ConflictsWith does not function correctly on fields within a list or set

[brandontosch]

Terraform Version

v0.9.1

Affected Resource(s)

All, this is a core issue. For example though, we'll focus on the postgresql_schema resource since it has ConflictsWith rules in place on a set object (policy).

Terraform Configuration Files

resource "postgresql_schema" "test" {
  name = "test"

  policy = {
    create            = "true"
    create_with_grant = "true"
  }
}

Expected Behavior

In general, resource properties within a list or set should respect the ConflictsWith attribute and the check should be performed within each item in the list/set.

This should work, but does not:
ConflictsWith: []string { "list_property.conflicting_field_name" }

The above terraform config should result in an error when executing a plan command since the create and create_with_grant fields under policy conflict with each other.

Here is the code for the postgresql resource where the conflicts are configured:

schemaPolicyAttr: &schema.Schema{
    Type:     schema.TypeSet,
    Optional: true,
    Computed: true,
    Elem: &schema.Resource{
        Schema: map[string]*schema.Schema{
            schemaPolicyCreateAttr: {
                Type:          schema.TypeBool,
                Optional:      true,
                Default:       false,
                Description:   "If true, allow the specified ROLEs to CREATE new objects within the schema(s)",
            --> ConflictsWith: []string{schemaPolicyAttr + "." + schemaPolicyCreateWithGrantAttr},
            },
            schemaPolicyCreateWithGrantAttr: {
                Type:          schema.TypeBool,
                Optional:      true,
                Default:       false,
                Description:   "If true, allow the specified ROLEs to CREATE new objects within the schema(s) and GRANT the same CREATE privilege to different ROLEs",```
            --> ConflictsWith: []string{schemaPolicyAttr + "." + schemaPolicyCreateAttr},
            },

Actual Behavior

In the terraform config above, the plan command succeeds without error.

ConflictsWith can only work for a list/set if you manually specify the index in the ConflictsWith value and therefore can only really work if there is a single item in the list.

For exmaple:
ConflictsWith: []string { "list_property.0.conflicting_field_name" }

Steps to Reproduce

1. Using the config above, run terraform plan and just press enter through all the inputs.
2. Observe that there is no conflict error

References

Discovered while implementing managed disk support for azurerm:

• Azure Managed Disks terraform#11874
• AzureRM Managed Disks terraform#12455

Opened PR for proposed fix:

• Added supported for ConflictsWith for fields within lists/sets terraform#13019

[radeksimko]

Hi @brandontosch
Thank you for the report and sorry for the delay.

I'm going to close this issue as a duplicate of #71 so we can keep discussion in one place, but I'm sure that your linked examples to AzureRM issues will come handy when implementing this.

[ghost]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.