func()

in pkg/infrastructure/authorizationCheckers/terraform/terraformAuthorizationChecker.go [197:256]

• 46 lines of code
• 20 McCabe index (conditional complexity)

func (a *terraformDeploymentConfig) terraformApply(mpfConfig domain.MPFConfig, tf *tfexec.Terraform) (string, error) {

	err := tf.Init(context.Background())
	if err != nil {
		log.Warnf("error running Init: %s", err)
		return "", err
	}

	log.Infoln("in apply phase")

	switch {
	case a.varFilePath == "" && a.targetModule == "":
		err = tf.Apply(a.ctx)
	case a.varFilePath != "" && a.targetModule == "":
		err = tf.Apply(a.ctx, tfexec.VarFile(a.varFilePath))
	case a.varFilePath == "" && a.targetModule != "":
		err = tf.Apply(a.ctx, tfexec.Target(a.targetModule))
	case a.varFilePath != "" && a.targetModule != "":
		err = tf.Apply(a.ctx, tfexec.VarFile(a.varFilePath), tfexec.Target(a.targetModule))
	}

	if err == nil {
		return "", nil
	}

	errorMsg := err.Error()
	log.Debugln("terraform apply error: ", errorMsg)

	// Temporary fix to workaround issue https://github.com/hashicorp/terraform-provider-azurerm/issues/27961
	// It is observed only once, so retrying works
	if strings.Contains(errorMsg, BillingFeaturesPayloadError) {
		return RetryDeploymentResponseErrorMessage, nil
	}

	// import errors can occur for some resources, when identity does not have all required permissions,
	// as described in https://github.com/hashicorp/terraform-provider-azurerm/issues/27961#issuecomment-2467392936
	if a.importExistingResourcesToState && strings.Contains(errorMsg, TFExistingResourceErrorMsg) {

		msg, err := a.terraformImport(tf, errorMsg)
		if err != nil || msg != "" {
			if strings.Contains(msg, "Authorization") {
				return msg, nil
			}
			return msg, err
		}
		return a.terraformApply(mpfConfig, tf)
	}

	if strings.Contains(errorMsg, "Authorization") || strings.Contains(errorMsg, "LinkedAccessCheckFailed") {
		if strings.Contains(errorMsg, WaitingForDataplaneError) {
			log.Warnln("terraform apply: waiting for dataplane error occured, requesting retry")
			return RetryDeploymentResponseErrorMessage, nil
		}
		log.Debug("terraform apply: authorization error occured")
		return errorMsg, nil
	}

	log.Warnf("terraform apply: non authorizaton error occured: %s", errorMsg)
	return errorMsg, err
}