Merge pull request #500 from brickzzhang/master

ccn forcenew issue when repeatly apply

Author: gailwang

CHANGELOG.md

@@ -1,4 +1,10 @@
 ## 1.41.1 (Unreleased)
+
+BUG FIXES:
+
+* Resource: `tencentcloud_vpn_gateway` fix force new issue when apply repeatedly.
+* Resource: `tencentcloud_vpn_connection` fix force new issue when apply repeatedly.
+
 ## 1.41.0 (August 17, 2020)
 
 FEATURES:

tencentcloud/resource_tc_vpn_connection.go

@@ -76,11 +76,22 @@ func resourceTencentCloudVpnConnection() *schema.Resource {
 				Description:  "Name of the VPN connection. The length of character is limited to 1-60.",
 			},
 			"vpc_id": {
-				Type:        schema.TypeString,
-				Optional:    true,
-				ForceNew:    true,
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if v, ok := d.GetOk("is_ccn_type"); ok && v.(bool) {
+						return true
+					}
+					return old == new
+				},
 				Description: "ID of the VPC. Required if vpn gateway is not in `CCN` type, and doesn't make sense for `CCN` vpn gateway.",
 			},
+			"is_ccn_type": {
+				Type:        schema.TypeBool,
+				Computed:    true,
+				Description: "Indicate whether is ccn type. Modification of this field only impacts force new logic of `vpc_id`. If `is_ccn_type` is true, modification of `vpc_id` will be ignored.",
+			},
 			"customer_gateway_id": {
 				Type:        schema.TypeString,
 				Required:    true,
@@ -274,38 +285,21 @@ func resourceTencentCloudVpnConnection() *schema.Resource {
 func resourceTencentCloudVpnConnectionCreate(d *schema.ResourceData, meta interface{}) error {
 	defer logElapsed("resource.tencentcloud_vpn_connection.create")()
 
-	logId := getLogId(contextNil)
-	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+	var (
+		logId   = getLogId(contextNil)
+		ctx     = context.WithValue(context.TODO(), logIdKey, logId)
+		service = VpcService{client: meta.(*TencentCloudClient).apiV3Conn}
+	)
 
 	// pre check vpn gateway id
-	requestVpngw := vpc.NewDescribeVpnGatewaysRequest()
-	requestVpngw.VpnGatewayIds = []*string{helper.String(d.Get("vpn_gateway_id").(string))}
-	var responseVpngw *vpc.DescribeVpnGatewaysResponse
-	err := resource.Retry(readRetryTimeout, func() *resource.RetryError {
-		result, e := meta.(*TencentCloudClient).apiV3Conn.UseVpcClient().DescribeVpnGateways(requestVpngw)
-		if e != nil {
-			ee, ok := e.(*errors.TencentCloudSDKError)
-			if !ok {
-				return retryError(e)
-			}
-			if ee.Code == VPCNotFound {
-				return nil
-			} else {
-				return retryError(e)
-			}
-		}
-		responseVpngw = result
-		return nil
-	})
+	has, gateway, err := service.DescribeVpngwById(ctx, d.Get("vpn_gateway_id").(string))
 	if err != nil {
 		return err
 	}
-	if len(responseVpngw.Response.VpnGatewaySet) < 1 {
+	if !has {
 		return fmt.Errorf("[CRITAL] vpn_gateway_id %s doesn't exist", d.Get("vpn_gateway_id").(string))
 	}
 
-	gateway := responseVpngw.Response.VpnGatewaySet[0]
-
 	// create vpn connection
 	request := vpc.NewCreateVpnConnectionRequest()
 	request.VpnConnectionName = helper.String(d.Get("name").(string))
@@ -315,6 +309,9 @@ func resourceTencentCloudVpnConnectionCreate(d *schema.ResourceData, meta interf
 		}
 		request.VpcId = helper.String(d.Get("vpc_id").(string))
 	} else {
+		if _, ok := d.GetOk("vpc_id"); ok {
+			return fmt.Errorf("[CRITAL] vpc_id doesn't make sense when vpn gateway is in CCN type")
+		}
 		request.VpcId = helper.String("")
 	}
 	request.VpnGatewayId = helper.String(d.Get("vpn_gateway_id").(string))
@@ -516,8 +513,11 @@ func resourceTencentCloudVpnConnectionRead(d *schema.ResourceData, meta interfac
 	defer logElapsed("resource.tencentcloud_vpn_connection.read")()
 	defer inconsistentCheck(d, meta)()
 
-	logId := getLogId(contextNil)
-	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+	var (
+		logId   = getLogId(contextNil)
+		ctx     = context.WithValue(context.TODO(), logIdKey, logId)
+		service = VpcService{client: meta.(*TencentCloudClient).apiV3Conn}
+	)
 
 	connectionId := d.Id()
 	request := vpc.NewDescribeVpnConnectionsRequest()
@@ -545,9 +545,24 @@ func resourceTencentCloudVpnConnectionRead(d *schema.ResourceData, meta interfac
 
 	connection := response.Response.VpnConnectionSet[0]
 	_ = d.Set("name", *connection.VpnConnectionName)
-	_ = d.Set("vpc_id", *connection.VpcId)
 	_ = d.Set("create_time", *connection.CreatedTime)
 	_ = d.Set("vpn_gateway_id", *connection.VpnGatewayId)
+
+	// get vpngw type
+	has, gateway, err := service.DescribeVpngwById(ctx, d.Get("vpn_gateway_id").(string))
+	if err != nil {
+		log.Printf("[CRITAL]%s read vpn_geteway failed, reason:%s\n", logId, err.Error())
+		return err
+	}
+	if !has {
+		return fmt.Errorf("[CRITAL] vpn_gateway_id %s doesn't exist", d.Get("vpn_gateway_id").(string))
+	}
+
+	if *gateway.Type != "CCN" {
+		_ = d.Set("vpc_id", *connection.VpcId)
+	}
+
+	_ = d.Set("is_ccn_type", *gateway.Type == "CCN")
 	_ = d.Set("customer_gateway_id", *connection.CustomerGatewayId)
 	_ = d.Set("pre_share_key", *connection.PreShareKey)
 	//set up SPD

tencentcloud/resource_tc_vpn_gateway.go

@@ -76,10 +76,16 @@ func resourceTencentCloudVpnGateway() *schema.Resource {
 				Description:  "Name of the VPN gateway. The length of character is limited to 1-60.",
 			},
 			"vpc_id": {
-				Type:        schema.TypeString,
-				Optional:    true,
-				ForceNew:    true,
-				Description: "ID of the VPC. Required if vpn gateway is not in `CCN` type, and doesn't make sense if vpn gateway is in `CCN` type.",
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+				DiffSuppressFunc: func(k, old, new string, d *schema.ResourceData) bool {
+					if v, ok := d.GetOk("type"); ok && v.(string) == "CCN" {
+						return true
+					}
+					return old == new
+				},
+				Description: "ID of the VPC. Required if vpn gateway is not in `CCN` type, and doesn't make sense for `CCN` vpn gateway.",
 			},
 			"bandwidth": {
 				Type:        schema.TypeInt,
@@ -191,6 +197,9 @@ func resourceTencentCloudVpnGatewayCreate(d *schema.ResourceData, meta interface
 			}
 			request.VpcId = helper.String(d.Get("vpc_id").(string))
 		} else {
+			if _, ok := d.GetOk("vpc_id"); ok {
+				return fmt.Errorf("[CRITAL] vpc_id doesn't make sense when vpn gateway is in CCN type")
+			}
 			request.VpcId = helper.String("")
 		}
 	} else {
@@ -267,44 +276,23 @@ func resourceTencentCloudVpnGatewayRead(d *schema.ResourceData, meta interface{}
 	defer logElapsed("resource.tencentcloud_vpn_gateway.read")()
 	defer inconsistentCheck(d, meta)()
 
-	logId := getLogId(contextNil)
-	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+	var (
+		logId     = getLogId(contextNil)
+		ctx       = context.WithValue(context.TODO(), logIdKey, logId)
+		service   = VpcService{client: meta.(*TencentCloudClient).apiV3Conn}
+		gatewayId = d.Id()
+	)
 
-	gatewayId := d.Id()
-	request := vpc.NewDescribeVpnGatewaysRequest()
-	request.VpnGatewayIds = []*string{&gatewayId}
-	var response *vpc.DescribeVpnGatewaysResponse
-	err := resource.Retry(readRetryTimeout, func() *resource.RetryError {
-		result, e := meta.(*TencentCloudClient).apiV3Conn.UseVpcClient().DescribeVpnGateways(request)
-		if e != nil {
-			ee, ok := e.(*errors.TencentCloudSDKError)
-			if !ok {
-				return retryError(e)
-			}
-			if ee.Code == VPCNotFound {
-				log.Printf("[CRITAL]%s api[%s] success, request body [%s], reason[%s]\n",
-					logId, request.GetAction(), request.ToJsonString(), e.Error())
-				return nil
-			} else {
-				log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%s]\n",
-					logId, request.GetAction(), request.ToJsonString(), e.Error())
-				return retryError(e)
-			}
-		}
-		response = result
-		return nil
-	})
+	has, gateway, err := service.DescribeVpngwById(ctx, gatewayId)
 	if err != nil {
 		log.Printf("[CRITAL]%s read VPN gateway failed, reason:%s\n", logId, err.Error())
 		return err
 	}
-	if len(response.Response.VpnGatewaySet) < 1 {
+	if !has {
 		d.SetId("")
 		return nil
 	}
 
-	gateway := response.Response.VpnGatewaySet[0]
-
 	_ = d.Set("name", gateway.VpnGatewayName)
 	_ = d.Set("public_ip_address", gateway.PublicIpAddress)
 	_ = d.Set("bandwidth", int(*gateway.InternetMaxBandwidthOut))

tencentcloud/service_tencentcloud_vpc.go

@@ -3221,3 +3221,39 @@ func (me *VpcService) DeleteAclAttachment(ctx context.Context, attachmentAcl str
 	}
 	return
 }
+
+func (me *VpcService) DescribeVpngwById(ctx context.Context, vpngwId string) (has bool, gateway *vpc.VpnGateway, err error) {
+	var (
+		logId    = getLogId(ctx)
+		request  = vpc.NewDescribeVpnGatewaysRequest()
+		response *vpc.DescribeVpnGatewaysResponse
+	)
+	request.VpnGatewayIds = []*string{&vpngwId}
+	err = resource.Retry(readRetryTimeout, func() *resource.RetryError {
+		response, err = me.client.UseVpcClient().DescribeVpnGateways(request)
+		if err != nil {
+			ee, ok := err.(*sdkErrors.TencentCloudSDKError)
+			if !ok {
+				return retryError(err)
+			}
+			if ee.Code == VPCNotFound {
+				return nil
+			} else {
+				return retryError(err)
+			}
+		}
+		return nil
+	})
+	if err != nil {
+		log.Printf("[CRITAL]%s api[%s] fail, request body [%s], reason[%v]", logId, request.GetAction(), request.ToJsonString(), err)
+		return
+	}
+	if len(response.Response.VpnGatewaySet) < 1 {
+		has = false
+		return
+	}
+
+	gateway = response.Response.VpnGatewaySet[0]
+	has = true
+	return
+}

website/docs/r/vpn_connection.html.markdown

@@ -85,6 +85,7 @@ In addition to all arguments above, the following attributes are exported:
 * `id` - ID of the resource.
 * `create_time` - Create time of the VPN connection.
 * `encrypt_proto` - Encrypt proto of the VPN connection.
+* `is_ccn_type` - Indicate whether is ccn type. Modification of this field only impacts force new logic of `vpc_id`. If `is_ccn_type` is true, modification of `vpc_id` will be ignored.
 * `net_status` - Net status of the VPN connection, values are `AVAILABLE`.
 * `route_type` - Route type of the VPN connection.
 * `state` - State of the connection, values are `PENDING`, `AVAILABLE`, `DELETING`.

website/docs/r/vpn_gateway.html.markdown

@@ -58,7 +58,7 @@ The following arguments are supported:
 * `prepaid_renew_flag` - (Optional) Flag indicates whether to renew or not, valid values are `NOTIFY_AND_RENEW`, `NOTIFY_AND_AUTO_RENEW`, `NOT_NOTIFY_AND_NOT_RENEW`. This para can only be set to take effect in create operation.
 * `tags` - (Optional) A list of tags used to associate different resources.
 * `type` - (Optional) Type of gateway instance, valid values are `IPSEC`, `SSL` and `CCN`. Note: CCN type is only for whitelist customer now.
-* `vpc_id` - (Optional, ForceNew) ID of the VPC. Required if vpn gateway is not in `CCN` type, and doesn't make sense if vpn gateway is in `CCN` type.
+* `vpc_id` - (Optional, ForceNew) ID of the VPC. Required if vpn gateway is not in `CCN` type, and doesn't make sense for `CCN` vpn gateway.
 
 ## Attributes Reference