hcloud_firewall: Fix race condition on deletion of firewalls (#166)

Signed-off-by: Lukas Kämmerling <lukas.kaemmerling@hetzner-cloud.de>

Signed-off-by: Lukas Kämmerling <lukas.kaemmerling@hetzner-cloud.de>

changelogs/fragments/hcloud_firewall-deletion.yml

@@ -0,0 +1,2 @@
+bugfixes:
+  - hcloud_firewall - the deletion could fail if the firewall was referenced right before

plugins/modules/hcloud_firewall.py

@@ -173,6 +173,7 @@ hcloud_firewall:
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils._text import to_native
 from ansible_collections.hetzner.hcloud.plugins.module_utils.hcloud import Hcloud
+import time
 
 try:
     from hcloud.firewalls.domain import FirewallRule
@@ -293,7 +294,19 @@ class AnsibleHcloudFirewall(Hcloud):
         self._get_firewall()
         if self.hcloud_firewall is not None:
             if not self.module.check_mode:
+                retry_count = 0
+                while retry_count < 10:
+                    try:
                         self.client.firewalls.delete(self.hcloud_firewall)
+                        break
+                    except APIException as e:
+                        if "is still in use" in e.message:
+                            retry_count = retry_count + 1
+                            time.sleep(0.5 * retry_count)
+                        else:
+                            self.module.fail_json(msg=e.message)
+                    except Exception as e:
+                        self.module.fail_json(msg=e.message)
             self._mark_as_changed()
         self.hcloud_firewall = None