refactor: refine tencentcloud_security_group_lite_rule

tencentcloud_security_group_lite_rule refine update process and doc

Author: Sherlock-Holo

CHANGELOG.md

@@ -4,7 +4,7 @@ ENHANCEMENTS:
 
 * Resource: `tencentcloud_gaap_http_rule` argument `realservers` now is optional.
 * Resource: `tencentcloud_kubernetes_cluster` supports multiple `availability_zone`.
-
+* Resource: `tencentcloud_security_group_lite_rule` refine update process and doc.
 
 ## 1.39.0 (July 18, 2020)
 

tencentcloud/resource_tc_security_group_lite_rule.go

@@ -1,7 +1,7 @@
 /*
 Provide a resource to create security group some lite rules quickly.
 
--> **NOTE:** It can't be used with tencentcloud_security_group_rule.
+-> **NOTE:** It can't be used with tencentcloud_security_group_rule, and don't create multi tencentcloud_security_group_rule resources, otherwise it may cause problems.
 
 Example Usage
 
@@ -113,7 +113,7 @@ func resourceTencentCloudSecurityGroupLiteRuleCreate(d *schema.ResourceData, m i
 		}
 	}
 
-	if err := service.AttachLiteRulesToSecurityGroup(ctx, sgId, ingress, egress); err != nil {
+	if err := service.AttachLiteRulesToSecurityGroup(ctx, sgId, ingress, egress, updateLiteRule, updateLiteRule); err != nil {
 		return err
 	}
 
@@ -170,34 +170,74 @@ func resourceTencentCloudSecurityGroupLiteRuleUpdate(d *schema.ResourceData, m i
 	service := VpcService{client: m.(*TencentCloudClient).apiV3Conn}
 
 	var (
-		ingress []VpcSecurityGroupLiteRule
-		egress  []VpcSecurityGroupLiteRule
+		ingress           []VpcSecurityGroupLiteRule
+		egress            []VpcSecurityGroupLiteRule
+		updateIngressKind = noModifyLiteRule
+		updateEgressKind  = noModifyLiteRule
 	)
 
-	if raw, ok := d.GetOk("ingress"); ok {
-		ingressStrs := helper.InterfacesStrings(raw.([]interface{}))
-		for _, ingressStr := range ingressStrs {
-			liteRule, err := parseRule(ingressStr)
-			if err != nil {
-				return err
+	if d.HasChange("ingress") {
+		if raw, ok := d.GetOk("ingress"); ok {
+			updateIngressKind = updateLiteRule
+
+			ingressStrs := helper.InterfacesStrings(raw.([]interface{}))
+			for _, ingressStr := range ingressStrs {
+				liteRule, err := parseRule(ingressStr)
+				if err != nil {
+					return err
+				}
+				ingress = append(ingress, liteRule)
+			}
+		} else {
+			updateIngressKind = deleteLiteRule
+
+			old, _ := d.GetChange("ingress")
+			ingressStrs := helper.InterfacesStrings(old.([]interface{}))
+			for _, ingressStr := range ingressStrs {
+				liteRule, err := parseRule(ingressStr)
+				if err != nil {
+					return err
+				}
+				ingress = append(ingress, liteRule)
 			}
-			ingress = append(ingress, liteRule)
 		}
 	}
 
-	if raw, ok := d.GetOk("egress"); ok {
-		egressStrs := helper.InterfacesStrings(raw.([]interface{}))
-		for _, egressStr := range egressStrs {
-			liteRule, err := parseRule(egressStr)
-			if err != nil {
-				return err
+	if d.HasChange("egress") {
+		if raw, ok := d.GetOk("egress"); ok {
+			updateEgressKind = updateLiteRule
+
+			egressStrs := helper.InterfacesStrings(raw.([]interface{}))
+			for _, egressStr := range egressStrs {
+				liteRule, err := parseRule(egressStr)
+				if err != nil {
+					return err
+				}
+				egress = append(egress, liteRule)
+			}
+		} else {
+			updateEgressKind = deleteLiteRule
+
+			old, _ := d.GetChange("egress")
+			egressStrs := helper.InterfacesStrings(old.([]interface{}))
+			for _, egressStr := range egressStrs {
+				liteRule, err := parseRule(egressStr)
+				if err != nil {
+					return err
+				}
+				egress = append(egress, liteRule)
 			}
-			egress = append(egress, liteRule)
 		}
 	}
 
-	if err := service.AttachLiteRulesToSecurityGroup(ctx, id, ingress, egress); err != nil {
-		return err
+	if updateIngressKind == deleteLiteRule && updateEgressKind == deleteLiteRule {
+		if err := service.DetachAllLiteRulesFromSecurityGroup(ctx, id); err != nil {
+			return err
+		}
+	} else {
+		if err := service.modifyLiteRulesInSecurityGroup(ctx, id, ingress, egress, updateIngressKind, updateEgressKind); err != nil {
+			return err
+		}
 	}
 
 	return resourceTencentCloudSecurityGroupLiteRuleRead(d, m)

tencentcloud/resource_tc_security_group_lite_rule_test.go

@@ -11,6 +11,8 @@ import (
 )
 
 func TestAccTencentCloudSecurityGroupLiteRule_basic(t *testing.T) {
+	t.Parallel()
+
 	var liteRuleId string
 
 	resource.Test(t, resource.TestCase{
@@ -41,6 +43,8 @@ func TestAccTencentCloudSecurityGroupLiteRule_basic(t *testing.T) {
 }
 
 func TestAccTencentCloudSecurityGroupLiteRule_update(t *testing.T) {
+	t.Parallel()
+
 	var liteRuleId string
 
 	resource.Test(t, resource.TestCase{