Added WAF ACL Resource

[sharmaansh21]

No description provided.

[jen20]

Hi @optimisticanshul! This looks like a good start, but there are a couple of review comments inline. In addition, we'll need to add a couple of acceptance tests and documentation prior to being able to merge this - but I notice you have it marked as a WIP so this may be in progress. Thanks for opening a pull request early in your work!

[jen20]

Can this fail? We should probably not be ignoring this error.

[jen20]

If we assign this error we should also check it.

[sharmaansh21]

Updated.

[jen20]

We should likely test here for whether the return code is a 404-equivalent and remove from state rather than erroring out if that is the case - this allows for us to track ACLs removed via the console.

[sharmaansh21]

Updated in read func

[sharmaansh21]

@jen20 @radeksimko Ready for the review. I will squash the commits once review is done.

[sharmaansh21]

@stack72 bump

[stack72]

@optimisticanshul I have left a more indepth review of these now - sorry it took me so long. You can see the pattern I am following, please can you apply the same pattern to all of the resources (i only reviewed 2)

[stack72]

I don't believe we should do this - what is the WAFStateDataException?

[sharmaansh21]

@stack72 if i don't wait for sometime i get this exception because of ChangeToken: res.ChangeToken i am not sure how to handle in a better way.

WAFStaleDataException: The operation failed because you tried to create, update, or delete an object by using a change token that has already been used.

[stack72]

If there a chance that resp.IPSet can be nil? I think it would be worth checking for the nil response here to prevent any potential pointer deference errors

[sharmaansh21]

i don't think so it will be nil. Until/unless there is an error but in that case error is already handled

if err != nil {
    return err
 }

[stack72]

Are we guaranteed to have both of these values each time?

[sharmaansh21]

yes

[stack72]

I believe we should only do this when we detect d.HasChange("ip_set_descriptors")

[sharmaansh21]

No we can't reason behind it is because this method is used for deleting as well as updating and in deletion case there will be no change in ip_set_descriptors.

[stack72]

Again - we need to work out a better way of doing this than sleep

[stack72]

Is there a chance Rule can be nil? If so, we should guard against this being a dereferencing error

[sharmaansh21]

Already handle in that in err.

[stack72]

I think we should check for Rule being nil here before using it

[stack72]

No sleep please :)

[stack72]

No Sleep please :)

[stack72]

I think we need to check for change in the parameter before making a call to the API

[sharmaansh21]

To delete a rule we need to remove related dependencies. updateWafRuleResource is used for updating the resource as well as in deleting the resource. So we can't check for change.

[stack72]

@optimisticanshul thanks for this work so far - I feel we need to do a little more work here :)

[sharmaansh21]

@stack72 sure i will update 👍

[stack72]

ping @optimisticanshul :)

[sharmaansh21]

@stack72 I added/removed things that you asked wherever required, so now its ready for another review.

➜  terraform git:(waf-web-acl-resource) make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSWafWebAcl_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/09 00:17:36 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSWafWebAcl_ -timeout 120m
=== RUN   TestAccAWSWafWebAcl_basic
--- PASS: TestAccAWSWafWebAcl_basic (80.84s)
=== RUN   TestAccAWSWafWebAcl_disappears
--- PASS: TestAccAWSWafWebAcl_disappears (73.24s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    154.435s
➜  terraform git:(waf-web-acl-resource) make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSWafIPSet_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/09 00:21:08 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSWafIPSet_ -timeout 120m
=== RUN   TestAccAWSWafIPSet_basic
--- PASS: TestAccAWSWafIPSet_basic (39.85s)
=== RUN   TestAccAWSWafIPSet_disappears
--- PASS: TestAccAWSWafIPSet_disappears (38.94s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    79.205s
➜  terraform git:(waf-web-acl-resource) make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSWafRule_'
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/09 00:23:17 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSWafRule_ -timeout 120m
=== RUN   TestAccAWSWafRule_basic
--- PASS: TestAccAWSWafRule_basic (59.82s)
=== RUN   TestAccAWSWafRule_disappears
--- PASS: TestAccAWSWafRule_disappears (54.15s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    114.314s

[stack72]

Hi @optimisticanshul

Sorry i didn't get back to you on this sooner - i have been away. So the changes you had made look good. I think it needs 1 more thing - a test in each resource for Update. I can't see any testing of the Update funcs. Can you add something there?

P.

[sharmaansh21]

Sure

On Wed 26 Oct, 2016, 2:30 PM Paul Stack, [email protected] wrote:

Hi @optimisticanshul https://github.com/optimisticanshul

Sorry i didn't get back to you on this sooner - i have been away. So the
changes you had made look good. I think it needs 1 more thing - a test in
each resource for Update. I can't see any testing of the Update funcs. Can
you add something there?

P.

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#8852 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AEViYYx6fp4gnKi53RXmKMsAsGATOCGQks5q3xaigaJpZM4J9uFx
.

Sent From Handheld Device, Ignore Typos.

[sharmaansh21]

@stack72 Hi ready for another review added update test cases 👍

[stack72]

@optimisticanshul this now LGTM! The tests are green :) I thank you for all the work here!

% make testacc TEST=./builtin/providers/aws TESTARGS='-run=TestAccAWSWaf'                                                                    ✭
==> Checking that code complies with gofmt requirements...
go generate $(go list ./... | grep -v /terraform/vendor/)
2016/10/27 12:47:31 Generated command/internal_plugin_list.go
TF_ACC=1 go test ./builtin/providers/aws -v -run=TestAccAWSWaf -timeout 120m
=== RUN   TestAccAWSWafIPSet_basic
--- PASS: TestAccAWSWafIPSet_basic (20.35s)
=== RUN   TestAccAWSWafIPSet_disappears
--- PASS: TestAccAWSWafIPSet_disappears (19.28s)
=== RUN   TestAccAWSWafIPSet_changeNameForceNew
--- PASS: TestAccAWSWafIPSet_changeNameForceNew (36.49s)
=== RUN   TestAccAWSWafRule_basic
--- PASS: TestAccAWSWafRule_basic (28.66s)
=== RUN   TestAccAWSWafRule_changeNameForceNew
--- PASS: TestAccAWSWafRule_changeNameForceNew (51.76s)
=== RUN   TestAccAWSWafRule_disappears
--- PASS: TestAccAWSWafRule_disappears (27.13s)
=== RUN   TestAccAWSWafWebAcl_basic
--- PASS: TestAccAWSWafWebAcl_basic (37.73s)
=== RUN   TestAccAWSWafWebAcl_changeNameForceNew
--- PASS: TestAccAWSWafWebAcl_changeNameForceNew (69.12s)
=== RUN   TestAccAWSWafWebAcl_changeDefaultAction
--- PASS: TestAccAWSWafWebAcl_changeDefaultAction (68.67s)
=== RUN   TestAccAWSWafWebAcl_disappears
--- PASS: TestAccAWSWafWebAcl_disappears (35.67s)
PASS
ok      github.com/hashicorp/terraform/builtin/providers/aws    394.881s

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.