JCS-14427: Add suggested actions for 409-PolicyAlreadyExists error in ORM job log (#254)

cr-aniruddh-srivatsa · web-flow · commit aa23c6c1860b · 2024-05-10T07:33:18.000-07:00
Setting up validation to raise an error if the dynamic group policy already exists with the same name as that of any service name of stack. ![policy_error](https://github.com/oracle-quickstart/oci-weblogic-server/assets/146092663/99e4c142-bf81-46f7-be24-e5624bbffd50)
diff --git a/terraform/main.tf b/terraform/main.tf
@@ -464,6 +464,7 @@ module "validators" {
   provisioned_node_count = length(data.oci_core_instances.provisioned_instances.instances.*.display_name)
   use_marketplace_image  = var.use_marketplace_image
   wls_edition            = var.wls_edition
+  tenancy_id             = var.tenancy_ocid
 }
 
 module "fss" {
diff --git a/terraform/modules/validators/policy_validators.tf b/terraform/modules/validators/policy_validators.tf
@@ -0,0 +1,14 @@
+# Copyright (c) 2024 Oracle and/or its affiliates.
+# Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
+
+data "oci_identity_policies" "existing_policies" {
+  compartment_id = var.tenancy_id
+}
+
+locals {
+  policy_name = var.create_policies ? "${var.service_name}-oci-policy" : ""
+  existing_policy_names = var.create_policies ? [for policy in data.oci_identity_policies.existing_policies.policies : policy.name] : []
+  policy_already_exists = var.create_policies ? contains(local.existing_policy_names, local.policy_name) : false
+  policy_already_exists_msg = "WLSC-ERROR: Policy with name ${local.policy_name} already exists. Suggested Actions: It appears that another policy with the same name already exists. This could be because you have previously provisioned a stack with the same resource name prefix. If you no longer need the previous stack, please destroy and delete it so that all the resources are cleaned up or else you can provision again with a different resource name prefix. If you have already deleted the stack, delete the policy ${local.policy_name}."
+  validate_policy_name_is_not_already_used = var.create_policies && local.policy_already_exists ? local.validators_msg_map[local.policy_already_exists_msg] : null
+}
diff --git a/terraform/modules/validators/variables.tf b/terraform/modules/validators/variables.tf
@@ -1,4 +1,4 @@
-# Copyright (c) 2023, Oracle and/or its affiliates.
+# Copyright (c) 2023, 2024 Oracle and/or its affiliates.
 # Licensed under the Universal Permissive License v1.0 as shown at https://oss.oracle.com/licenses/upl.
 
 variable "compartment_id" {
@@ -533,3 +533,12 @@ variable "tf_script_version" {
   type        = string
   description = "The version of the provisioning scripts located in the OCI image used to create the WebLogic compute instances"
 }
+
+variable "tenancy_id" {
+  type        = string
+  description = "The OCID of the tenancy where the dynamic group and policy will be created"
+  validation {
+    condition     = length(regexall("^ocid1.tenancy.*$", var.tenancy_id)) > 0
+    error_message = "WLSC-ERROR: The value for tenancy_id should start with \"ocid1.tenancy.\"."
+  }
+}

Original file line number	Diff line number	Diff line change
`@@ -464,6 +464,7 @@ module "validators" {`
`464`	`464`	`provisioned_node_count = length(data.oci_core_instances.provisioned_instances.instances.*.display_name)`
`465`	`465`	`use_marketplace_image = var.use_marketplace_image`
`466`	`466`	`wls_edition = var.wls_edition`
	`467`	`+ tenancy_id = var.tenancy_ocid`
`467`	`468`	`}`
`468`	`469`
`469`	`470`	`module "fss" {`