feat(ip) - add ovh_ip_move resource to move an IP to a provided service name or park it if no service name given

[julianguinard]

Description

This adds a new add ovh_ip_move resource to move an IP to a provided service name or park it if empty service is given.

It relies on the following APIV6 routes:

• https://api.ovh.com/console/#/ip/service/%7BserviceName%7D~GET
• https://api.ovh.com/console/#/ip/%7Bip%7D/task/%7BtaskId%7D~GET
• https://api.ovh.com/console/#/ip/%7Bip%7D/move~POST
• https://api.ovh.com/console/#/ip/%7Bip%7D/park~POST

taken resource ID is the move task ID if available, or the IP itself otherwise

Moving/parking process:

• if there is an IpTask recorded in the resource state, we try to wait for it to be finished until it is considered expired
• after having waited until previous task expiration or completion, do the move only if the current service is different from the one given in the inputs

Type of change

• New feature (non-breaking change which adds functionality)
• Documentation update

How Has This Been Tested?

• Test :

make testacc TESTARGS="-run TestAccIpMove_basic"`
=== RUN   TestAccIpMove_basic
--- PASS: TestAccIpMove_basic (108.21s)
PASS

Test Configuration:

• Terraform version: terraform version: Terraform v1.2.9
• Existing HCL configuration you used:

Attaching an IP to a service

resource "ovh_ip_move" "move" {
    ip = "X.X.X.X/32"
    routed_to {
      service_name = "loadbalancer-YYYYYYYY"
    }
}

Then parking the same IP

resource "ovh_ip_move" "move" {
    ip = "X.X.X.X/32"
    routed_to {
      service_name = ""
    }
}

Checklist:

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have added acceptance tests that prove my fix is effective or that my feature works
• New and existing acceptance tests pass locally with my changes

[Stoakes]

Personal opinion, but I feel that naming could be improved. Move is an action verb. It doesn't feel right once it is applied.

What about something like ovh_ip_association ? Disclaimer, 100% inspired by aws_eip_association

[scraly]

The naming of the resource and datasource depends of the API endpoint you call :-)

endpoint := fmt.Sprintf("/ip/%s/move",

So, depending of the API scheme, ovh_ip_move is a good name.
If we want another name, we have to think it when we create the API endpoint :).

[amstuta]

Suggested change

	const WaitingTimeInSecondsBeforeRefreshState = 10
	const waitingTimeInSecondsBeforeRefreshState = 10

I think it doesn't need to be exported

[amstuta]

comment does not seem related to the code ? (from what I understand FromResource func doesn't check that)

[julianguinard]

right, check is done later down the road.
will move comment to l163

[amstuta]

needs to be url.PathEscape'd

[julianguinard]

but ipTask.TaskId is an int64, not a string (see %d formatter)

[amstuta]

my bad, read too fast :)

[amstuta]

I think this error should be checked and we should return immediately if it's not nil: if the task doesn't exist anymore for example, I think we shouldn't retry.

What do you think ?

[julianguinard]

in some instances such as a gone task it might make sense to indeed return error immediately. We can possibly do this by verifying ipTask nillity at the very beginning of recursiveWaitTaskFinished, which would achieve a similar behavior

In other cases though (network error, temporary server error, etc...) stopping the whole plan is not relevant nor wanted, and we would rather retry recursively

[amstuta]

seems ok as a workaround, but IMO a better solution is to verify the error response like it's done in func resourceIpServiceReadByServiceName (with type assertion err.(*ovh.APIError) + status check)

[amstuta]

shouldn't it be != nil instead ? Otherwise you will hide the underlying error, for example in case your task has a status IpTaskStatusOvhError.

Additionally, it would be preferable to avoid this defer to ease readability :)

[julianguinard]

I will replace the whole method body to the following as I realize that go 1.20 introduced a way of joining errors, which is actually what I was ultimately willing to achieve so we are aware of both potential Set error and/or recursiveWaitTaskFinished() error

finishedWithSuccess, err = recursiveWaitTaskFinished(d, meta, ipTask, ip, opts)
errSet := d.Set("task_status", ipTask.Status)

return finishedWithSuccess, errors.Join(err, errSet)

[amstuta]

Suggested change

	* `service_name`: service name in the form of `ip-<part-1>.<part-2>.<part-3>.<part-4>`
	* `service_name`: Service name in the form of `ip-<part-1>.<part-2>.<part-3>.<part-4>`

[amstuta]

Suggested change

	* `ip` - ip block
	* `ip` - IP block

[amstuta]

Suggested change

	* `description` - description attached to the IP
	* `description` - Description attached to the IP

[amstuta]

Suggested change

	* `country` - country
	* `country` - Country

[amstuta]

Suggested change

	* `can_be_terminated` - can be terminated
	* `can_be_terminated` - Whether IP service can be terminated

[amstuta]

seems ok as a workaround, but IMO a better solution is to verify the error response like it's done in func resourceIpServiceReadByServiceName (with type assertion err.(*ovh.APIError) + status check)

[amstuta]

final request, can you add a pipeline in https://github.com/ovh/terraform-provider-ovh/blob/master/.cds/terraform-provider-ovh.yml ? So that your test is run in the CI