeouts, cleanup.OperationCreate, &resp.Diagnostics)
if resp.Diagnostics.HasError() {
return
}

finalResp, err := waitStateTransition(ctx, projectID, cloudProvider, createResp.GetId(), connV2.EncryptionAtRestUsingCustomerKeyManagementApi, createTimeout)
err = cleanup.HandleCreateTimeout(cleanup.ResolveDeleteOnCreateTimeout(earPrivateEndpointPlan.DeleteOnCreateTimeout), err, func(ctxCleanup context.Context) error {
cleanResp, cleanErr := connV2.EncryptionAtRestUsingCustomerKeyManagementApi.RequestEncryptionAtRestPrivateEndpointDeletion(ctxCleanup, projectID, cloudProvider, createResp.GetId()).Execute()
if validate.StatusNotFound(cleanResp) {
return nil
}
Comment on lines +75 to +77
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

q: I see in some resources (e.g. networkpeering) the sanity check of seeing if delete return 404 is not being made. For consistency, would it make sense to move this check into cleanup.HandleCreateTimeout, and have cleanup only call the DELETE operation?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

IMO HandleCreateTimeout should only handle the delete on create logic, and avoid doing the 404 case, to keep the method focused and clear

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In that case would consider that privatelinkendpointservice, privatelinkendpoint, onlinearchive, networkpeering, and cloudbackupsnapshot do not have this check in their cleanup function. Not certain if we want to keep this as a general practice.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is unrelated to long-running operations, but we could create a CLOUDP to investigate and unify behavior on 404 across the resources you mentioned?

Copy link
Member

@lantoli lantoli Aug 12, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i suppose we could keep the code simple here, e.g.:

err = cleanup.HandleCreateTimeout(cleanup.ResolveDeleteOnCreateTimeout(earPrivateEndpointPlan.DeleteOnCreateTimeout), err, func(ctxCleanup context.Context) error {
		_, cleanErr := connV2.EncryptionAtRestUsingCustomerKeyManagementApi.RequestEncryptionAtRestPrivateEndpointDeletion(ctxCleanup, projectID, cloudProvider, createResp.GetId()).Execute()
      return cleanErr
	})

and in HandleCreateTimeout don't raise error if cleanup funcs return 404 error, if we expect this will happen with most of the resources

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if we expect this will happen with most of the resources

Correct, under this assumption I was proposing the same adjustment to HandleCreateTimeout

return cleanErr
})

if err != nil {
resp.Diagnostics.AddError("error when waiting for status transition in creation", err.Error())
return
}

privateEndpointModel := NewTFEarPrivateEndpoint(*finalResp, projectID)
privateEndpointModel.Timeouts = earPrivateEndpointPlan.Timeouts
privateEndpointModel.DeleteOnCreateTimeout = earPrivateEndpointPlan.DeleteOnCreateTimeout
resp.Diagnostics.Append(resp.State.Set(ctx, privateEndpointModel)...)

diags := CheckErrorMessageAndStatus(finalResp)
Expand Down Expand Up @@ -98,7 +114,10 @@ func (r *encryptionAtRestPrivateEndpointRS) Read(ctx context.Context, req resour
return
}

resp.Diagnostics.Append(resp.State.Set(ctx, NewTFEarPrivateEndpoint(*endpointModel, projectID))...)
privateEndpointModel := NewTFEarPrivateEndpoint(*endpointModel, projectID)
privateEndpointModel.Timeouts = earPrivateEndpointState.Timeouts
privateEndpointModel.DeleteOnCreateTimeout = earPrivateEndpointState.DeleteOnCreateTimeout
resp.Diagnostics.Append(resp.State.Set(ctx, privateEndpointModel)...)

diags := CheckErrorMessageAndStatus(endpointModel)
resp.Diagnostics.Append(diags...)
Expand All @@ -124,7 +143,12 @@ func (r *encryptionAtRestPrivateEndpointRS) Delete(ctx context.Context, req reso
return
}

model, err := WaitDeleteStateTransition(ctx, projectID, cloudProvider, endpointID, connV2.EncryptionAtRestUsingCustomerKeyManagementApi)
deleteTimeout := cleanup.ResolveTimeout(ctx, &earPrivateEndpointState.Timeouts, cleanup.OperationDelete, &resp.Diagnostics)
if resp.Diagnostics.HasError() {
return
}

model, err := WaitDeleteStateTransition(ctx, projectID, cloudProvider, endpointID, connV2.EncryptionAtRestUsingCustomerKeyManagementApi, deleteTimeout)
if err != nil {
resp.Diagnostics.AddError("error when waiting for status transition in delete", err.Error())
return
Expand Down
30 changes: 23 additions & 7 deletions internal/service/encryptionatrestprivateendpoint/resource_schema.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,11 @@ package encryptionatrestprivateendpoint
import (
"context"

"github.com/hashicorp/terraform-plugin-framework-timeouts/resource/timeouts"
"github.com/hashicorp/terraform-plugin-framework/resource/schema"
"github.com/hashicorp/terraform-plugin-framework/resource/schema/planmodifier"
"github.com/hashicorp/terraform-plugin-framework/types"
"github.com/mongodb/terraform-provider-mongodbatlas/internal/common/customplanmodifier"
)

func ResourceSchema(ctx context.Context) schema.Schema {
Expand Down Expand Up @@ -38,16 +41,29 @@ func ResourceSchema(ctx context.Context) schema.Schema {
Computed: true,
MarkdownDescription: "State of the Encryption At Rest private endpoint.",
},
"timeouts": timeouts.Attributes(ctx, timeouts.Opts{
Create: true,
Delete: true,
}),
"delete_on_create_timeout": schema.BoolAttribute{
Optional: true,
PlanModifiers: []planmodifier.Bool{
customplanmodifier.CreateOnlyBoolPlanModifier(),
},
MarkdownDescription: "Indicates whether to delete the created resource if a timeout is reached when waiting for completion. When set to `true` and timeout occurs, it triggers the cleanup and returns immediately without waiting for deletion to complete. When set to `false`, the timeout will not trigger resource deletion. If you suspect a transient error when the value is `true`, wait before retrying to allow resource deletion to finish. Default is `true`.",
},
},
}
}

type TFEarPrivateEndpointModel struct {
CloudProvider types.String `tfsdk:"cloud_provider"`
ErrorMessage types.String `tfsdk:"error_message"`
ProjectID types.String `tfsdk:"project_id"`
ID types.String `tfsdk:"id"`
PrivateEndpointConnectionName types.String `tfsdk:"private_endpoint_connection_name"`
RegionName types.String `tfsdk:"region_name"`
Status types.String `tfsdk:"status"`
CloudProvider types.String `tfsdk:"cloud_provider"`
ErrorMessage types.String `tfsdk:"error_message"`
ProjectID types.String `tfsdk:"project_id"`
ID types.String `tfsdk:"id"`
PrivateEndpointConnectionName types.String `tfsdk:"private_endpoint_connection_name"`
RegionName types.String `tfsdk:"region_name"`
Status types.String `tfsdk:"status"`
Timeouts timeouts.Value `tfsdk:"timeouts"`
DeleteOnCreateTimeout types.Bool `tfsdk:"delete_on_create_timeout"`
}
45 changes: 43 additions & 2 deletions internal/service/encryptionatrestprivateendpoint/resource_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import (
"context"
"fmt"
"os"
"regexp"
"testing"
"time"

Expand Down Expand Up @@ -32,6 +33,32 @@ func TestAccEncryptionAtRestPrivateEndpoint_Azure_basic(t *testing.T) {
resource.Test(t, *basicTestCaseAzure(t))
}

func TestAccEncryptionAtRestPrivateEndpoint_createTimeoutWithDeleteOnCreate(t *testing.T) {
var (
projectID = os.Getenv("MONGODB_ATLAS_PROJECT_EAR_PE_AWS_ID")
createTimeout = "1s"
deleteOnCreateTimeout = true
awsKms = admin.AWSKMSConfiguration{
Enabled: conversion.Pointer(true),
CustomerMasterKeyID: conversion.StringPtr(os.Getenv("AWS_CUSTOMER_MASTER_KEY_ID")),
Region: conversion.StringPtr(conversion.AWSRegionToMongoDBRegion(os.Getenv("AWS_REGION"))),
RoleId: conversion.StringPtr(os.Getenv("AWS_EAR_ROLE_ID")),
RequirePrivateNetworking: conversion.Pointer(false),
}
region = conversion.AWSRegionToMongoDBRegion(os.Getenv("AWS_REGION"))
)
resource.ParallelTest(t, resource.TestCase{
PreCheck: func() { acc.PreCheckEncryptionAtRestEnvAWS(t) },
ProtoV6ProviderFactories: acc.TestAccProviderV6Factories,
Steps: []resource.TestStep{
{
Config: configAWSBasicWithTimeout(projectID, &awsKms, region, acc.TimeoutConfig(&createTimeout, nil, nil, true), &deleteOnCreateTimeout),
ExpectError: regexp.MustCompile("will run cleanup because delete_on_create_timeout is true"),
},
},
})
}

func basicTestCaseAzure(tb testing.TB) *resource.TestCase {
tb.Helper()
var (
Expand Down Expand Up @@ -316,19 +343,33 @@ func checkBasic(projectID, cloudProvider, region string, expectApproved bool) re
}

func configAWSBasic(projectID string, awsKms *admin.AWSKMSConfiguration, region string) string {
return configAWSBasicWithTimeout(projectID, awsKms, region, "", nil)
}

func configAWSBasicWithTimeout(projectID string, awsKms *admin.AWSKMSConfiguration, region, timeoutConfig string, deleteOnCreateTimeout *bool) string {
encryptionAtRestConfig := acc.ConfigAwsKms(projectID, awsKms, false, true, false)

deleteOnCreateTimeoutConfig := ""
if deleteOnCreateTimeout != nil {
deleteOnCreateTimeoutConfig = fmt.Sprintf(`
delete_on_create_timeout = %[1]t
`, *deleteOnCreateTimeout)
}

config := fmt.Sprintf(`
%[1]s

resource "mongodbatlas_encryption_at_rest_private_endpoint" "test" {
project_id = mongodbatlas_encryption_at_rest.test.project_id
cloud_provider = "AWS"
region_name = %[2]q
%[3]s
%[4]s
}

%[3]s
%[5]s

`, encryptionAtRestConfig, region, configDS())
`, encryptionAtRestConfig, region, deleteOnCreateTimeoutConfig, timeoutConfig, configDS())

return config
}
Expand Down
20 changes: 10 additions & 10 deletions internal/service/encryptionatrestprivateendpoint/state_transition.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,36 +18,36 @@ const (
defaultMinTimeout = 30 * time.Second // Smallest time to wait before refreshes
)

func waitStateTransition(ctx context.Context, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
return WaitStateTransitionWithMinTimeout(ctx, defaultMinTimeout, projectID, cloudProvider, endpointID, client)
func waitStateTransition(ctx context.Context, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi, timeout time.Duration) (*admin.EARPrivateEndpoint, error) {
return WaitStateTransitionWithMinTimeoutAndTimeout(ctx, defaultMinTimeout, timeout, projectID, cloudProvider, endpointID, client)
}

func WaitStateTransitionWithMinTimeout(ctx context.Context, minTimeout time.Duration, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
func WaitStateTransitionWithMinTimeoutAndTimeout(ctx context.Context, minTimeout, timeout time.Duration, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
return waitStateTransitionForStates(
ctx,
[]string{retrystrategy.RetryStrategyInitiatingState},
[]string{retrystrategy.RetryStrategyPendingAcceptanceState, retrystrategy.RetryStrategyActiveState, retrystrategy.RetryStrategyFailedState},
minTimeout, projectID, cloudProvider, endpointID, client)
minTimeout, timeout, projectID, cloudProvider, endpointID, client)
}

func WaitDeleteStateTransition(ctx context.Context, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
return WaitDeleteStateTransitionWithMinTimeout(ctx, defaultMinTimeout, projectID, cloudProvider, endpointID, client)
func WaitDeleteStateTransition(ctx context.Context, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi, timeout time.Duration) (*admin.EARPrivateEndpoint, error) {
return WaitDeleteStateTransitionWithMinTimeoutAndTimeout(ctx, defaultMinTimeout, timeout, projectID, cloudProvider, endpointID, client)
}

func WaitDeleteStateTransitionWithMinTimeout(ctx context.Context, minTimeout time.Duration, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
func WaitDeleteStateTransitionWithMinTimeoutAndTimeout(ctx context.Context, minTimeout, timeout time.Duration, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
return waitStateTransitionForStates(
ctx,
[]string{retrystrategy.RetryStrategyDeletingState},
[]string{retrystrategy.RetryStrategyDeletedState, retrystrategy.RetryStrategyFailedState},
minTimeout, projectID, cloudProvider, endpointID, client)
minTimeout, timeout, projectID, cloudProvider, endpointID, client)
}

func waitStateTransitionForStates(ctx context.Context, pending, target []string, minTimeout time.Duration, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
func waitStateTransitionForStates(ctx context.Context, pending, target []string, minTimeout, timeout time.Duration, projectID, cloudProvider, endpointID string, client admin.EncryptionAtRestUsingCustomerKeyManagementApi) (*admin.EARPrivateEndpoint, error) {
stateConf := &retry.StateChangeConf{
Pending: pending,
Target: target,
Refresh: refreshFunc(ctx, projectID, cloudProvider, endpointID, client),
Timeout: defaultTimeout,
Timeout: timeout,
MinTimeout: minTimeout,
Delay: 0,
}
Expand Down
Loading
Loading