fix acl resource and data source; add doc

Author: crab21

CHANGELOG.md

@@ -1,11 +1,23 @@
-## 1.40.1 (Unreleased)
+## 1.40.3 (Unreleased)
 
 FEATURES:
 
 * **New Data Source**: `tencentcloud_vpc_acls`
 * **New Resource**: `tencentcloud_vpc_acl`
 * **New Resource**: `tencentcloud_vpc_acl_attachment`
 
+## 1.40.2 (August 08, 2020)
+
+BUG FIXES:
+
+* Resource: `tencentcloud_instance` fix accidentally fail to delete prepaid instance ([#485](https://github.com/tencentcloudstack/terraform-provider-tencentcloud/issues/485)).
+
+## 1.40.1 (August 05, 2020)
+
+BUG FIXES:
+
+* Resource: `tencentcloud_vpn_connection` fix mulit `security_group_policy` is not supported ([#487](https://github.com/tencentcloudstack/terraform-provider-tencentcloud/issues/487)).
+
 ## 1.40.0 (July 31, 2020)
 
 FEATURES:

go.mod

@@ -15,7 +15,7 @@ require (
 	github.com/mattn/go-colorable v0.1.6 // indirect
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/pkg/errors v0.9.1
-	github.com/tencentcloud/tencentcloud-sdk-go v3.0.217+incompatible
+	github.com/tencentcloud/tencentcloud-sdk-go v3.0.229+incompatible
 	github.com/yangwenmai/ratelimit v0.0.0-20180104140304-44221c2292e1
 	github.com/zclconf/go-cty v1.4.2 // indirect
 	golang.org/x/sys v0.0.0-20200523222454-059865788121 // indirect

go.sum

@@ -460,6 +460,8 @@ github.com/tdakkota/asciicheck v0.0.0-20200416190851-d7f85be797a2 h1:Xr9gkxfOP0K
 github.com/tdakkota/asciicheck v0.0.0-20200416190851-d7f85be797a2/go.mod h1:yHp0ai0Z9gUljN3o0xMhYJnH/IcvkdTBOX2fmJ93JEM=
 github.com/tencentcloud/tencentcloud-sdk-go v3.0.217+incompatible h1:c0N5XTxnRv3e6lgIEw3Ml0RdIV0fA8qDRuVEhQnDViE=
 github.com/tencentcloud/tencentcloud-sdk-go v3.0.217+incompatible/go.mod h1:0PfYow01SHPMhKY31xa+EFz2RStxIqj6JFAJS+IkCi4=
+github.com/tencentcloud/tencentcloud-sdk-go v3.0.229+incompatible h1:ZlFfQuJYC+g2bEjlZUvIUQUifHhzWM69GTzFh0qzLl4=
+github.com/tencentcloud/tencentcloud-sdk-go v3.0.229+incompatible/go.mod h1:0PfYow01SHPMhKY31xa+EFz2RStxIqj6JFAJS+IkCi4=
 github.com/tetafro/godot v0.3.7 h1:+mecr7RKrUKB5UQ1gwqEMn13sDKTyDR8KNIquB9mm+8=
 github.com/tetafro/godot v0.3.7/go.mod h1:/7NLHhv08H1+8DNj0MElpAACw1ajsCuf3TKNQxA5S+0=
 github.com/timakin/bodyclose v0.0.0-20190930140734-f7f2e9bca95e h1:RumXZ56IrCj4CL+g1b9OL/oH0QnsF976bC8xQFYUD5Q=

tencentcloud/data_source_tc_vpc_acls.go

@@ -7,11 +7,11 @@ Example Usage
 data "tencentcloud_vpc_instances" "foo" {
 }
 
-resource "tencentcloud_vpc_acl" "main" {
+resource "tencentcloud_vpc_acls" "main" {
   vpc_id            = data.tencentcloud_vpc_instances.foo.instance_list.0.vpc_id
 }
 
-resource "tencentcloud_vpc_acl" "main" {
+resource "tencentcloud_vpc_acls" "main" {
   name            	= "test_acl"
 }
 
@@ -84,7 +84,7 @@ func dataSourceTencentCloudVpcAcls() *schema.Resource {
 						"subnets": {
 							Type:        schema.TypeList,
 							Computed:    true,
-							Description: "",
+							Description: "Subnets associated with the network ACL.",
 							Elem: &schema.Resource{
 								Schema: map[string]*schema.Schema{
 									"vpc_id": {
@@ -95,7 +95,7 @@ func dataSourceTencentCloudVpcAcls() *schema.Resource {
 									"subnet_id": {
 										Type:        schema.TypeString,
 										Computed:    true,
-										Description: "Subnet instance `ID`",
+										Description: "Subnet instance `ID`.",
 									},
 									"subnet_name": {
 										Type:        schema.TypeString,
@@ -118,13 +118,13 @@ func dataSourceTencentCloudVpcAcls() *schema.Resource {
 						"ingress": {
 							Type:        schema.TypeList,
 							Computed:    true,
-							Description: "",
+							Description: "Inbound rules of the network ACL.",
 							Elem: &schema.Resource{
 								Schema: map[string]*schema.Schema{
 									"protocol": {
 										Type:        schema.TypeString,
 										Computed:    true,
-										Description: "Type of ip protocol. ",
+										Description: "Type of ip protocol.",
 									},
 									"port": {
 										Type:        schema.TypeString,
@@ -141,19 +141,24 @@ func dataSourceTencentCloudVpcAcls() *schema.Resource {
 										Computed:    true,
 										Description: "An IP address network or segment.",
 									},
+									"description": {
+										Type:        schema.TypeString,
+										Computed:    true,
+										Description: "Rule description.",
+									},
 								},
 							},
 						},
 						"egress": {
 							Type:        schema.TypeList,
 							Computed:    true,
-							Description: "",
+							Description: "Outbound rules of the network ACL.",
 							Elem: &schema.Resource{
 								Schema: map[string]*schema.Schema{
 									"protocol": {
 										Type:        schema.TypeString,
 										Computed:    true,
-										Description: "Type of ip protocol. ",
+										Description: "Type of ip protocol.",
 									},
 									"port": {
 										Type:        schema.TypeString,
@@ -170,6 +175,11 @@ func dataSourceTencentCloudVpcAcls() *schema.Resource {
 										Computed:    true,
 										Description: "An IP address network or segment.",
 									},
+									"description": {
+										Type:        schema.TypeString,
+										Computed:    true,
+										Description: "Rule description.",
+									},
 								},
 							},
 						},
@@ -181,7 +191,7 @@ func dataSourceTencentCloudVpcAcls() *schema.Resource {
 }
 
 func dataSourceTencentCloudVpcACLRead(d *schema.ResourceData, meta interface{}) error {
-	defer logElapsed("data_source.tencentcloud_vpc_acl.read")()
+	defer logElapsed("data_source.tencentcloud_vpc_acls.read")()
 	var (
 		logId   = getLogId(contextNil)
 		ctx     = context.WithValue(context.TODO(), logIdKey, logId)
@@ -225,15 +235,15 @@ func dataSourceTencentCloudVpcACLRead(d *schema.ResourceData, meta interface{})
 		for i := range subnetInfo {
 			v := subnetInfo[i]
 			subnet := make(map[string]interface{}, 5)
-			subnet["vpc_id"] = *v.VpcId
-			subnet["subnet_id"] = *v.SubnetId
-			subnet["subnet_name"] = *v.SubnetName
-			subnet["cidr_block"] = *v.CidrBlock
+			subnet["vpc_id"] = v.VpcId
+			subnet["subnet_id"] = v.SubnetId
+			subnet["subnet_name"] = v.SubnetName
+			subnet["cidr_block"] = v.CidrBlock
 
-			tag := make(map[string]string, len(v.TagSet))
+			tag := make(map[string]interface{}, len(v.TagSet))
 			for t := range v.TagSet {
 				tagValue := v.TagSet[t]
-				tag[*tagValue.Key] = *tagValue.Value
+				tag[*tagValue.Key] = tagValue.Value
 			}
 			subnet["tags"] = tag
 
@@ -244,12 +254,12 @@ func dataSourceTencentCloudVpcACLRead(d *schema.ResourceData, meta interface{})
 		ingress := make([]map[string]interface{}, 0, len(ingressInfo))
 		for i := range ingressInfo {
 			v := ingressInfo[i]
-			egressMap := make(map[string]interface{}, 4)
-			egressMap["protocol"] = *v.Protocol
-			egressMap["port"] = *v.Port
-			egressMap["cidr_block"] = *v.CidrBlock
-			egressMap["policy"] = *v.Action
-			egressMap["description"] = *v.Description
+			egressMap := make(map[string]interface{}, 5)
+			egressMap["protocol"] = v.Protocol
+			egressMap["port"] = v.Port
+			egressMap["cidr_block"] = v.CidrBlock
+			egressMap["policy"] = v.Action
+			egressMap["description"] = v.Description
 
 			ingress = append(ingress, egressMap)
 		}
@@ -258,12 +268,12 @@ func dataSourceTencentCloudVpcACLRead(d *schema.ResourceData, meta interface{})
 		egress := make([]map[string]interface{}, 0, len(egressInfo))
 		for i := range egressInfo {
 			v := egressInfo[i]
-			egressMap := make(map[string]interface{}, 4)
-			egressMap["protocol"] = *v.Protocol
-			egressMap["port"] = *v.Port
-			egressMap["cidr_block"] = *v.CidrBlock
-			egressMap["policy"] = *v.Action
-			egressMap["description"] = *v.Description
+			egressMap := make(map[string]interface{}, 5)
+			egressMap["protocol"] = v.Protocol
+			egressMap["port"] = v.Port
+			egressMap["cidr_block"] = v.CidrBlock
+			egressMap["policy"] = v.Action
+			egressMap["description"] = v.Description
 
 			egress = append(egress, egressMap)
 		}

tencentcloud/data_source_tc_vpc_acls_test.go

@@ -6,20 +6,16 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 )
 
-func TestAccDataSourceTencentCloudVpcACLBasic(t *testing.T) {
+func TestAccDataSourceTencentCloudVpcACL_Basic(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			{
 				Config: TestAccDataSourceTencentCloudVpcACLInstances,
-
 				Check: resource.ComposeTestCheckFunc(
-					// id filter
-					testAccCheckTencentCloudDataSourceID("data.tencentcloud_vpc_acl.default"),
-					resource.TestCheckResourceAttr("data.tencentcloud_vpc_acl.default", "name", "test_acl"),
-					resource.TestCheckResourceAttr("data.tencentcloud_vpc_acl.default", "egress.#", "1"),
-					resource.TestCheckResourceAttr("data.tencentcloud_vpc_acl.default", "ingress.#", "1"),
+					testAccCheckTencentCloudDataSourceID("data.tencentcloud_vpc_acls.default"),
+					resource.TestCheckResourceAttr("data.tencentcloud_vpc_acls.default", "name", "test_acl"),
 				),
 			},
 		},
@@ -41,7 +37,7 @@ resource "tencentcloud_vpc_acl" "foo" {
 	]
 }  
 
-data "tencentcloud_vpc_instances" "default" {
+data "tencentcloud_vpc_acls" "default" {
 	name = "test_acl"
 	result_output_file="data_source_tc_vpc_acls.txt"
 }

tencentcloud/resource_tc_instance.go

@@ -961,6 +961,7 @@ func resourceTencentCloudInstanceDelete(d *schema.ResourceData, meta interface{}
 	cvmService := CvmService{
 		client: meta.(*TencentCloudClient).apiV3Conn,
 	}
+
 	err := resource.Retry(writeRetryTimeout, func() *resource.RetryError {
 		errRet := cvmService.DeleteInstance(ctx, instanceId)
 		if errRet != nil {
@@ -976,7 +977,7 @@ func resourceTencentCloudInstanceDelete(d *schema.ResourceData, meta interface{}
 	notExist := false
 
 	//check exist
-	err = resource.Retry(2*readRetryTimeout, func() *resource.RetryError {
+	err = resource.Retry(5*readRetryTimeout, func() *resource.RetryError {
 		instance, errRet := cvmService.DescribeInstanceById(ctx, instanceId)
 		if errRet != nil {
 			return retryError(errRet, InternalError)
@@ -985,13 +986,12 @@ func resourceTencentCloudInstanceDelete(d *schema.ResourceData, meta interface{}
 			notExist = true
 			return nil
 		}
-		if *instance.InstanceState == CVM_STATUS_SHUTDOWN {
+		if *instance.InstanceState == CVM_STATUS_SHUTDOWN && *instance.LatestOperationState != CVM_LATEST_OPERATION_STATE_OPERATING {
 			//in recycling
 			return nil
 		}
 		return resource.RetryableError(fmt.Errorf("cvm instance status is %s, retry...", *instance.InstanceState))
 	})
-
 	if err != nil {
 		return err
 	}
@@ -1000,9 +1000,7 @@ func resourceTencentCloudInstanceDelete(d *schema.ResourceData, meta interface{}
 		return nil
 	}
 
-	//exist in recycle
-
-	//delete again
+	// exist in recycle, delete again
 	err = resource.Retry(writeRetryTimeout, func() *resource.RetryError {
 		errRet := cvmService.DeleteInstance(ctx, instanceId)
 		//when state is terminating, do not delete but check exist
@@ -1024,7 +1022,7 @@ func resourceTencentCloudInstanceDelete(d *schema.ResourceData, meta interface{}
 	}
 
 	//describe and check not exist
-	err = resource.Retry(2*readRetryTimeout, func() *resource.RetryError {
+	err = resource.Retry(5*readRetryTimeout, func() *resource.RetryError {
 		instance, errRet := cvmService.DescribeInstanceById(ctx, instanceId)
 		if errRet != nil {
 			return retryError(errRet, InternalError)
@@ -1034,10 +1032,9 @@ func resourceTencentCloudInstanceDelete(d *schema.ResourceData, meta interface{}
 		}
 		return resource.RetryableError(fmt.Errorf("cvm instance status is %s, retry...", *instance.InstanceState))
 	})
-
 	if err != nil {
 		return err
 	}
-	return nil
 
+	return nil
 }

tencentcloud/resource_tc_vpc_acl.go

@@ -4,22 +4,21 @@ Provide a resource to create a VPC ACL instance.
 Example Usage
 
 ```hcl
-data "tencentcloud_vpc_instances" "foo" {
+data "tencentcloud_vpc_instances" "default" {
 }
 
-resource "resource_vpc_acl" "default" {
-    vpc_id            	= data.tencentcloud_vpc_instances.foo.instance_list.0.vpc_id
-    network_acl_name  	= "test_acl"
-	ingress [
-		"ACCEPT#192.168.1.0/24#80#TCP",
-		"ACCEPT#192.168.1.0/24#80-90#TCP",
+resource "tencentcloud_vpc_acl" "foo" {
+    vpc_id  = data.tencentcloud_vpc_instances.default.instance_list.0.vpc_id
+    name  	= "test_acl_update"
+	ingress = [
+		"ACCEPT#192.168.1.0/24#800#TCP",
+		"ACCEPT#192.168.1.0/24#800-900#TCP",
 	]
-	egress [
-		"ACCEPT#192.168.1.0/24#80#TCP",
-		"ACCEPT#192.168.1.0/24#80-90#TCP",
+	egress = [
+    	"ACCEPT#192.168.1.0/24#800#TCP",
+    	"ACCEPT#192.168.1.0/24#800-900#TCP",
 	]
 }
-
 ```
 
 Import
@@ -78,11 +77,6 @@ func resourceTencentCloudVpcACL() *schema.Resource {
 			},
 
 			//compute
-			"acl_id": {
-				Type:        schema.TypeString,
-				Computed:    true,
-				Description: "`ID` of the network ACL instance.",
-			},
 			"create_time": {
 				Type:        schema.TypeString,
 				Computed:    true,
@@ -173,7 +167,6 @@ func resourceTencentCloudVpcACLRead(d *schema.ResourceData, meta interface{}) er
 		return errRet
 	}
 
-	_ = d.Set("acl_id", id)
 	_ = d.Set("vpc_id", vpcID)
 	_ = d.Set("create_time", createTime)
 	return nil
@@ -311,5 +304,20 @@ func resourceTencentCloudVpcACLDelete(d *schema.ResourceData, meta interface{})
 		id      = d.Id()
 	)
 
-	return service.DeleteAcl(ctx, id)
+	err := service.DeleteAcl(ctx, id)
+	if err != nil {
+		return err
+	}
+
+	_, _, has, err := service.DescribeNetWorkByACLID(ctx, id)
+
+	if err != nil {
+		return err
+	}
+
+	if has > 0 {
+		return fmt.Errorf("[CRITAL]%s delete network acl : %s  failed\n", logId, id)
+	}
+
+	return nil
 }