fix: remove identity from sqlserverbeta and postresflexalpha
Some checks failed
CI Workflow / Check GoReleaser config (pull_request) Successful in 6s
TF Acceptance Tests Workflow / Acceptance Tests (pull_request) Failing after 4m51s
CI Workflow / Prepare GO cache (pull_request) Successful in 6m12s
CI Workflow / Code coverage report (pull_request) Has been cancelled
CI Workflow / Test readiness for publishing provider (pull_request) Has been cancelled
CI Workflow / CI run tests (pull_request) Has been cancelled
CI Workflow / CI run build and linting (pull_request) Has been cancelled
Some checks failed
CI Workflow / Check GoReleaser config (pull_request) Successful in 6s
TF Acceptance Tests Workflow / Acceptance Tests (pull_request) Failing after 4m51s
CI Workflow / Prepare GO cache (pull_request) Successful in 6m12s
CI Workflow / Code coverage report (pull_request) Has been cancelled
CI Workflow / Test readiness for publishing provider (pull_request) Has been cancelled
CI Workflow / CI run tests (pull_request) Has been cancelled
CI Workflow / CI run build and linting (pull_request) Has been cancelled
This commit is contained in:
Marcel S. Henselin
parent
042e8115a6
commit
746f7cdfbd
13 changed files with 1438 additions and 259 deletions
|
|
@ -3,13 +3,33 @@ package sqlserverflexbeta_test
|
|||
import (
|
||||
"context"
|
||||
_ "embed"
|
||||
"errors"
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"os"
|
||||
"regexp"
|
||||
"strconv"
|
||||
"strings"
|
||||
"testing"
|
||||
"time"
|
||||
|
||||
"github.com/hashicorp/terraform-plugin-testing/compare"
|
||||
"github.com/hashicorp/terraform-plugin-testing/helper/acctest"
|
||||
"github.com/hashicorp/terraform-plugin-testing/helper/resource"
|
||||
"github.com/hashicorp/terraform-plugin-testing/knownvalue"
|
||||
"github.com/hashicorp/terraform-plugin-testing/plancheck"
|
||||
"github.com/hashicorp/terraform-plugin-testing/statecheck"
|
||||
"github.com/hashicorp/terraform-plugin-testing/terraform"
|
||||
"github.com/hashicorp/terraform-plugin-testing/tfjsonpath"
|
||||
"github.com/stackitcloud/stackit-sdk-go/core/config"
|
||||
"github.com/stackitcloud/stackit-sdk-go/core/oapierror"
|
||||
"github.com/stackitcloud/stackit-sdk-go/core/utils"
|
||||
|
||||
"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/core"
|
||||
wait "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/wait/sqlserverflexbeta"
|
||||
|
||||
"github.com/stackitcloud/stackit-sdk-go/services/sqlserverflex/v3beta1api"
|
||||
|
||||
"tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/internal/testutils"
|
||||
sqlserverflexbeta "tf-provider.git.onstackit.cloud/stackit-dev-tools/terraform-provider-stackitprivatepreview/stackit/internal/services/sqlserverflexbeta/instance"
|
||||
|
|
@ -20,7 +40,7 @@ import (
|
|||
fwresource "github.com/hashicorp/terraform-plugin-framework/resource"
|
||||
)
|
||||
|
||||
const providerPrefix = "stackitprivatepreview_sqlserverflexbeta"
|
||||
const pfx = "stackitprivatepreview_sqlserverflexbeta"
|
||||
|
||||
func TestInstanceResourceSchema(t *testing.T) {
|
||||
t.Parallel()
|
||||
|
|
@ -59,20 +79,20 @@ func testAccPreCheck(t *testing.T) {
|
|||
|
||||
type resData struct {
|
||||
ServiceAccountFilePath string
|
||||
ProjectId string
|
||||
ProjectID string
|
||||
Region string
|
||||
Name string
|
||||
TfName string
|
||||
FlavorId string
|
||||
FlavorID string
|
||||
BackupSchedule string
|
||||
UseEncryption bool
|
||||
KekKeyId string
|
||||
KekKeyRingId string
|
||||
KekKeyID string
|
||||
KekKeyRingID string
|
||||
KekKeyVersion uint8
|
||||
KekServiceAccount string
|
||||
PerformanceClass string
|
||||
Size uint32
|
||||
AclString string
|
||||
ACLStrings []string
|
||||
AccessScope string
|
||||
RetentionDays uint32
|
||||
Version string
|
||||
|
|
@ -82,37 +102,33 @@ type resData struct {
|
|||
|
||||
type User struct {
|
||||
Name string
|
||||
ProjectId string
|
||||
ProjectID string
|
||||
Roles []string
|
||||
}
|
||||
|
||||
type Database struct {
|
||||
Name string
|
||||
ProjectId string
|
||||
ProjectID string
|
||||
Owner string
|
||||
Collation string
|
||||
Compatibility string
|
||||
}
|
||||
|
||||
func resName(res, name string) string {
|
||||
return fmt.Sprintf("%s_%s.%s", providerPrefix, res, name)
|
||||
}
|
||||
|
||||
func getExample() resData {
|
||||
name := acctest.RandomWithPrefix("tf-acc")
|
||||
return resData{
|
||||
Region: os.Getenv("TF_ACC_REGION"),
|
||||
ServiceAccountFilePath: os.Getenv("TF_ACC_SERVICE_ACCOUNT_FILE"),
|
||||
ProjectId: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
ProjectID: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
Name: name,
|
||||
TfName: name,
|
||||
FlavorId: "4.16-Single",
|
||||
FlavorID: "4.16-Single",
|
||||
BackupSchedule: "0 0 * * *",
|
||||
UseEncryption: false,
|
||||
RetentionDays: 33,
|
||||
PerformanceClass: "premium-perf2-stackit",
|
||||
Size: 10,
|
||||
AclString: "0.0.0.0/0",
|
||||
ACLStrings: []string{"0.0.0.0/0"},
|
||||
AccessScope: "PUBLIC",
|
||||
Version: "2022",
|
||||
}
|
||||
|
|
@ -127,118 +143,198 @@ func TestAccInstance(t *testing.T) {
|
|||
updSizeData := exData
|
||||
updSizeData.Size = 25
|
||||
|
||||
testInstanceID := testutils.ResStr(pfx, "instance", exData.TfName)
|
||||
|
||||
compareValuesSame := statecheck.CompareValue(compare.ValuesSame())
|
||||
resource.ParallelTest(t, resource.TestCase{
|
||||
PreCheck: func() {
|
||||
testAccPreCheck(t)
|
||||
t.Logf(" ... working on instance %s", exData.TfName)
|
||||
t.Logf(" ... %s - %s", t.Name(), exData.TfName)
|
||||
},
|
||||
CheckDestroy: testAccCheckSQLServerFlexDestroy,
|
||||
ProtoV6ProviderFactories: testutils.TestAccProtoV6ProviderFactories,
|
||||
Steps: []resource.TestStep{
|
||||
// Create and verify
|
||||
{
|
||||
PreConfig: func() {
|
||||
t.Logf("testing: %s - %s", t.Name(), "create and verify")
|
||||
},
|
||||
ExpectNonEmptyPlan: true,
|
||||
Config: testutils.StringFromTemplateMust(
|
||||
"testdata/instance_template.gompl",
|
||||
exData,
|
||||
),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
resource.TestCheckResourceAttr(resName("instance", exData.TfName), "name", exData.Name),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", exData.TfName), "id"),
|
||||
// TODO: check all fields
|
||||
),
|
||||
ConfigStateChecks: []statecheck.StateCheck{
|
||||
compareValuesSame.AddStateValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("id"),
|
||||
),
|
||||
statecheck.ExpectKnownValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("is_deletable"),
|
||||
knownvalue.Bool(true),
|
||||
),
|
||||
// TODO - correct
|
||||
statecheck.ExpectKnownValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("connection_info"),
|
||||
knownvalue.MapExact(map[string]knownvalue.Check{
|
||||
"write": knownvalue.MapExact(map[string]knownvalue.Check{
|
||||
"host": knownvalue.StringRegexp(regexp.MustCompile("[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}.postgresql.[a-z0-9]+.onstackit.cloud")),
|
||||
"port": knownvalue.Int32Func(func(v int32) error {
|
||||
if v < 0 {
|
||||
return fmt.Errorf("value is negative")
|
||||
}
|
||||
if v <= 1024 {
|
||||
return fmt.Errorf("value uses protected port range")
|
||||
}
|
||||
return nil
|
||||
}),
|
||||
}),
|
||||
}),
|
||||
),
|
||||
},
|
||||
Check: defaultNoEncInstanceTestChecks(testInstanceID, exData),
|
||||
},
|
||||
// Update name and verify
|
||||
{
|
||||
PreConfig: func() {
|
||||
t.Logf("testing: %s - %s", t.Name(), "update name and verify")
|
||||
},
|
||||
ExpectNonEmptyPlan: true,
|
||||
Config: testutils.StringFromTemplateMust(
|
||||
"testdata/instance_template.gompl",
|
||||
updNameData,
|
||||
),
|
||||
ConfigPlanChecks: resource.ConfigPlanChecks{
|
||||
PreApply: []plancheck.PlanCheck{
|
||||
plancheck.ExpectNonEmptyPlan(),
|
||||
},
|
||||
},
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
resource.TestCheckResourceAttr(resName("instance", exData.TfName), "name", updNameData.Name),
|
||||
defaultNoEncInstanceTestChecks(testInstanceID, updNameData),
|
||||
),
|
||||
},
|
||||
// Update size and verify
|
||||
{
|
||||
PreConfig: func() {
|
||||
t.Logf("testing: %s - %s", t.Name(), "update storage.size and verify")
|
||||
},
|
||||
ExpectNonEmptyPlan: true,
|
||||
Config: testutils.StringFromTemplateMust(
|
||||
"testdata/instance_template.gompl",
|
||||
updSizeData,
|
||||
),
|
||||
Check: resource.ComposeTestCheckFunc(
|
||||
resource.TestCheckResourceAttr(
|
||||
testutils.ResStr(providerPrefix, "instance", exData.TfName),
|
||||
"storage.size",
|
||||
strconv.Itoa(int(updSizeData.Size)),
|
||||
),
|
||||
defaultNoEncInstanceTestChecks(testInstanceID, updSizeData),
|
||||
),
|
||||
},
|
||||
// Import test
|
||||
// test instance imports
|
||||
{
|
||||
RefreshState: true,
|
||||
PreConfig: func() {
|
||||
t.Logf("testing: %s - %s", t.Name(), "import instance")
|
||||
},
|
||||
ResourceName: testInstanceID,
|
||||
// ImportStateIdPrefix: "",
|
||||
// ImportStateVerifyIdentifierAttribute: "id",
|
||||
ImportStateIdFunc: getInstanceTestID(exData.TfName),
|
||||
ImportStateKind: resource.ImportCommandWithID,
|
||||
ImportState: true,
|
||||
ImportStateVerify: true,
|
||||
},
|
||||
//// Import test
|
||||
//{
|
||||
// ResourceName: resName("instance", exData.TfName),
|
||||
// ImportState: true,
|
||||
// ImportStateVerify: true,
|
||||
// },
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func TestAccInstanceReApply(t *testing.T) {
|
||||
exData := getExample()
|
||||
testInstanceID := testutils.ResStr(pfx, "instance", exData.TfName)
|
||||
compareValuesSame := statecheck.CompareValue(compare.ValuesSame())
|
||||
resource.ParallelTest(t, resource.TestCase{
|
||||
PreCheck: func() {
|
||||
testAccPreCheck(t)
|
||||
t.Logf(" ... working on instance %s", exData.TfName)
|
||||
t.Logf(" ... %s - %s", t.Name(), exData.TfName)
|
||||
},
|
||||
CheckDestroy: testAccCheckSQLServerFlexDestroy,
|
||||
ProtoV6ProviderFactories: testutils.TestAccProtoV6ProviderFactories,
|
||||
Steps: []resource.TestStep{
|
||||
// Create and verify
|
||||
{
|
||||
PreConfig: func() {
|
||||
t.Logf("testing: %s - %s", t.Name(), "create and verify")
|
||||
},
|
||||
Config: testutils.StringFromTemplateMust(
|
||||
"testdata/instance_template.gompl",
|
||||
exData,
|
||||
),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
resource.TestCheckResourceAttr(resName("instance", exData.TfName), "name", exData.Name),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", exData.TfName), "id"),
|
||||
// TODO: check all fields
|
||||
),
|
||||
ConfigStateChecks: []statecheck.StateCheck{
|
||||
compareValuesSame.AddStateValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("id"),
|
||||
),
|
||||
statecheck.ExpectKnownValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("is_deletable"),
|
||||
knownvalue.Bool(true),
|
||||
),
|
||||
// TODO - correct
|
||||
statecheck.ExpectKnownValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("connection_info"),
|
||||
knownvalue.MapExact(map[string]knownvalue.Check{
|
||||
"write": knownvalue.MapExact(map[string]knownvalue.Check{
|
||||
"host": knownvalue.StringRegexp(regexp.MustCompile("[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}.postgresql.[a-z0-9]+.onstackit.cloud")),
|
||||
"port": knownvalue.Int32Func(func(v int32) error {
|
||||
if v < 0 {
|
||||
return fmt.Errorf("value is negative")
|
||||
}
|
||||
if v <= 1024 {
|
||||
return fmt.Errorf("value uses protected port range")
|
||||
}
|
||||
return nil
|
||||
}),
|
||||
}),
|
||||
}),
|
||||
),
|
||||
},
|
||||
Check: defaultNoEncInstanceTestChecks(testInstanceID, exData),
|
||||
},
|
||||
// Create and verify
|
||||
// Second apply should not have changes
|
||||
{
|
||||
PreConfig: func() {
|
||||
t.Logf("testing: %s - %s", t.Name(), "second apply")
|
||||
},
|
||||
ExpectNonEmptyPlan: false,
|
||||
ResourceName: testInstanceID,
|
||||
Config: testutils.StringFromTemplateMust(
|
||||
"testdata/instance_template.gompl",
|
||||
exData,
|
||||
),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
resource.TestCheckResourceAttr(resName("instance", exData.TfName), "name", exData.Name),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", exData.TfName), "id"),
|
||||
// TODO: check all fields
|
||||
),
|
||||
ConfigPlanChecks: resource.ConfigPlanChecks{
|
||||
PreApply: []plancheck.PlanCheck{
|
||||
plancheck.ExpectEmptyPlan(),
|
||||
},
|
||||
},
|
||||
ConfigStateChecks: []statecheck.StateCheck{
|
||||
compareValuesSame.AddStateValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("id"),
|
||||
),
|
||||
statecheck.ExpectKnownValue(
|
||||
testInstanceID,
|
||||
tfjsonpath.New("is_deletable"),
|
||||
knownvalue.Bool(true),
|
||||
),
|
||||
},
|
||||
},
|
||||
// Refresh state test
|
||||
{
|
||||
PreConfig: func() {
|
||||
t.Logf("testing: %s - %s", t.Name(), "refresh state")
|
||||
},
|
||||
RefreshState: true,
|
||||
},
|
||||
// Create and verify
|
||||
{
|
||||
Config: testutils.StringFromTemplateMust(
|
||||
"testdata/instance_template.gompl",
|
||||
exData,
|
||||
),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
resource.TestCheckResourceAttr(resName("instance", exData.TfName), "name", exData.Name),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", exData.TfName), "id"),
|
||||
// TODO: check all fields
|
||||
),
|
||||
},
|
||||
// Import test
|
||||
{
|
||||
ResourceName: resName("instance", exData.TfName),
|
||||
ImportStateKind: resource.ImportBlockWithResourceIdentity,
|
||||
ImportState: true,
|
||||
// ImportStateVerify is not supported with plannable import blocks
|
||||
// ImportStateVerify: true,
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
|
@ -251,7 +347,7 @@ func TestAccInstanceNoEncryption(t *testing.T) {
|
|||
data.Users = []User{
|
||||
{
|
||||
Name: userName,
|
||||
ProjectId: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
ProjectID: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
Roles: []string{
|
||||
"##STACKIT_DatabaseManager##",
|
||||
"##STACKIT_LoginManager##",
|
||||
|
|
@ -265,16 +361,19 @@ func TestAccInstanceNoEncryption(t *testing.T) {
|
|||
data.Databases = []Database{
|
||||
{
|
||||
Name: dbName,
|
||||
ProjectId: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
ProjectID: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
Owner: userName,
|
||||
},
|
||||
}
|
||||
|
||||
testInstanceID := testutils.ResStr(pfx, "instance", data.TfName)
|
||||
testDatabaseID := testutils.ResStr(pfx, "database", dbName)
|
||||
testUserID := testutils.ResStr(pfx, "user", userName)
|
||||
resource.ParallelTest(t, resource.TestCase{
|
||||
PreCheck: func() {
|
||||
testAccPreCheck(t)
|
||||
t.Logf(" ... working on instance %s", data.TfName)
|
||||
t.Logf(" ... %s - %s", t.Name(), data.TfName)
|
||||
},
|
||||
CheckDestroy: testAccCheckSQLServerFlexDestroy,
|
||||
ProtoV6ProviderFactories: testutils.TestAccProtoV6ProviderFactories,
|
||||
Steps: []resource.TestStep{
|
||||
// Create and verify
|
||||
|
|
@ -284,62 +383,22 @@ func TestAccInstanceNoEncryption(t *testing.T) {
|
|||
data,
|
||||
),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
// check instance values are set
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "id"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "backup_schedule"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "edition"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "flavor_id"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "instance_id"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "is_deletable"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "name"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "replicas"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "retention_days"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "status"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "version"),
|
||||
|
||||
resource.TestCheckNoResourceAttr(resName("instance", data.TfName), "encryption"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.kek_key_id"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.kek_key_version"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.kek_key_ring_id"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.service_account"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.access_scope"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.acl"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.instance_address"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.router_address"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "storage.class"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "storage.size"),
|
||||
|
||||
// check instance values are correct
|
||||
resource.TestCheckResourceAttr(resName("instance", data.TfName), "name", data.Name),
|
||||
|
||||
// check user values are set
|
||||
resource.TestCheckResourceAttrSet(resName("user", userName), "id"),
|
||||
resource.TestCheckResourceAttrSet(resName("user", userName), "username"),
|
||||
// resource.TestCheckResourceAttrSet(resName("user", userName), "roles"),
|
||||
|
||||
// func(s *terraform.State) error {
|
||||
// return nil
|
||||
// },
|
||||
defaultNoEncInstanceTestChecks(testInstanceID, data),
|
||||
|
||||
// check user values are correct
|
||||
resource.TestCheckResourceAttr(resName("user", userName), "username", userName),
|
||||
resource.TestCheckResourceAttr(resName("user", userName), "roles.#", strconv.Itoa(len(data.Users[0].Roles))),
|
||||
resource.TestCheckResourceAttr(testUserID, "username", userName),
|
||||
resource.TestCheckResourceAttr(testUserID, "roles.#", strconv.Itoa(len(data.Users[0].Roles))),
|
||||
|
||||
// check database values are set
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "id"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "name"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "owner"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "compatibility"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "collation"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "id"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "name"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "owner"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "compatibility"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "collation"),
|
||||
|
||||
// check database values are correct
|
||||
resource.TestCheckResourceAttr(resName("database", dbName), "name", dbName),
|
||||
resource.TestCheckResourceAttr(resName("database", dbName), "owner", userName),
|
||||
resource.TestCheckResourceAttr(testDatabaseID, "name", dbName),
|
||||
resource.TestCheckResourceAttr(testDatabaseID, "owner", userName),
|
||||
),
|
||||
},
|
||||
},
|
||||
|
|
@ -354,29 +413,34 @@ func TestAccInstanceEncryption(t *testing.T) {
|
|||
data.Users = []User{
|
||||
{
|
||||
Name: userName,
|
||||
ProjectId: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
ProjectID: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
Roles: []string{"##STACKIT_DatabaseManager##", "##STACKIT_LoginManager##"},
|
||||
},
|
||||
}
|
||||
data.Databases = []Database{
|
||||
{
|
||||
Name: dbName,
|
||||
ProjectId: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
ProjectID: os.Getenv("TF_ACC_PROJECT_ID"),
|
||||
Owner: userName,
|
||||
},
|
||||
}
|
||||
|
||||
data.UseEncryption = true
|
||||
data.KekKeyId = "fe039bcf-8d7b-431a-801d-9e81371a6b7b"
|
||||
data.KekKeyRingId = "6a2d95ab-3c4c-4963-a2bb-08d17a320e27"
|
||||
data.KekKeyID = "fe039bcf-8d7b-431a-801d-9e81371a6b7b"
|
||||
data.KekKeyRingID = "6a2d95ab-3c4c-4963-a2bb-08d17a320e27"
|
||||
data.KekKeyVersion = 1
|
||||
data.KekServiceAccount = "henselinm-u2v3ex1@sa.stackit.cloud"
|
||||
|
||||
testInstanceID := testutils.ResStr(pfx, "instance", data.TfName)
|
||||
testDatabaseID := testutils.ResStr(pfx, "database", dbName)
|
||||
testUserID := testutils.ResStr(pfx, "user", userName)
|
||||
|
||||
resource.ParallelTest(t, resource.TestCase{
|
||||
PreCheck: func() {
|
||||
testAccPreCheck(t)
|
||||
t.Logf(" ... working on instance %s", data.TfName)
|
||||
t.Logf(" ... %s - %s", t.Name(), data.TfName)
|
||||
},
|
||||
CheckDestroy: testAccCheckSQLServerFlexDestroy,
|
||||
ProtoV6ProviderFactories: testutils.TestAccProtoV6ProviderFactories,
|
||||
Steps: []resource.TestStep{
|
||||
// Create and verify
|
||||
|
|
@ -386,61 +450,296 @@ func TestAccInstanceEncryption(t *testing.T) {
|
|||
data,
|
||||
),
|
||||
Check: resource.ComposeAggregateTestCheckFunc(
|
||||
// check instance values are set
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "id"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "backup_schedule"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "edition"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "flavor_id"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "instance_id"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "is_deletable"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "name"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "replicas"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "retention_days"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "status"),
|
||||
resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "version"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.kek_key_id"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.kek_key_version"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.kek_key_ring_id"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "encryption.service_account"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.access_scope"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.acl"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.instance_address"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "network.router_address"),
|
||||
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "storage.class"),
|
||||
// resource.TestCheckResourceAttrSet(resName("instance", data.TfName), "storage.size"),
|
||||
|
||||
// check instance values are correct
|
||||
resource.TestCheckResourceAttr(resName("instance", data.TfName), "name", data.Name),
|
||||
defaultEncInstanceTestChecks(testInstanceID, data),
|
||||
|
||||
// check user values are set
|
||||
resource.TestCheckResourceAttrSet(resName("user", userName), "id"),
|
||||
resource.TestCheckResourceAttrSet(resName("user", userName), "username"),
|
||||
resource.TestCheckResourceAttrSet(testUserID, "id"),
|
||||
resource.TestCheckResourceAttrSet(testUserID, "username"),
|
||||
|
||||
// func(s *terraform.State) error {
|
||||
// return nil
|
||||
// },
|
||||
|
||||
// check user values are correct
|
||||
resource.TestCheckResourceAttr(resName("user", userName), "username", userName),
|
||||
resource.TestCheckResourceAttr(resName("user", userName), "roles.#", "2"),
|
||||
resource.TestCheckResourceAttr(testUserID, "username", userName),
|
||||
resource.TestCheckResourceAttr(testUserID, "roles.#", "2"),
|
||||
|
||||
// check database values are set
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "id"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "name"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "owner"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "compatibility"),
|
||||
resource.TestCheckResourceAttrSet(resName("database", dbName), "collation"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "id"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "name"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "owner"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "compatibility"),
|
||||
resource.TestCheckResourceAttrSet(testDatabaseID, "collation"),
|
||||
|
||||
// check database values are correct
|
||||
resource.TestCheckResourceAttr(resName("database", dbName), "name", dbName),
|
||||
resource.TestCheckResourceAttr(resName("database", dbName), "owner", userName),
|
||||
resource.TestCheckResourceAttr(testDatabaseID, "name", dbName),
|
||||
resource.TestCheckResourceAttr(testDatabaseID, "owner", userName),
|
||||
),
|
||||
},
|
||||
},
|
||||
})
|
||||
}
|
||||
|
||||
func defaultNoEncInstanceTestChecks(testItemID string, data resData) resource.TestCheckFunc {
|
||||
return resource.ComposeAggregateTestCheckFunc(
|
||||
defaultInstanceTestChecks(testItemID, data),
|
||||
|
||||
// check absent attr
|
||||
resource.TestCheckNoResourceAttr(testItemID, "encryption"),
|
||||
resource.TestCheckNoResourceAttr(testItemID, "encryption.kek_key_id"),
|
||||
resource.TestCheckNoResourceAttr(testItemID, "encryption.kek_key_ring_id"),
|
||||
resource.TestCheckNoResourceAttr(testItemID, "encryption.kek_key_version"),
|
||||
resource.TestCheckNoResourceAttr(testItemID, "encryption.service_account"),
|
||||
)
|
||||
}
|
||||
|
||||
func defaultEncInstanceTestChecks(testItemID string, data resData) resource.TestCheckFunc {
|
||||
return resource.ComposeAggregateTestCheckFunc(
|
||||
defaultInstanceTestChecks(testItemID, data),
|
||||
|
||||
// check absent attr
|
||||
resource.TestCheckResourceAttr(testItemID, "encryption.%", "4"),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "encryption.kek_key_id"),
|
||||
resource.TestCheckResourceAttr(testItemID, "encryption.kek_key_id", data.KekKeyID),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "encryption.kek_key_ring_id"),
|
||||
resource.TestCheckResourceAttr(testItemID, "encryption.kek_key_ring_id", data.KekKeyRingID),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "encryption.kek_key_version"),
|
||||
resource.TestCheckResourceAttr(testItemID, "encryption.kek_key_version", strconv.Itoa(int(data.KekKeyVersion))),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "encryption.service_account"),
|
||||
resource.TestCheckResourceAttr(testItemID, "encryption.service_account", data.KekServiceAccount),
|
||||
)
|
||||
}
|
||||
|
||||
func defaultInstanceTestChecks(testItemID string, data resData) resource.TestCheckFunc {
|
||||
// if AccessScope == SNA these are set
|
||||
if data.AccessScope == "SNA" {
|
||||
return resource.ComposeAggregateTestCheckFunc(
|
||||
basicInstanceTestChecks(testItemID, data),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "network.instance_address"),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "network.router_address"),
|
||||
)
|
||||
}
|
||||
|
||||
// if AccessScope == PUBLIC these are empty - but they are set
|
||||
return resource.ComposeAggregateTestCheckFunc(
|
||||
basicInstanceTestChecks(testItemID, data),
|
||||
resource.TestCheckResourceAttr(testItemID, "network.instance_address", ""),
|
||||
resource.TestCheckResourceAttr(testItemID, "network.router_address", ""),
|
||||
)
|
||||
}
|
||||
|
||||
func basicInstanceTestChecks(testItemID string, data resData) resource.TestCheckFunc {
|
||||
return resource.ComposeAggregateTestCheckFunc(
|
||||
resource.TestCheckResourceAttrSet(testItemID, "backup_schedule"),
|
||||
resource.TestCheckResourceAttr(testItemID, "backup_schedule", data.BackupSchedule),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "flavor_id"),
|
||||
resource.TestCheckResourceAttr(testItemID, "flavor_id", data.FlavorID),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "id"),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "instance_id"),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "edition"),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "is_deletable"),
|
||||
resource.TestCheckResourceAttr(testItemID, "is_deletable", "true"),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "name"),
|
||||
resource.TestCheckResourceAttr(testItemID, "name", data.Name),
|
||||
|
||||
// network params check
|
||||
resource.TestCheckResourceAttr(testItemID, "network.%", "4"),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "network.access_scope"),
|
||||
resource.TestCheckResourceAttr(testItemID, "network.access_scope", data.AccessScope),
|
||||
// resource.TestCheckResourceAttrSet(testItemID, "network.acl"),
|
||||
resource.TestCheckResourceAttr(testItemID, "network.acl.#", strconv.Itoa(len(data.ACLStrings))),
|
||||
// instance_address and router_address are only checked in enc
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "project_id"),
|
||||
resource.TestCheckResourceAttr(testItemID, "project_id", data.ProjectID),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "region"),
|
||||
resource.TestCheckResourceAttr(testItemID, "region", data.Region),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "retention_days"),
|
||||
resource.TestCheckResourceAttr(testItemID, "retention_days", strconv.Itoa(int(data.RetentionDays))),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "status"),
|
||||
resource.TestCheckResourceAttr(testItemID, "status", "READY"),
|
||||
|
||||
// storage params check
|
||||
resource.TestCheckResourceAttr(testItemID, "storage.%", "2"),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "storage.class"),
|
||||
resource.TestCheckResourceAttr(testItemID, "storage.class", data.PerformanceClass),
|
||||
resource.TestCheckResourceAttrSet(testItemID, "storage.size"),
|
||||
resource.TestCheckResourceAttr(testItemID, "storage.size", strconv.Itoa(int(data.Size))),
|
||||
|
||||
resource.TestCheckResourceAttrSet(testItemID, "version"),
|
||||
resource.TestCheckResourceAttr(testItemID, "version", data.Version),
|
||||
)
|
||||
}
|
||||
|
||||
func getInstanceTestID(name string) func(s *terraform.State) (string, error) {
|
||||
return func(s *terraform.State) (string, error) {
|
||||
r, ok := s.RootModule().Resources[testutils.ResStr(pfx, "instance", name)]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find resource stackitprivatepreview_postgresflexalpha_instance.%s", name)
|
||||
}
|
||||
projectID, ok := r.Primary.Attributes["project_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute project_id")
|
||||
}
|
||||
region, ok := r.Primary.Attributes["region"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute region")
|
||||
}
|
||||
instanceID, ok := r.Primary.Attributes["instance_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute instance_id")
|
||||
}
|
||||
return fmt.Sprintf("%s,%s,%s", projectID, region, instanceID), nil
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
func getDatabaseTestID(name string) func(s *terraform.State) (string, error) {
|
||||
return func(s *terraform.State) (string, error) {
|
||||
r, ok := s.RootModule().Resources[testutils.ResStr(pfx, "database", name)]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find resource stackitprivatepreview_postgresflexalpha_instance.%s", name)
|
||||
}
|
||||
projectID, ok := r.Primary.Attributes["project_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute project_id")
|
||||
}
|
||||
region, ok := r.Primary.Attributes["region"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute region")
|
||||
}
|
||||
instanceID, ok := r.Primary.Attributes["instance_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute instance_id")
|
||||
}
|
||||
databaseID, ok := r.Primary.Attributes["database_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute database_id")
|
||||
}
|
||||
return fmt.Sprintf("%s,%s,%s,%s", projectID, region, instanceID, databaseID), nil
|
||||
}
|
||||
}
|
||||
|
||||
func getUserTestID(name string) func(s *terraform.State) (string, error) {
|
||||
return func(s *terraform.State) (string, error) {
|
||||
r, ok := s.RootModule().Resources[testutils.ResStr(pfx, "user", name)]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find resource stackitprivatepreview_postgresflexalpha_instance.%s", name)
|
||||
}
|
||||
projectID, ok := r.Primary.Attributes["project_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute project_id")
|
||||
}
|
||||
region, ok := r.Primary.Attributes["region"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute region")
|
||||
}
|
||||
instanceID, ok := r.Primary.Attributes["instance_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute instance_id")
|
||||
}
|
||||
userID, ok := r.Primary.Attributes["user_id"]
|
||||
if !ok {
|
||||
return "", fmt.Errorf("couldn't find attribute user_id")
|
||||
}
|
||||
return fmt.Sprintf("%s,%s,%s,%s", projectID, region, instanceID, userID), nil
|
||||
}
|
||||
}
|
||||
*/
|
||||
func testAccCheckSQLServerFlexDestroy(s *terraform.State) error {
|
||||
testutils.Setup()
|
||||
|
||||
pID, ok := os.LookupEnv("TF_ACC_PROJECT_ID")
|
||||
if !ok {
|
||||
log.Fatalln("unable to read TF_ACC_PROJECT_ID")
|
||||
}
|
||||
|
||||
ctx := context.Background()
|
||||
var client *v3beta1api.APIClient
|
||||
var err error
|
||||
|
||||
var region, projectID string
|
||||
region = testutils.Region
|
||||
if region == "" {
|
||||
region = "eu01"
|
||||
}
|
||||
|
||||
projectID = pID
|
||||
if projectID == "" {
|
||||
return fmt.Errorf("projectID could not be determined in destroy function")
|
||||
}
|
||||
|
||||
apiClientConfigOptions := []config.ConfigurationOption{
|
||||
config.WithServiceAccountKeyPath(os.Getenv("TF_ACC_SERVICE_ACCOUNT_FILE")),
|
||||
config.WithRegion(region),
|
||||
}
|
||||
if testutils.PostgresFlexCustomEndpoint != "" {
|
||||
apiClientConfigOptions = append(
|
||||
apiClientConfigOptions,
|
||||
config.WithEndpoint(testutils.PostgresFlexCustomEndpoint),
|
||||
)
|
||||
}
|
||||
client, err = v3beta1api.NewAPIClient(apiClientConfigOptions...)
|
||||
if err != nil {
|
||||
log.Fatalln(err)
|
||||
}
|
||||
|
||||
instancesToDestroy := []string{}
|
||||
for _, rs := range s.RootModule().Resources {
|
||||
if rs.Type != "stackitprivatepreview_postgresflexalpha_instance" &&
|
||||
rs.Type != "stackitprivatepreview_postgresflexbeta_instance" {
|
||||
continue
|
||||
}
|
||||
|
||||
// instance terraform ID: = "[project_id],[region],[instance_id]"
|
||||
instanceID := strings.Split(rs.Primary.ID, core.Separator)[2]
|
||||
instancesToDestroy = append(instancesToDestroy, instanceID)
|
||||
}
|
||||
|
||||
instancesResp, err := client.DefaultAPI.ListInstancesRequest(ctx, projectID, region).
|
||||
Size(100).
|
||||
Execute()
|
||||
if err != nil {
|
||||
return fmt.Errorf("getting instancesResp: %w", err)
|
||||
}
|
||||
|
||||
items := instancesResp.GetInstances()
|
||||
for i := range items {
|
||||
if items[i].Id == "" {
|
||||
continue
|
||||
}
|
||||
if utils.Contains(instancesToDestroy, items[i].Id) {
|
||||
err := client.DefaultAPI.DeleteInstanceRequest(ctx, projectID, region, items[i].Id).Execute()
|
||||
if err != nil {
|
||||
return fmt.Errorf("deleting instance %s during CheckDestroy: %w", items[i].Id, err)
|
||||
}
|
||||
w := wait.DeleteInstanceWaitHandler(
|
||||
ctx,
|
||||
client.DefaultAPI,
|
||||
testutils.ProjectId,
|
||||
testutils.Region,
|
||||
items[i].Id,
|
||||
)
|
||||
_, waitErr := w.SetTimeout(90 * time.Second).WaitWithContext(context.Background())
|
||||
if waitErr != nil {
|
||||
var oapiErr *oapierror.GenericOpenAPIError
|
||||
isOapiErr := errors.As(waitErr, &oapiErr)
|
||||
if !isOapiErr {
|
||||
return fmt.Errorf("could not convert error to oapierror.GenericOpenAPIError")
|
||||
}
|
||||
if oapiErr.StatusCode != http.StatusNotFound {
|
||||
return waitErr
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue