Make ACL's swappable, unless you want to stop using an ACL
In CloudStack you can dynamically start using an ACL and once you use an ACL you can dynamically swap ACL’s. But once your using an ACL, you can no longer stop using an ACL without rebuilding the network. This change makes the `ForceNew` value dynamic so that it only returns `true` if you are reverting from using an ACL to not using an ACL anymore, making this functionally inline with the behaviour CloudStack offers.
This commit is contained in:
parent
ef890386b6
commit
b7c71382f6
|
@ -11,7 +11,26 @@ import (
|
||||||
"github.com/xanzy/go-cloudstack/cloudstack"
|
"github.com/xanzy/go-cloudstack/cloudstack"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
const none = "none"
|
||||||
|
|
||||||
func resourceCloudStackNetwork() *schema.Resource {
|
func resourceCloudStackNetwork() *schema.Resource {
|
||||||
|
aclidSchema := &schema.Schema{
|
||||||
|
Type: schema.TypeString,
|
||||||
|
Optional: true,
|
||||||
|
Default: none,
|
||||||
|
ConflictsWith: []string{"aclid"},
|
||||||
|
}
|
||||||
|
|
||||||
|
aclidSchema.StateFunc = func(v interface{}) string {
|
||||||
|
value := v.(string)
|
||||||
|
|
||||||
|
if value == none {
|
||||||
|
aclidSchema.ForceNew = true
|
||||||
|
}
|
||||||
|
|
||||||
|
return value
|
||||||
|
}
|
||||||
|
|
||||||
return &schema.Resource{
|
return &schema.Resource{
|
||||||
Create: resourceCloudStackNetworkCreate,
|
Create: resourceCloudStackNetworkCreate,
|
||||||
Read: resourceCloudStackNetworkRead,
|
Read: resourceCloudStackNetworkRead,
|
||||||
|
@ -82,12 +101,7 @@ func resourceCloudStackNetwork() *schema.Resource {
|
||||||
Deprecated: "Please use the `vpc_id` field instead",
|
Deprecated: "Please use the `vpc_id` field instead",
|
||||||
},
|
},
|
||||||
|
|
||||||
"acl_id": &schema.Schema{
|
"acl_id": aclidSchema,
|
||||||
Type: schema.TypeString,
|
|
||||||
Optional: true,
|
|
||||||
Computed: true,
|
|
||||||
ConflictsWith: []string{"aclid"},
|
|
||||||
},
|
|
||||||
|
|
||||||
"aclid": &schema.Schema{
|
"aclid": &schema.Schema{
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
|
@ -177,7 +191,7 @@ func resourceCloudStackNetworkCreate(d *schema.ResourceData, meta interface{}) e
|
||||||
if !ok {
|
if !ok {
|
||||||
aclid, ok = d.GetOk("acl")
|
aclid, ok = d.GetOk("acl")
|
||||||
}
|
}
|
||||||
if ok {
|
if ok && aclid != none {
|
||||||
// Set the acl ID
|
// Set the acl ID
|
||||||
p.SetAclid(aclid.(string))
|
p.SetAclid(aclid.(string))
|
||||||
}
|
}
|
||||||
|
@ -232,11 +246,12 @@ func resourceCloudStackNetworkRead(d *schema.ResourceData, meta interface{}) err
|
||||||
_, vpc := d.GetOk("vpc")
|
_, vpc := d.GetOk("vpc")
|
||||||
if vpcID || vpc {
|
if vpcID || vpc {
|
||||||
d.Set("vpc_id", n.Vpcid)
|
d.Set("vpc_id", n.Vpcid)
|
||||||
}
|
|
||||||
|
|
||||||
_, aclID := d.GetOk("acl_id")
|
// Since we're in a VPC, also update the ACL ID. If we don't
|
||||||
_, acl := d.GetOk("aclid")
|
// have an ACL ID make sure we set the default value instead.
|
||||||
if aclID || acl {
|
if n.Aclid == "" {
|
||||||
|
n.Aclid = none
|
||||||
|
}
|
||||||
d.Set("acl_id", n.Aclid)
|
d.Set("acl_id", n.Aclid)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -56,9 +56,12 @@ The following arguments are supported:
|
||||||
* `vpc` - (Optional, Deprecated) The name or ID of the VPC to create this network
|
* `vpc` - (Optional, Deprecated) The name or ID of the VPC to create this network
|
||||||
for. Changing this forces a new resource to be created.
|
for. Changing this forces a new resource to be created.
|
||||||
|
|
||||||
* `acl_id` - (Optional) The network ACL ID that should be attached to the network.
|
* `acl_id` - (Optional) The ACL ID that should be attached to the network or
|
||||||
|
`none` if you do not want to attach an ACL. You can dynamically attach and
|
||||||
|
swap ACL's, but if you want to detach an attached ACL and revert to using
|
||||||
|
`none`, this will force a new resource to be created. Defaults to `none`.
|
||||||
|
|
||||||
* `aclid` - (Optional, Deprecated) The ID of a network ACL that should be attached
|
* `aclid` - (Optional, Deprecated) The ID of a ACL that should be attached
|
||||||
to the network.
|
to the network.
|
||||||
|
|
||||||
* `project` - (Optional) The name or ID of the project to deploy this
|
* `project` - (Optional) The name or ID of the project to deploy this
|
||||||
|
|
Loading…
Reference in New Issue