provider/openstack: Safe SecGroup Delete

This commit enables security groups to be deleted in a safe way by checking their state over a period of time. This fixes occurrences when the API says the instance is deleted but it is still in the process of being deleted by OpenStack and thus the security group returns an error saying that there are still instances attached to the group.
2015-07-16 03:26:41 +00:00 · 2015-07-16 03:26:41 +00:00 · c4c480bb92
parent fd8dba4827
commit c4c480bb92
1 changed files with 38 additions and 1 deletions
--- a/builtin/providers/openstack/resource_openstack_compute_secgroup_v2.go
+++ b/builtin/providers/openstack/resource_openstack_compute_secgroup_v2.go
@ -4,8 +4,10 @@ import (
 	"bytes"
 	"fmt"
 	"log"
+	"time"

 	"github.com/hashicorp/terraform/helper/hashcode"
+	"github.com/hashicorp/terraform/helper/resource"
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/rackspace/gophercloud"
 	"github.com/rackspace/gophercloud/openstack/compute/v2/extensions/secgroups"
@ -210,10 +212,20 @@ func resourceComputeSecGroupV2Delete(d *schema.ResourceData, meta interface{}) e
 		return fmt.Errorf("Error creating OpenStack compute client: %s", err)
 	}

-	err = secgroups.Delete(computeClient, d.Id()).ExtractErr()
+	stateConf := &resource.StateChangeConf{
+		Pending:    []string{"ACTIVE"},
+		Target:     "DELETED",
+		Refresh:    SecGroupV2StateRefreshFunc(computeClient, d),
+		Timeout:    10 * time.Minute,
+		Delay:      10 * time.Second,
+		MinTimeout: 3 * time.Second,
+	}
+
+	_, err = stateConf.WaitForState()
 	if err != nil {
 		return fmt.Errorf("Error deleting OpenStack security group: %s", err)
 	}
+
 	d.SetId("")
 	return nil
 }
@ -292,3 +304,28 @@ func secgroupRuleV2Hash(v interface{}) int {

 	return hashcode.String(buf.String())
 }
+
+func SecGroupV2StateRefreshFunc(computeClient *gophercloud.ServiceClient, d *schema.ResourceData) resource.StateRefreshFunc {
+	return func() (interface{}, string, error) {
+		log.Printf("[DEBUG] Attempting to delete Security Group %s.\n", d.Id())
+
+		err := secgroups.Delete(computeClient, d.Id()).ExtractErr()
+		if err != nil {
+			return nil, "", err
+		}
+
+		s, err := secgroups.Get(computeClient, d.Id()).Extract()
+		if err != nil {
+			err = CheckDeleted(d, err, "Security Group")
+			if err != nil {
+				return s, "", err
+			} else {
+				log.Printf("[DEBUG] Successfully deleted Security Group %s", d.Id())
+				return s, "DELETED", nil
+			}
+		}
+
+		log.Printf("[DEBUG] Security Group %s still active.\n", d.Id())
+		return s, "ACTIVE", nil
+	}
+}