search

vmware / terraform-provider-vcd

Terraform VMware Cloud Director provider
https://www.terraform.io/docs/providers/vcd/
Mozilla Public License 2.0
151 stars 112 forks source link

Fix issue #1262 #1312

Closed adambarreiro closed 2 months ago

adambarreiro commented 2 months ago

This PR closes #1262

Problem

When a user creates a VM with a VM template, and she does not have the "Organization vDC Disk: View IOPS" right, the VCD Provider crashes with a panic:

goroutine 786 [running]:
github.com/vmware/terraform-provider-vcd/v3/vcd.updateTemplateInternalDisks(0xc000054680, {0xcd4e980, 0xc000c8e870}, {0xc0003902c0, 0xc00017f088})
    /Users/adambarreiro/terraform-provider-vcd/vcd/resource_vcd_vapp_vm_tools.go:700 +0x945
github.com/vmware/terraform-provider-vcd/v3/vcd.createVmFromImage(0xc000054680, {0xcd4e980, 0xc000c8e870}, {0xc6a4f44, 0x6}, {0xc6b662b, 0x10})
    /Users/adambarreiro/terraform-provider-vcd/vcd/resource_vcd_vapp_vm.go:1347 +0x3886
github.com/vmware/terraform-provider-vcd/v3/vcd.genericResourceVmCreate(0xc000054680, {0xcd4e980, 0xc000c8e870}, {0xc6a4f44, 0x6})
    /Users/adambarreiro/terraform-provider-vcd/vcd/resource_vcd_vapp_vm.go:893 +0x395

HCL to reproduce:

provider "vcd" {
  user                 = "abarreiro-admin" # User without Organization vDC Disk: View IOPS right!!
  password             = "******"
  token                = ""
  api_token            = ""
  auth_type            = "integrated"
  saml_adfs_rpt_id     = ""
  url                  = "https://vcd-url/api"
  sysorg               = "abarreiro"
  org                  = "abarreiro"
  vdc                  = "nsxt-vdc-abarreiro"
  allow_unverified_ssl = "true"
  max_retry_timeout    = 600
  logging              = true
  logging_file         = "go-vcloud-director.log"
}

data "vcd_catalog" "my-catalog" {
  name = "cat-abarreiro-nsxt-backed"
}

data "vcd_catalog_vapp_template" "template" {
  catalog_id = data.vcd_catalog.my-catalog.id
  name       = "nsxt-photon-hw11"
}

resource "vcd_vm" "my_vm" {
  name             = "my_vm_test_01"
  vapp_template_id = data.vcd_catalog_vapp_template.template.id
  memory           = 512
  cpus             = 1

  override_template_disk {
    bus_type        = "paravirtual"
    size_in_mb      = "16384"
    bus_number      = 0
    unit_number     = 0
    storage_profile = "*"
  }
}

Solution

In code, it was assumed that the IOPS information was always present. The fix consists of safely checking for nil pointers.

Tests

A new test is provided: TestAccVcdVm_WithoutOrganizationVdcDiskIopsRights. This test will panic without this fix (hence will remove the Organization vDC Disk: View IOPS from your VCD testing org user, be careful and restore it afterwards). With this patch, the test obviously should pass.

What it does, it removes the mentioned rights, applies the HCL, then restores the same rights.

adambarreiro commented 2 months ago

vm tests passed