Skip to content

Commit

Permalink
provider/aws: Use mutex & retry for WAF Regional change operations
Browse files Browse the repository at this point in the history
  • Loading branch information
yusukegoto committed Apr 15, 2017
1 parent 47a62b0 commit 7dcd11d
Show file tree
Hide file tree
Showing 15 changed files with 500 additions and 577 deletions.
88 changes: 38 additions & 50 deletions builtin/providers/aws/resource_aws_wafregional_byte_match_set.go
Original file line number Diff line number Diff line change
Expand Up @@ -69,24 +69,19 @@ func resourceAwsWafRegionalByteMatchSetCreate(d *schema.ResourceData, meta inter

log.Printf("[INFO] Creating ByteMatchSet: %s", d.Get("name").(string))

// ChangeToken
var ct *waf.GetChangeTokenInput

res, err := conn.GetChangeToken(ct)
if err != nil {
return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err)
}

params := &waf.CreateByteMatchSetInput{
ChangeToken: res.ChangeToken,
Name: aws.String(d.Get("name").(string)),
}

resp, err := conn.CreateByteMatchSet(params)
wr := newWafRegionalRetryer(conn)
out, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
params := &waf.CreateByteMatchSetInput{
ChangeToken: token,
Name: aws.String(d.Get("name").(string)),
}
return conn.CreateByteMatchSet(params)
})

if err != nil {
return errwrap.Wrapf("[ERROR] Error creating ByteMatchSet: {{err}}", err)
}
resp := out.(*waf.CreateByteMatchSetOutput)

d.SetId(*resp.ByteMatchSet.ByteMatchSetId)

Expand Down Expand Up @@ -138,17 +133,14 @@ func resourceAwsWafRegionalByteMatchSetDelete(d *schema.ResourceData, meta inter
return errwrap.Wrapf("[ERROR] Error deleting ByteMatchSet: {{err}}", err)
}

var ct *waf.GetChangeTokenInput

resp, err := conn.GetChangeToken(ct)

req := &waf.DeleteByteMatchSetInput{
ChangeToken: resp.ChangeToken,
ByteMatchSetId: aws.String(d.Id()),
}

_, err = conn.DeleteByteMatchSet(req)

wr := newWafRegionalRetryer(conn)
_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
req := &waf.DeleteByteMatchSetInput{
ChangeToken: token,
ByteMatchSetId: aws.String(d.Id()),
}
return conn.DeleteByteMatchSet(req)
})
if err != nil {
return errwrap.Wrapf("[ERROR] Error deleting ByteMatchSet: {{err}}", err)
}
Expand All @@ -159,34 +151,30 @@ func resourceAwsWafRegionalByteMatchSetDelete(d *schema.ResourceData, meta inter
func updateByteMatchSetResourceWR(d *schema.ResourceData, meta interface{}, ChangeAction string) error {
conn := meta.(*AWSClient).wafregionalconn

var ct *waf.GetChangeTokenInput

resp, err := conn.GetChangeToken(ct)
if err != nil {
return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err)
}

req := &waf.UpdateByteMatchSetInput{
ChangeToken: resp.ChangeToken,
ByteMatchSetId: aws.String(d.Id()),
}
wr := newWafRegionalRetryer(conn)
_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
req := &waf.UpdateByteMatchSetInput{
ChangeToken: token,
ByteMatchSetId: aws.String(d.Id()),
}

ByteMatchTuples := d.Get("byte_match_tuples").(*schema.Set)
for _, ByteMatchTuple := range ByteMatchTuples.List() {
ByteMatch := ByteMatchTuple.(map[string]interface{})
ByteMatchUpdate := &waf.ByteMatchSetUpdate{
Action: aws.String(ChangeAction),
ByteMatchTuple: &waf.ByteMatchTuple{
FieldToMatch: expandFieldToMatchWR(ByteMatch["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})),
PositionalConstraint: aws.String(ByteMatch["positional_constraint"].(string)),
TargetString: []byte(ByteMatch["target_string"].(string)),
TextTransformation: aws.String(ByteMatch["text_transformation"].(string)),
},
ByteMatchTuples := d.Get("byte_match_tuples").(*schema.Set)
for _, ByteMatchTuple := range ByteMatchTuples.List() {
ByteMatch := ByteMatchTuple.(map[string]interface{})
ByteMatchUpdate := &waf.ByteMatchSetUpdate{
Action: aws.String(ChangeAction),
ByteMatchTuple: &waf.ByteMatchTuple{
FieldToMatch: expandFieldToMatch(ByteMatch["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})),
PositionalConstraint: aws.String(ByteMatch["positional_constraint"].(string)),
TargetString: []byte(ByteMatch["target_string"].(string)),
TextTransformation: aws.String(ByteMatch["text_transformation"].(string)),
},
}
req.Updates = append(req.Updates, ByteMatchUpdate)
}
req.Updates = append(req.Updates, ByteMatchUpdate)
}

_, err = conn.UpdateByteMatchSet(req)
return conn.UpdateByteMatchSet(req)
})
if err != nil {
return errwrap.Wrapf("[ERROR] Error updating ByteMatchSet: {{err}}", err)
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -96,49 +96,43 @@ func testAccCheckAWSWafRegionalByteMatchSetDisappears(v *waf.ByteMatchSet) resou
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).wafregionalconn

// ChangeToken
var ct *waf.GetChangeTokenInput

resp, err := conn.GetChangeToken(ct)
if err != nil {
return fmt.Errorf("Error getting change token: %s", err)
}

req := &waf.UpdateByteMatchSetInput{
ChangeToken: resp.ChangeToken,
ByteMatchSetId: v.ByteMatchSetId,
}
wr := newWafRegionalRetryer(conn)
_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
req := &waf.UpdateByteMatchSetInput{
ChangeToken: token,
ByteMatchSetId: v.ByteMatchSetId,
}

for _, ByteMatchTuple := range v.ByteMatchTuples {
ByteMatchUpdate := &waf.ByteMatchSetUpdate{
Action: aws.String("DELETE"),
ByteMatchTuple: &waf.ByteMatchTuple{
FieldToMatch: ByteMatchTuple.FieldToMatch,
PositionalConstraint: ByteMatchTuple.PositionalConstraint,
TargetString: ByteMatchTuple.TargetString,
TextTransformation: ByteMatchTuple.TextTransformation,
},
for _, ByteMatchTuple := range v.ByteMatchTuples {
ByteMatchUpdate := &waf.ByteMatchSetUpdate{
Action: aws.String("DELETE"),
ByteMatchTuple: &waf.ByteMatchTuple{
FieldToMatch: ByteMatchTuple.FieldToMatch,
PositionalConstraint: ByteMatchTuple.PositionalConstraint,
TargetString: ByteMatchTuple.TargetString,
TextTransformation: ByteMatchTuple.TextTransformation,
},
}
req.Updates = append(req.Updates, ByteMatchUpdate)
}
req.Updates = append(req.Updates, ByteMatchUpdate)
}

_, err = conn.UpdateByteMatchSet(req)
return conn.UpdateByteMatchSet(req)
})
if err != nil {
return errwrap.Wrapf("[ERROR] Error updating ByteMatchSet: {{err}}", err)
}

resp, err = conn.GetChangeToken(ct)
_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
opts := &waf.DeleteByteMatchSetInput{
ChangeToken: token,
ByteMatchSetId: v.ByteMatchSetId,
}
return conn.DeleteByteMatchSet(opts)
})
if err != nil {
return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err)
return errwrap.Wrapf("[ERROR] Error deleting ByteMatchSet: {{err}}", err)
}

opts := &waf.DeleteByteMatchSetInput{
ChangeToken: resp.ChangeToken,
ByteMatchSetId: v.ByteMatchSetId,
}
if _, err := conn.DeleteByteMatchSet(opts); err != nil {
return err
}
return nil
}
}
Expand Down
87 changes: 37 additions & 50 deletions builtin/providers/aws/resource_aws_wafregional_ipset.go
Original file line number Diff line number Diff line change
Expand Up @@ -46,23 +46,18 @@ func resourceAwsWafRegionalIPSet() *schema.Resource {
func resourceAwsWafRegionalIPSetCreate(d *schema.ResourceData, meta interface{}) error {
conn := meta.(*AWSClient).wafregionalconn

// ChangeToken
var ct *waf.GetChangeTokenInput

res, err := conn.GetChangeToken(ct)
if err != nil {
return fmt.Errorf("Error getting change token: %s", err)
}

params := &waf.CreateIPSetInput{
ChangeToken: res.ChangeToken,
Name: aws.String(d.Get("name").(string)),
}

resp, err := conn.CreateIPSet(params)
wr := newWafRegionalRetryer(conn)
out, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
params := &waf.CreateIPSetInput{
ChangeToken: token,
Name: aws.String(d.Get("name").(string)),
}
return conn.CreateIPSet(params)
})
if err != nil {
return err
}
resp := out.(*waf.CreateIPSetOutput)
d.SetId(*resp.IPSet.IPSetId)
return resourceAwsWafRegionalIPSetUpdate(d, meta)
}
Expand Down Expand Up @@ -118,18 +113,15 @@ func resourceAwsWafRegionalIPSetDelete(d *schema.ResourceData, meta interface{})
return fmt.Errorf("Error Removing IPSetDescriptors: %s", err)
}

// ChangeToken
var ct *waf.GetChangeTokenInput

resp, err := conn.GetChangeToken(ct)

req := &waf.DeleteIPSetInput{
ChangeToken: resp.ChangeToken,
IPSetId: aws.String(d.Id()),
}
log.Printf("[INFO] Deleting WAF IPSet")
_, err = conn.DeleteIPSet(req)

wr := newWafRegionalRetryer(conn)
_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
req := &waf.DeleteIPSetInput{
ChangeToken: token,
IPSetId: aws.String(d.Id()),
}
log.Printf("[INFO] Deleting WAF IPSet")
return conn.DeleteIPSet(req)
})
if err != nil {
return fmt.Errorf("Error Deleting WAF IPSet: %s", err)
}
Expand All @@ -140,33 +132,28 @@ func resourceAwsWafRegionalIPSetDelete(d *schema.ResourceData, meta interface{})
func updateIPSetResourceWR(d *schema.ResourceData, meta interface{}, ChangeAction string) error {
conn := meta.(*AWSClient).wafregionalconn

// ChangeToken
var ct *waf.GetChangeTokenInput

resp, err := conn.GetChangeToken(ct)
if err != nil {
return fmt.Errorf("Error getting change token: %s", err)
}

req := &waf.UpdateIPSetInput{
ChangeToken: resp.ChangeToken,
IPSetId: aws.String(d.Id()),
}
wr := newWafRegionalRetryer(conn)
_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
req := &waf.UpdateIPSetInput{
ChangeToken: token,
IPSetId: aws.String(d.Id()),
}

IPSetDescriptors := d.Get("ip_set_descriptors").(*schema.Set)
for _, IPSetDescriptor := range IPSetDescriptors.List() {
IPSet := IPSetDescriptor.(map[string]interface{})
IPSetUpdate := &waf.IPSetUpdate{
Action: aws.String(ChangeAction),
IPSetDescriptor: &waf.IPSetDescriptor{
Type: aws.String(IPSet["type"].(string)),
Value: aws.String(IPSet["value"].(string)),
},
IPSetDescriptors := d.Get("ip_set_descriptors").(*schema.Set)
for _, IPSetDescriptor := range IPSetDescriptors.List() {
IPSet := IPSetDescriptor.(map[string]interface{})
IPSetUpdate := &waf.IPSetUpdate{
Action: aws.String(ChangeAction),
IPSetDescriptor: &waf.IPSetDescriptor{
Type: aws.String(IPSet["type"].(string)),
Value: aws.String(IPSet["value"].(string)),
},
}
req.Updates = append(req.Updates, IPSetUpdate)
}
req.Updates = append(req.Updates, IPSetUpdate)
}

_, err = conn.UpdateIPSet(req)
return conn.UpdateIPSet(req)
})
if err != nil {
return fmt.Errorf("Error Updating WAF IPSet: %s", err)
}
Expand Down
57 changes: 25 additions & 32 deletions builtin/providers/aws/resource_aws_wafregional_ipset_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -100,46 +100,39 @@ func testAccCheckAWSWafRegionalIPSetDisappears(v *waf.IPSet) resource.TestCheckF
return func(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).wafregionalconn

// ChangeToken
var ct *waf.GetChangeTokenInput

resp, err := conn.GetChangeToken(ct)
if err != nil {
return fmt.Errorf("Error getting change token: %s", err)
}

req := &waf.UpdateIPSetInput{
ChangeToken: resp.ChangeToken,
IPSetId: v.IPSetId,
}
wr := newWafRegionalRetryer(conn)
_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
req := &waf.UpdateIPSetInput{
ChangeToken: token,
IPSetId: v.IPSetId,
}

for _, IPSetDescriptor := range v.IPSetDescriptors {
IPSetUpdate := &waf.IPSetUpdate{
Action: aws.String("DELETE"),
IPSetDescriptor: &waf.IPSetDescriptor{
Type: IPSetDescriptor.Type,
Value: IPSetDescriptor.Value,
},
for _, IPSetDescriptor := range v.IPSetDescriptors {
IPSetUpdate := &waf.IPSetUpdate{
Action: aws.String("DELETE"),
IPSetDescriptor: &waf.IPSetDescriptor{
Type: IPSetDescriptor.Type,
Value: IPSetDescriptor.Value,
},
}
req.Updates = append(req.Updates, IPSetUpdate)
}
req.Updates = append(req.Updates, IPSetUpdate)
}

_, err = conn.UpdateIPSet(req)
return conn.UpdateIPSet(req)
})
if err != nil {
return fmt.Errorf("Error Updating WAF IPSet: %s", err)
}

resp, err = conn.GetChangeToken(ct)
_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
opts := &waf.DeleteIPSetInput{
ChangeToken: token,
IPSetId: v.IPSetId,
}
return conn.DeleteIPSet(opts)
})
if err != nil {
return fmt.Errorf("Error getting change token for waf IPSet: %s", err)
}

opts := &waf.DeleteIPSetInput{
ChangeToken: resp.ChangeToken,
IPSetId: v.IPSetId,
}
if _, err := conn.DeleteIPSet(opts); err != nil {
return err
return fmt.Errorf("Error Deleting WAF IPSet: %s", err)
}
return nil
}
Expand Down
Loading

0 comments on commit 7dcd11d

Please sign in to comment.