Sort IAM policy bindings by their role name to get simpler diffs (#3855)

* Sort IAM policy bindings by their role name to get simpler diffs as it's what the API does * Sort IAM policy bindings' members to get simpler diffs as it's what the API does
hashicorp · Jun 24, 2019 · aad1371 · aad1371
1 parent 0a3ae99
commit aad1371
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/google/data_source_google_iam_policy.go b/google/data_source_google_iam_policy.go
@@ -2,6 +2,7 @@ package google
 
 import (
 	"encoding/json"
+	"sort"
 	"strconv"
 
 	"github.com/hashicorp/terraform/helper/hashcode"
@@ -97,12 +98,22 @@ func dataSourceGoogleIamPolicyRead(d *schema.ResourceData, meta interface{}) err
 	// Convert each config binding into a cloudresourcemanager.Binding
 	for i, v := range bset.List() {
 		binding := v.(map[string]interface{})
+		members := convertStringSet(binding["members"].(*schema.Set))
+
+		// Sort members to get simpler diffs as it's what the API does
+		sort.Strings(members)
+
 		policy.Bindings[i] = &cloudresourcemanager.Binding{
 			Role:    binding["role"].(string),
-			Members: convertStringSet(binding["members"].(*schema.Set)),
+			Members: members,
 		}
 	}
 
+	// Sort bindings by their role name to get simpler diffs as it's what the API does
+	sort.Slice(bindings, func(i, j int) bool {
+		return bindings[i].Role < bindings[j].Role
+	})
+
 	// Convert each audit_config into a cloudresourcemanager.AuditConfig
 	policy.AuditConfigs = expandAuditConfig(aset)