Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

azurerm_ip_group: parse and normalize firewall/policy id in read #24031

Merged
merged 2 commits into from
Nov 28, 2023
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
60 changes: 48 additions & 12 deletions internal/services/network/ip_group_resource.go
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ import (
"log"
"time"

"github.com/hashicorp/go-azure-helpers/lang/pointer"
"github.com/hashicorp/go-azure-helpers/resourcemanager/commonschema"
"github.com/hashicorp/go-azure-sdk/resource-manager/network/2023-06-01/azurefirewalls"
"github.com/hashicorp/go-azure-sdk/resource-manager/network/2023-06-01/firewallpolicies"
Expand Down Expand Up @@ -93,13 +94,19 @@ func resourceIpGroupCreate(d *pluginsdk.ResourceData, meta interface{}) error {
defer cancel()

for _, fw := range d.Get("firewall_ids").([]interface{}) {
id, _ := azurefirewalls.ParseAzureFirewallID(fw.(string))
id, err := azurefirewalls.ParseAzureFirewallID(fw.(string))
if err != nil {
return fmt.Errorf("parsing Azure Firewall ID %q: %+v", fw, err)
}
locks.ByName(id.AzureFirewallName, firewall.AzureFirewallResourceName)
defer locks.UnlockByName(id.AzureFirewallName, firewall.AzureFirewallResourceName)
}

for _, fwpol := range d.Get("firewall_policy_ids").([]interface{}) {
id, _ := firewallpolicies.ParseFirewallPolicyID(fwpol.(string))
id, err := firewallpolicies.ParseFirewallPolicyID(fwpol.(string))
if err != nil {
return fmt.Errorf("parsing Azure Firewall Policy ID %q: %+v", fwpol, err)
}
locks.ByName(id.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
defer locks.UnlockByName(id.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
}
Expand Down Expand Up @@ -183,8 +190,25 @@ func resourceIpGroupRead(d *pluginsdk.ResourceData, meta interface{}) error {
}
}

d.Set("firewall_ids", getIds(resp.Firewalls))
d.Set("firewall_policy_ids", getIds(resp.FirewallPolicies))
firewallIDs := make([]string, 0)
for _, idStr := range getIds(resp.Firewalls) {
firewallID, err := azurefirewalls.ParseAzureFirewallIDInsensitively(idStr)
if err != nil {
return fmt.Errorf("parsing Azure Firewall ID %q: %+v", idStr, err)
}
firewallIDs = append(firewallIDs, firewallID.ID())
}
d.Set("firewall_ids", firewallIDs)

firewallPolicyIDs := make([]string, 0)
for _, idStr := range getIds(resp.FirewallPolicies) {
policyID, err := firewallpolicies.ParseFirewallPolicyIDInsensitively(idStr)
if err != nil {
return fmt.Errorf("parsing Azure Firewall Policy ID %q: %+v", idStr, err)
}
firewallPolicyIDs = append(firewallPolicyIDs, policyID.ID())
}
d.Set("firewall_policy_ids", firewallPolicyIDs)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This issue still exists however - particularly in the Delete but also if the validation is wrong in the Create/Update/if refresh is disabled:

  1. Update the Create function so that the Parse function raises an error when parsing fails
  2. Update the Update function so that the Parse function raises an error when parsing fails
  3. Update the Delete function so that the Parse function raises an error when parsing fails - but also to load the values from the Azure API, since we shouldn't be using d.Get in the Delete function.

As such, can we update this?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks and Updated!


return tags.FlattenAndSet(d, resp.Tags)
}
Expand All @@ -196,13 +220,19 @@ func resourceIpGroupUpdate(d *pluginsdk.ResourceData, meta interface{}) error {
defer cancel()

for _, fw := range d.Get("firewall_ids").([]interface{}) {
id, _ := azurefirewalls.ParseAzureFirewallID(fw.(string))
id, err := azurefirewalls.ParseAzureFirewallID(fw.(string))
if err != nil {
return fmt.Errorf("parsing Azure Firewall ID %q: %+v", fw, err)
}
locks.ByName(id.AzureFirewallName, firewall.AzureFirewallResourceName)
defer locks.UnlockByName(id.AzureFirewallName, firewall.AzureFirewallResourceName)
}

for _, fwpol := range d.Get("firewall_policy_ids").([]interface{}) {
id, _ := firewallpolicies.ParseFirewallPolicyID(fwpol.(string))
id, err := firewallpolicies.ParseFirewallPolicyID(fwpol.(string))
if err != nil {
return fmt.Errorf("parsing Azure Firewall Policy ID %q: %+v", fwpol, err)
}
locks.ByName(id.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
defer locks.UnlockByName(id.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
}
Expand Down Expand Up @@ -287,15 +317,21 @@ func resourceIpGroupDelete(d *pluginsdk.ResourceData, meta interface{}) error {
}

for _, fw := range *read.Firewalls {
id, _ := azurefirewalls.ParseAzureFirewallID(*fw.ID)
locks.ByName(id.AzureFirewallName, firewall.AzureFirewallResourceName)
defer locks.UnlockByName(id.AzureFirewallName, firewall.AzureFirewallResourceName)
fwID, err := azurefirewalls.ParseAzureFirewallID(pointer.From(fw.ID))
if err != nil {
return fmt.Errorf("parsing Azure Firewall ID %q: %+v", pointer.From(fw.ID), err)
}
locks.ByName(fwID.AzureFirewallName, firewall.AzureFirewallResourceName)
defer locks.UnlockByName(fwID.AzureFirewallName, firewall.AzureFirewallResourceName)
}

for _, fwpol := range *read.FirewallPolicies {
id, _ := firewallpolicies.ParseFirewallPolicyID(*fwpol.ID)
locks.ByName(id.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
defer locks.UnlockByName(id.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
polID, err := firewallpolicies.ParseFirewallPolicyID(pointer.From(fwpol.ID))
if err != nil {
return fmt.Errorf("parsing Azure Firewall Policy ID %q: %+v", *fwpol.ID, err)
}
locks.ByName(polID.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
defer locks.UnlockByName(polID.FirewallPolicyName, firewall.AzureFirewallPolicyResourceName)
}

future, err := client.Delete(ctx, id.ResourceGroup, id.Name)
Expand Down
Loading