Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

New Resource: aws_ssm_resource_data_sync #1895

Merged
merged 6 commits into from
Nov 10, 2017

Conversation

atsushi-ishibashi
Copy link
Contributor

@atsushi-ishibashi atsushi-ishibashi commented Oct 14, 2017

#1259
In my local environment, I got error like below. But all checks have passed in travis-ci...

make testacc TEST=./aws TESTARGS='-run=TestAccAWSSsmResourceDataSync'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSSsmResourceDataSync -timeout 120m
=== RUN   TestAccAWSSsmResourceDataSync
--- FAIL: TestAccAWSSsmResourceDataSync (44.23s)
	testing.go:434: Step 0 error: Check failed: Check 1/1 error: Not found: aws_ssm_resource_data_sync.foo
FAIL
exit status 1
FAIL	github.com/terraform-providers/terraform-provider-aws/aws	44.270s
make: *** [testacc] Error 1

@radeksimko radeksimko added the new-resource Introduces a new resource. label Oct 14, 2017
@atsushi-ishibashi atsushi-ishibashi changed the title [WIP]New Resource: ResourceDataSyncS3Destination New Resource: ResourceDataSyncS3Destination Oct 15, 2017
@atsushi-ishibashi
Copy link
Contributor Author

make testacc TEST=./aws TESTARGS='-run=TestAccAWSSsmResourceDataSync'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSSsmResourceDataSync -timeout 120m
=== RUN   TestAccAWSSsmResourceDataSync
--- PASS: TestAccAWSSsmResourceDataSync (60.41s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	60.457s

@radeksimko radeksimko changed the title New Resource: ResourceDataSyncS3Destination New Resource: aws_ssm_resource_data_sync Nov 9, 2017
Copy link
Member

@radeksimko radeksimko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @atsushi-ishibashi
I left you some comments in the code. Let me know if anything's unclear.

if aerr, ok := err.(awserr.Error); ok {
switch aerr.Code() {
case ssm.ErrCodeResourceDataSyncAlreadyExistsException:
if err := resourceAwsSsmResourceDataSyncDeleteAndCreate(meta, input); err != nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please explain why we should ever recreate the resource? The common convention (and user's expectations) is to just error out in case there's a conflict.

Required: true,
ForceNew: true,
},
"destination": {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is there any reason we should drift away from the API here? i.e. how do you feel about renaming this to s3_destination?

Type: schema.TypeString,
Optional: true,
},
"bucket": {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above - bucket_name?

MaxItems: 1,
Elem: &schema.Resource{
Schema: map[string]*schema.Schema{
"key": {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As above - kms_key_arn?


input := &ssm.CreateResourceDataSyncInput{
S3Destination: &ssm.ResourceDataSyncS3Destination{
SyncFormat: aws.String(ssm.ResourceDataSyncS3FormatJsonSerDe),
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Perhaps a nitpick, but how do you feel about exposing this argument via schema too? It would help us to be prepared for time when AWS introduces new sync format(s).

if found || nextToken == "" {
break
}
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once you have decoupled the logic for finding the right data sync, it can also be reused here 😉

}
}
if found {
return fmt.Errorf("[DELETE ERROR] Resource Data Sync found for SyncName: %s", rs.Primary.Attributes["name"])
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nitpick, but there's no reason to prefix the message with [DELETE ERROR] - it's already clear that it's error.

}

resource "aws_ssm_resource_data_sync" "foo" {
name = "foo"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you mind randomizing the name here?

if val, ok := m["prefix"]; ok {
buf.WriteString(fmt.Sprintf("%s-", strings.ToLower(val.(string))))
}
return hashcode.String(buf.String())
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you please explain why do we need to lowercase all the values here? It seems unnecessary to me. 🤔

ForceNew: true,
},
"destination": {
Type: schema.TypeSet,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Since this is a singleton I think we can just make it TypeList as there's no value in computing the hash and it would also complicate referencing. TypeList can be referenced as s3_destination.0.key etc., whereas TypeSet is non-trivial to reference because the address is s3_destination.<computed-idx>.key.

@radeksimko radeksimko added the waiting-response Maintainers are waiting on response from community or contributor. label Nov 9, 2017
@atsushi-ishibashi
Copy link
Contributor Author

atsushi-ishibashi commented Nov 10, 2017

@radeksimko I absolutely agree with your feedback. I'm sorry for bothering you with trivial mistakes because I couldn't understand the behaivour when I submitted this PR 🙇
I added sync_format with default value.

make testacc TEST=./aws TESTARGS='-run=TestAccAWSSsmResourceDataSync_basic'
==> Checking that code complies with gofmt requirements...
TF_ACC=1 go test ./aws -v -run=TestAccAWSSsmResourceDataSync_basic -timeout 120m
=== RUN   TestAccAWSSsmResourceDataSync_basic
--- PASS: TestAccAWSSsmResourceDataSync_basic (63.07s)
PASS
ok  	github.com/terraform-providers/terraform-provider-aws/aws	63.119s

Copy link
Member

@radeksimko radeksimko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @atsushi-ishibashi
thanks for implementing the feedback promptly.
There's no need to apologise! 😃

I just left you a few last comments - then I think we're ready to ship it 🚀

} else {
d.SetId("")
return nil
}
Copy link
Member

@radeksimko radeksimko Nov 10, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm slightly worried about this conditional here, because we may add more errors to findResourceDataSyncItem in the future which aren't awserr and those may have nothing to do with "resource not found".
How do you feel about tweaking findResourceDataSyncItem to return nil, nil if no resource was found and then checking the nil here, instead of checking the error isn't awserr.Error?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure👍 I'll apply that idea!

return err
} else {
return nil
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

^ I share the same concerns here as above

return fmt.Sprintf(`
resource "aws_s3_bucket" "hoge" {
bucket = "tf-test-bucket-%d"
region = "us-east-1"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any particular reason why this bucket should be in us-east-1? It's certainly no big deal, just that our primary test region is us-west-2.

@radeksimko radeksimko removed the waiting-response Maintainers are waiting on response from community or contributor. label Nov 10, 2017
Copy link
Member

@radeksimko radeksimko left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👋
There's a few compilation errors to address:

aws/resource_aws_ssm_resource_data_sync.go:4:2: imported and not used: "fmt"
aws/resource_aws_ssm_resource_data_sync.go:7:2: imported and not used: "github.com/terraform-providers/terraform-provider-aws/vendor/github.com/aws/aws-sdk-go/aws/awserr"

😉

@radeksimko radeksimko added the waiting-response Maintainers are waiting on response from community or contributor. label Nov 10, 2017
@radeksimko radeksimko removed the waiting-response Maintainers are waiting on response from community or contributor. label Nov 10, 2017
@radeksimko
Copy link
Member

@atsushi-ishibashi I just added retry logic to work around the eventually consistent nature of S3 which emerged in the acceptance test:

=== RUN   TestAccAWSSsmResourceDataSync_basic
--- FAIL: TestAccAWSSsmResourceDataSync_basic (61.77s)
	testing.go:434: Step 0 error: Error applying: 1 error(s) occurred:

		* aws_ssm_resource_data_sync.foo: 1 error(s) occurred:

		* aws_ssm_resource_data_sync.foo: ResourceDataSyncInvalidConfigurationException: S3 write failed for bucket [tf-test-bucket-5869476133795886706] with prefix [null] with sync name [tf-test-ssm-2hzj4] due to [Access Denied (Service: Amazon S3; Status Code: 403; Error Code: AccessDenied; Request ID: 31B58B3D98C61C90; S3 Extended Request ID: ra9YFypLVbeh6yzILpZ8S39ukPnmkCw6UBFWwSKdYeTLU7uKBgI5a0Mwut4Ds/7J)]. Please refer: http://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-configuring.html#sysman-inventory-datasync
			status code: 400, request id: ccedb0c2-c5f8-11e7-9213-61c5dcb61d04

Let me know if you have any questions in regards to that patch, otherwise I'm happy to merge this.

@atsushi-ishibashi
Copy link
Contributor Author

@radeksimko I missed that point... Of course, I appreciate the patch👍

@radeksimko radeksimko merged commit a28808b into hashicorp:master Nov 10, 2017
@ghost
Copy link

ghost commented Apr 10, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks!

@ghost ghost locked and limited conversation to collaborators Apr 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
new-resource Introduces a new resource.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants