fix: Provide err when error message populated in mongodbatlas_privatelink_endpoint and mongodbatlas_privatelink_endpoint_service

[cveticm]

Description

Both mongodbatlas_privatelink_endpoint_service and mongodbatlas_privatelink_endpoint have a error_message computed attribute (present in GET response), however no error message is being created to make users aware of the error when it is present. This PR adds the necessary logic to inform the user when an error is present.

• Within the mongodbatlas_privatelink_endpoint_service, a testcase, TestAccNetworkRSPrivateLinkEndpointServiceAWS_Failed, has been added to verify error is now received.
  This test passes an invalid vcpe id to a mongodbatlas_privatelink_endpoint_service resource. Creation will succeed but GET requests will fail with Interface endpoint <invalid_vcpe_id> was not found

• A testcase within mongodbatlas_privatelink_endpoint was not found and, hence, no test has been added.

Link to any related issue(s): CLOUDP-282564

Type of change:

• Bug fix (non-breaking change which fixes an issue). Please, add the "bug" label to the PR.
• New feature (non-breaking change which adds functionality). Please, add the "enhancement" label to the PR. A migration guide must be created or updated if the new feature will go in a major version.
• Breaking change (fix or feature that would cause existing functionality to not work as expected). Please, add the "breaking change" label to the PR. A migration guide must be created or updated.
• This change requires a documentation update
• Documentation fix/enhancement

Required Checklist:

• I have signed the MongoDB CLA
• I have read the contributing guides
• I have checked that this change does not generate any credentials and that they are NOT accidentally logged anywhere.
• I have added tests that prove my fix is effective or that my feature works per HashiCorp requirements
• I have added any necessary documentation (if appropriate)
• I have run make fmt and formatted my code
• If changes include deprecations or removals I have added appropriate changelog entries.
• If changes include removal or addition of 3rd party GitHub actions, I updated our internal document. Reach out to the APIx Integration slack channel to get access to the internal document.

Further comments

[cveticm]

It is possible that this fix might not be touched ever. Given that only 3 fields (bar timeout) can be modified for this resource, the only failure I can conceive of which would allow for a successful POST and error in GET is an unexpected error from Atlas or the cloud provider. Further investigation would be needed to verify this.

As it's a simple fix which adds minimal computation time, I suggest keeping the fix in the case a scenario is revealed to trigger this code to save the user from a silent fail.

[EspenAlbert]

Uncertain about raising an error here, I think a warning might be more appropriate?
What is the UX if the error is raised? Is there anything they can do other than terraform state rm or terraform destroy to get to a working state again?
I think this might fail on every plan after the error_message is populated in backend response

[cveticm]

To my knowledge, there isn't an alternative for UX other than destroying the resource as the API don't have a PATCH endpoint to update this resource. I think this might make an error appropriate. WDYT @EspenAlbert ?

[cveticm]

Check error_message field has been properly populated

[lantoli]

if plan or apply fails, is it useful to have this attribute error_message that won't be able to be used?

[cveticm]

@lantoli, I'm not sure I fully understand. This fix is to ensure error_message is populated in the case that creation is successful but the proceeding GET returns a fail state. In the case that plan fails or apply fails during creation, an alternative error is provided. Could you clarify your comment?

[lantoli]

sorry, maybe I'm not understanding this test. Is the Check useful in the test when we also have a ExpectError? We are expecting an error, so for ExpectError to pass the plan or apply must fail, so in that case I think it doesn't matter what the attribute values are as it failed.

[cveticm]

That's true, the check is more to outline that the error_message field has been correctly populated but ultimately isn't needed in this test since we expect an error. This check can be removed.

[github-actions]

APIx bot: a message has been sent to Docs Slack channel

[andreaangiolillo]

LGTM

[AgustinBettati]

LGTM, great that you managed to capture in a test 💯 Left follow up doubt in case we can leave it running in CI.

[AgustinBettati]

nit: Is it possible this test can be enabled in the CI? Don't see any particular pre-requisite AWS resources being used.

[cveticm]

Yes, thanks for pointing out AWS provider was not needed! Removed CI skip 👍

[cveticm]

Test now runs successfully in CI

[lantoli]

great that it runs in CI 👏

[carriecwk]

LGTM!