terraform_acl: Allow specifying a repo URL that automatically adds the comment

[kamalmarhubi]

Is your feature request related to a problem? Please describe.
We're managing our ACLs in terraform and generate an object which we pass to jsonencode. We attempted to add the comment that prevents modifications from the admin console. The provider helpfully avoids showing diffs when only formatting has changed, but it causes us to get horrible diffs since jsonencode produced compact single-line JSON.

Describe the solution you'd like
I see two possibilities:

• provide a resource argument for the URL that injects the comment at apply time and strips it before diffing; this way the acl argument will remain easily diffed by terraform
• add a CustomizeDiff to the resource that shows a diff of the formatted HuJSON for the acl argument

---

edit: Small update: we were using 0.13 which didn't have #37. Having upgraded, we can now add the comment with something like

locals {
  prevent_changes_comment = "// This tailnet's ACLs are maintained in <url>"
}

resource "tailscale_acl" "acl" {
  acl = join("\n", [local.prevent_changes_comment, jsonencode({
    # actual acl object here
  })])
}

and get nice diffs of the ACLs in plan output.

I still think it would be an improvement to have a separate argument to avoid the ugly concatenation, but feel free to close this.