From 5008e199c85bd8dc1e592ddb00475734fa15cc13 Mon Sep 17 00:00:00 2001 From: Zack Elliott Date: Fri, 30 Sep 2022 15:30:58 -0500 Subject: [PATCH 1/4] Throw error if we get an error from go, otherwise check the exists field --- resource_alks_iamrole.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/resource_alks_iamrole.go b/resource_alks_iamrole.go index 6844565b..20de4436 100644 --- a/resource_alks_iamrole.go +++ b/resource_alks_iamrole.go @@ -195,6 +195,11 @@ func resourceAlksIamRoleRead(ctx context.Context, d *schema.ResourceData, meta i foundRole, err := client.GetIamRole(d.Id()) if err != nil { + d.SetId("") + return diag.FromErr(err) + } + + if foundRole.Exists != true { d.SetId("") return nil } From 26b1e2a37575ff8e3a7b7933b6cd6fda0c761c54 Mon Sep 17 00:00:00 2001 From: Zack Elliott Date: Mon, 3 Oct 2022 16:25:23 -0500 Subject: [PATCH 2/4] update go client and change the way role not found returns --- docs/guides/local_installation.md | 8 +- go.mod | 2 +- go.sum | 2 + .../github.com/Cox-Automotive/alks-go/api.go | 26 ++ .../Cox-Automotive/alks-go/iam_ltk.go | 104 +++++++ .../Cox-Automotive/alks-go/iam_role.go | 259 ++++++++++++++++-- .../Cox-Automotive/alks-go/is_iam_enabled.go | 26 ++ .../Cox-Automotive/alks-go/login_role.go | 52 ++++ vendor/modules.txt | 2 +- 9 files changed, 457 insertions(+), 24 deletions(-) diff --git a/docs/guides/local_installation.md b/docs/guides/local_installation.md index 59d1e57c..8f13c224 100644 --- a/docs/guides/local_installation.md +++ b/docs/guides/local_installation.md @@ -47,11 +47,11 @@ mkdir -p ~/.terraform.d/plugins && **One-liner download for macOS / Linux:** ```sh -mkdir -p ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.0.5/darwin_amd64 && +mkdir -p ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.6.0/darwin_amd64 && curl -Ls https://api.github.com/repos/Cox-Automotive/terraform-provider-alks/releases | jq -r --arg release "v2.5.1" --arg arch "$(uname -s | tr A-Z a-z)" '.[] | select(.tag_name | contains($release)) | .assets[]| select(.browser_download_url | contains($arch)) | select(.browser_download_url | contains("amd64")) | .browser_download_url' | - xargs -n 1 curl -Lo ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.0.5/darwin_amd64/terraform-provider-alks.zip && - pushd ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.0.5/darwin_amd64 && - unzip ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.0.5/darwin_amd64/terraform-provider-alks.zip -d terraform-provider-alks-tmp && + xargs -n 1 curl -Lo ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.6.0/darwin_amd64/terraform-provider-alks.zip && + pushd ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.6.0/darwin_amd64 && + unzip ~/.terraform.d/plugins/Cox-Automotive/engineering-enablement/alks/2.6.0/darwin_amd64/terraform-provider-alks.zip -d terraform-provider-alks-tmp && mv terraform-provider-alks-tmp/terraform-provider-alks* . && chmod +x terraform-provider-alks* && rm -rf terraform-provider-alks-tmp && diff --git a/go.mod b/go.mod index eeea7c67..f1689ff0 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/Cox-Automotive/terraform-provider-alks go 1.18 require ( - github.com/Cox-Automotive/alks-go v0.0.0-20220819173421-e4df7b313407 + github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72 github.com/aws/aws-sdk-go v1.31.15 github.com/hashicorp/terraform-plugin-sdk/v2 v2.21.0 github.com/mitchellh/go-homedir v1.1.0 diff --git a/go.sum b/go.sum index 07e2995c..5aa2f32d 100644 --- a/go.sum +++ b/go.sum @@ -3,6 +3,8 @@ cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMT github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= github.com/Cox-Automotive/alks-go v0.0.0-20220819173421-e4df7b313407 h1:3vsLn/7axoDZXlseWBXghb5YZemEtevxJ3hopeOa8Pk= github.com/Cox-Automotive/alks-go v0.0.0-20220819173421-e4df7b313407/go.mod h1:jJNgXthl59Vt2tJHSC3WZ0vlopV9xqdclfQuLgwHjOw= +github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72 h1:tubP3IYGKaOLYJTLiUzQ6naXAwyWN21GUOB6bML4+6Y= +github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72/go.mod h1:jJNgXthl59Vt2tJHSC3WZ0vlopV9xqdclfQuLgwHjOw= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk= github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= diff --git a/vendor/github.com/Cox-Automotive/alks-go/api.go b/vendor/github.com/Cox-Automotive/alks-go/api.go index fea535c0..df51b3ab 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/api.go +++ b/vendor/github.com/Cox-Automotive/alks-go/api.go @@ -189,6 +189,32 @@ func (c *Client) Durations() ([]int, error) { return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + durationErr := new(AlksError) + err = decodeBody(resp, &durationErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if durationErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, durationErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, durationErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + lrr := new(LoginRoleResponse) err = decodeBody(resp, &lrr) if err != nil { diff --git a/vendor/github.com/Cox-Automotive/alks-go/iam_ltk.go b/vendor/github.com/Cox-Automotive/alks-go/iam_ltk.go index 0739b123..f08688e0 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/iam_ltk.go +++ b/vendor/github.com/Cox-Automotive/alks-go/iam_ltk.go @@ -89,6 +89,32 @@ func (c *Client) GetLongTermKeys() (*GetLongTermKeysResponse, error) { return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + keyErr := new(AlksError) + err = decodeBody(resp, &keyErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if keyErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, keyErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, keyErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + cr := new(GetLongTermKeysResponse) err = decodeBody(resp, &cr) @@ -140,6 +166,32 @@ func (c *Client) GetLongTermKey(iamUsername string) (*GetLongTermKeyResponse, er return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + keyErr := new(AlksError) + err = decodeBody(resp, &keyErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if keyErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, keyErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, keyErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + cr := new(GetLongTermKeyResponse) err = decodeBody(resp, &cr) @@ -182,6 +234,32 @@ func (c *Client) CreateLongTermKey(iamUsername string) (*CreateLongTermKeyRespon return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + keyErr := new(AlksError) + err = decodeBody(resp, &keyErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if keyErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, keyErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, keyErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + cr := new(CreateLongTermKeyResponse) err = decodeBody(resp, &cr) @@ -226,6 +304,32 @@ func (c *Client) DeleteLongTermKey(iamUsername string) (*DeleteLongTermKeyRespon return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + keyErr := new(AlksError) + err = decodeBody(resp, &keyErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if keyErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, keyErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, keyErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + cr := new(DeleteLongTermKeyResponse) err = decodeBody(resp, &cr) diff --git a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go index 08cae73d..46bd6c38 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go +++ b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go @@ -14,6 +14,19 @@ type Tag struct { Value string `json:"value"` } +type AlksError struct { + StatusMessage string `json:"statusMessage"` + Errors []string `json:"errors"` + RequestId string `json:"requestId"` +} + +var ErrorStringFull = "[%s] ALKS Error %d Msg: %s\n Contact the ALKS Team for assistance on Slack at #alks-client-support" +var ErrorStringNoReqId = "ALKS Error %d Msg: %s\n Contact the ALKS Team for assistance on Slack at #alks-client-support" +var ErrorStringOnlyCodeAndReqId = "[%s] ALKS Error %d\n Contact the ALKS Team for assistance on Slack at #alks-client-support" +var ErrorStringOnlyCode = "ALKS Error %d\n Contact the ALKS Team for assistance on Slack at #alks-client-support" +var ParseErrorReqId = "[%s] Error parsing ALKS Error response: %s" +var ParseError = "Error parsing ALKS Error response: %s" + type CreateIamRoleOptions struct { RoleName *string RoleType *string @@ -205,6 +218,31 @@ func (c *Client) CreateIamRole(options *CreateIamRoleOptions) (*IamRoleResponse, if err != nil { return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + createErr := new(AlksError) + err = decodeBody(resp, &createErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if createErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, createErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, createErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } cr := new(IamRoleResponse) err = decodeBody(resp, &cr) @@ -248,6 +286,33 @@ func (c *Client) CreateIamTrustRole(options *CreateIamRoleOptions) (*IamRoleResp return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + trustErr := new(AlksError) + err = decodeBody(resp, &trustErr) + + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if trustErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, trustErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, trustErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + cr := new(IamRoleResponse) err = decodeBody(resp, &cr) @@ -285,33 +350,60 @@ type UpdateIamRoleResponse struct { /* UpdateIamRole adds resource tags to an existing IAM role. */ func (c *Client) UpdateIamRole(options *UpdateIamRoleRequest) (*UpdateIamRoleResponse, error) { - if e := options.updateIamRoleValidate(); e != nil { - return nil, e + if err := options.updateIamRoleValidate(); err != nil { + return nil, err } log.Printf("[INFO] update IAM role %s with Tags: %v", *options.RoleName, *options.Tags) - b, e := json.Marshal(struct { + b, err := json.Marshal(struct { UpdateIamRoleRequest AccountDetails }{*options, c.AccountDetails}) - if e != nil { - return nil, e + if err != nil { + return nil, err } - req, e := c.NewRequest(b, "PATCH", "/role/") - if e != nil { - return nil, e + req, err := c.NewRequest(b, "PATCH", "/role/") + if err != nil { + return nil, err } - resp, e := c.http.Do(req) - if e != nil { - return nil, e + resp, err := c.http.Do(req) + if err != nil { + return nil, err + } + + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + updateErr := new(AlksError) + err = decodeBody(resp, &updateErr) + + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if updateErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, updateErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, updateErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) } respObj := &UpdateIamRoleResponse{} - if e = decodeBody(resp, respObj); e != nil { + if err = decodeBody(resp, respObj); err != nil { if reqID := GetRequestID(resp); reqID != "" { - return nil, fmt.Errorf("error parsing update role response: [%s] %s", reqID, e) + return nil, fmt.Errorf("error parsing update role response: [%s] %s", reqID, err) } - return nil, fmt.Errorf("error parsing update role response: %s", e) + return nil, fmt.Errorf("error parsing update role response: %s", err) } if respObj.RequestFailed() { return nil, fmt.Errorf("error from update IAM role request: [%s] %s", respObj.RequestID, strings.Join(respObj.GetErrors(), ", ")) @@ -356,6 +448,33 @@ func (c *Client) DeleteIamRole(id string) error { return err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + delErr := new(AlksError) + err = decodeBody(resp, &delErr) + + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return fmt.Errorf(ParseError, err) + } + + if delErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, delErr.Errors) + } + + return fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, delErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + del := new(DeleteRoleResponse) err = decodeBody(resp, &del) @@ -402,6 +521,33 @@ func (c *Client) GetIamRole(roleName string) (*GetIamRoleResponse, error) { return nil, err } + if (resp.StatusCode < 200 || resp.StatusCode >= 300) && resp.StatusCode != 404 { + getErr := new(AlksError) + err = decodeBody(resp, &getErr) + + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if getErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, getErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, getErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + cr := new(GetIamRoleResponse) err = decodeBody(resp, &cr) @@ -417,10 +563,6 @@ func (c *Client) GetIamRole(roleName string) (*GetIamRoleResponse, error) { return nil, fmt.Errorf("Error getting role: [%s] %s", cr.BaseResponse.RequestID, strings.Join(cr.GetErrors(), ", ")) } - if !cr.Exists { - return nil, fmt.Errorf("[%s] Role does not exist", cr.BaseResponse.RequestID) - } - // This is here because ALKS returns a string representation of a Java array // with the only entry being the instance profile ARN (ie: "[\"ARN\"]") // A simple regex fixes the formatting issue and using existing instance @@ -461,6 +603,33 @@ func (c *Client) AddRoleMachineIdentity(roleARN string) (*MachineIdentityRespons return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + addErr := new(AlksError) + err = decodeBody(resp, &addErr) + + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if addErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, addErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, addErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + cr := new(MachineIdentityResponse) err = decodeBody(resp, &cr) @@ -503,6 +672,33 @@ func (c *Client) DeleteRoleMachineIdentity(roleARN string) (*MachineIdentityResp return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + delErr := new(AlksError) + err = decodeBody(resp, &delErr) + + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if delErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, delErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, delErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + dr := new(MachineIdentityResponse) err = decodeBody(resp, &dr) @@ -545,6 +741,33 @@ func (c *Client) SearchRoleMachineIdentity(roleARN string) (*MachineIdentityResp return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + searchErr := new(AlksError) + err = decodeBody(resp, &searchErr) + + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if searchErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf("[%s] ALKS Error Code: %d Msg: %s\n Contact the ALKS Team for assistance on Slack at #alks-client-support", reqID, resp.StatusCode, searchErr.Errors) + } + + return nil, fmt.Errorf("ALKS Error Code: %d Msg: %s\n Contact the ALKS Team for assistance on Slack at #alks-client-support", resp.StatusCode, searchErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + sr := new(MachineIdentityResponse) err = decodeBody(resp, &sr) diff --git a/vendor/github.com/Cox-Automotive/alks-go/is_iam_enabled.go b/vendor/github.com/Cox-Automotive/alks-go/is_iam_enabled.go index b5d1ed85..205b869a 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/is_iam_enabled.go +++ b/vendor/github.com/Cox-Automotive/alks-go/is_iam_enabled.go @@ -50,6 +50,32 @@ func (c *Client) IsIamEnabled(roleArn string) (*IsIamEnabledResponse, error) { return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + iamErr := new(AlksError) + err = decodeBody(resp, &iamErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if iamErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, iamErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, iamErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + validate := new(IsIamEnabledResponse) err = decodeBody(resp, validate) diff --git a/vendor/github.com/Cox-Automotive/alks-go/login_role.go b/vendor/github.com/Cox-Automotive/alks-go/login_role.go index 408c58a3..03ccc7c8 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/login_role.go +++ b/vendor/github.com/Cox-Automotive/alks-go/login_role.go @@ -24,6 +24,32 @@ func (c *Client) GetMyLoginRole() (*LoginRoleResponse, error) { return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + loginErr := new(AlksError) + err = decodeBody(resp, &loginErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if loginErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, loginErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, loginErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + lrr := new(LoginRoleResponse) err = decodeBody(resp, &lrr) if err != nil { @@ -71,6 +97,32 @@ func (c *Client) GetLoginRole() (*LoginRoleResponse, error) { return nil, err } + if resp.StatusCode < 200 || resp.StatusCode >= 300 { + loginErr := new(AlksError) + err = decodeBody(resp, &loginErr) + if err != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ParseErrorReqId, reqID, err) + } + + return nil, fmt.Errorf(ParseError, err) + } + + if loginErr.Errors != nil { + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringFull, reqID, resp.StatusCode, loginErr.Errors) + } + + return nil, fmt.Errorf(ErrorStringNoReqId, resp.StatusCode, loginErr.Errors) + } + + if reqID := GetRequestID(resp); reqID != "" { + return nil, fmt.Errorf(ErrorStringOnlyCodeAndReqId, reqID, resp.StatusCode) + } + + return nil, fmt.Errorf(ErrorStringOnlyCode, resp.StatusCode) + } + lrr := new(LoginRoleResponse) err = decodeBody(resp, &lrr) if err != nil { diff --git a/vendor/modules.txt b/vendor/modules.txt index 2851a720..b81c3615 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1,4 +1,4 @@ -# github.com/Cox-Automotive/alks-go v0.0.0-20220819173421-e4df7b313407 +# github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72 ## explicit; go 1.16 github.com/Cox-Automotive/alks-go # github.com/agext/levenshtein v1.2.2 From 793ea4cea0de793aae14fd9991d3c9551579d065 Mon Sep 17 00:00:00 2001 From: Zack Elliott Date: Tue, 4 Oct 2022 16:32:34 -0500 Subject: [PATCH 3/4] Update functionality of 404 responses from alks --- go.mod | 2 +- go.sum | 2 ++ resource_alks_iamrole.go | 14 +++++++++----- resource_alks_iamrole_test.go | 5 ++++- .../github.com/Cox-Automotive/alks-go/iam_role.go | 3 +++ vendor/modules.txt | 2 +- 6 files changed, 20 insertions(+), 8 deletions(-) diff --git a/go.mod b/go.mod index f1689ff0..cbb0dc91 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/Cox-Automotive/terraform-provider-alks go 1.18 require ( - github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72 + github.com/Cox-Automotive/alks-go v0.0.0-20221004204541-a25fb5c4f655 github.com/aws/aws-sdk-go v1.31.15 github.com/hashicorp/terraform-plugin-sdk/v2 v2.21.0 github.com/mitchellh/go-homedir v1.1.0 diff --git a/go.sum b/go.sum index 5aa2f32d..cdc2e497 100644 --- a/go.sum +++ b/go.sum @@ -5,6 +5,8 @@ github.com/Cox-Automotive/alks-go v0.0.0-20220819173421-e4df7b313407 h1:3vsLn/7a github.com/Cox-Automotive/alks-go v0.0.0-20220819173421-e4df7b313407/go.mod h1:jJNgXthl59Vt2tJHSC3WZ0vlopV9xqdclfQuLgwHjOw= github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72 h1:tubP3IYGKaOLYJTLiUzQ6naXAwyWN21GUOB6bML4+6Y= github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72/go.mod h1:jJNgXthl59Vt2tJHSC3WZ0vlopV9xqdclfQuLgwHjOw= +github.com/Cox-Automotive/alks-go v0.0.0-20221004204541-a25fb5c4f655 h1:akQkFItS/++rMakX7rbK70ouYTG0Q6vxUqxvfzBZ9Wg= +github.com/Cox-Automotive/alks-go v0.0.0-20221004204541-a25fb5c4f655/go.mod h1:jJNgXthl59Vt2tJHSC3WZ0vlopV9xqdclfQuLgwHjOw= github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA= github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk= github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0= diff --git a/resource_alks_iamrole.go b/resource_alks_iamrole.go index 20de4436..0ee98476 100644 --- a/resource_alks_iamrole.go +++ b/resource_alks_iamrole.go @@ -195,15 +195,19 @@ func resourceAlksIamRoleRead(ctx context.Context, d *schema.ResourceData, meta i foundRole, err := client.GetIamRole(d.Id()) if err != nil { + // If 404 Role not found error, an error and a role with Exists field set to false will come back from alks-go + // We will log ther error and set id to "" and return nil, letting terraform decide how to handle role not found. + if foundRole != nil { + if foundRole.Exists != true { + log.Printf("[Error] %#v", err) + d.SetId("") + return nil + } + } d.SetId("") return diag.FromErr(err) } - if foundRole.Exists != true { - d.SetId("") - return nil - } - log.Printf("[INFO] alks_iamrole.id %v", d.Id()) _ = d.Set("name", foundRole.RoleName) diff --git a/resource_alks_iamrole_test.go b/resource_alks_iamrole_test.go index be14d737..aa4bfe1a 100644 --- a/resource_alks_iamrole_test.go +++ b/resource_alks_iamrole_test.go @@ -448,7 +448,10 @@ func testAccCheckAlksIamRoleDestroy(role *alks.IamRoleResponse) resource.TestChe respz, err := client.GetIamRole(rs.Primary.ID) if respz != nil { - return fmt.Errorf("Role still exists: %#v (%v)", respz, err) + if respz.Exists == true { + return fmt.Errorf("Role still exists: %#v (%v)", respz, err) + } + } } diff --git a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go index 46bd6c38..8f64c266 100644 --- a/vendor/github.com/Cox-Automotive/alks-go/iam_role.go +++ b/vendor/github.com/Cox-Automotive/alks-go/iam_role.go @@ -560,6 +560,9 @@ func (c *Client) GetIamRole(roleName string) (*GetIamRoleResponse, error) { } if cr.RequestFailed() { + if resp.StatusCode == 404 { + return cr, fmt.Errorf("Error getting role: [%s] %s", cr.BaseResponse.RequestID, strings.Join(cr.GetErrors(), ", ")) + } return nil, fmt.Errorf("Error getting role: [%s] %s", cr.BaseResponse.RequestID, strings.Join(cr.GetErrors(), ", ")) } diff --git a/vendor/modules.txt b/vendor/modules.txt index b81c3615..acca1862 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1,4 +1,4 @@ -# github.com/Cox-Automotive/alks-go v0.0.0-20221003153830-68567ef62d72 +# github.com/Cox-Automotive/alks-go v0.0.0-20221004204541-a25fb5c4f655 ## explicit; go 1.16 github.com/Cox-Automotive/alks-go # github.com/agext/levenshtein v1.2.2 From 14e4cfb40584a735cf62aa7714ba987d8b1b84ff Mon Sep 17 00:00:00 2001 From: Zack Elliott Date: Tue, 4 Oct 2022 17:04:12 -0500 Subject: [PATCH 4/4] Fix format string --- resource_alks_iamrole.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resource_alks_iamrole.go b/resource_alks_iamrole.go index 0ee98476..8a838a5f 100644 --- a/resource_alks_iamrole.go +++ b/resource_alks_iamrole.go @@ -199,7 +199,7 @@ func resourceAlksIamRoleRead(ctx context.Context, d *schema.ResourceData, meta i // We will log ther error and set id to "" and return nil, letting terraform decide how to handle role not found. if foundRole != nil { if foundRole.Exists != true { - log.Printf("[Error] %#v", err) + log.Printf("[Error] %s", err) d.SetId("") return nil }