public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-10-01 16:21:06 +00:00
Code Issues Projects Releases Wiki Activity

Check set equality for service account scope changes (#1130)

Browse Source 
* add debug printfs

* more logs for debugging

* check set equality for service acct scope changes

* revert changes to region igm

* style things
This commit is contained in:
Dana Hoffman 2018-02-27 14:29:00 -08:00 committed by GitHub
parent e631d906ed
commit 313eb0fb89
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
google/resource_compute_instance.go
View File

@ -1252,8 +1252,24 @@ func resourceComputeInstanceUpdate(d *schema.ResourceData, meta interface{}) err
d.SetPartial("attached_disk")
}
// d.HasChange("service_account") is oversensitive: see https://github.com/hashicorp/terraform/issues/17411
// Until that's fixed, manually check whether there is a change.
o, n := d.GetChange("service_account")
oList := o.([]interface{})
nList := n.([]interface{})
scopesChange := false
if len(oList) != len(nList) {
scopesChange = true
} else if len(oList) == 1 {
// service_account has MaxItems: 1
// scopes is a required field and so will always be set
oScopes := oList[0].(map[string]interface{})["scopes"].(*schema.Set)
nScopes := nList[0].(map[string]interface{})["scopes"].(*schema.Set)
scopesChange = !oScopes.Equal(nScopes)
}
// Attributes which can only be changed if the instance is stopped
if d.HasChange("machine_type") || d.HasChange("min_cpu_platform") || d.HasChange("service_account") {
if scopesChange || d.HasChange("service_account.0.email") || d.HasChange("machine_type") || d.HasChange("min_cpu_platform") {
if !d.Get("allow_stopping_for_update").(bool) {
return fmt.Errorf("Changing the machine_type, min_cpu_platform, or service_account on an instance requires stopping it. " +
"To acknowledge this, please set allow_stopping_for_update = true in your config.")
@ -1309,7 +1325,7 @@ func resourceComputeInstanceUpdate(d *schema.ResourceData, meta interface{}) err
d.SetPartial("min_cpu_platform")
}
if d.HasChange("service_account") {
if d.HasChange("service_account.0.email") || scopesChange {
sa := d.Get("service_account").([]interface{})
req := &compute.InstancesSetServiceAccountRequest{ForceSendFields: []string{"email"}}
if len(sa) > 0 {

5
google/resource_compute_instance_test.go
View File

@ -1659,13 +1659,12 @@ resource "google_compute_instance" "foobar" {
}
metadata {
bar = "baz"
bar = "baz"
startup-script = "echo Hello"
}
create_timeout = 5
metadata_startup_script = "echo Hello"
labels {
only_me = "nothing_else"
}