From ae5730c5a514730876aabcf2d8af739152805c86 Mon Sep 17 00:00:00 2001 From: "Zanetti, David" Date: Wed, 21 Dec 2016 11:45:12 +1300 Subject: [PATCH] Querying EC2 security groups should report unexpected errors As noted in #4277, we don't report any errors from the loop waiting for a security group to exist. Instead, we should accept 'errors' which result from the group not yet existing, and report errors which are actual issues the user needs to resolve (eg, IAM permissions are incorrect). Closes #4277 --- .../amazon/common/step_run_source_instance.go | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/builder/amazon/common/step_run_source_instance.go b/builder/amazon/common/step_run_source_instance.go index 973e5402f..e6bd8a645 100644 --- a/builder/amazon/common/step_run_source_instance.go +++ b/builder/amazon/common/step_run_source_instance.go @@ -9,6 +9,7 @@ import ( "time" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/service/ec2" "github.com/mitchellh/multistep" @@ -370,11 +371,18 @@ func WaitUntilSecurityGroupExists(c *ec2.EC2, input *ec2.DescribeSecurityGroupsI for i := 0; i < 40; i++ { _, err := c.DescribeSecurityGroups(input) if err != nil { - log.Printf("[DEBUG] Error querying security group %v: %s", input.GroupIds, err) - time.Sleep(15 * time.Second) - continue + // Check if this is just because it doesn't exist yet + if ec2err, ok := err.(awserr.Error); ok && ec2err.Code() == "InvalidSecurityGroupID.NotFound" { + log.Printf("[DEBUG] Security group %v doesn't exist, sleeping for a moment", input.GroupIds) + time.Sleep(15 * time.Second) + continue + } + // The error is something else, abort and throw it + return fmt.Errorf("Error looking for security group %v: %s", input.GroupIds, err) } + + // Success! return nil } - return fmt.Errorf("timed out") + return fmt.Errorf("Timeout waiting for security group %v to appear", input.GroupIds) }