bhouse-nexthop commented on code in PR #281:
URL:
https://github.com/apache/cloudstack-terraform-provider/pull/281#discussion_r2912337052
##########
website/docs/r/network_acl_rule.html.markdown:
##########
@@ -127,6 +127,61 @@ resource "cloudstack_network_acl_rule" "web_server" {
description = "Allow all outbound TCP"
}
}
+```
+
+### Using `ruleset` for Better Change Management
+
+The `ruleset` field is recommended when you need to insert or remove rules
without
+triggering unnecessary updates to other rules. Unlike `rule` (which uses a
list),
+`ruleset` uses a set that identifies rules by their content rather than
position.
+
Review Comment:
The review suggests adding CustomizeDiff validation to detect duplicate
rule_number
values. However, this is not possible because Terraform's TypeSet
automatically
deduplicates entries based on the hash function BEFORE CustomizeDiff runs.
Since
we hash on rule_number (the unique identifier), duplicate rule_numbers are
automatically deduplicated with last-one-wins behavior.
This is the INTENDED behavior of TypeSet - rule_number acts as a primary key,
and having multiple rules with the same rule_number should result in one
overwriting the other. This is analogous to how a map works in most
programming
languages.
The documentation has been updated to make this behavior explicit and warn
users
that duplicate rule_numbers will result in only the last one being kept.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
