fix sg sweeper (#958)

Author: hellertang

tencentcloud/common.go

@@ -31,6 +31,8 @@ const logIdKey = contextLogId("logId")
 const (
 	PROVIDER_READ_RETRY_TIMEOUT  = "TENCENTCLOUD_READ_RETRY_TIMEOUT"
 	PROVIDER_WRITE_RETRY_TIMEOUT = "TENCENTCLOUD_WRITE_RETRY_TIMEOUT"
+
+	SWEEPER_NEED_PROTECT = "SWEEPER_NEED_PROTECT"
 )
 
 var logFirstTime = ""
@@ -46,6 +48,9 @@ var readRetryTimeout = time.Duration(readRetry) * time.Minute
 var writeRetry = getEnvDefault(PROVIDER_WRITE_RETRY_TIMEOUT, 5)
 var writeRetryTimeout = time.Duration(writeRetry) * time.Minute
 
+//const writeRetryTimeout = 5 * time.Minute
+var needProtect = getEnvDefault(SWEEPER_NEED_PROTECT, 0)
+
 // InternalError common internalError, do not add in retryableErrorCode,
 // because when some product return this error, retry won't fix anything.
 const InternalError = "InternalError"

tencentcloud/resource_tc_ccn_test.go

@@ -3,13 +3,67 @@ package tencentcloud
 import (
 	"context"
 	"fmt"
+	"log"
+	"strings"
 	"testing"
 	"time"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
 )
 
+func init() {
+	resource.AddTestSweepers("tencentcloud_ccn", &resource.Sweeper{
+		Name: "tencentcloud_ccn",
+		F:    testSweepCcnInstance,
+	})
+}
+
+func testSweepCcnInstance(region string) error {
+	logId := getLogId(contextNil)
+	ctx := context.WithValue(context.TODO(), logIdKey, logId)
+
+	sharedClient, err := sharedClientForRegion(region)
+	if err != nil {
+		return fmt.Errorf("getting tencentcloud client error: %s", err.Error())
+	}
+	client := sharedClient.(*TencentCloudClient)
+
+	vpcService := VpcService{
+		client: client.apiV3Conn,
+	}
+
+	instances, err := vpcService.DescribeCcns(ctx, "", "")
+	if err != nil {
+		return fmt.Errorf("get instance list error: %s", err.Error())
+	}
+
+	for _, v := range instances {
+		instanceId := v.ccnId
+		instanceName := v.name
+
+		now := time.Now()
+
+		createTime := stringTotime(v.createTime)
+		interval := now.Sub(createTime).Minutes()
+		if instanceName != "" {
+			if strings.HasPrefix(instanceName, keepResource) || strings.HasPrefix(instanceName, defaultResource) {
+				continue
+			}
+		}
+
+		// less than 30 minute, not delete
+		if needProtect == 1 && int64(interval) < 30 {
+			continue
+		}
+
+		if err = vpcService.DeleteCcn(ctx, instanceId); err != nil {
+			log.Printf("[ERROR] sweep instance %s error: %s", instanceId, err.Error())
+		}
+	}
+	return nil
+}
+
 func TestAccTencentCloudCcnV3Basic(t *testing.T) {
 	t.Parallel()
 	keyName := "tencentcloud_ccn.main"

tencentcloud/resource_tc_clb_instance_test.go

@@ -56,7 +56,7 @@ func testSweepClbInstance(region string) error {
 				continue
 			}
 			// less than 30 minute, not delete
-			if int64(interval) < 30 {
+			if needProtect == 1 && int64(interval) < 30 {
 				continue
 			}
 			if err := service.DeleteLoadBalancerById(ctx, id); err != nil {

tencentcloud/resource_tc_eip_test.go

@@ -55,7 +55,7 @@ func testSweepEipInstance(region string) error {
 		}
 
 		// less than 30 minute, not delete
-		if int64(interval) < 30 {
+		if needProtect == 1 && int64(interval) < 30 {
 			continue
 		}
 

tencentcloud/resource_tc_eni_test.go

@@ -54,7 +54,7 @@ func testSweepEniInstance(region string) error {
 		}
 
 		// less than 30 minute, not delete
-		if int64(interval) < 30 {
+		if needProtect == 1 && int64(interval) < 30 {
 			continue
 		}
 

tencentcloud/resource_tc_nat_gateway_test.go

@@ -54,7 +54,7 @@ func testSweepNatInstance(region string) error {
 		}
 
 		// less than 30 minute, not delete
-		if int64(interval) < 30 {
+		if needProtect == 1 && int64(interval) < 30 {
 			continue
 		}
 

tencentcloud/resource_tc_security_group_test.go

@@ -6,9 +6,7 @@ import (
 	"log"
 	"strings"
 	"testing"
-
-	vpc "github.com/tencentcloud/tencentcloud-sdk-go/tencentcloud/vpc/v20170312"
-	"github.com/tencentcloudstack/terraform-provider-tencentcloud/tencentcloud/internal/helper"
+	"time"
 
 	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/terraform"
@@ -35,10 +33,7 @@ func testSweepSecurityGroups(region string) error {
 		client: client.apiV3Conn,
 	}
 
-	sgs, err := service.DescribeSecurityGroups(ctx, nil, helper.String(NamePrefix), nil, nil)
-	var sgIds []*string
-	var candidates []string
-	var referredSgs = make(map[string][]*string, 0)
+	sgs, err := service.DescribeSecurityGroups(ctx, nil, nil, nil, nil)
 
 	if err != nil {
 		return fmt.Errorf("DescribeSecurityGroups error: %s", err.Error())
@@ -47,43 +42,25 @@ func testSweepSecurityGroups(region string) error {
 	for _, v := range sgs {
 		name := *v.SecurityGroupName
 		id := *v.SecurityGroupId
-		sgIds = append(sgIds, v.SecurityGroupId)
-		if !strings.HasPrefix(name, NamePrefix) {
-			continue
-		}
-		candidates = append(candidates, id)
-
-	}
 
-	refReq := vpc.NewDescribeSecurityGroupReferencesRequest()
-	refReq.SecurityGroupIds = sgIds
+		now := time.Now()
+		createTime := stringTotime(*v.CreatedTime)
+		interval := now.Sub(createTime).Minutes()
 
-	refRes, err := client.apiV3Conn.UseVpcClient().DescribeSecurityGroupReferences(refReq)
-	if err != nil {
-		return fmt.Errorf("DescribeSecurityGroupReferences error: %s", err.Error())
-	}
-	for _, v := range refRes.Response.ReferredSecurityGroupSet {
-		if len(v.ReferredSecurityGroupIds) > 0 {
-			referredSgs[*v.SecurityGroupId] = v.ReferredSecurityGroupIds
+		if strings.HasPrefix(name, keepResource) || strings.HasPrefix(name, defaultResource) {
+			continue
 		}
-	}
-
-	res, err := service.DescribeSecurityGroupsAssociate(ctx, candidates)
-	if err != nil {
-		return fmt.Errorf("DescribeSecurityGroupsAssociate error: %s", err.Error())
-	}
 
-	for _, v := range res {
-		id := *v.SecurityGroupId
-
-		if *v.TotalCount > 0 || len(referredSgs[id]) > 0 {
+		// less than 30 minute, not delete
+		if needProtect == 1 && int64(interval) < 30 {
 			continue
 		}
 
 		if err := service.DeleteSecurityGroup(ctx, id); err != nil {
 			log.Printf("[ERROR] sweep security group %s error: %s", id, err.Error())
 		}
 	}
+
 	return nil
 }
 

tencentcloud/resource_tc_vpc_test.go

@@ -51,7 +51,7 @@ func testSweepVpcInstance(region string) error {
 			continue
 		}
 		// less than 30 minute, not delete
-		if int64(interval) < 30 {
+		if needProtect == 1 && int64(interval) < 30 {
 			continue
 		}