diff --git a/.changelog/3064.txt b/.changelog/3064.txt new file mode 100644 index 0000000000..9a9161fd62 --- /dev/null +++ b/.changelog/3064.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +resource/tencentcloud_identity_center_role_assignment: process failed task status +``` diff --git a/tencentcloud/services/tco/extension_tco.go b/tencentcloud/services/tco/extension_tco.go index 305d9b287b..ed59991987 100644 --- a/tencentcloud/services/tco/extension_tco.go +++ b/tencentcloud/services/tco/extension_tco.go @@ -14,4 +14,7 @@ const ( DescribeTargetTypeNode = "Node" DescribeTargetTypeMember = "User" + + TASK_STATUS_SUCCESS = "Success" + TASK_STATUS_FAILED = "Failed" ) diff --git a/tencentcloud/services/tco/resource_tc_identity_center_role_assignment.go b/tencentcloud/services/tco/resource_tc_identity_center_role_assignment.go index 9178a460fd..29537dae0a 100644 --- a/tencentcloud/services/tco/resource_tc_identity_center_role_assignment.go +++ b/tencentcloud/services/tco/resource_tc_identity_center_role_assignment.go @@ -164,11 +164,29 @@ func resourceTencentCloudIdentityCenterRoleAssignmentCreate(d *schema.ResourceDa if len(response.Response.Tasks) > 0 { task := response.Response.Tasks[0] + if task == nil { + return fmt.Errorf("task is nil") + } + if task.Status != nil && *task.Status == TASK_STATUS_FAILED { + if task.FailureReason != nil { + return fmt.Errorf("create role assignment task failed, failure reason:%s", *task.FailureReason) + } + return fmt.Errorf("create role assignment task failed") + } + + if task.TaskId == nil { + return fmt.Errorf("create role assignment task id is nil") + } taskId := *task.TaskId roleConfigurationId := *task.RoleConfigurationId - conf := tccommon.BuildStateChangeConf([]string{}, []string{"Success"}, 2*tccommon.ReadRetryTimeout, time.Second, service.AssignmentTaskStatusStateRefreshFunc(zoneId, taskId, []string{})) - if _, e := conf.WaitForState(); e != nil { + conf := tccommon.BuildStateChangeConf([]string{}, []string{TASK_STATUS_SUCCESS, TASK_STATUS_FAILED}, 2*tccommon.ReadRetryTimeout, time.Second, service.AssignmentTaskStatusStateRefreshFunc(zoneId, taskId, []string{})) + if object, e := conf.WaitForState(); e != nil { return e + } else { + taskStatus := object.(*organization.TaskStatus) + if taskStatus.Status != nil && *taskStatus.Status == TASK_STATUS_FAILED { + return fmt.Errorf("create role assignment task failed") + } } targetUinString := strconv.FormatInt(targetUin, 10) @@ -188,18 +206,26 @@ func resourceTencentCloudIdentityCenterRoleAssignmentRead(d *schema.ResourceData service := OrganizationService{client: meta.(tccommon.ProviderMeta).GetAPIV3Conn()} - respData, err := service.DescribeIdentityCenterRoleAssignmentById(ctx, d.Id()) + var roleAssignmentsResponseParams *organization.ListRoleAssignmentsResponseParams + err := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError { + result, e := service.DescribeIdentityCenterRoleAssignmentById(ctx, d.Id()) + if e != nil { + return tccommon.RetryError(e) + } + roleAssignmentsResponseParams = result + return nil + }) if err != nil { return err } - if respData == nil { + if roleAssignmentsResponseParams == nil { d.SetId("") log.Printf("[WARN]%s resource `identity_center_role_assignment` [%s] not found, please check if it has been deleted.\n", logId, d.Id()) return nil } - if len(respData.RoleAssignments) > 0 { - roleAssignment := respData.RoleAssignments[0] + if len(roleAssignmentsResponseParams.RoleAssignments) > 0 { + roleAssignment := roleAssignmentsResponseParams.RoleAssignments[0] if roleAssignment.RoleConfigurationId != nil { _ = d.Set("role_configuration_id", roleAssignment.RoleConfigurationId) } @@ -292,10 +318,29 @@ func resourceTencentCloudIdentityCenterRoleAssignmentDelete(d *schema.ResourceDa return err } - if deleteRoleAssignmentResponse.Response != nil && deleteRoleAssignmentResponse.Response.Task != nil && deleteRoleAssignmentResponse.Response.Task.TaskId != nil { - conf := tccommon.BuildStateChangeConf([]string{}, []string{"Success"}, 2*tccommon.ReadRetryTimeout, time.Second, service.AssignmentTaskStatusStateRefreshFunc(zoneId, *deleteRoleAssignmentResponse.Response.Task.TaskId, []string{})) - if _, e := conf.WaitForState(); e != nil { - return e + if deleteRoleAssignmentResponse == nil || deleteRoleAssignmentResponse.Response == nil { + return fmt.Errorf("delete role assignment response is nil") + } + if deleteRoleAssignmentResponse.Response.Task == nil { + return fmt.Errorf("delete role assignment task is nil") + } + task := deleteRoleAssignmentResponse.Response.Task + if task.Status != nil && *task.Status == TASK_STATUS_FAILED { + if task.FailureReason != nil { + return fmt.Errorf("delete role assignment failed, failure reason:%s", *task.FailureReason) + } + return fmt.Errorf("delete role assignment failed") + } + if task.TaskId == nil { + return fmt.Errorf("delete role assignment task id is nil") + } + conf := tccommon.BuildStateChangeConf([]string{}, []string{TASK_STATUS_SUCCESS, TASK_STATUS_FAILED}, 2*tccommon.ReadRetryTimeout, time.Second, service.AssignmentTaskStatusStateRefreshFunc(zoneId, *task.TaskId, []string{})) + if object, e := conf.WaitForState(); e != nil { + return e + } else { + taskStatus := object.(*organization.TaskStatus) + if taskStatus.Status != nil && *taskStatus.Status == TASK_STATUS_FAILED { + return fmt.Errorf("delete role assignment failed") } } @@ -318,10 +363,28 @@ func resourceTencentCloudIdentityCenterRoleAssignmentDelete(d *schema.ResourceDa return err } - if dismantleRoleConfigurationResponse.Response != nil && dismantleRoleConfigurationResponse.Response.Task != nil && dismantleRoleConfigurationResponse.Response.Task.TaskId != nil { - conf := tccommon.BuildStateChangeConf([]string{}, []string{"Success"}, 2*tccommon.ReadRetryTimeout, time.Second, service.AssignmentTaskStatusStateRefreshFunc(zoneId, *dismantleRoleConfigurationResponse.Response.Task.TaskId, []string{})) - if _, e := conf.WaitForState(); e != nil { - return e + if dismantleRoleConfigurationResponse == nil || dismantleRoleConfigurationResponse.Response == nil { + return fmt.Errorf("dismantle role assignment response is nil") + } + if dismantleRoleConfigurationResponse.Response.Task == nil { + return fmt.Errorf("dismantle role assignment task is nil") + } + dismantleTask := dismantleRoleConfigurationResponse.Response.Task + + if dismantleTask.TaskStatus != nil && *dismantleTask.TaskStatus == TASK_STATUS_FAILED { + return fmt.Errorf("dismantle role assignment task failed") + } + + if dismantleTask.TaskId == nil { + return fmt.Errorf("dismantle role assignment task id is nil") + } + conf = tccommon.BuildStateChangeConf([]string{}, []string{TASK_STATUS_SUCCESS, TASK_STATUS_FAILED}, 2*tccommon.ReadRetryTimeout, time.Second, service.AssignmentTaskStatusStateRefreshFunc(zoneId, *dismantleTask.TaskId, []string{})) + if object, e := conf.WaitForState(); e != nil { + return e + } else { + taskStatus := object.(*organization.TaskStatus) + if taskStatus.Status != nil && *taskStatus.Status == TASK_STATUS_FAILED { + return fmt.Errorf("dismantle role assignment task failed") } } diff --git a/tencentcloud/services/tco/service_tencentcloud_organization.go b/tencentcloud/services/tco/service_tencentcloud_organization.go index 489f7b52a7..3812e0a486 100644 --- a/tencentcloud/services/tco/service_tencentcloud_organization.go +++ b/tencentcloud/services/tco/service_tencentcloud_organization.go @@ -1613,8 +1613,15 @@ func (me *OrganizationService) AssignmentTaskStatusStateRefreshFunc(zoneId, task return func() (interface{}, string, error) { ctx := tccommon.ContextNil - object, err := me.GetAssignmentTaskStatus(ctx, zoneId, taskId) - + var object *organization.TaskStatus + err := resource.Retry(tccommon.ReadRetryTimeout, func() *resource.RetryError { + result, e := me.GetAssignmentTaskStatus(ctx, zoneId, taskId) + if e != nil { + return tccommon.RetryError(e) + } + object = result + return nil + }) if err != nil { return nil, "", err }