Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[wip] adding loose ordering of rules #103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
freedge wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[wip] adding loose ordering of rules #103

freedge wants to merge 1 commit into from

Conversation

@freedge
Copy link

@freedge freedge commented Mar 31, 2023
edited
Loading

when updating a large security rule group, one action=move API call is made for each rule of the security rule group, the first rule is placed according to the group position, then each succeeding rule is moved after the previous one.

We introduce a loose ordering of rules where we only order newly created rules and put them below any other rule of the security group. This considerably reduces the amount of API calls needed to update rules.

PaloAltoNetworks/terraform-provider-panos#378

How Has This Been Tested?

tested using the matching terraform-provider-panos change (not submitted).
My security group rule contains 900 elements, the overall terraform plan/update (that does much more than just the rules) goes from 1m30s to 1m in local, where there is no communication delay between terraform and the NGFW.

Types of changes

  • New feature (non-breaking change which adds functionality)

Checklist

  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added tests to cover my changes if appropriate.
  • All new and existing tests passed.

@welcome-to-palo-alto-networks
Copy link

welcome-to-palo-alto-networks bot commented Mar 31, 2023

🎉 Thanks for opening this pull request! We really appreciate contributors like you! 🙌

@freedge
adding loose ordering of rules
dd730cf 
when updating a large security rule group, one action=move API call is
made for each rule of the security rule group, the first rule is placed
according to the group position, then each succeeding rule is moved
after the previous one.

We introduce a **loose** ordering of rules where we only order newly
created rules and put them below any other rule of the security group.
This considerably reduces the amount of API calls needed to update
rules.

PaloAltoNetworks/terraform-provider-panos#378
@freedge
Copy link
Author

freedge commented Apr 3, 2023

there is no CONTRIBUTING document. test and doc can be done in the terraform-provider-panos repo if maintainers are OK with the idea

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@freedge