Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

resource/aws_s3_bucket: Retry on GetBucketTagging 404 Errors #13009

Merged
merged 1 commit into from
Aug 30, 2021
Merged

resource/aws_s3_bucket: Retry on GetBucketTagging 404 Errors #13009

merged 1 commit into from
Aug 30, 2021

Conversation

camlow325
Copy link
Contributor

Community Note

  • Please vote on this pull request by adding a 👍 reaction to the original pull request comment to help the community and maintainers prioritize this request
  • Please do not leave "+1" or other comments that do not add relevant new information or questions, they generate extra noise for pull request followers and do not help prioritize the request

Closes #13008

Release note for CHANGELOG:

* resource/aws_s3_bucket: Retry on GetBucketTagging 404 errors due to eventual consistency ([#13008](https://github.com/terraform-providers/terraform-provider-aws/issues/13008))

The AWS S3 service has eventual consistency considerations. If a
GetBucketTagging call is made to obtain tags just after an S3 bucket is
first created, AWS may return an HTTP 404 (NotFound) error with a
NoSuchBucket error code.

A fix was added for this in #12418. It appears that the NoSuchBucket
errors are not retried with this fix, however. This commit adds some
extra logic which ensures that the code from the awserr.Error instance
is evaluated for retry.

Output for acceptance testing:

> make testacc TEST=./aws TESTARGS='-run=TestAccAWSS3Bucket_'
...
--- PASS: TestAccAWSS3Bucket_shouldFailNotFound (22.93s)
--- PASS: TestAccAWSS3Bucket_LifecycleRule_Expiration_EmptyConfigurationBlock (38.71s)
--- PASS: TestAccAWSS3Bucket_forceDestroyWithEmptyPrefixes (40.46s)
--- PASS: TestAccAWSS3Bucket_forceDestroy (40.47s)
--- PASS: TestAccAWSS3Bucket_enableDefaultEncryption_whenAES256IsUsed (45.72s)
--- PASS: TestAccAWSS3Bucket_basic (45.79s)
--- PASS: TestAccAWSS3Bucket_forceDestroyWithObjectLockEnabled (47.59s)
--- PASS: TestAccAWSS3Bucket_ReplicationExpectVersioningValidationError (51.85s)
--- PASS: TestAccAWSS3Bucket_LifecycleBasic (95.95s)
--- PASS: TestAccAWSS3Bucket_LifecycleExpireMarkerOnly (69.16s)
--- PASS: TestAccAWSS3Bucket_enableDefaultEncryption_whenTypical (71.63s)
--- PASS: TestAccAWSS3Bucket_objectLock (74.52s)
--- PASS: TestAccAWSS3Bucket_disableDefaultEncryption_whenDefaultEncryptionIsEnabled (75.75s)
--- PASS: TestAccAWSS3Bucket_region (42.47s)
--- PASS: TestAccAWSS3Bucket_ReplicationWithoutPrefix (96.80s)
--- PASS: TestAccAWSS3Bucket_WebsiteRoutingRules (77.87s)
--- PASS: TestAccAWSS3Bucket_Versioning (106.51s)
--- PASS: TestAccAWSS3Bucket_UpdateGrant (110.50s)
--- PASS: TestAccAWSS3Bucket_GrantToAcl (71.89s)
--- PASS: TestAccAWSS3Bucket_AclToGrant (72.06s)
--- PASS: TestAccAWSS3Bucket_generatedName (47.42s)
--- PASS: TestAccAWSS3Bucket_UpdateAcl (74.86s)
--- PASS: TestAccAWSS3Bucket_namePrefix (44.58s)
--- PASS: TestAccAWSS3Bucket_RequestPayer (75.62s)
--- PASS: TestAccAWSS3Bucket_ReplicationWithoutStorageClass (97.00s)
--- PASS: TestAccAWSS3Bucket_Cors_EmptyOrigin (47.36s)
--- PASS: TestAccAWSS3Bucket_WebsiteRedirect (109.43s)
--- PASS: TestAccAWSS3Bucket_Website_Simple (109.41s)
--- PASS: TestAccAWSS3Bucket_ReplicationConfiguration_Rule_Destination_AddAccessControlTranslation (152.76s)
--- PASS: TestAccAWSS3Bucket_acceleration (81.59s)
--- PASS: TestAccAWSS3Bucket_Cors_Delete (36.58s)
--- PASS: TestAccAWSS3Bucket_Bucket_EmptyString (44.94s)
--- PASS: TestAccAWSS3Bucket_Logging (66.26s)
--- PASS: TestAccAWSS3Bucket_Policy (104.79s)
--- PASS: TestAccAWSS3Bucket_ReplicationConfiguration_Rule_Destination_AccessControlTranslation (176.75s)
--- PASS: TestAccAWSS3Bucket_Cors_Update (71.71s)
--- PASS: TestAccAWSS3Bucket_tagsWithNoSystemTags (135.94s)
--- PASS: TestAccAWSS3Bucket_tagsWithSystemTags (168.39s)
--- PASS: TestAccAWSS3Bucket_Replication (270.65s)
--- PASS: TestAccAWSS3Bucket_ReplicationSchemaV2 (273.25s)

@camlow325 camlow325 requested a review from a team April 24, 2020 21:05
@ghost ghost added needs-triage Waiting for first response or review from a maintainer. size/XS Managed by automation to categorize the size of a PR. service/s3 Issues and PRs that pertain to the s3 service. labels Apr 24, 2020
@ewbankkit
Copy link
Contributor

@camlow325 Thanks for addressing this.
It may make sense to move that errors.As check into retryOnAwsCode (and use the isAWSErr helper) as I can see this having more general application with other wrapped errors - #12991.

@bflad What do you think?

@bflad
Copy link
Contributor

bflad commented Apr 28, 2020

I would suggest hoisting the errors.As unwrapping fix into the retryOnAwsCode() function itself. 👍

@bflad bflad added bug Addresses a defect in current functionality. and removed needs-triage Waiting for first response or review from a maintainer. labels Apr 28, 2020
@bflad
Copy link
Contributor

bflad commented Apr 28, 2020

Looks like this may also close #12907

@ewbankkit
Copy link
Contributor

@camlow325 Changing

https://github.com/terraform-providers/terraform-provider-aws/blob/33b3d2d55d68cbe558ebcb10df7f85e0a35b6a72/aws/awserr.go#L42-L47

to

		if err != nil {
			var awsErr awserr.Error
			if errors.As(err, &awsErr) && awsErr.Code() == code {
				return resource.RetryableError(err)
			}
			return resource.NonRetryableError(err)

should do the trick.

@ewbankkit
Copy link
Contributor

I think you can also remove RetryOnAwsCodes as it doesn't seem to be called anywhere.

@camlow325 camlow325 force-pushed the fix_retry_for_tag_update_after_s3_bucket_creation branch from c71ed14 to d4d2d85 Compare April 28, 2020 13:45
@ghost ghost added the provider Pertains to the provider itself, rather than any interaction with AWS. label Apr 28, 2020
@camlow325
Copy link
Contributor Author

Thanks, @bflad and @ewbankkit. I updated the PR to use the isAWSErr() function from retryOnAwsCode() in order to have errors.As() be used to unwrap any nested awserr.Error instances from the error object. That seems to work well for having retries be done for GetBucketTagging 404 errors and the S3 bucket tests still pass with it as well. I also removed the RetryOnAwsCodes function that no longer appears to be used anywhere.

@ewbankkit
Copy link
Contributor

Closes #12652.
Closes #12907.

This was referenced May 19, 2020
Closed
Closed
This was referenced May 26, 2020
Merged
Merged
jhixson74 added a commit to jhixson74/installer that referenced this pull request May 27, 2020
@jhixson74
vendor: use openshift fork of terraform-provider-aws and bump to v2.60.0
44b5511 
This is to address the "NoSuchBucket: The specified bucket does not exist"
error as explained in https://bugzilla.redhat.com/show_bug.cgi?id=1759617 and
many other similar bugs. This bug has been "fixed" several times over the
years, yet it continues to rear its ugly self. The ultimate problem is a race
condition with S3 eventual consistency. As described in the bug above, the
bucket does not yet exist when trying to reference tags. The openshift fork
that this commit references, contains an upstream patch as described in
hashicorp/terraform-provider-aws#13009 that
should address this issue.
jhixson74 added a commit to jhixson74/installer that referenced this pull request May 28, 2020
@jhixson74
vendor: use openshift fork of terraform-provider-aws and bump to v2.60.0
4cd576b 
This is to address the "NoSuchBucket: The specified bucket does not exist"
error as explained in https://bugzilla.redhat.com/show_bug.cgi?id=1759617 and
many other similar bugs. This bug has been "fixed" several times over the
years, yet it continues to rear its ugly self. The ultimate problem is a race
condition with S3 eventual consistency. As described in the bug above, the
bucket does not yet exist when trying to reference tags. The openshift fork
that this commit references, contains an upstream patch as described in
hashicorp/terraform-provider-aws#13009 that
should address this issue.
@bpiper
Copy link

bpiper commented Aug 6, 2020

Just curious if there's anything stopping this PR from being approved/merged? Since it's been sitting inactive for several months and may fix a couple of very annoying issues.

@shuheiktgw shuheiktgw mentioned this pull request Jan 17, 2021
Closed
Base automatically changed from master to main January 23, 2021 00:57
@breathingdust breathingdust requested a review from a team as a code owner January 23, 2021 00:57
@camlow325 @ewbankkit
resource/aws_s3_bucket: Retry on GetBucketTagging 404 Errors
2c34a42 
References:
* hashicorp#13008

The AWS S3 service has eventual consistency considerations. If a
GetBucketTagging call is made to obtain tags just after an S3 bucket is
first created, AWS may return an HTTP 404 (NotFound) error with a
NoSuchBucket error code.

A fix was added for this in hashicorp#12418. It appears that the NoSuchBucket
errors are not retried with this fix, however. This commit adds some
extra logic which ensures that the code from the awserr.Error instance
is evaluated for retry.

Output for acceptance testing:

```
> make testacc TEST=./aws TESTARGS='-run=TestAccAWSS3Bucket_'
...
--- PASS: TestAccAWSS3Bucket_shouldFailNotFound (22.93s)
--- PASS: TestAccAWSS3Bucket_LifecycleRule_Expiration_EmptyConfigurationBlock (38.71s)
--- PASS: TestAccAWSS3Bucket_forceDestroyWithEmptyPrefixes (40.46s)
--- PASS: TestAccAWSS3Bucket_forceDestroy (40.47s)
--- PASS: TestAccAWSS3Bucket_enableDefaultEncryption_whenAES256IsUsed (45.72s)
--- PASS: TestAccAWSS3Bucket_basic (45.79s)
--- PASS: TestAccAWSS3Bucket_forceDestroyWithObjectLockEnabled (47.59s)
--- PASS: TestAccAWSS3Bucket_ReplicationExpectVersioningValidationError (51.85s)
--- PASS: TestAccAWSS3Bucket_LifecycleBasic (95.95s)
--- PASS: TestAccAWSS3Bucket_LifecycleExpireMarkerOnly (69.16s)
--- PASS: TestAccAWSS3Bucket_enableDefaultEncryption_whenTypical (71.63s)
--- PASS: TestAccAWSS3Bucket_objectLock (74.52s)
--- PASS: TestAccAWSS3Bucket_disableDefaultEncryption_whenDefaultEncryptionIsEnabled (75.75s)
--- PASS: TestAccAWSS3Bucket_region (42.47s)
--- PASS: TestAccAWSS3Bucket_ReplicationWithoutPrefix (96.80s)
--- PASS: TestAccAWSS3Bucket_WebsiteRoutingRules (77.87s)
--- PASS: TestAccAWSS3Bucket_Versioning (106.51s)
--- PASS: TestAccAWSS3Bucket_UpdateGrant (110.50s)
--- PASS: TestAccAWSS3Bucket_GrantToAcl (71.89s)
--- PASS: TestAccAWSS3Bucket_AclToGrant (72.06s)
--- PASS: TestAccAWSS3Bucket_generatedName (47.42s)
--- PASS: TestAccAWSS3Bucket_UpdateAcl (74.86s)
--- PASS: TestAccAWSS3Bucket_namePrefix (44.58s)
--- PASS: TestAccAWSS3Bucket_RequestPayer (75.62s)
--- PASS: TestAccAWSS3Bucket_ReplicationWithoutStorageClass (97.00s)
--- PASS: TestAccAWSS3Bucket_Cors_EmptyOrigin (47.36s)
--- PASS: TestAccAWSS3Bucket_WebsiteRedirect (109.43s)
--- PASS: TestAccAWSS3Bucket_Website_Simple (109.41s)
--- PASS: TestAccAWSS3Bucket_ReplicationConfiguration_Rule_Destination_AddAccessControlTranslation (152.76s)
--- PASS: TestAccAWSS3Bucket_acceleration (81.59s)
--- PASS: TestAccAWSS3Bucket_Cors_Delete (36.58s)
--- PASS: TestAccAWSS3Bucket_Bucket_EmptyString (44.94s)
--- PASS: TestAccAWSS3Bucket_Logging (66.26s)
--- PASS: TestAccAWSS3Bucket_Policy (104.79s)
--- PASS: TestAccAWSS3Bucket_ReplicationConfiguration_Rule_Destination_AccessControlTranslation (176.75s)
--- PASS: TestAccAWSS3Bucket_Cors_Update (71.71s)
--- PASS: TestAccAWSS3Bucket_tagsWithNoSystemTags (135.94s)
--- PASS: TestAccAWSS3Bucket_tagsWithSystemTags (168.39s)
--- PASS: TestAccAWSS3Bucket_Replication (270.65s)
--- PASS: TestAccAWSS3Bucket_ReplicationSchemaV2 (273.25s)
```
@ewbankkit ewbankkit force-pushed the fix_retry_for_tag_update_after_s3_bucket_creation branch from d4d2d85 to 2c34a42 Compare August 30, 2021 11:54
@github-actions github-actions bot removed the service/s3 Issues and PRs that pertain to the s3 service. label Aug 30, 2021
@github-actions github-actions bot added size/S Managed by automation to categorize the size of a PR. and removed size/XS Managed by automation to categorize the size of a PR. labels Aug 30, 2021
@ewbankkit ewbankkit merged commit ac372ba into hashicorp:main Aug 30, 2021
@github-actions github-actions bot added this to the v3.57.0 milestone Aug 30, 2021
@github-actions
Copy link

github-actions bot commented Sep 2, 2021

This functionality has been released in v3.57.0 of the Terraform AWS Provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading.

For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template. Thank you!

@github-actions
Copy link

I'm going to lock this pull request because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems related to this change, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Jun 23, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
bug Addresses a defect in current functionality. provider Pertains to the provider itself, rather than any interaction with AWS. size/S Managed by automation to categorize the size of a PR.
Projects
None yet
Milestone
v3.57.0
Development

Successfully merging this pull request may close these issues.

aws_s3_bucket create fails with NoSuchBucket error listing resource tags
4 participants
@camlow325 @ewbankkit @bflad @bpiper