Merge pull request #6741 from svanharmelen/f-swap-network-acl
provider/cloudstack: make replacing the ACL of a network update the network in place
This commit is contained in:
commit
b20744b133
|
@ -86,14 +86,12 @@ func resourceCloudStackNetwork() *schema.Resource {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
Computed: true,
|
Computed: true,
|
||||||
ForceNew: true,
|
|
||||||
ConflictsWith: []string{"aclid"},
|
ConflictsWith: []string{"aclid"},
|
||||||
},
|
},
|
||||||
|
|
||||||
"aclid": &schema.Schema{
|
"aclid": &schema.Schema{
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
ForceNew: true,
|
|
||||||
Deprecated: "Please use the `acl_id` field instead",
|
Deprecated: "Please use the `acl_id` field instead",
|
||||||
},
|
},
|
||||||
|
|
||||||
|
@ -298,6 +296,25 @@ func resourceCloudStackNetworkUpdate(d *schema.ResourceData, meta interface{}) e
|
||||||
"Error updating network %s: %s", name, err)
|
"Error updating network %s: %s", name, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Replace the ACL if the ID has changed
|
||||||
|
if d.HasChange("acl_id") || d.HasChange("acl") {
|
||||||
|
aclid, ok := d.GetOk("acl_id")
|
||||||
|
if !ok {
|
||||||
|
aclid, ok = d.GetOk("acl")
|
||||||
|
}
|
||||||
|
if !ok {
|
||||||
|
return fmt.Errorf("Replacing the ACL requires a valid ACL ID")
|
||||||
|
}
|
||||||
|
|
||||||
|
p := cs.NetworkACL.NewReplaceNetworkACLListParams(aclid.(string))
|
||||||
|
p.SetNetworkid(d.Id())
|
||||||
|
|
||||||
|
_, err := cs.NetworkACL.ReplaceNetworkACLList(p)
|
||||||
|
if err != nil {
|
||||||
|
return fmt.Errorf("Error replacing ACL: %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Update tags if they have changed
|
// Update tags if they have changed
|
||||||
if d.HasChange("tags") {
|
if d.HasChange("tags") {
|
||||||
err = setTags(cs, d, "network")
|
err = setTags(cs, d, "network")
|
||||||
|
|
|
@ -131,7 +131,9 @@ func resourceCloudStackNetworkACLDelete(d *schema.ResourceData, meta interface{}
|
||||||
p := cs.NetworkACL.NewDeleteNetworkACLListParams(d.Id())
|
p := cs.NetworkACL.NewDeleteNetworkACLListParams(d.Id())
|
||||||
|
|
||||||
// Delete the network ACL list
|
// Delete the network ACL list
|
||||||
_, err := cs.NetworkACL.DeleteNetworkACLList(p)
|
_, err := Retry(3, func() (interface{}, error) {
|
||||||
|
return cs.NetworkACL.DeleteNetworkACLList(p)
|
||||||
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
// This is a very poor way to be told the ID does no longer exist :(
|
// This is a very poor way to be told the ID does no longer exist :(
|
||||||
if strings.Contains(err.Error(), fmt.Sprintf(
|
if strings.Contains(err.Error(), fmt.Sprintf(
|
||||||
|
|
|
@ -50,6 +50,35 @@ func TestAccCloudStackNetwork_vpc(t *testing.T) {
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestAccCloudStackNetwork_updateACL(t *testing.T) {
|
||||||
|
var network cloudstack.Network
|
||||||
|
|
||||||
|
resource.Test(t, resource.TestCase{
|
||||||
|
PreCheck: func() { testAccPreCheck(t) },
|
||||||
|
Providers: testAccProviders,
|
||||||
|
CheckDestroy: testAccCheckCloudStackNetworkDestroy,
|
||||||
|
Steps: []resource.TestStep{
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccCloudStackNetwork_acl,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckCloudStackNetworkExists(
|
||||||
|
"cloudstack_network.foo", &network),
|
||||||
|
testAccCheckCloudStackNetworkVPCAttributes(&network),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
|
||||||
|
resource.TestStep{
|
||||||
|
Config: testAccCloudStackNetwork_updateACL,
|
||||||
|
Check: resource.ComposeTestCheckFunc(
|
||||||
|
testAccCheckCloudStackNetworkExists(
|
||||||
|
"cloudstack_network.foo", &network),
|
||||||
|
testAccCheckCloudStackNetworkVPCAttributes(&network),
|
||||||
|
),
|
||||||
|
},
|
||||||
|
},
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
func testAccCheckCloudStackNetworkExists(
|
func testAccCheckCloudStackNetworkExists(
|
||||||
n string, network *cloudstack.Network) resource.TestCheckFunc {
|
n string, network *cloudstack.Network) resource.TestCheckFunc {
|
||||||
return func(s *terraform.State) error {
|
return func(s *terraform.State) error {
|
||||||
|
@ -193,3 +222,57 @@ resource "cloudstack_network" "foo" {
|
||||||
CLOUDSTACK_ZONE,
|
CLOUDSTACK_ZONE,
|
||||||
CLOUDSTACK_VPC_NETWORK_CIDR,
|
CLOUDSTACK_VPC_NETWORK_CIDR,
|
||||||
CLOUDSTACK_VPC_NETWORK_OFFERING)
|
CLOUDSTACK_VPC_NETWORK_OFFERING)
|
||||||
|
|
||||||
|
var testAccCloudStackNetwork_acl = fmt.Sprintf(`
|
||||||
|
resource "cloudstack_vpc" "foobar" {
|
||||||
|
name = "terraform-vpc"
|
||||||
|
cidr = "%s"
|
||||||
|
vpc_offering = "%s"
|
||||||
|
zone = "%s"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudstack_network_acl" "foo" {
|
||||||
|
name = "foo"
|
||||||
|
vpc_id = "${cloudstack_vpc.foobar.id}"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudstack_network" "foo" {
|
||||||
|
name = "terraform-network"
|
||||||
|
cidr = "%s"
|
||||||
|
network_offering = "%s"
|
||||||
|
vpc_id = "${cloudstack_vpc.foobar.id}"
|
||||||
|
acl_id = "${cloudstack_network_acl.foo.id}"
|
||||||
|
zone = "${cloudstack_vpc.foobar.zone}"
|
||||||
|
}`,
|
||||||
|
CLOUDSTACK_VPC_CIDR_1,
|
||||||
|
CLOUDSTACK_VPC_OFFERING,
|
||||||
|
CLOUDSTACK_ZONE,
|
||||||
|
CLOUDSTACK_VPC_NETWORK_CIDR,
|
||||||
|
CLOUDSTACK_VPC_NETWORK_OFFERING)
|
||||||
|
|
||||||
|
var testAccCloudStackNetwork_updateACL = fmt.Sprintf(`
|
||||||
|
resource "cloudstack_vpc" "foobar" {
|
||||||
|
name = "terraform-vpc"
|
||||||
|
cidr = "%s"
|
||||||
|
vpc_offering = "%s"
|
||||||
|
zone = "%s"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudstack_network_acl" "bar" {
|
||||||
|
name = "bar"
|
||||||
|
vpc_id = "${cloudstack_vpc.foobar.id}"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "cloudstack_network" "foo" {
|
||||||
|
name = "terraform-network"
|
||||||
|
cidr = "%s"
|
||||||
|
network_offering = "%s"
|
||||||
|
vpc_id = "${cloudstack_vpc.foobar.id}"
|
||||||
|
acl_id = "${cloudstack_network_acl.bar.id}"
|
||||||
|
zone = "${cloudstack_vpc.foobar.zone}"
|
||||||
|
}`,
|
||||||
|
CLOUDSTACK_VPC_CIDR_1,
|
||||||
|
CLOUDSTACK_VPC_OFFERING,
|
||||||
|
CLOUDSTACK_ZONE,
|
||||||
|
CLOUDSTACK_VPC_NETWORK_CIDR,
|
||||||
|
CLOUDSTACK_VPC_NETWORK_OFFERING)
|
||||||
|
|
|
@ -57,10 +57,9 @@ The following arguments are supported:
|
||||||
for. Changing this forces a new resource to be created.
|
for. Changing this forces a new resource to be created.
|
||||||
|
|
||||||
* `acl_id` - (Optional) The network ACL ID that should be attached to the network.
|
* `acl_id` - (Optional) The network ACL ID that should be attached to the network.
|
||||||
Changing this forces a new resource to be created.
|
|
||||||
|
|
||||||
* `aclid` - (Optional, Deprecated) The ID of a network ACL that should be attached
|
* `aclid` - (Optional, Deprecated) The ID of a network ACL that should be attached
|
||||||
to the network. Changing this forces a new resource to be created.
|
to the network.
|
||||||
|
|
||||||
* `project` - (Optional) The name or ID of the project to deploy this
|
* `project` - (Optional) The name or ID of the project to deploy this
|
||||||
instance to. Changing this forces a new resource to be created.
|
instance to. Changing this forces a new resource to be created.
|
||||||
|
|
Loading…
Reference in New Issue