From afbc4bba8fae7c5a4e142250e253db188536d7ec Mon Sep 17 00:00:00 2001 From: The Magician Date: Wed, 8 Jan 2020 14:05:15 -0800 Subject: [PATCH] Inspec storage (#5347) * Use more markdown for Bug * Consistently use sentences for each bullet * Rewrite bug reproduction block * Allow domain mapping to succeed if DNS is pending Signed-off-by: Modular Magician * Updated google_folder.html (#4149) * Updated google_folder.html The page in the first example shows that you should use organization_id with value of 1234567. In the Import example, it's not clear whether organization_id is user, or folder_id is used. API call behind this import command is only accepting folder_id (can be checked when setting TF_LOG to trace and viewing the API call) * Update website/docs/r/google_folder.html.markdown Co-Authored-By: Dana Hoffman Co-authored-by: Dana Hoffman * add google_kms_secret_ciphertext resource, deprecate datasource (#5314) Signed-off-by: Modular Magician Co-authored-by: Dana Hoffman * Allow add/removing Bigtable clusters (#5318) Signed-off-by: Modular Magician Co-authored-by: Riley Karson * Add bootstrapped test networks for service networking tests (#5316) Signed-off-by: Modular Magician Co-authored-by: emily * Update CHANGELOG.md * fix docs for google_bigquery_default_service_account (#5329) Signed-off-by: Modular Magician Co-authored-by: Martin Nowak * Nil return for absent Bigtable resources (#5331) Signed-off-by: Modular Magician Co-authored-by: Brian Hildebrandt * add lifecycle_config to dataproc_cluster.cluster_config Signed-off-by: Modular Magician * Add warnings about custom role format for IAM bindings (#5335) Signed-off-by: Modular Magician Co-authored-by: emily * Add mutex to peering create (#5338) Signed-off-by: Modular Magician Co-authored-by: emily * Inspec storage (#2932) Merged PR #2932. Co-authored-by: Josh Soref Co-authored-by: Chris Stephens Co-authored-by: Petar Marinkovic <13387474+marinkovicpetar@users.noreply.github.com> Co-authored-by: Dana Hoffman Co-authored-by: megan07 Co-authored-by: Riley Karson Co-authored-by: emily Co-authored-by: Paddy Co-authored-by: Martin Nowak Co-authored-by: Brian Hildebrandt --- .changelog/2932.txt | 3 ++ google/resource_compute_network_peering.go | 33 ++++++++++++++++------ 2 files changed, 28 insertions(+), 8 deletions(-) create mode 100644 .changelog/2932.txt diff --git a/.changelog/2932.txt b/.changelog/2932.txt new file mode 100644 index 00000000000..b1f54dc22e6 --- /dev/null +++ b/.changelog/2932.txt @@ -0,0 +1,3 @@ +```release-note:REPLACEME + +``` diff --git a/google/resource_compute_network_peering.go b/google/resource_compute_network_peering.go index 9f533a296f4..845ed1c065d 100644 --- a/google/resource_compute_network_peering.go +++ b/google/resource_compute_network_peering.go @@ -73,10 +73,22 @@ func resourceComputeNetworkPeeringCreate(d *schema.ResourceData, meta interface{ if err != nil { return err } + peerNetworkFieldValue, err := ParseNetworkFieldValue(d.Get("peer_network").(string), d, config) + if err != nil { + return err + } request := &computeBeta.NetworksAddPeeringRequest{} request.NetworkPeering = expandNetworkPeering(d) + // Only one peering operation at a time can be performed for a given network. + // Lock on both networks, sorted so we don't deadlock for A <--> B peering pairs. + peeringLockNames := sortedNetworkPeeringMutexKeys(networkFieldValue, peerNetworkFieldValue) + for _, kn := range peeringLockNames { + mutexKV.Lock(kn) + defer mutexKV.Unlock(kn) + } + addOp, err := config.clientComputeBeta.Networks.AddPeering(networkFieldValue.Project, networkFieldValue.Name, request).Do() if err != nil { return fmt.Errorf("Error adding network peering: %s", err) @@ -139,10 +151,13 @@ func resourceComputeNetworkPeeringDelete(d *schema.ResourceData, meta interface{ Name: name, } - // Only one delete peering operation at a time can be performed inside any peered VPCs. - peeringLockName := getNetworkPeeringLockName(networkFieldValue.Name, peerNetworkFieldValue.Name) - mutexKV.Lock(peeringLockName) - defer mutexKV.Unlock(peeringLockName) + // Only one peering operation at a time can be performed for a given network. + // Lock on both networks, sorted so we don't deadlock for A <--> B peering pairs. + peeringLockNames := sortedNetworkPeeringMutexKeys(networkFieldValue, peerNetworkFieldValue) + for _, kn := range peeringLockNames { + mutexKV.Lock(kn) + defer mutexKV.Unlock(kn) + } removeOp, err := config.clientCompute.Networks.RemovePeering(networkFieldValue.Project, networkFieldValue.Name, request).Do() if err != nil { @@ -177,13 +192,15 @@ func expandNetworkPeering(d *schema.ResourceData) *computeBeta.NetworkPeering { } } -func getNetworkPeeringLockName(networkName, peerNetworkName string) string { +func sortedNetworkPeeringMutexKeys(networkName, peerNetworkName *GlobalFieldValue) []string { // Whether you delete the peering from network A to B or the one from B to A, they // cannot happen at the same time. - networks := []string{networkName, peerNetworkName} + networks := []string{ + fmt.Sprintf("%s/peerings", networkName.RelativeLink()), + fmt.Sprintf("%s/peerings", peerNetworkName.RelativeLink()), + } sort.Strings(networks) - - return fmt.Sprintf("network_peering/%s/%s", networks[0], networks[1]) + return networks } func resourceComputeNetworkPeeringImport(d *schema.ResourceData, meta interface{}) ([]*schema.ResourceData, error) {