cloudfoundry_domain unexpectedly recreates private shared domains, deleting existing routes as a side effect

[gberche-orange]

We observe the following traces without apparent related TF spec changes

cloudfoundry_domain.tf-internet-paas-apps-domain: Modifying... (ID: fa6aabce-2819-4328-abe2-738456aeae07)
  orgs_shared_id.#:          "5" => "0"
  orgs_shared_id.1707224278: "3042fe9b-2e05-4293-a977-50e39eda9d3a" => ""
  orgs_shared_id.2851328613: "1a0b3943-1a11-4804-aeff-9de1d543b930" => ""
  orgs_shared_id.3544041737: "2f9da367-07f5-4745-bb6e-09df876812b3" => ""
  orgs_shared_id.3732900449: "be730559-33c1-4714-ac6f-69f722d27007" => ""
  orgs_shared_id.590687062:  "e14c9737-0ebb-4ec5-8e7f-06ea63ea96d2" => ""

Suspecting that when refreshing the list, the order of orgs (with whom the domain is shared) changes unpredicbily and triggers the equivalent of cf unshare-private-domain org domain and cf share-private-domain org domain

As a result, the corresponding existing routes gets deleted silently without warning.

Hopefully, the split between domain and private_domain_access in mevansam/terraform-provider-cf won't allow the same issue to reproduce there.

[gberche-orange]

The root cause was actually not in orange-cloudfoundry/terraform-provider-cloudfoundry but rather in the the caller TF specs where there was two concurrent cloudfoundry_domain resources targetting the same domain, creating a race condition between them.

I searched in https://github.com/hashicorp/terraform/blob/master/helper/schema/schema.go for a way to make an attribute as a kind of "primary key" in a resource in order to detect collisions, but did not yet find it. May be in terraform issues/requests for enhancement.

Closing for now