Merge pull request #13637 from hashicorp/azurerm-lock-bugfix
provider/azurerm: Locking around Network Security Group / Subnets
This commit is contained in:
commit
502a744a65
|
@ -172,6 +172,14 @@ func resourceArmNetworkInterfaceCreate(d *schema.ResourceData, meta interface{})
|
||||||
properties.NetworkSecurityGroup = &network.SecurityGroup{
|
properties.NetworkSecurityGroup = &network.SecurityGroup{
|
||||||
ID: &nsgId,
|
ID: &nsgId,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
networkSecurityGroupName, err := parseNetworkSecurityGroupName(nsgId)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
armMutexKV.Lock(networkSecurityGroupName)
|
||||||
|
defer armMutexKV.Unlock(networkSecurityGroupName)
|
||||||
}
|
}
|
||||||
|
|
||||||
dns, hasDns := d.GetOk("dns_servers")
|
dns, hasDns := d.GetOk("dns_servers")
|
||||||
|
@ -308,6 +316,17 @@ func resourceArmNetworkInterfaceDelete(d *schema.ResourceData, meta interface{})
|
||||||
resGroup := id.ResourceGroup
|
resGroup := id.ResourceGroup
|
||||||
name := id.Path["networkInterfaces"]
|
name := id.Path["networkInterfaces"]
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("network_security_group_id"); ok {
|
||||||
|
networkSecurityGroupId := v.(string)
|
||||||
|
networkSecurityGroupName, err := parseNetworkSecurityGroupName(networkSecurityGroupId)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
armMutexKV.Lock(networkSecurityGroupName)
|
||||||
|
defer armMutexKV.Unlock(networkSecurityGroupName)
|
||||||
|
}
|
||||||
|
|
||||||
_, err = ifaceClient.Delete(resGroup, name, make(chan struct{}))
|
_, err = ifaceClient.Delete(resGroup, name, make(chan struct{}))
|
||||||
|
|
||||||
return err
|
return err
|
||||||
|
|
|
@ -89,6 +89,14 @@ func resourceArmSubnetCreate(d *schema.ResourceData, meta interface{}) error {
|
||||||
properties.NetworkSecurityGroup = &network.SecurityGroup{
|
properties.NetworkSecurityGroup = &network.SecurityGroup{
|
||||||
ID: &nsgId,
|
ID: &nsgId,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
networkSecurityGroupName, err := parseNetworkSecurityGroupName(nsgId)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
armMutexKV.Lock(networkSecurityGroupName)
|
||||||
|
defer armMutexKV.Unlock(networkSecurityGroupName)
|
||||||
}
|
}
|
||||||
|
|
||||||
if v, ok := d.GetOk("route_table_id"); ok {
|
if v, ok := d.GetOk("route_table_id"); ok {
|
||||||
|
@ -182,6 +190,17 @@ func resourceArmSubnetDelete(d *schema.ResourceData, meta interface{}) error {
|
||||||
name := id.Path["subnets"]
|
name := id.Path["subnets"]
|
||||||
vnetName := id.Path["virtualNetworks"]
|
vnetName := id.Path["virtualNetworks"]
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("network_security_group_id"); ok {
|
||||||
|
networkSecurityGroupId := v.(string)
|
||||||
|
networkSecurityGroupName, err := parseNetworkSecurityGroupName(networkSecurityGroupId)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
armMutexKV.Lock(networkSecurityGroupName)
|
||||||
|
defer armMutexKV.Unlock(networkSecurityGroupName)
|
||||||
|
}
|
||||||
|
|
||||||
armMutexKV.Lock(vnetName)
|
armMutexKV.Lock(vnetName)
|
||||||
defer armMutexKV.Unlock(vnetName)
|
defer armMutexKV.Unlock(vnetName)
|
||||||
|
|
||||||
|
|
|
@ -97,6 +97,21 @@ func resourceArmVirtualNetworkCreate(d *schema.ResourceData, meta interface{}) e
|
||||||
Tags: expandTags(tags),
|
Tags: expandTags(tags),
|
||||||
}
|
}
|
||||||
|
|
||||||
|
networkSecurityGroupNames := make([]string, 0)
|
||||||
|
for _, subnet := range *vnet.VirtualNetworkPropertiesFormat.Subnets {
|
||||||
|
if subnet.NetworkSecurityGroup != nil {
|
||||||
|
nsgName, err := parseNetworkSecurityGroupName(*subnet.NetworkSecurityGroup.ID)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
networkSecurityGroupNames = append(networkSecurityGroupNames, nsgName)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
azureRMVirtualNetworkLockNetworkSecurityGroups(&networkSecurityGroupNames)
|
||||||
|
defer azureRMVirtualNetworkUnlockNetworkSecurityGroups(&networkSecurityGroupNames)
|
||||||
|
|
||||||
_, err := vnetClient.CreateOrUpdate(resGroup, name, vnet, make(chan struct{}))
|
_, err := vnetClient.CreateOrUpdate(resGroup, name, vnet, make(chan struct{}))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
|
@ -182,6 +197,14 @@ func resourceArmVirtualNetworkDelete(d *schema.ResourceData, meta interface{}) e
|
||||||
resGroup := id.ResourceGroup
|
resGroup := id.ResourceGroup
|
||||||
name := id.Path["virtualNetworks"]
|
name := id.Path["virtualNetworks"]
|
||||||
|
|
||||||
|
nsgNames, err := expandAzureRmVirtualNetworkVirtualNetworkSecurityGroupNames(d)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("[ERROR] Error parsing Network Security Group ID's: %+v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
azureRMVirtualNetworkLockNetworkSecurityGroups(&nsgNames)
|
||||||
|
defer azureRMVirtualNetworkUnlockNetworkSecurityGroups(&nsgNames)
|
||||||
|
|
||||||
_, err = vnetClient.Delete(resGroup, name, make(chan struct{}))
|
_, err = vnetClient.Delete(resGroup, name, make(chan struct{}))
|
||||||
|
|
||||||
return err
|
return err
|
||||||
|
@ -245,3 +268,40 @@ func resourceAzureSubnetHash(v interface{}) int {
|
||||||
}
|
}
|
||||||
return hashcode.String(subnet)
|
return hashcode.String(subnet)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func expandAzureRmVirtualNetworkVirtualNetworkSecurityGroupNames(d *schema.ResourceData) ([]string, error) {
|
||||||
|
nsgNames := make([]string, 0)
|
||||||
|
|
||||||
|
if v, ok := d.GetOk("subnet"); ok {
|
||||||
|
subnets := v.(*schema.Set).List()
|
||||||
|
for _, subnet := range subnets {
|
||||||
|
subnet, ok := subnet.(map[string]interface{})
|
||||||
|
if !ok {
|
||||||
|
return nil, fmt.Errorf("[ERROR] Subnet should be a Hash - was '%+v'", subnet)
|
||||||
|
}
|
||||||
|
|
||||||
|
networkSecurityGroupId := subnet["security_group"].(string)
|
||||||
|
if networkSecurityGroupId != "" {
|
||||||
|
nsgName, err := parseNetworkSecurityGroupName(networkSecurityGroupId)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
nsgNames = append(nsgNames, nsgName)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
return nsgNames, nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func azureRMVirtualNetworkUnlockNetworkSecurityGroups(networkSecurityGroupNames *[]string) {
|
||||||
|
for _, networkSecurityGroupName := range *networkSecurityGroupNames {
|
||||||
|
armMutexKV.Unlock(networkSecurityGroupName)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
func azureRMVirtualNetworkLockNetworkSecurityGroups(networkSecurityGroupNames *[]string) {
|
||||||
|
for _, networkSecurityGroupName := range *networkSecurityGroupNames {
|
||||||
|
armMutexKV.Lock(networkSecurityGroupName)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -95,3 +95,12 @@ func parseAzureResourceID(id string) (*ResourceID, error) {
|
||||||
|
|
||||||
return idObj, nil
|
return idObj, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func parseNetworkSecurityGroupName(networkSecurityGroupId string) (string, error) {
|
||||||
|
id, err := parseAzureResourceID(networkSecurityGroupId)
|
||||||
|
if err != nil {
|
||||||
|
return "", fmt.Errorf("[ERROR] Unable to Parse Network Security Group ID '%s': %+v", networkSecurityGroupId, err)
|
||||||
|
}
|
||||||
|
|
||||||
|
return id.Path["networkSecurityGroups"], nil
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue