From 8c1f246b5a6288195dce25ab2417ae5218b7888d Mon Sep 17 00:00:00 2001
From: Pavel Boldyrev <627562+bpg@users.noreply.github.com>
Date: Fri, 2 Jun 2023 06:38:27 -0400
Subject: [PATCH] fix(firewall): Improve firewall resources argument validation
 (#359)

Make sure VM / Container rules, SGs, IPSets are always include `node_name` along with `vm_id`, `container_id`.
---
 proxmoxtf/resource/firewall/selector.go | 17 +++++++++++------
 1 file changed, 11 insertions(+), 6 deletions(-)

diff --git a/proxmoxtf/resource/firewall/selector.go b/proxmoxtf/resource/firewall/selector.go
index 911fade5..98b2c705 100644
--- a/proxmoxtf/resource/firewall/selector.go
+++ b/proxmoxtf/resource/firewall/selector.go
@@ -30,14 +30,16 @@ func selectorSchema() map[string]*schema.Schema {
 			Description: "The name of the node.",
 		},
 		mkSelectorVMID: {
-			Type:        schema.TypeInt,
-			Optional:    true,
-			Description: "The ID of the VM to manage the firewall for.",
+			Type:         schema.TypeInt,
+			Optional:     true,
+			Description:  "The ID of the VM to manage the firewall for.",
+			RequiredWith: []string{mkSelectorNodeName},
 		},
 		mkSelectorContainerID: {
-			Type:        schema.TypeInt,
-			Optional:    true,
-			Description: "The ID of the container to manage the firewall for.",
+			Type:         schema.TypeInt,
+			Optional:     true,
+			Description:  "The ID of the container to manage the firewall for.",
+			RequiredWith: []string{mkSelectorNodeName},
 		},
 	}
 }
@@ -46,6 +48,9 @@ func selectorSchemaMandatory() map[string]*schema.Schema {
 	s := selectorSchema()
 	s[mkSelectorNodeName].Optional = false
 	s[mkSelectorNodeName].Required = true
+	// required attributes can't be included in RequiredWith
+	s[mkSelectorVMID].RequiredWith = nil
+	s[mkSelectorContainerID].RequiredWith = nil
 
 	return s
 }