Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

service/waf: Only wrap errors returned by GetChangeToken in RetryWithToken #10242

Merged
merged 1 commit into from
Sep 27, 2019

Conversation

bflad
Copy link
Contributor

@bflad bflad commented Sep 25, 2019

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" comments, they generate extra noise for pull request followers and do not help prioritize the request

Reference: #9826

Release note for CHANGELOG:

* service/waf: Prevent incorrect `Error getting WAF change token` errors for API calls that should be retried
* service/wafregional: Prevent incorrect `Error getting WAF regional change token` errors for API calls that should be retried

Wrapping the errors of the passed in WAF API functions breaks downstream error checking, e.g. isAWSErr()

Previously (failure based on eventual consistency):

--- FAIL: TestAccAWSWafWebAcl_Rules (31.87s)
    testing.go:569: Step 2 error: errors during apply:

        Error: Error deleting WAF Rule: Error getting WAF change token: WAFReferencedItemException: This entity is still referenced by other entities.

Output from acceptance testing:

$ TF_ACC=1 go test ./aws -v -count=10 -timeout 120m -parallel 20 -run='TestAccAWSWafWebAcl_Rules'
...
--- PASS: TestAccAWSWafWebAcl_Rules (36.99s)
--- PASS: TestAccAWSWafWebAcl_Rules (34.34s)
--- PASS: TestAccAWSWafWebAcl_Rules (34.90s)
--- PASS: TestAccAWSWafWebAcl_Rules (35.58s)
--- PASS: TestAccAWSWafWebAcl_Rules (36.87s)
--- PASS: TestAccAWSWafWebAcl_Rules (33.99s)
--- PASS: TestAccAWSWafWebAcl_Rules (35.01s)
--- PASS: TestAccAWSWafWebAcl_Rules (33.60s)
--- PASS: TestAccAWSWafWebAcl_Rules (33.70s)
--- PASS: TestAccAWSWafWebAcl_Rules (35.82s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	353.338s

Also verified by running the stuck sweeper:

$ go test ./aws -v -sweep=us-east-1,us-west-2 -sweep-run=aws_wafregional_web_acl -timeout 10h
...
2019/09/25 11:50:25 [INFO] Deleting WAF Regional Web ACL: dc595176-6e50-488d-a9b0-35df984b672f
...
2019/09/25 11:50:26 [INFO] Removing Rules from WAF Regional Web ACL: dc595176-6e50-488d-a9b0-35df984b672f
...
2019/09/25 11:50:27 [INFO] Deleting WAF Regional Web ACL: dc595176-6e50-488d-a9b0-35df984b672f
...
2019/09/25 11:50:28 Sweeper Tests ran:
	- aws_wafregional_web_acl
ok  	github.com/terraform-providers/terraform-provider-aws/aws	8.119s

…Token usage

Reference: #9826

Wrapping the errors of the passed in WAF API functions breaks downstream error checking, e.g. `isAWSErr()`

Previously (failure based on eventual consistency):

```
--- FAIL: TestAccAWSWafWebAcl_Rules (31.87s)
    testing.go:569: Step 2 error: errors during apply:

        Error: Error deleting WAF Rule: Error getting WAF change token: WAFReferencedItemException: This entity is still referenced by other entities.
```

Output from acceptance testing:

```console
$ TF_ACC=1 go test ./aws -v -count=10 -timeout 120m -parallel 20 -run='TestAccAWSWafWebAcl_Rules'
...
--- PASS: TestAccAWSWafWebAcl_Rules (36.99s)
--- PASS: TestAccAWSWafWebAcl_Rules (34.34s)
--- PASS: TestAccAWSWafWebAcl_Rules (34.90s)
--- PASS: TestAccAWSWafWebAcl_Rules (35.58s)
--- PASS: TestAccAWSWafWebAcl_Rules (36.87s)
--- PASS: TestAccAWSWafWebAcl_Rules (33.99s)
--- PASS: TestAccAWSWafWebAcl_Rules (35.01s)
--- PASS: TestAccAWSWafWebAcl_Rules (33.60s)
--- PASS: TestAccAWSWafWebAcl_Rules (33.70s)
--- PASS: TestAccAWSWafWebAcl_Rules (35.82s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	353.338s
```

Also verified by running the stuck sweeper:

```console
$ go test ./aws -v -sweep=us-east-1,us-west-2 -sweep-run=aws_wafregional_web_acl -timeout 10h
...
2019/09/25 11:50:25 [INFO] Deleting WAF Regional Web ACL: dc595176-6e50-488d-a9b0-35df984b672f
...
2019/09/25 11:50:26 [INFO] Removing Rules from WAF Regional Web ACL: dc595176-6e50-488d-a9b0-35df984b672f
...
2019/09/25 11:50:27 [INFO] Deleting WAF Regional Web ACL: dc595176-6e50-488d-a9b0-35df984b672f
...
2019/09/25 11:50:28 Sweeper Tests ran:
	- aws_wafregional_web_acl
ok  	github.com/terraform-providers/terraform-provider-aws/aws	8.119s
```
@bflad bflad added bug Addresses a defect in current functionality. service/waf Issues and PRs that pertain to the waf service. labels Sep 25, 2019
@bflad bflad requested a review from a team September 25, 2019 15:55
@ghost ghost added the size/XS Managed by automation to categorize the size of a PR. label Sep 25, 2019
@aeschright aeschright self-assigned this Sep 25, 2019
@aeschright aeschright modified the milestone: v2.30.0 Sep 25, 2019
Copy link
Contributor

@aeschright aeschright left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

--- PASS: TestAccAWSWafWebAcl_Rules (86.70s)

@bflad bflad added this to the v2.31.0 milestone Sep 27, 2019
@bflad bflad merged commit 72f0b71 into master Sep 27, 2019
@bflad bflad deleted the b-waf-retrywithtoken-nowrap branch September 27, 2019 01:21
bflad added a commit that referenced this pull request Sep 27, 2019
@ghost
Copy link

ghost commented Oct 3, 2019

This has been released in version 2.31.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks!

@ghost
Copy link

ghost commented Nov 1, 2019

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Nov 1, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
bug Addresses a defect in current functionality. service/waf Issues and PRs that pertain to the waf service. size/XS Managed by automation to categorize the size of a PR.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants