Make ACL's swappable, unless you want to stop using an ACL

In CloudStack you can dynamically start using an ACL and once you use
an ACL you can dynamically swap ACL’s. But once your using an ACL, you
can no longer stop using an ACL without rebuilding the network.

This change makes the `ForceNew` value dynamic so that it only returns
`true` if you are reverting from using an ACL to not using an ACL
anymore, making this functionally inline with the behaviour CloudStack
offers.
This commit is contained in:
Sander van Harmelen 2016-06-24 13:27:05 +02:00
parent ef890386b6
commit b7c71382f6
2 changed files with 31 additions and 13 deletions

View File

@ -11,7 +11,26 @@ import (
"github.com/xanzy/go-cloudstack/cloudstack" "github.com/xanzy/go-cloudstack/cloudstack"
) )
const none = "none"
func resourceCloudStackNetwork() *schema.Resource { func resourceCloudStackNetwork() *schema.Resource {
aclidSchema := &schema.Schema{
Type: schema.TypeString,
Optional: true,
Default: none,
ConflictsWith: []string{"aclid"},
}
aclidSchema.StateFunc = func(v interface{}) string {
value := v.(string)
if value == none {
aclidSchema.ForceNew = true
}
return value
}
return &schema.Resource{ return &schema.Resource{
Create: resourceCloudStackNetworkCreate, Create: resourceCloudStackNetworkCreate,
Read: resourceCloudStackNetworkRead, Read: resourceCloudStackNetworkRead,
@ -82,12 +101,7 @@ func resourceCloudStackNetwork() *schema.Resource {
Deprecated: "Please use the `vpc_id` field instead", Deprecated: "Please use the `vpc_id` field instead",
}, },
"acl_id": &schema.Schema{ "acl_id": aclidSchema,
Type: schema.TypeString,
Optional: true,
Computed: true,
ConflictsWith: []string{"aclid"},
},
"aclid": &schema.Schema{ "aclid": &schema.Schema{
Type: schema.TypeString, Type: schema.TypeString,
@ -177,7 +191,7 @@ func resourceCloudStackNetworkCreate(d *schema.ResourceData, meta interface{}) e
if !ok { if !ok {
aclid, ok = d.GetOk("acl") aclid, ok = d.GetOk("acl")
} }
if ok { if ok && aclid != none {
// Set the acl ID // Set the acl ID
p.SetAclid(aclid.(string)) p.SetAclid(aclid.(string))
} }
@ -232,11 +246,12 @@ func resourceCloudStackNetworkRead(d *schema.ResourceData, meta interface{}) err
_, vpc := d.GetOk("vpc") _, vpc := d.GetOk("vpc")
if vpcID || vpc { if vpcID || vpc {
d.Set("vpc_id", n.Vpcid) d.Set("vpc_id", n.Vpcid)
}
_, aclID := d.GetOk("acl_id") // Since we're in a VPC, also update the ACL ID. If we don't
_, acl := d.GetOk("aclid") // have an ACL ID make sure we set the default value instead.
if aclID || acl { if n.Aclid == "" {
n.Aclid = none
}
d.Set("acl_id", n.Aclid) d.Set("acl_id", n.Aclid)
} }

View File

@ -56,9 +56,12 @@ The following arguments are supported:
* `vpc` - (Optional, Deprecated) The name or ID of the VPC to create this network * `vpc` - (Optional, Deprecated) The name or ID of the VPC to create this network
for. Changing this forces a new resource to be created. for. Changing this forces a new resource to be created.
* `acl_id` - (Optional) The network ACL ID that should be attached to the network. * `acl_id` - (Optional) The ACL ID that should be attached to the network or
`none` if you do not want to attach an ACL. You can dynamically attach and
swap ACL's, but if you want to detach an attached ACL and revert to using
`none`, this will force a new resource to be created. Defaults to `none`.
* `aclid` - (Optional, Deprecated) The ID of a network ACL that should be attached * `aclid` - (Optional, Deprecated) The ID of a ACL that should be attached
to the network. to the network.
* `project` - (Optional) The name or ID of the project to deploy this * `project` - (Optional) The name or ID of the project to deploy this