Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ipam_pool: Fix publicly_advertisable bug #40042

Merged
merged 8 commits into from
Nov 7, 2024
Merged

Conversation

YakDriver
Copy link
Member

@YakDriver YakDriver commented Nov 7, 2024

Description

At the moment, public_advertisable is being sent to AWS when it shouldn't in certain cases. The current logic isn't checking the public_ip_source so where ipv6, public scope, and public_ip_source = "amazon", it will include public_advertisable 😱 :

if addressFamily == awstypes.AddressFamilyIpv6 && scope.IpamScopeType == awstypes.IpamScopeTypePublic {
	input.PubliclyAdvertisable = aws.Bool(d.Get("publicly_advertisable").(bool))
}

Before that, pre #39600, the logic was wrong in a different way. It would include public_advertisable where ipv6 and the public_ip_source was not "amazon" indicating BYOIP, by either not using public_ip_source or explicitly setting "byoip". This would erroneously include non-public scope.

if addressFamily == awstypes.AddressFamilyIpv6 && publicIpSource != awstypes.IpamPoolPublicIpSourceAmazon {
	input.PubliclyAdvertisable = aws.Bool(d.Get("publicly_advertisable").(bool))
}

The fix is to check all three things before setting publicly_advertisable: ipv6, public scope, and source is not Amazon.

Relations

Closes #39967
Relates #39600

References

Output from Acceptance Testing

% make t T=TestAccIPAMPool_ K=ec2
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.2 test ./internal/service/ec2/... -v -count 1 -parallel 20 -run='TestAccIPAMPool_'  -timeout 360m
2024/11/07 13:06:07 Initializing Terraform AWS Provider...
=== RUN   TestAccIPAMPool_basic
=== PAUSE TestAccIPAMPool_basic
=== RUN   TestAccIPAMPool_disappears
=== PAUSE TestAccIPAMPool_disappears
=== RUN   TestAccIPAMPool_ipv6Basic
=== PAUSE TestAccIPAMPool_ipv6Basic
=== RUN   TestAccIPAMPool_ipv6PublicIPAmazon
=== PAUSE TestAccIPAMPool_ipv6PublicIPAmazon
=== RUN   TestAccIPAMPool_ipv6Contiguous
=== PAUSE TestAccIPAMPool_ipv6Contiguous
=== RUN   TestAccIPAMPool_cascade
=== PAUSE TestAccIPAMPool_cascade
=== RUN   TestAccIPAMPool_tags
=== PAUSE TestAccIPAMPool_tags
=== RUN   TestAccIPAMPool_ipv6PrivateScope
=== PAUSE TestAccIPAMPool_ipv6PrivateScope
=== CONT  TestAccIPAMPool_basic
=== CONT  TestAccIPAMPool_ipv6Contiguous
=== CONT  TestAccIPAMPool_ipv6Basic
=== CONT  TestAccIPAMPool_disappears
=== CONT  TestAccIPAMPool_tags
=== CONT  TestAccIPAMPool_ipv6PrivateScope
=== CONT  TestAccIPAMPool_ipv6PublicIPAmazon
=== CONT  TestAccIPAMPool_cascade
--- PASS: TestAccIPAMPool_ipv6Contiguous (46.28s)
--- PASS: TestAccIPAMPool_ipv6Basic (46.29s)
--- PASS: TestAccIPAMPool_ipv6PublicIPAmazon (46.59s)
--- PASS: TestAccIPAMPool_ipv6PrivateScope (47.24s)
--- PASS: TestAccIPAMPool_disappears (49.52s)
--- PASS: TestAccIPAMPool_basic (58.06s)
--- PASS: TestAccIPAMPool_tags (68.01s)
--- PASS: TestAccIPAMPool_cascade (68.63s)
PASS
ok  	github.com/hashicorp/terraform-provider-aws/internal/service/ec2	72.765s

@YakDriver YakDriver requested a review from a team as a code owner November 7, 2024 17:57
Copy link

github-actions bot commented Nov 7, 2024

Community Note

Voting for Prioritization

  • Please vote on this pull request by adding a 👍 reaction to the original post to help the community and maintainers prioritize this pull request.
  • Please see our prioritization guide for information on how we prioritize.
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for issue followers and do not help prioritize the request.

For Submitters

  • Review the contribution guide relating to the type of change you are making to ensure all of the necessary steps have been taken.
  • For new resources and data sources, use skaff to generate scaffolding with comments detailing common expectations.
  • Whether or not the branch has been rebased will not impact prioritization, but doing so is always a welcome surprise.

@github-actions github-actions bot added service/ipam Issues and PRs that pertain to the ipam service. prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. labels Nov 7, 2024
@github-actions github-actions bot added the tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure. label Nov 7, 2024
@github-actions github-actions bot added the documentation Introduces or discusses updates to documentation. label Nov 7, 2024
Copy link
Member

@jar-b jar-b left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 🎉

% make testacc PKG=ec2 TESTS=TestAccIPAMPool_
make: Verifying source code with gofmt...
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go1.23.2 test ./internal/service/ec2/... -v -count 1 -parallel 20 -run='TestAccIPAMPool_'  -timeout 360m
2024/11/07 13:47:29 Initializing Terraform AWS Provider...
=== RUN   TestAccIPAMPool_basic
=== PAUSE TestAccIPAMPool_basic
=== RUN   TestAccIPAMPool_disappears
=== PAUSE TestAccIPAMPool_disappears
=== RUN   TestAccIPAMPool_ipv6Basic
=== PAUSE TestAccIPAMPool_ipv6Basic
=== RUN   TestAccIPAMPool_ipv6PublicIPAmazon
=== PAUSE TestAccIPAMPool_ipv6PublicIPAmazon
=== RUN   TestAccIPAMPool_ipv6Contiguous
=== PAUSE TestAccIPAMPool_ipv6Contiguous
=== RUN   TestAccIPAMPool_cascade
=== PAUSE TestAccIPAMPool_cascade
=== RUN   TestAccIPAMPool_tags
=== PAUSE TestAccIPAMPool_tags
=== RUN   TestAccIPAMPool_ipv6PrivateScope
=== PAUSE TestAccIPAMPool_ipv6PrivateScope
=== CONT  TestAccIPAMPool_basic
=== CONT  TestAccIPAMPool_ipv6Contiguous
=== CONT  TestAccIPAMPool_tags
=== CONT  TestAccIPAMPool_cascade
=== CONT  TestAccIPAMPool_ipv6Basic
=== CONT  TestAccIPAMPool_disappears
=== CONT  TestAccIPAMPool_ipv6PublicIPAmazon
=== CONT  TestAccIPAMPool_ipv6PrivateScope
--- PASS: TestAccIPAMPool_disappears (51.36s)
--- PASS: TestAccIPAMPool_ipv6Contiguous (60.21s)
--- PASS: TestAccIPAMPool_ipv6Basic (60.59s)
--- PASS: TestAccIPAMPool_ipv6PublicIPAmazon (60.98s)
--- PASS: TestAccIPAMPool_tags (69.71s)
--- PASS: TestAccIPAMPool_ipv6PrivateScope (73.83s)
--- PASS: TestAccIPAMPool_basic (91.91s)
--- PASS: TestAccIPAMPool_cascade (95.06s)
PASS
ok      github.com/hashicorp/terraform-provider-aws/internal/service/ec2        100.309s

@YakDriver YakDriver merged commit c903e7c into main Nov 7, 2024
43 checks passed
@YakDriver YakDriver deleted the b-ipam-publicly-advertisable branch November 7, 2024 19:09
@github-actions github-actions bot added this to the v5.75.0 milestone Nov 7, 2024
Copy link

This functionality has been released in v5.75.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions github-actions bot removed the prioritized Part of the maintainer teams immediate focus. To be addressed within the current quarter. label Nov 11, 2024
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 12, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
documentation Introduces or discusses updates to documentation. service/ipam Issues and PRs that pertain to the ipam service. tests PRs: expanded test coverage. Issues: expanded coverage, enhancements to test infrastructure.
Projects
None yet
2 participants