Skip to content

Commit ec7654e

Browse files
tbroden84tbroden84
committed
PATCH: Update or remove firewall rules
Get changes between old vs. new configuration with d.GetChanges("rules"). Then determine which rules should be removed or updated based on the difference between the two configurations.
1 parent 342bb1f commit ec7654e

File tree

1 file changed

+28
-16
lines changed

1 file changed

+28
-16
lines changed

cloudamqp/resource_cloudamqp_security_firewall.go

Lines changed: 28 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -175,32 +175,44 @@ func resourceSecurityFirewallRead(d *schema.ResourceData, meta interface{}) erro
175175

176176
func resourceSecurityFirewallUpdate(d *schema.ResourceData, meta interface{}) error {
177177
var (
178-
api = meta.(*api.API)
179-
params []map[string]interface{}
180-
localFirewalls = d.Get("rules").(*schema.Set).List()
178+
api = meta.(*api.API)
179+
instanceID = d.Get("instance_id").(int)
180+
replace = d.Get("replace").(bool)
181+
rules []map[string]interface{}
182+
sleep = d.Get("sleep").(int)
183+
timeout = d.Get("timeout").(int)
181184
)
182185

183186
if !d.HasChange("rules") {
184187
return nil
185188
}
186189

187-
for _, k := range localFirewalls {
188-
params = append(params, k.(map[string]interface{}))
189-
}
190-
log.Printf("[DEBUG] cloudamqp::resource::security_firewall::update instance id: %v, params: %v", d.Get("instance_id"), params)
191-
data, err := api.UpdateFirewallSettings(d.Get("instance_id").(int), params, d.Get("sleep").(int), d.Get("timeout").(int))
192-
if err != nil {
193-
return err
190+
if replace {
191+
for _, k := range d.Get("rules").(*schema.Set).List() {
192+
rules = append(rules, k.(map[string]interface{}))
193+
}
194+
log.Printf("[DEBUG] Firewall update instance id: %v, rules: %v", instanceID, rules)
195+
return api.UpdateFirewallSettings(instanceID, rules, sleep, timeout)
194196
}
195-
rules := make([]map[string]interface{}, len(data))
196-
for k, v := range data {
197-
rules[k] = readRule(v)
197+
198+
oldRules, newRules := d.GetChange("rules")
199+
deleteRules := oldRules.(*schema.Set).Difference(newRules.(*schema.Set)).List()
200+
log.Printf("[DEBUG] Update firewall, remove rules: %v", deleteRules)
201+
for _, v := range deleteRules {
202+
rule := v.(map[string]interface{})
203+
rule["services"] = []string{}
204+
rule["ports"] = []int{}
205+
rules = append(rules, rule)
198206
}
199207

200-
if err = d.Set("rules", rules); err != nil {
201-
return fmt.Errorf("error setting rules for resource %s, %s", d.Id(), err)
208+
updateRules := newRules.(*schema.Set).Difference(oldRules.(*schema.Set)).List()
209+
log.Printf("[DEBUG] Update firewall, patch rules: %v", updateRules)
210+
for _, v := range updateRules {
211+
rules = append(rules, readRule(v.(map[string]interface{})))
202212
}
203-
return nil
213+
214+
log.Printf("[DEBUG] Update firewall, rules: %v", rules)
215+
return api.PatchFirewallSettings(instanceID, rules, sleep, timeout)
204216
}
205217

206218
func resourceSecurityFirewallDelete(d *schema.ResourceData, meta interface{}) error {

0 commit comments

Comments
 (0)