abstract retry_utils and add retry for listener certficate attachment (#1631)

M00nF1sh · web-flow · commit 7b823fbc4672 · 2020-11-10T11:13:06.000-08:00
diff --git a/pkg/deploy/ec2/security_group_manager.go b/pkg/deploy/ec2/security_group_manager.go
@@ -7,11 +7,11 @@ import (
 	ec2sdk "github.com/aws/aws-sdk-go/service/ec2"
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
-	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/aws/services"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/deploy/tracking"
 	ec2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/ec2"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/networking"
+	"sigs.k8s.io/aws-load-balancer-controller/pkg/runtime"
 	"time"
 )
 
@@ -118,19 +118,12 @@ func (m *defaultSecurityGroupManager) Delete(ctx context.Context, sdkSG networki
 		GroupId: awssdk.String(sdkSG.SecurityGroupID),
 	}
 
-	ctx, cancel := context.WithTimeout(ctx, m.waitSGDeletionTimeout)
-	defer cancel()
 	m.logger.Info("deleting securityGroup",
 		"securityGroupID", sdkSG.SecurityGroupID)
-	if err := wait.PollImmediateUntil(m.waitSGDeletionPollInterval, func() (done bool, err error) {
-		if _, err := m.ec2Client.DeleteSecurityGroupWithContext(ctx, req); err != nil {
-			if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "DependencyViolation" {
-				return false, nil
-			}
-			return false, err
-		}
-		return true, nil
-	}, ctx.Done()); err != nil {
+	if err := runtime.RetryImmediateOnError(m.waitSGDeletionPollInterval, m.waitSGDeletionTimeout, isSecurityGroupDependencyViolationError, func() error {
+		_, err := m.ec2Client.DeleteSecurityGroupWithContext(ctx, req)
+		return err
+	}); err != nil {
 		return errors.Wrap(err, "failed to delete securityGroup")
 	}
 	m.logger.Info("deleted securityGroup",
@@ -174,3 +167,11 @@ func buildIPPermissionInfo(permission ec2model.IPPermission) (networking.IPPermi
 	}
 	return networking.IPPermissionInfo{}, errors.New("invalid ipPermission")
 }
+
+func isSecurityGroupDependencyViolationError(err error) bool {
+	var awsErr awserr.Error
+	if errors.As(err, &awsErr) {
+		return awsErr.Code() == "DependencyViolation"
+	}
+	return false
+}
diff --git a/pkg/deploy/ec2/security_group_manager_test.go b/pkg/deploy/ec2/security_group_manager_test.go
@@ -0,0 +1,47 @@
+package ec2
+
+import (
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/pkg/errors"
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func Test_isSecurityGroupDependencyViolationError(t *testing.T) {
+	type args struct {
+		err error
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "is DependencyViolation error",
+			args: args{
+				err: awserr.New("DependencyViolation", "some message", nil),
+			},
+			want: true,
+		},
+		{
+			name: "wraps DependencyViolation error",
+			args: args{
+				err: errors.Wrap(awserr.New("DependencyViolation", "some message", nil), "wrapped message"),
+			},
+			want: true,
+		},
+		{
+			name: "isn't DependencyViolation error",
+			args: args{
+				err: errors.New("some other error"),
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := isSecurityGroupDependencyViolationError(tt.args.err)
+			assert.Equal(t, tt.want, got)
+		})
+	}
+}
diff --git a/pkg/deploy/elbv2/listener_manager.go b/pkg/deploy/elbv2/listener_manager.go
@@ -7,10 +7,13 @@ import (
 	"github.com/go-logr/logr"
 	"github.com/google/go-cmp/cmp"
 	"github.com/google/go-cmp/cmp/cmpopts"
+	"github.com/pkg/errors"
 	"k8s.io/apimachinery/pkg/util/sets"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/aws/services"
 	elbv2equality "sigs.k8s.io/aws-load-balancer-controller/pkg/equality/elbv2"
 	elbv2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
+	"sigs.k8s.io/aws-load-balancer-controller/pkg/runtime"
+	"time"
 )
 
 // ListenerManager is responsible for create/update/delete Listener resources.
@@ -24,8 +27,10 @@ type ListenerManager interface {
 
 func NewDefaultListenerManager(elbv2Client services.ELBV2, logger logr.Logger) *defaultListenerManager {
 	return &defaultListenerManager{
-		elbv2Client: elbv2Client,
-		logger:      logger,
+		elbv2Client:                 elbv2Client,
+		logger:                      logger,
+		waitLSExistencePollInterval: defaultWaitLSExistencePollInterval,
+		waitLSExistenceTimeout:      defaultWaitLSExistenceTimeout,
 	}
 }
 
@@ -35,6 +40,9 @@ var _ ListenerManager = &defaultListenerManager{}
 type defaultListenerManager struct {
 	elbv2Client services.ELBV2
 	logger      logr.Logger
+
+	waitLSExistencePollInterval time.Duration
+	waitLSExistenceTimeout      time.Duration
 }
 
 func (m *defaultListenerManager) Create(ctx context.Context, resLS *elbv2model.Listener) (elbv2model.ListenerStatus, error) {
@@ -56,8 +64,10 @@ func (m *defaultListenerManager) Create(ctx context.Context, resLS *elbv2model.L
 		"resourceID", resLS.ID(),
 		"arn", awssdk.StringValue(sdkLS.ListenerArn))
 
-	if err := m.updateSDKListenerWithExtraCertificates(ctx, resLS, sdkLS, true); err != nil {
-		return elbv2model.ListenerStatus{}, err
+	if err := runtime.RetryImmediateOnError(m.waitLSExistencePollInterval, m.waitLSExistenceTimeout, isListenerNotFoundError, func() error {
+		return m.updateSDKListenerWithExtraCertificates(ctx, resLS, sdkLS, true)
+	}); err != nil {
+		return elbv2model.ListenerStatus{}, errors.Wrap(err, "failed to update extra certificates on listener")
 	}
 	return buildResListenerStatus(sdkLS), nil
 }
diff --git a/pkg/deploy/elbv2/listener_rule_manager.go b/pkg/deploy/elbv2/listener_rule_manager.go
@@ -3,23 +3,17 @@ package elbv2
 import (
 	"context"
 	awssdk "github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/aws/awserr"
 	elbv2sdk "github.com/aws/aws-sdk-go/service/elbv2"
 	"github.com/go-logr/logr"
 	"github.com/google/go-cmp/cmp"
 	"github.com/pkg/errors"
-	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/aws/services"
 	elbv2equality "sigs.k8s.io/aws-load-balancer-controller/pkg/equality/elbv2"
 	elbv2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
+	"sigs.k8s.io/aws-load-balancer-controller/pkg/runtime"
 	"time"
 )
 
-const (
-	defaultWaitLSExistencePollInterval = 2 * time.Second
-	defaultWaitLSExistenceTimeout      = 20 * time.Second
-)
-
 // ListenerRuleManager is responsible for create/update/delete ListenerRule resources.
 type ListenerRuleManager interface {
 	Create(ctx context.Context, resLR *elbv2model.ListenerRule) (elbv2model.ListenerRuleStatus, error)
@@ -54,23 +48,18 @@ func (m *defaultListenerRuleManager) Create(ctx context.Context, resLR *elbv2mod
 		return elbv2model.ListenerRuleStatus{}, err
 	}
 
-	ctx, cancel := context.WithTimeout(ctx, m.waitLSExistenceTimeout)
-	defer cancel()
 	m.logger.Info("creating listener rule",
 		"stackID", resLR.Stack().StackID(),
 		"resourceID", resLR.ID())
 	var sdkLR *elbv2sdk.Rule
-	if err := wait.PollImmediateUntil(m.waitLSExistencePollInterval, func() (done bool, err error) {
+	if err := runtime.RetryImmediateOnError(m.waitLSExistencePollInterval, m.waitLSExistenceTimeout, isListenerNotFoundError, func() error {
 		resp, err := m.elbv2Client.CreateRuleWithContext(ctx, req)
 		if err != nil {
-			if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ListenerNotFound" {
-				return false, nil
-			}
-			return false, err
+			return err
 		}
 		sdkLR = resp.Rules[0]
-		return true, nil
-	}, ctx.Done()); err != nil {
+		return nil
+	}); err != nil {
 		return elbv2model.ListenerRuleStatus{}, errors.Wrap(err, "failed to create listener rule")
 	}
 	m.logger.Info("created listener rule",
diff --git a/pkg/deploy/elbv2/listener_utils.go b/pkg/deploy/elbv2/listener_utils.go
@@ -3,8 +3,16 @@ package elbv2
 import (
 	"context"
 	awssdk "github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
 	elbv2sdk "github.com/aws/aws-sdk-go/service/elbv2"
+	"github.com/pkg/errors"
 	elbv2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
+	"time"
+)
+
+const (
+	defaultWaitLSExistencePollInterval = 2 * time.Second
+	defaultWaitLSExistenceTimeout      = 20 * time.Second
 )
 
 func buildSDKActions(modelActions []elbv2model.Action) ([]*elbv2sdk.Action, error) {
@@ -200,3 +208,11 @@ func buildSDKSourceIpConditionConfig(modelCfg elbv2model.SourceIPConditionConfig
 		Values: awssdk.StringSlice(modelCfg.Values),
 	}
 }
+
+func isListenerNotFoundError(err error) bool {
+	var awsErr awserr.Error
+	if errors.As(err, &awsErr) {
+		return awsErr.Code() == "ListenerNotFound"
+	}
+	return false
+}
diff --git a/pkg/deploy/elbv2/listener_utils_test.go b/pkg/deploy/elbv2/listener_utils_test.go
@@ -0,0 +1,47 @@
+package elbv2
+
+import (
+	"github.com/aws/aws-sdk-go/aws/awserr"
+	"github.com/pkg/errors"
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func Test_isListenerNotFoundError(t *testing.T) {
+	type args struct {
+		err error
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "is ListenerNotFound error",
+			args: args{
+				err: awserr.New("ListenerNotFound", "some message", nil),
+			},
+			want: true,
+		},
+		{
+			name: "wraps ListenerNotFound error",
+			args: args{
+				err: errors.Wrap(awserr.New("ListenerNotFound", "some message", nil), "wrapped message"),
+			},
+			want: true,
+		},
+		{
+			name: "isn't ListenerNotFound error",
+			args: args{
+				err: errors.New("some other error"),
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := isListenerNotFoundError(tt.args.err)
+			assert.Equal(t, tt.want, got)
+		})
+	}
+}
diff --git a/pkg/deploy/elbv2/target_group_manager.go b/pkg/deploy/elbv2/target_group_manager.go
@@ -7,10 +7,10 @@ import (
 	elbv2sdk "github.com/aws/aws-sdk-go/service/elbv2"
 	"github.com/go-logr/logr"
 	"github.com/pkg/errors"
-	"k8s.io/apimachinery/pkg/util/wait"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/aws/services"
 	"sigs.k8s.io/aws-load-balancer-controller/pkg/deploy/tracking"
 	elbv2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
+	"sigs.k8s.io/aws-load-balancer-controller/pkg/runtime"
 	"time"
 )
 
@@ -107,19 +107,12 @@ func (m *defaultTargetGroupManager) Delete(ctx context.Context, sdkTG TargetGrou
 		TargetGroupArn: sdkTG.TargetGroup.TargetGroupArn,
 	}
 
-	ctx, cancel := context.WithTimeout(ctx, m.waitTGDeletionTimeout)
-	defer cancel()
 	m.logger.Info("deleting targetGroup",
 		"arn", awssdk.StringValue(req.TargetGroupArn))
-	if err := wait.PollImmediateUntil(m.waitTGDeletionPollInterval, func() (done bool, err error) {
-		if _, err := m.elbv2Client.DeleteTargetGroupWithContext(ctx, req); err != nil {
-			if awsErr, ok := err.(awserr.Error); ok && awsErr.Code() == "ResourceInUse" {
-				return false, nil
-			}
-			return false, err
-		}
-		return true, nil
-	}, ctx.Done()); err != nil {
+	if err := runtime.RetryImmediateOnError(m.waitTGDeletionPollInterval, m.waitTGDeletionTimeout, isTargetGroupResourceInUseError, func() error {
+		_, err := m.elbv2Client.DeleteTargetGroupWithContext(ctx, req)
+		return err
+	}); err != nil {
 		return errors.Wrap(err, "failed to delete targetGroup")
 	}
 	m.logger.Info("deleted targetGroup",
@@ -248,3 +241,11 @@ func buildResTargetGroupStatus(sdkTG TargetGroupWithTags) elbv2model.TargetGroup
 		TargetGroupARN: awssdk.StringValue(sdkTG.TargetGroup.TargetGroupArn),
 	}
 }
+
+func isTargetGroupResourceInUseError(err error) bool {
+	var awsErr awserr.Error
+	if errors.As(err, &awsErr) {
+		return awsErr.Code() == "ResourceInUse"
+	}
+	return false
+}
diff --git a/pkg/deploy/elbv2/target_group_manager_test.go b/pkg/deploy/elbv2/target_group_manager_test.go
@@ -2,7 +2,9 @@ package elbv2
 
 import (
 	awssdk "github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
 	elbv2sdk "github.com/aws/aws-sdk-go/service/elbv2"
+	"github.com/pkg/errors"
 	"github.com/stretchr/testify/assert"
 	"k8s.io/apimachinery/pkg/util/intstr"
 	elbv2model "sigs.k8s.io/aws-load-balancer-controller/pkg/model/elbv2"
@@ -510,3 +512,42 @@ func Test_buildResTargetGroupStatus(t *testing.T) {
 		})
 	}
 }
+
+func Test_isTargetGroupResourceInUseError(t *testing.T) {
+	type args struct {
+		err error
+	}
+	tests := []struct {
+		name string
+		args args
+		want bool
+	}{
+		{
+			name: "is ResourceInUse error",
+			args: args{
+				err: awserr.New("ResourceInUse", "some message", nil),
+			},
+			want: true,
+		},
+		{
+			name: "wraps ResourceInUse error",
+			args: args{
+				err: errors.Wrap(awserr.New("ResourceInUse", "some message", nil), "wrapped message"),
+			},
+			want: true,
+		},
+		{
+			name: "isn't ResourceInUse error",
+			args: args{
+				err: errors.New("some other error"),
+			},
+			want: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := isTargetGroupResourceInUseError(tt.args.err)
+			assert.Equal(t, tt.want, got)
+		})
+	}
+}
diff --git a/pkg/runtime/retry_utils.go b/pkg/runtime/retry_utils.go
@@ -0,0 +1,20 @@
+package runtime
+
+import (
+	"k8s.io/apimachinery/pkg/util/wait"
+	"time"
+)
+
+// RetryImmediateOnError tries to run fn every interval until it succeeds, a non-retryable error occurs or the timeout is reached.
+func RetryImmediateOnError(interval time.Duration, timeout time.Duration, retryable func(error) bool, fn func() error) error {
+	return wait.PollImmediate(interval, timeout, func() (bool, error) {
+		err := fn()
+		if err != nil {
+			if retryable(err) {
+				return false, nil
+			}
+			return false, err
+		}
+		return true, nil
+	})
+}
diff --git a/pkg/runtime/retry_utils_test.go b/pkg/runtime/retry_utils_test.go
