Skip to content

Commit f58c6c8

Browse files
tongyimingmikatong
tongyiming
and
mikatong
authored
fix(vpc): [123456789] sg rule delete (#2863)
* fix sg rule delete * add changelog * update test case name * update test case --------- Co-authored-by: mikatong <[email protected]>
1 parent 638e88d commit f58c6c8

File tree

3 files changed

+89
-28
lines changed

3 files changed

+89
-28
lines changed

.changelog/2863.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,3 @@
1+
```release-note:bug
2+
resource/tencentcloud_security_group_rule: fix delete rule failed
3+
```

tencentcloud/services/vpc/resource_tc_security_group_rule.go

Lines changed: 2 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -395,7 +395,7 @@ func resourceTencentCloudSecurityGroupRuleDelete(d *schema.ResourceData, m inter
395395
service := VpcService{client: m.(tccommon.ProviderMeta).GetAPIV3Conn()}
396396

397397
ruleId := d.Id()
398-
sgId, policyType, policy, err := service.DescribeSecurityGroupPolicy(ctx, ruleId)
398+
_, _, policy, err := service.DescribeSecurityGroupPolicy(ctx, ruleId)
399399
if err != nil {
400400
log.Printf("[CRITAL]%s security group rule query failed: %s\n ", logId, err.Error())
401401
return err
@@ -404,31 +404,13 @@ func resourceTencentCloudSecurityGroupRuleDelete(d *schema.ResourceData, m inter
404404
return fmt.Errorf("The security group policy(ruleId: %s) is nil.", ruleId)
405405
}
406406

407-
index := *policy.PolicyIndex
408-
409407
err = resource.Retry(tccommon.WriteRetryTimeout, func() *resource.RetryError {
410-
e := service.DeleteSecurityGroupPolicyByPolicyIndex(ctx, index, sgId, policyType)
408+
e := service.DeleteSecurityGroupPolicy(ctx, ruleId)
411409
if e != nil {
412410
if ee, ok := e.(*sdkErrors.TencentCloudSDKError); ok {
413411
if ee.GetCode() == "ResourceNotFound" {
414412
return nil
415413
}
416-
417-
if ee.GetCode() == "InvalidParameterValue.Range" {
418-
sgId, policyType, policy, err = service.DescribeSecurityGroupPolicy(ctx, ruleId)
419-
if err != nil {
420-
log.Printf("[CRITAL]%s security group rule query failed: %s\n ", logId, err.Error())
421-
return tccommon.RetryError(err)
422-
}
423-
424-
if policy == nil {
425-
log.Printf("Security Group policy(ruleId: %s) is nil in the delete process, exit... \n", ruleId)
426-
return nil
427-
}
428-
//update index
429-
index = *policy.PolicyIndex
430-
return resource.RetryableError(fmt.Errorf("The policy index has been updated, retry..."))
431-
}
432414
}
433415
return resource.RetryableError(fmt.Errorf("security group delete failed: %s", e.Error()))
434416
}

tencentcloud/services/vpc/resource_tc_security_group_rule_test.go

Lines changed: 84 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ import (
1414
"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
1515
)
1616

17-
func TestAccTencentCloudSecurityGroupRule_basic(t *testing.T) {
17+
func TestAccTencentCloudSecurityGroupRuleResource_basic(t *testing.T) {
1818
t.Parallel()
1919
var sgrId string
2020

@@ -39,7 +39,46 @@ func TestAccTencentCloudSecurityGroupRule_basic(t *testing.T) {
3939
})
4040
}
4141

42-
func TestAccTencentCloudSecurityGroupRule_ssh(t *testing.T) {
42+
func TestAccTencentCloudSecurityGroupRuleResource_multi(t *testing.T) {
43+
t.Parallel()
44+
var sgrId string
45+
46+
resource.Test(t, resource.TestCase{
47+
PreCheck: func() { tcacctest.AccPreCheck(t) },
48+
Providers: tcacctest.AccProviders,
49+
CheckDestroy: testAccCheckSecurityGroupRuleDestroy(&sgrId),
50+
Steps: []resource.TestStep{
51+
{
52+
Config: testAccSecurityGroupRuleConfigMulti,
53+
Check: resource.ComposeTestCheckFunc(
54+
testAccCheckSecurityGroupRuleExists("tencentcloud_security_group_rule.http-in1", &sgrId),
55+
testAccCheckSecurityGroupRuleExists("tencentcloud_security_group_rule.http-in2", &sgrId),
56+
testAccCheckSecurityGroupRuleExists("tencentcloud_security_group_rule.http-in3", &sgrId),
57+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in1", "cidr_ip", "1.1.1.1"),
58+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in1", "ip_protocol", "tcp"),
59+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in1", "description", ""),
60+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in1", "type", "ingress"),
61+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in1", "policy_index", "0"),
62+
resource.TestCheckNoResourceAttr("tencentcloud_security_group_rule.http-in1", "source_sgid"),
63+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in2", "cidr_ip", "2.2.2.2"),
64+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in2", "ip_protocol", "tcp"),
65+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in2", "description", ""),
66+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in2", "type", "ingress"),
67+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in2", "policy_index", "0"),
68+
resource.TestCheckNoResourceAttr("tencentcloud_security_group_rule.http-in2", "source_sgid"),
69+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in3", "cidr_ip", "3.3.3.3"),
70+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in3", "ip_protocol", "tcp"),
71+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in3", "description", ""),
72+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in3", "type", "ingress"),
73+
resource.TestCheckResourceAttr("tencentcloud_security_group_rule.http-in3", "policy_index", "0"),
74+
resource.TestCheckNoResourceAttr("tencentcloud_security_group_rule.http-in3", "source_sgid"),
75+
),
76+
},
77+
},
78+
})
79+
}
80+
81+
func TestAccTencentCloudSecurityGroupRuleResource_ssh(t *testing.T) {
4382
t.Parallel()
4483
var sgrId string
4584

@@ -63,7 +102,7 @@ func TestAccTencentCloudSecurityGroupRule_ssh(t *testing.T) {
63102
})
64103
}
65104

66-
func TestAccTencentCloudSecurityGroupRule_egress(t *testing.T) {
105+
func TestAccTencentCloudSecurityGroupRuleResource_egress(t *testing.T) {
67106
t.Parallel()
68107
var sgrId string
69108

@@ -88,7 +127,7 @@ func TestAccTencentCloudSecurityGroupRule_egress(t *testing.T) {
88127
})
89128
}
90129

91-
func TestAccTencentCloudSecurityGroupRule_sourcesgid(t *testing.T) {
130+
func TestAccTencentCloudSecurityGroupRuleResource_sourcesgid(t *testing.T) {
92131
t.Parallel()
93132
var sgrId string
94133

@@ -112,7 +151,7 @@ func TestAccTencentCloudSecurityGroupRule_sourcesgid(t *testing.T) {
112151
})
113152
}
114153

115-
func TestAccTencentCloudSecurityGroupRule_allDrop(t *testing.T) {
154+
func TestAccTencentCloudSecurityGroupRuleResource_allDrop(t *testing.T) {
116155
t.Parallel()
117156
var sgrId string
118157

@@ -136,7 +175,7 @@ func TestAccTencentCloudSecurityGroupRule_allDrop(t *testing.T) {
136175
})
137176
}
138177

139-
func TestAccTencentCloudSecurityGroupRule_addressTemplate(t *testing.T) {
178+
func TestAccTencentCloudSecurityGroupRuleResource_addressTemplate(t *testing.T) {
140179
t.Parallel()
141180
var sgrId string
142181
resource.Test(t, resource.TestCase{
@@ -167,7 +206,7 @@ func TestAccTencentCloudSecurityGroupRule_addressTemplate(t *testing.T) {
167206
})
168207
}
169208

170-
func TestAccTencentCloudSecurityGroupRule_protocolTemplate(t *testing.T) {
209+
func TestAccTencentCloudSecurityGroupRuleResource_protocolTemplate(t *testing.T) {
171210
t.Parallel()
172211
var sgrId string
173212
resource.Test(t, resource.TestCase{
@@ -264,6 +303,43 @@ resource "tencentcloud_security_group_rule" "http-in" {
264303
}
265304
`
266305

306+
const testAccSecurityGroupRuleConfigMulti = `
307+
resource "tencentcloud_security_group" "foo" {
308+
name = "ci-temp-test-sg"
309+
description = "ci-temp-test-sg"
310+
}
311+
312+
resource "tencentcloud_security_group_rule" "http-in1" {
313+
security_group_id = tencentcloud_security_group.foo.id
314+
type = "ingress"
315+
cidr_ip = "1.1.1.1"
316+
ip_protocol = "tcp"
317+
port_range = "80,8080"
318+
policy = "accept"
319+
policy_index = 0
320+
}
321+
322+
resource "tencentcloud_security_group_rule" "http-in2" {
323+
security_group_id = tencentcloud_security_group.foo.id
324+
type = "ingress"
325+
cidr_ip = "2.2.2.2"
326+
ip_protocol = "tcp"
327+
port_range = "80,8080"
328+
policy = "accept"
329+
policy_index = 0
330+
}
331+
332+
resource "tencentcloud_security_group_rule" "http-in3" {
333+
security_group_id = tencentcloud_security_group.foo.id
334+
type = "ingress"
335+
cidr_ip = "3.3.3.3"
336+
ip_protocol = "tcp"
337+
port_range = "80,8080"
338+
policy = "accept"
339+
policy_index = 0
340+
}
341+
`
342+
267343
const testAccSecurityGroupRuleConfigSSH = `
268344
resource "tencentcloud_security_group" "foo" {
269345
name = "ci-temp-test-sg"
@@ -340,7 +416,7 @@ resource "tencentcloud_security_group" "foo" {
340416
341417
resource "tencentcloud_address_template" "templateB" {
342418
name = "testB"
343-
addresses = ["1.1.1.1/24", "1.1.1.0-1.1.1.1"]
419+
addresses = ["1.1.1.0/24", "1.1.1.0-1.1.1.1"]
344420
}
345421
346422
resource "tencentcloud_address_template_group" "group"{

0 commit comments

Comments
 (0)