From 8296e9e60eb617ca2941c3d4c342b5ea7ff65eb1 Mon Sep 17 00:00:00 2001 From: samir-cit Date: Tue, 7 Jan 2025 13:07:15 -0300 Subject: [PATCH 01/10] Add sleep after delete and multiple rules test --- .../GatewaySecurityPolicyRule.yaml | 1 + ...urity_gateway_security_policy_rule_test.go | 64 +++++++++++++++++++ 2 files changed, 65 insertions(+) diff --git a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml index 126fc21bf333..5abd1c278f55 100644 --- a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml +++ b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml @@ -44,6 +44,7 @@ async: result: resource_inside_response: false custom_code: + post_delete: 'templates/terraform/post_delete/sleep.go.tmpl' examples: - name: 'network_security_gateway_security_policy_rules_basic' primary_resource_id: 'default' diff --git a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go index 7fec9459f1e6..f70333f9e64a 100644 --- a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go +++ b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go @@ -48,6 +48,35 @@ func TestAccNetworkSecurityGatewaySecurityPolicyRule_update(t *testing.T) { }) } +func TestAccNetworkSecurityGatewaySecurityPolicyRule_multiple(t *testing.T) { + t.Parallel() + + context := map[string]interface{}{ + "random_suffix": acctest.RandString(t, 10), + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + CheckDestroy: testAccCheckNetworkSecurityGatewaySecurityPolicyRuleDestroyProducer(t), + Steps: []resource.TestStep{ + { + Config: testAccNetworkSecurityGatewaySecurityPolicyRule_multiple(context), + }, + { + ResourceName: "google_network_security_gateway_security_policy_rule.rule1", + ImportState: true, + ImportStateVerify: true, + }, + { + ResourceName: "google_network_security_gateway_security_policy_rule.rule2", + ImportState: true, + ImportStateVerify: true, + }, + }, + }) +} + func testAccNetworkSecurityGatewaySecurityPolicyRule_basic(gatewaySecurityPolicyName, gatewaySecurityPolicyRuleName string) string { return fmt.Sprintf(` resource "google_network_security_gateway_security_policy" "default" { @@ -92,3 +121,38 @@ resource "google_network_security_gateway_security_policy_rule" "foobar" { } `, gatewaySecurityPolicyName, gatewaySecurityPolicyRuleName) } + +func testAccNetworkSecurityGatewaySecurityPolicyRule_multiple(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_network_security_gateway_security_policy" "default" { + name = "tf-test-gateway-sp-%{random_suffix}" + location = "us-central1" + description = "gateway security policy created to be used as reference by the rule." +} + +resource "google_network_security_gateway_security_policy_rule" "rule1" { + name = "tf-test-gateway-sp-rule1-%{random_suffix}" + location = "us-central1" + gateway_security_policy = google_network_security_gateway_security_policy.default.name + enabled = true + description = "First rule" + priority = 1 + session_matcher = "host() == 'example.com'" + application_matcher = "request.method == 'POST'" + basic_profile = "ALLOW" +} + +resource "google_network_security_gateway_security_policy_rule" "rule2" { + name = "tf-test-gateway-sp-rule2-%{random_suffix}" + location = "us-central1" + gateway_security_policy = google_network_security_gateway_security_policy.default.name + enabled = true + description = "Second rule" + priority = 2 + session_matcher = "host() == 'example.com'" + application_matcher = "request.method == 'GET'" + tls_inspection_enabled = false + basic_profile = "DENY" +} +`, context) +} From ce9486fc2c35d04a3749253b64ae860263c73fa0 Mon Sep 17 00:00:00 2001 From: samir-cit Date: Tue, 7 Jan 2025 15:57:18 -0300 Subject: [PATCH 02/10] Random sleep on creation to mitigate multiple creation --- .../GatewaySecurityPolicyRule.yaml | 1 + ...urity_gateway_security_policy_rule.go.tmpl | 3 ++ ...urity_gateway_security_policy_rule_test.go | 35 +++++++++++++++++++ 3 files changed, 39 insertions(+) create mode 100644 mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl diff --git a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml index 5abd1c278f55..a02182957856 100644 --- a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml +++ b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml @@ -44,6 +44,7 @@ async: result: resource_inside_response: false custom_code: + pre_create: 'templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl' post_delete: 'templates/terraform/post_delete/sleep.go.tmpl' examples: - name: 'network_security_gateway_security_policy_rules_basic' diff --git a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl new file mode 100644 index 000000000000..5ff3b7d7d811 --- /dev/null +++ b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl @@ -0,0 +1,3 @@ +// When creating more than one rule sometimes the creation conflicts +// Use random sleep duration to mitigate this issue +time.Sleep(time.Duration(rand.Intn(10)) * time.Second) \ No newline at end of file diff --git a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go index f70333f9e64a..1747449a23e7 100644 --- a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go +++ b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go @@ -73,6 +73,16 @@ func TestAccNetworkSecurityGatewaySecurityPolicyRule_multiple(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + ResourceName: "google_network_security_gateway_security_policy_rule.rule3", + ImportState: true, + ImportStateVerify: true, + }, + { + ResourceName: "google_network_security_gateway_security_policy_rule.rule4", + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -154,5 +164,30 @@ resource "google_network_security_gateway_security_policy_rule" "rule2" { tls_inspection_enabled = false basic_profile = "DENY" } + +resource "google_network_security_gateway_security_policy_rule" "rule3" { + name = "tf-test-gateway-sp-rule3-%{random_suffix}" + location = "us-central1" + gateway_security_policy = google_network_security_gateway_security_policy.default.name + enabled = true + description = "Third rule" + priority = 3 + session_matcher = "host() == 'update.com'" + application_matcher = "request.method == 'POST'" + basic_profile = "ALLOW" +} + +resource "google_network_security_gateway_security_policy_rule" "rule4" { + name = "tf-test-gateway-sp-rule4-%{random_suffix}" + location = "us-central1" + gateway_security_policy = google_network_security_gateway_security_policy.default.name + enabled = true + description = "Fourth rule" + priority = 4 + session_matcher = "host() == 'update.com'" + application_matcher = "request.method == 'GET'" + tls_inspection_enabled = false + basic_profile = "DENY" +} `, context) } From 20c18fc38b8871bf112a03090f1d142c8d7b5bcd Mon Sep 17 00:00:00 2001 From: samir-cit Date: Sat, 11 Jan 2025 05:02:04 -0300 Subject: [PATCH 03/10] Increase random from 10 to 100 --- .../network_security_gateway_security_policy_rule.go.tmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl index 5ff3b7d7d811..bf53cfd637a9 100644 --- a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl +++ b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl @@ -1,3 +1,3 @@ // When creating more than one rule sometimes the creation conflicts // Use random sleep duration to mitigate this issue -time.Sleep(time.Duration(rand.Intn(10)) * time.Second) \ No newline at end of file +time.Sleep(time.Duration(rand.Intn(100)) * time.Second) \ No newline at end of file From d35b6e5d48acd4cebd55db7e08715080923533fd Mon Sep 17 00:00:00 2001 From: samir-cit Date: Mon, 13 Jan 2025 13:54:02 -0300 Subject: [PATCH 04/10] Use now.nanosec to define as the sleep --- .../networksecurity/GatewaySecurityPolicyRule.yaml | 1 + ...work_security_gateway_security_policy_rule.go.tmpl | 11 +++++++++++ ...work_security_gateway_security_policy_rule.go.tmpl | 6 ++++-- 3 files changed, 16 insertions(+), 2 deletions(-) create mode 100644 mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl diff --git a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml index a02182957856..63c0288c6c73 100644 --- a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml +++ b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml @@ -44,6 +44,7 @@ async: result: resource_inside_response: false custom_code: + constants: 'templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl' pre_create: 'templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl' post_delete: 'templates/terraform/post_delete/sleep.go.tmpl' examples: diff --git a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl new file mode 100644 index 000000000000..70f9d27b373a --- /dev/null +++ b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl @@ -0,0 +1,11 @@ +// Flip integer number order +func reverse_int(n int) int { + new_int := 0 + for n > 0 { + remainder := n % 10 + new_int *= 10 + new_int += remainder + n /= 10 + } + return new_int * 100 +} \ No newline at end of file diff --git a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl index bf53cfd637a9..135d355476da 100644 --- a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl +++ b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl @@ -1,3 +1,5 @@ // When creating more than one rule sometimes the creation conflicts -// Use random sleep duration to mitigate this issue -time.Sleep(time.Duration(rand.Intn(100)) * time.Second) \ No newline at end of file +// Workaround: Get actual time Nanosecond, reverse the number and use as Microseconds +// https://github.com/hashicorp/terraform-provider-google/issues/20892 +microNow := reverse_int(time.Now().Nanosecond()) +time.Sleep(time.Duration(microNow) * time.Microsecond) From 3d59b2a9b1a5c63f47a8bb395150cb23e426d951 Mon Sep 17 00:00:00 2001 From: samir-cit Date: Mon, 13 Jan 2025 20:11:18 -0300 Subject: [PATCH 05/10] Function to calculate sleep wait time --- ...ecurity_gateway_security_policy_rule.go.tmpl | 17 ++++++++++++++++- ...ecurity_gateway_security_policy_rule.go.tmpl | 7 +++---- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl index 70f9d27b373a..dff8548f529a 100644 --- a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl +++ b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl @@ -1,3 +1,13 @@ +// Get the wait time for creation sleep +// Use the time.Now().Nanosecond() +// It reverts the nanoseconds and multiply by a random number +// Return the duration to use +func sleep_wait_time(nanosec int) time.Duration { + reverse_nano := reverse_int(nanosec) + multiplier := random_int(50, 150) + return (time.Duration(reverse_nano*multiplier) * time.Microsecond) +} + // Flip integer number order func reverse_int(n int) int { new_int := 0 @@ -7,5 +17,10 @@ func reverse_int(n int) int { new_int += remainder n /= 10 } - return new_int * 100 + return new_int +} + +// Return a random int over a range +func random_int(min, max int) int { + return (rand.Intn(max-min) + min) } \ No newline at end of file diff --git a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl index 135d355476da..e42dd135b9a7 100644 --- a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl +++ b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl @@ -1,5 +1,4 @@ -// When creating more than one rule sometimes the creation conflicts -// Workaround: Get actual time Nanosecond, reverse the number and use as Microseconds +// When creating more than one rule sometimes the creation conflicts. // https://github.com/hashicorp/terraform-provider-google/issues/20892 -microNow := reverse_int(time.Now().Nanosecond()) -time.Sleep(time.Duration(microNow) * time.Microsecond) +// Workaround: Get sleep wait time based on actual Nanosecond. +time.Sleep(sleep_wait_time(time.Now().Nanosecond())) \ No newline at end of file From d34c4a84493b59b352bb2ecab3bbec88df5329b8 Mon Sep 17 00:00:00 2001 From: samir-cit Date: Wed, 5 Feb 2025 13:58:10 -0300 Subject: [PATCH 06/10] Change wait time to calculate based on the rule priority --- ...urity_gateway_security_policy_rule.go.tmpl | 44 ++++++++++++------- ...urity_gateway_security_policy_rule.go.tmpl | 6 ++- ...urity_gateway_security_policy_rule_test.go | 29 ++++++++---- 3 files changed, 53 insertions(+), 26 deletions(-) diff --git a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl index dff8548f529a..fd5e81936262 100644 --- a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl +++ b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl @@ -1,23 +1,35 @@ // Get the wait time for creation sleep -// Use the time.Now().Nanosecond() -// It reverts the nanoseconds and multiply by a random number +// Use the PRIORITY to calculate // Return the duration to use -func sleep_wait_time(nanosec int) time.Duration { - reverse_nano := reverse_int(nanosec) - multiplier := random_int(50, 150) - return (time.Duration(reverse_nano*multiplier) * time.Microsecond) -} +func sleep_wait_time(priority int) time.Duration { + lowerMultiplier := time.Duration(random_int(1, 10)) + timeMultiplier := time.Second + higherMultiplier := time.Duration(random_int(10, 15)) -// Flip integer number order -func reverse_int(n int) int { - new_int := 0 - for n > 0 { - remainder := n % 10 - new_int *= 10 - new_int += remainder - n /= 10 + switch { + case priority > 120 && priority <= 1000: + timeMultiplier = time.Second / higherMultiplier + case priority > 1000 && priority <= 12000: + timeMultiplier = time.Millisecond * higherMultiplier + case priority > 12000 && priority <= 40000: + timeMultiplier = time.Millisecond * lowerMultiplier + case priority > 40000 && priority <= 120000: + timeMultiplier = time.Millisecond + case priority > 120000 && priority <= 1000000: + timeMultiplier = time.Microsecond * higherMultiplier + case priority > 1000000 && priority <= 40000000: + timeMultiplier = time.Microsecond * lowerMultiplier + case priority > 40000000 && priority <= 120000000: + timeMultiplier = time.Microsecond + case priority > 120000000 && priority <= 1000000000: + timeMultiplier = time.Nanosecond * higherMultiplier + case priority > 1000000000: + timeMultiplier = time.Nanosecond * (higherMultiplier * lowerMultiplier) + default: + timeMultiplier = time.Second } - return new_int + + return (time.Duration(priority) * timeMultiplier) } // Return a random int over a range diff --git a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl index e42dd135b9a7..50c57fe3d652 100644 --- a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl +++ b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl @@ -1,4 +1,6 @@ // When creating more than one rule sometimes the creation conflicts. // https://github.com/hashicorp/terraform-provider-google/issues/20892 -// Workaround: Get sleep wait time based on actual Nanosecond. -time.Sleep(sleep_wait_time(time.Now().Nanosecond())) \ No newline at end of file +// Workaround: Get sleep wait time based on the priority. +sleepTime := sleep_wait_time(priorityProp.(int)) +log.Printf("[DEBUG] Waiting %s to create GatewaySecurityPolicyRule with priority %d", sleepTime, priorityProp.(int)) +time.Sleep(sleepTime) \ No newline at end of file diff --git a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go index 1747449a23e7..2098d4d657b8 100644 --- a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go +++ b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go @@ -145,8 +145,8 @@ resource "google_network_security_gateway_security_policy_rule" "rule1" { location = "us-central1" gateway_security_policy = google_network_security_gateway_security_policy.default.name enabled = true - description = "First rule" - priority = 1 + description = "Highest priority rule" + priority = 0 session_matcher = "host() == 'example.com'" application_matcher = "request.method == 'POST'" basic_profile = "ALLOW" @@ -157,8 +157,8 @@ resource "google_network_security_gateway_security_policy_rule" "rule2" { location = "us-central1" gateway_security_policy = google_network_security_gateway_security_policy.default.name enabled = true - description = "Second rule" - priority = 2 + description = "Rule priority 762" + priority = 762 session_matcher = "host() == 'example.com'" application_matcher = "request.method == 'GET'" tls_inspection_enabled = false @@ -170,8 +170,8 @@ resource "google_network_security_gateway_security_policy_rule" "rule3" { location = "us-central1" gateway_security_policy = google_network_security_gateway_security_policy.default.name enabled = true - description = "Third rule" - priority = 3 + description = "Rule priority 37961" + priority = 37961 session_matcher = "host() == 'update.com'" application_matcher = "request.method == 'POST'" basic_profile = "ALLOW" @@ -182,12 +182,25 @@ resource "google_network_security_gateway_security_policy_rule" "rule4" { location = "us-central1" gateway_security_policy = google_network_security_gateway_security_policy.default.name enabled = true - description = "Fourth rule" - priority = 4 + description = "Rule priority 9572843" + priority = 9572843 session_matcher = "host() == 'update.com'" application_matcher = "request.method == 'GET'" tls_inspection_enabled = false basic_profile = "DENY" } + +resource "google_network_security_gateway_security_policy_rule" "rule5" { + name = "tf-test-gateway-sp-rule5-%{random_suffix}" + location = "us-central1" + gateway_security_policy = google_network_security_gateway_security_policy.default.name + enabled = true + description = "Lowest priority rule" + priority = 2147483647 + session_matcher = "host() == 'update.com'" + application_matcher = "request.method == 'GET'" + tls_inspection_enabled = false + basic_profile = "DENY" + } `, context) } From 96b7aea8da216f74fca8a41d9f326544cae2e04a Mon Sep 17 00:00:00 2001 From: samir-cit Date: Fri, 7 Feb 2025 10:08:38 -0300 Subject: [PATCH 07/10] Using mutex and sleep --- .../GatewaySecurityPolicyRule.yaml | 9 +++- ...urity_gateway_security_policy_rule.go.tmpl | 49 ++++++------------- ...gateway_security_policy_rule_sleep.go.tmpl | 2 + ...urity_gateway_security_policy_rule_test.go | 27 +++++----- 4 files changed, 41 insertions(+), 46 deletions(-) create mode 100644 mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl diff --git a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml index 63c0288c6c73..a5689244062f 100644 --- a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml +++ b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml @@ -43,10 +43,15 @@ async: delete_minutes: 30 result: resource_inside_response: false +mutex: 'gatewaySecurityPolicies/rules/{{priority}}' custom_code: constants: 'templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl' - pre_create: 'templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl' - post_delete: 'templates/terraform/post_delete/sleep.go.tmpl' + pre_create: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' + pre_update: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' + pre_delete: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' + post_create: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' + post_update: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' + post_delete: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' examples: - name: 'network_security_gateway_security_policy_rules_basic' primary_resource_id: 'default' diff --git a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl index fd5e81936262..b92f1a081da5 100644 --- a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl +++ b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl @@ -1,38 +1,21 @@ // Get the wait time for creation sleep -// Use the PRIORITY to calculate +// Use the time.Now().Nanosecond() +// It reverts the nanoseconds and multiply by a random number // Return the duration to use -func sleep_wait_time(priority int) time.Duration { - lowerMultiplier := time.Duration(random_int(1, 10)) - timeMultiplier := time.Second - higherMultiplier := time.Duration(random_int(10, 15)) - - switch { - case priority > 120 && priority <= 1000: - timeMultiplier = time.Second / higherMultiplier - case priority > 1000 && priority <= 12000: - timeMultiplier = time.Millisecond * higherMultiplier - case priority > 12000 && priority <= 40000: - timeMultiplier = time.Millisecond * lowerMultiplier - case priority > 40000 && priority <= 120000: - timeMultiplier = time.Millisecond - case priority > 120000 && priority <= 1000000: - timeMultiplier = time.Microsecond * higherMultiplier - case priority > 1000000 && priority <= 40000000: - timeMultiplier = time.Microsecond * lowerMultiplier - case priority > 40000000 && priority <= 120000000: - timeMultiplier = time.Microsecond - case priority > 120000000 && priority <= 1000000000: - timeMultiplier = time.Nanosecond * higherMultiplier - case priority > 1000000000: - timeMultiplier = time.Nanosecond * (higherMultiplier * lowerMultiplier) - default: - timeMultiplier = time.Second - } - - return (time.Duration(priority) * timeMultiplier) +func get_sleep_time(nanosec int) time.Duration { + reverse_nano := reverse_int(nanosec) + return (time.Duration(reverse_nano) * time.Microsecond) } -// Return a random int over a range -func random_int(min, max int) int { - return (rand.Intn(max-min) + min) +// Flip integer number order +func reverse_int(n int) int { + new_int := 0 + for n > 0 { + remainder := n % 10 + new_int *= 10 + new_int += remainder + n /= 10 + } + return new_int * 100 + return new_int } \ No newline at end of file diff --git a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl new file mode 100644 index 000000000000..5613fbe85d0d --- /dev/null +++ b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl @@ -0,0 +1,2 @@ +// Useful to avoid concurrency on the resource operations +time.Sleep(get_sleep_time(time.Now().Nanosecond())) \ No newline at end of file diff --git a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go index 2098d4d657b8..ac37a5fb01f3 100644 --- a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go +++ b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go @@ -83,6 +83,11 @@ func TestAccNetworkSecurityGatewaySecurityPolicyRule_multiple(t *testing.T) { ImportState: true, ImportStateVerify: true, }, + { + ResourceName: "google_network_security_gateway_security_policy_rule.rule5", + ImportState: true, + ImportStateVerify: true, + }, }, }) } @@ -191,16 +196,16 @@ resource "google_network_security_gateway_security_policy_rule" "rule4" { } resource "google_network_security_gateway_security_policy_rule" "rule5" { - name = "tf-test-gateway-sp-rule5-%{random_suffix}" - location = "us-central1" - gateway_security_policy = google_network_security_gateway_security_policy.default.name - enabled = true - description = "Lowest priority rule" - priority = 2147483647 - session_matcher = "host() == 'update.com'" - application_matcher = "request.method == 'GET'" - tls_inspection_enabled = false - basic_profile = "DENY" - } + name = "tf-test-gateway-sp-rule5-%{random_suffix}" + location = "us-central1" + gateway_security_policy = google_network_security_gateway_security_policy.default.name + enabled = true + description = "Lowest priority rule" + priority = 2147483647 + session_matcher = "host() == 'update.com'" + application_matcher = "request.method == 'GET'" + tls_inspection_enabled = false + basic_profile = "DENY" +} `, context) } From fc2a4d1bd09969dc008993444ea5370b1f5b1b59 Mon Sep 17 00:00:00 2001 From: samir-cit Date: Fri, 7 Feb 2025 12:53:06 -0300 Subject: [PATCH 08/10] gofmt --- ...source_network_security_gateway_security_policy_rule_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go index ac37a5fb01f3..22823730a924 100644 --- a/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go +++ b/mmv1/third_party/terraform/services/networksecurity/resource_network_security_gateway_security_policy_rule_test.go @@ -83,7 +83,7 @@ func TestAccNetworkSecurityGatewaySecurityPolicyRule_multiple(t *testing.T) { ImportState: true, ImportStateVerify: true, }, - { + { ResourceName: "google_network_security_gateway_security_policy_rule.rule5", ImportState: true, ImportStateVerify: true, From af38303f12406fb3e4c079da01292202c0726313 Mon Sep 17 00:00:00 2001 From: samir-cit Date: Fri, 7 Feb 2025 17:35:27 -0300 Subject: [PATCH 09/10] Remove unused file --- .../network_security_gateway_security_policy_rule.go.tmpl | 6 ------ 1 file changed, 6 deletions(-) delete mode 100644 mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl diff --git a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl deleted file mode 100644 index 50c57fe3d652..000000000000 --- a/mmv1/templates/terraform/pre_create/network_security_gateway_security_policy_rule.go.tmpl +++ /dev/null @@ -1,6 +0,0 @@ -// When creating more than one rule sometimes the creation conflicts. -// https://github.com/hashicorp/terraform-provider-google/issues/20892 -// Workaround: Get sleep wait time based on the priority. -sleepTime := sleep_wait_time(priorityProp.(int)) -log.Printf("[DEBUG] Waiting %s to create GatewaySecurityPolicyRule with priority %d", sleepTime, priorityProp.(int)) -time.Sleep(sleepTime) \ No newline at end of file From 372de0367ff023cebac2a944436d068561988427 Mon Sep 17 00:00:00 2001 From: samir-cit Date: Mon, 10 Feb 2025 21:39:21 -0300 Subject: [PATCH 10/10] Mutex and remove files --- .../GatewaySecurityPolicyRule.yaml | 10 +-------- ...urity_gateway_security_policy_rule.go.tmpl | 21 ------------------- ...gateway_security_policy_rule_sleep.go.tmpl | 2 -- 3 files changed, 1 insertion(+), 32 deletions(-) delete mode 100644 mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl delete mode 100644 mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl diff --git a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml index a5689244062f..c30a183387b1 100644 --- a/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml +++ b/mmv1/products/networksecurity/GatewaySecurityPolicyRule.yaml @@ -43,15 +43,7 @@ async: delete_minutes: 30 result: resource_inside_response: false -mutex: 'gatewaySecurityPolicies/rules/{{priority}}' -custom_code: - constants: 'templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl' - pre_create: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' - pre_update: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' - pre_delete: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' - post_create: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' - post_update: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' - post_delete: 'templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl' +mutex: 'gatewaySecurityPolicies/{{gateway_security_policy}}/rules' examples: - name: 'network_security_gateway_security_policy_rules_basic' primary_resource_id: 'default' diff --git a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl deleted file mode 100644 index b92f1a081da5..000000000000 --- a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule.go.tmpl +++ /dev/null @@ -1,21 +0,0 @@ -// Get the wait time for creation sleep -// Use the time.Now().Nanosecond() -// It reverts the nanoseconds and multiply by a random number -// Return the duration to use -func get_sleep_time(nanosec int) time.Duration { - reverse_nano := reverse_int(nanosec) - return (time.Duration(reverse_nano) * time.Microsecond) -} - -// Flip integer number order -func reverse_int(n int) int { - new_int := 0 - for n > 0 { - remainder := n % 10 - new_int *= 10 - new_int += remainder - n /= 10 - } - return new_int * 100 - return new_int -} \ No newline at end of file diff --git a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl b/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl deleted file mode 100644 index 5613fbe85d0d..000000000000 --- a/mmv1/templates/terraform/constants/network_security_gateway_security_policy_rule_sleep.go.tmpl +++ /dev/null @@ -1,2 +0,0 @@ -// Useful to avoid concurrency on the resource operations -time.Sleep(get_sleep_time(time.Now().Nanosecond())) \ No newline at end of file