provider/aws: Use mutex & retry for WAF change operations

hashicorp · Apr 14, 2017 · 088cb95 · 088cb95
1 parent f2a2c28
commit 088cb95
Show file tree

Hide file tree

Showing 15 changed files with 497 additions and 575 deletions.
diff --git a/builtin/providers/aws/resource_aws_waf_byte_match_set.go b/builtin/providers/aws/resource_aws_waf_byte_match_set.go
@@ -69,24 +69,18 @@ func resourceAwsWafByteMatchSetCreate(d *schema.ResourceData, meta interface{})
 
 	log.Printf("[INFO] Creating ByteMatchSet: %s", d.Get("name").(string))
 
-	// ChangeToken
-	var ct *waf.GetChangeTokenInput
-
-	res, err := conn.GetChangeToken(ct)
-	if err != nil {
-		return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err)
-	}
-
-	params := &waf.CreateByteMatchSetInput{
-		ChangeToken: res.ChangeToken,
-		Name:        aws.String(d.Get("name").(string)),
-	}
-
-	resp, err := conn.CreateByteMatchSet(params)
-
+	wr := newWafRetryer(conn, "global")
+	out, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
+		params := &waf.CreateByteMatchSetInput{
+			ChangeToken: token,
+			Name:        aws.String(d.Get("name").(string)),
+		}
+		return conn.CreateByteMatchSet(params)
+	})
 	if err != nil {
 		return errwrap.Wrapf("[ERROR] Error creating ByteMatchSet: {{err}}", err)
 	}
+	resp := out.(*waf.CreateByteMatchSetOutput)
 
 	d.SetId(*resp.ByteMatchSet.ByteMatchSetId)
 
@@ -134,17 +128,14 @@ func resourceAwsWafByteMatchSetDelete(d *schema.ResourceData, meta interface{})
 		return errwrap.Wrapf("[ERROR] Error deleting ByteMatchSet: {{err}}", err)
 	}
 
-	var ct *waf.GetChangeTokenInput
-
-	resp, err := conn.GetChangeToken(ct)
-
-	req := &waf.DeleteByteMatchSetInput{
-		ChangeToken:    resp.ChangeToken,
-		ByteMatchSetId: aws.String(d.Id()),
-	}
-
-	_, err = conn.DeleteByteMatchSet(req)
-
+	wr := newWafRetryer(conn, "global")
+	_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
+		req := &waf.DeleteByteMatchSetInput{
+			ChangeToken:    token,
+			ByteMatchSetId: aws.String(d.Id()),
+		}
+		return conn.DeleteByteMatchSet(req)
+	})
 	if err != nil {
 		return errwrap.Wrapf("[ERROR] Error deleting ByteMatchSet: {{err}}", err)
 	}
@@ -155,34 +146,30 @@ func resourceAwsWafByteMatchSetDelete(d *schema.ResourceData, meta interface{})
 func updateByteMatchSetResource(d *schema.ResourceData, meta interface{}, ChangeAction string) error {
 	conn := meta.(*AWSClient).wafconn
 
-	var ct *waf.GetChangeTokenInput
-
-	resp, err := conn.GetChangeToken(ct)
-	if err != nil {
-		return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err)
-	}
-
-	req := &waf.UpdateByteMatchSetInput{
-		ChangeToken:    resp.ChangeToken,
-		ByteMatchSetId: aws.String(d.Id()),
-	}
+	wr := newWafRetryer(conn, "global")
+	_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
+		req := &waf.UpdateByteMatchSetInput{
+			ChangeToken:    token,
+			ByteMatchSetId: aws.String(d.Id()),
+		}
 
-	ByteMatchTuples := d.Get("byte_match_tuples").(*schema.Set)
-	for _, ByteMatchTuple := range ByteMatchTuples.List() {
-		ByteMatch := ByteMatchTuple.(map[string]interface{})
-		ByteMatchUpdate := &waf.ByteMatchSetUpdate{
-			Action: aws.String(ChangeAction),
-			ByteMatchTuple: &waf.ByteMatchTuple{
-				FieldToMatch:         expandFieldToMatch(ByteMatch["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})),
-				PositionalConstraint: aws.String(ByteMatch["positional_constraint"].(string)),
-				TargetString:         []byte(ByteMatch["target_string"].(string)),
-				TextTransformation:   aws.String(ByteMatch["text_transformation"].(string)),
-			},
+		ByteMatchTuples := d.Get("byte_match_tuples").(*schema.Set)
+		for _, ByteMatchTuple := range ByteMatchTuples.List() {
+			ByteMatch := ByteMatchTuple.(map[string]interface{})
+			ByteMatchUpdate := &waf.ByteMatchSetUpdate{
+				Action: aws.String(ChangeAction),
+				ByteMatchTuple: &waf.ByteMatchTuple{
+					FieldToMatch:         expandFieldToMatch(ByteMatch["field_to_match"].(*schema.Set).List()[0].(map[string]interface{})),
+					PositionalConstraint: aws.String(ByteMatch["positional_constraint"].(string)),
+					TargetString:         []byte(ByteMatch["target_string"].(string)),
+					TextTransformation:   aws.String(ByteMatch["text_transformation"].(string)),
+				},
+			}
+			req.Updates = append(req.Updates, ByteMatchUpdate)
 		}
-		req.Updates = append(req.Updates, ByteMatchUpdate)
-	}
 
-	_, err = conn.UpdateByteMatchSet(req)
+		return conn.UpdateByteMatchSet(req)
+	})
 	if err != nil {
 		return errwrap.Wrapf("[ERROR] Error updating ByteMatchSet: {{err}}", err)
 	}

diff --git a/builtin/providers/aws/resource_aws_waf_byte_match_set_test.go b/builtin/providers/aws/resource_aws_waf_byte_match_set_test.go
@@ -96,49 +96,43 @@ func testAccCheckAWSWafByteMatchSetDisappears(v *waf.ByteMatchSet) resource.Test
 	return func(s *terraform.State) error {
 		conn := testAccProvider.Meta().(*AWSClient).wafconn
 
-		// ChangeToken
-		var ct *waf.GetChangeTokenInput
-
-		resp, err := conn.GetChangeToken(ct)
-		if err != nil {
-			return fmt.Errorf("Error getting change token: %s", err)
-		}
-
-		req := &waf.UpdateByteMatchSetInput{
-			ChangeToken:    resp.ChangeToken,
-			ByteMatchSetId: v.ByteMatchSetId,
-		}
+		wr := newWafRetryer(conn, "global")
+		_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
+			req := &waf.UpdateByteMatchSetInput{
+				ChangeToken:    token,
+				ByteMatchSetId: v.ByteMatchSetId,
+			}
 
-		for _, ByteMatchTuple := range v.ByteMatchTuples {
-			ByteMatchUpdate := &waf.ByteMatchSetUpdate{
-				Action: aws.String("DELETE"),
-				ByteMatchTuple: &waf.ByteMatchTuple{
-					FieldToMatch:         ByteMatchTuple.FieldToMatch,
-					PositionalConstraint: ByteMatchTuple.PositionalConstraint,
-					TargetString:         ByteMatchTuple.TargetString,
-					TextTransformation:   ByteMatchTuple.TextTransformation,
-				},
+			for _, ByteMatchTuple := range v.ByteMatchTuples {
+				ByteMatchUpdate := &waf.ByteMatchSetUpdate{
+					Action: aws.String("DELETE"),
+					ByteMatchTuple: &waf.ByteMatchTuple{
+						FieldToMatch:         ByteMatchTuple.FieldToMatch,
+						PositionalConstraint: ByteMatchTuple.PositionalConstraint,
+						TargetString:         ByteMatchTuple.TargetString,
+						TextTransformation:   ByteMatchTuple.TextTransformation,
+					},
+				}
+				req.Updates = append(req.Updates, ByteMatchUpdate)
 			}
-			req.Updates = append(req.Updates, ByteMatchUpdate)
-		}
 
-		_, err = conn.UpdateByteMatchSet(req)
+			return conn.UpdateByteMatchSet(req)
+		})
 		if err != nil {
 			return errwrap.Wrapf("[ERROR] Error updating ByteMatchSet: {{err}}", err)
 		}
 
-		resp, err = conn.GetChangeToken(ct)
+		_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
+			opts := &waf.DeleteByteMatchSetInput{
+				ChangeToken:    token,
+				ByteMatchSetId: v.ByteMatchSetId,
+			}
+			return conn.DeleteByteMatchSet(opts)
+		})
 		if err != nil {
-			return errwrap.Wrapf("[ERROR] Error getting change token: {{err}}", err)
+			return errwrap.Wrapf("[ERROR] Error deleting ByteMatchSet: {{err}}", err)
 		}
 
-		opts := &waf.DeleteByteMatchSetInput{
-			ChangeToken:    resp.ChangeToken,
-			ByteMatchSetId: v.ByteMatchSetId,
-		}
-		if _, err := conn.DeleteByteMatchSet(opts); err != nil {
-			return err
-		}
 		return nil
 	}
 }

diff --git a/builtin/providers/aws/resource_aws_waf_ipset.go b/builtin/providers/aws/resource_aws_waf_ipset.go
@@ -46,23 +46,18 @@ func resourceAwsWafIPSet() *schema.Resource {
 func resourceAwsWafIPSetCreate(d *schema.ResourceData, meta interface{}) error {
 	conn := meta.(*AWSClient).wafconn
 
-	// ChangeToken
-	var ct *waf.GetChangeTokenInput
-
-	res, err := conn.GetChangeToken(ct)
-	if err != nil {
-		return fmt.Errorf("Error getting change token: %s", err)
-	}
-
-	params := &waf.CreateIPSetInput{
-		ChangeToken: res.ChangeToken,
-		Name:        aws.String(d.Get("name").(string)),
-	}
-
-	resp, err := conn.CreateIPSet(params)
+	wr := newWafRetryer(conn, "global")
+	out, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
+		params := &waf.CreateIPSetInput{
+			ChangeToken: token,
+			Name:        aws.String(d.Get("name").(string)),
+		}
+		return conn.CreateIPSet(params)
+	})
 	if err != nil {
 		return err
 	}
+	resp := out.(*waf.CreateIPSetOutput)
 	d.SetId(*resp.IPSet.IPSetId)
 	return resourceAwsWafIPSetUpdate(d, meta)
 }
@@ -117,18 +112,15 @@ func resourceAwsWafIPSetDelete(d *schema.ResourceData, meta interface{}) error {
 		return fmt.Errorf("Error Removing IPSetDescriptors: %s", err)
 	}
 
-	// ChangeToken
-	var ct *waf.GetChangeTokenInput
-
-	resp, err := conn.GetChangeToken(ct)
-
-	req := &waf.DeleteIPSetInput{
-		ChangeToken: resp.ChangeToken,
-		IPSetId:     aws.String(d.Id()),
-	}
-	log.Printf("[INFO] Deleting WAF IPSet")
-	_, err = conn.DeleteIPSet(req)
-
+	wr := newWafRetryer(conn, "global")
+	_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
+		req := &waf.DeleteIPSetInput{
+			ChangeToken: token,
+			IPSetId:     aws.String(d.Id()),
+		}
+		log.Printf("[INFO] Deleting WAF IPSet")
+		return conn.DeleteIPSet(req)
+	})
 	if err != nil {
 		return fmt.Errorf("Error Deleting WAF IPSet: %s", err)
 	}
@@ -139,33 +131,28 @@ func resourceAwsWafIPSetDelete(d *schema.ResourceData, meta interface{}) error {
 func updateIPSetResource(d *schema.ResourceData, meta interface{}, ChangeAction string) error {
 	conn := meta.(*AWSClient).wafconn
 
-	// ChangeToken
-	var ct *waf.GetChangeTokenInput
-
-	resp, err := conn.GetChangeToken(ct)
-	if err != nil {
-		return fmt.Errorf("Error getting change token: %s", err)
-	}
-
-	req := &waf.UpdateIPSetInput{
-		ChangeToken: resp.ChangeToken,
-		IPSetId:     aws.String(d.Id()),
-	}
+	wr := newWafRetryer(conn, "global")
+	_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
+		req := &waf.UpdateIPSetInput{
+			ChangeToken: token,
+			IPSetId:     aws.String(d.Id()),
+		}
 
-	IPSetDescriptors := d.Get("ip_set_descriptors").(*schema.Set)
-	for _, IPSetDescriptor := range IPSetDescriptors.List() {
-		IPSet := IPSetDescriptor.(map[string]interface{})
-		IPSetUpdate := &waf.IPSetUpdate{
-			Action: aws.String(ChangeAction),
-			IPSetDescriptor: &waf.IPSetDescriptor{
-				Type:  aws.String(IPSet["type"].(string)),
-				Value: aws.String(IPSet["value"].(string)),
-			},
+		IPSetDescriptors := d.Get("ip_set_descriptors").(*schema.Set)
+		for _, IPSetDescriptor := range IPSetDescriptors.List() {
+			IPSet := IPSetDescriptor.(map[string]interface{})
+			IPSetUpdate := &waf.IPSetUpdate{
+				Action: aws.String(ChangeAction),
+				IPSetDescriptor: &waf.IPSetDescriptor{
+					Type:  aws.String(IPSet["type"].(string)),
+					Value: aws.String(IPSet["value"].(string)),
+				},
+			}
+			req.Updates = append(req.Updates, IPSetUpdate)
 		}
-		req.Updates = append(req.Updates, IPSetUpdate)
-	}
 
-	_, err = conn.UpdateIPSet(req)
+		return conn.UpdateIPSet(req)
+	})
 	if err != nil {
 		return fmt.Errorf("Error Updating WAF IPSet: %s", err)
 	}

diff --git a/builtin/providers/aws/resource_aws_waf_ipset_test.go b/builtin/providers/aws/resource_aws_waf_ipset_test.go
@@ -100,46 +100,39 @@ func testAccCheckAWSWafIPSetDisappears(v *waf.IPSet) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		conn := testAccProvider.Meta().(*AWSClient).wafconn
 
-		// ChangeToken
-		var ct *waf.GetChangeTokenInput
-
-		resp, err := conn.GetChangeToken(ct)
-		if err != nil {
-			return fmt.Errorf("Error getting change token: %s", err)
-		}
-
-		req := &waf.UpdateIPSetInput{
-			ChangeToken: resp.ChangeToken,
-			IPSetId:     v.IPSetId,
-		}
+		wr := newWafRetryer(conn, "global")
+		_, err := wr.RetryWithToken(func(token *string) (interface{}, error) {
+			req := &waf.UpdateIPSetInput{
+				ChangeToken: token,
+				IPSetId:     v.IPSetId,
+			}
 
-		for _, IPSetDescriptor := range v.IPSetDescriptors {
-			IPSetUpdate := &waf.IPSetUpdate{
-				Action: aws.String("DELETE"),
-				IPSetDescriptor: &waf.IPSetDescriptor{
-					Type:  IPSetDescriptor.Type,
-					Value: IPSetDescriptor.Value,
-				},
+			for _, IPSetDescriptor := range v.IPSetDescriptors {
+				IPSetUpdate := &waf.IPSetUpdate{
+					Action: aws.String("DELETE"),
+					IPSetDescriptor: &waf.IPSetDescriptor{
+						Type:  IPSetDescriptor.Type,
+						Value: IPSetDescriptor.Value,
+					},
+				}
+				req.Updates = append(req.Updates, IPSetUpdate)
 			}
-			req.Updates = append(req.Updates, IPSetUpdate)
-		}
 
-		_, err = conn.UpdateIPSet(req)
+			return conn.UpdateIPSet(req)
+		})
 		if err != nil {
 			return fmt.Errorf("Error Updating WAF IPSet: %s", err)
 		}
 
-		resp, err = conn.GetChangeToken(ct)
+		_, err = wr.RetryWithToken(func(token *string) (interface{}, error) {
+			opts := &waf.DeleteIPSetInput{
+				ChangeToken: token,
+				IPSetId:     v.IPSetId,
+			}
+			return conn.DeleteIPSet(opts)
+		})
 		if err != nil {
-			return fmt.Errorf("Error getting change token for waf IPSet: %s", err)
-		}
-
-		opts := &waf.DeleteIPSetInput{
-			ChangeToken: resp.ChangeToken,
-			IPSetId:     v.IPSetId,
-		}
-		if _, err := conn.DeleteIPSet(opts); err != nil {
-			return err
+			return fmt.Errorf("Error Deleting WAF IPSet: %s", err)
 		}
 		return nil
 	}