Add acceptance tests

hashicorp · Apr 20, 2015 · ade9e60 · ade9e60
1 parent 9a8396f
commit ade9e60
Show file tree

Hide file tree

Showing 10 changed files with 786 additions and 13 deletions.
diff --git a/builtin/providers/aws/resource_aws_iam_access_key_test.go b/builtin/providers/aws/resource_aws_iam_access_key_test.go
@@ -0,0 +1,117 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/awslabs/aws-sdk-go/aws"
+	"github.com/awslabs/aws-sdk-go/service/iam"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSAccessKey_normal(t *testing.T) {
+	var conf iam.AccessKeyMetadata
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSAccessKeyDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccAWSAccessKeyConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSAccessKeyExists("aws_iam_access_key.a_key", &conf),
+					testAccCheckAWSAccessKeyAttributes(&conf),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAWSAccessKeyDestroy(s *terraform.State) error {
+	iamconn := testAccProvider.Meta().(*AWSClient).iamconn
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_access_key" {
+			continue
+		}
+
+		// Try to get access key
+		resp, err := iamconn.ListAccessKeys(&iam.ListAccessKeysInput{
+			UserName: aws.String(rs.Primary.ID),
+		})
+		if err == nil {
+			if len(resp.AccessKeyMetadata) > 0 {
+				return fmt.Errorf("still exist.")
+			}
+			return nil
+		}
+
+		// Verify the error is what we want
+		ec2err, ok := err.(aws.APIError)
+		if !ok {
+			return err
+		}
+		if ec2err.Code != "NoSuchEntity" {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func testAccCheckAWSAccessKeyExists(n string, res *iam.AccessKeyMetadata) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No Role name is set")
+		}
+
+		iamconn := testAccProvider.Meta().(*AWSClient).iamconn
+
+		resp, err := iamconn.ListAccessKeys(&iam.ListAccessKeysInput{
+			UserName: aws.String("testuser"),
+		})
+		if err != nil {
+			return err
+		}
+
+		if len(resp.AccessKeyMetadata) != 1 ||
+			*resp.AccessKeyMetadata[0].UserName != "testuser" {
+			return fmt.Errorf("User not found not found")
+		}
+
+		*res = *resp.AccessKeyMetadata[0]
+
+		return nil
+	}
+}
+
+func testAccCheckAWSAccessKeyAttributes(accessKeyMetadata *iam.AccessKeyMetadata) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		if *accessKeyMetadata.UserName != "testuser" {
+			return fmt.Errorf("Bad username: %s", *accessKeyMetadata.UserName)
+		}
+
+		if *accessKeyMetadata.Status != "Active" {
+			return fmt.Errorf("Bad status: %s", *accessKeyMetadata.Status)
+		}
+
+		return nil
+	}
+}
+
+const testAccAWSAccessKeyConfig = `
+resource "aws_iam_user" "a_user" {
+	name = "testuser"
+}
+
+resource "aws_iam_access_key" "a_key" {
+	user = "${aws_iam_user.a_user.name}"
+}
+`
diff --git a/builtin/providers/aws/resource_aws_iam_group_policy.go b/builtin/providers/aws/resource_aws_iam_group_policy.go
@@ -59,7 +59,7 @@ func resourceAwsIamGroupPolicyPut(d *schema.ResourceData, meta interface{}) erro
 func resourceAwsIamGroupPolicyRead(d *schema.ResourceData, meta interface{}) error {
 	iamconn := meta.(*AWSClient).iamconn
 
-	group, name := resourceAwsIamGroupPolicyParseId(d)
+	group, name := resourceAwsIamGroupPolicyParseId(d.Id())
 
 	request := &iam.GetGroupPolicyInput{
 		PolicyName: aws.String(name),
@@ -89,7 +89,7 @@ func resourceAwsIamGroupPolicyRead(d *schema.ResourceData, meta interface{}) err
 func resourceAwsIamGroupPolicyDelete(d *schema.ResourceData, meta interface{}) error {
 	iamconn := meta.(*AWSClient).iamconn
 
-	group, name := resourceAwsIamGroupPolicyParseId(d)
+	group, name := resourceAwsIamGroupPolicyParseId(d.Id())
 
 	request := &iam.DeleteGroupPolicyInput{
 		PolicyName: aws.String(name),
@@ -102,8 +102,8 @@ func resourceAwsIamGroupPolicyDelete(d *schema.ResourceData, meta interface{}) e
 	return nil
 }
 
-func resourceAwsIamGroupPolicyParseId(d *schema.ResourceData) (groupName, policyName string) {
-	parts := strings.SplitN(d.Id(), ":", 2)
+func resourceAwsIamGroupPolicyParseId(id string) (groupName, policyName string) {
+	parts := strings.SplitN(id, ":", 2)
 	groupName = parts[0]
 	policyName = parts[1]
 	return

diff --git a/builtin/providers/aws/resource_aws_iam_group_policy_test.go b/builtin/providers/aws/resource_aws_iam_group_policy_test.go
@@ -0,0 +1,112 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/awslabs/aws-sdk-go/aws"
+	"github.com/awslabs/aws-sdk-go/service/iam"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSIAMGroupPolicy(t *testing.T) {
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckIAMGroupPolicyDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccIAMGroupPolicyConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIAMGroupPolicy(
+						"aws_iam_group.group",
+						"aws_iam_group_policy.foo",
+					),
+				),
+			},
+			resource.TestStep{
+				Config: testAccIAMGroupPolicyConfigUpdate,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckIAMGroupPolicy(
+						"aws_iam_group.group",
+						"aws_iam_group_policy.bar",
+					),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckIAMGroupPolicyDestroy(s *terraform.State) error {
+	if len(s.RootModule().Resources) > 0 {
+		return fmt.Errorf("Expected all resources to be gone, but found: %#v", s.RootModule().Resources)
+	}
+
+	return nil
+}
+
+func testAccCheckIAMGroupPolicy(
+	iamGroupResource string,
+	iamGroupPolicyResource string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[iamGroupResource]
+		if !ok {
+			return fmt.Errorf("Not Found: %s", iamGroupResource)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No ID is set")
+		}
+
+		policy, ok := s.RootModule().Resources[iamGroupPolicyResource]
+		if !ok {
+			return fmt.Errorf("Not Found: %s", iamGroupPolicyResource)
+		}
+
+		iamconn := testAccProvider.Meta().(*AWSClient).iamconn
+		group, name := resourceAwsIamGroupPolicyParseId(policy.Primary.ID)
+		_, err := iamconn.GetGroupPolicy(&iam.GetGroupPolicyInput{
+			GroupName:  aws.String(group),
+			PolicyName: aws.String(name),
+		})
+
+		if err != nil {
+			return err
+		}
+
+		return nil
+	}
+}
+
+const testAccIAMGroupPolicyConfig = `
+resource "aws_iam_group" "group" {
+	name = "test_group"
+	path = "/"
+}
+
+resource "aws_iam_group_policy" "foo" {
+	name = "foo_policy"
+	group = "${aws_iam_group.group.name}"
+	policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
+}
+`
+
+const testAccIAMGroupPolicyConfigUpdate = `
+resource "aws_iam_group" "group" {
+	name = "test_group"
+	path = "/"
+}
+
+resource "aws_iam_group_policy" "foo" {
+	name = "foo_policy"
+	group = "${aws_iam_group.group.name}"
+	policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
+}
+
+resource "aws_iam_group_policy" "bar" {
+	name = "bar_policy"
+	group = "${aws_iam_group.group.name}"
+	policy = "{\"Version\":\"2012-10-17\",\"Statement\":{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}}"
+}
+`
diff --git a/builtin/providers/aws/resource_aws_iam_group_test.go b/builtin/providers/aws/resource_aws_iam_group_test.go
@@ -0,0 +1,106 @@
+package aws
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/awslabs/aws-sdk-go/aws"
+	"github.com/awslabs/aws-sdk-go/service/iam"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSGroup_normal(t *testing.T) {
+	var conf iam.GetGroupOutput
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSGroupDestroy,
+		Steps: []resource.TestStep{
+			resource.TestStep{
+				Config: testAccAWSGroupConfig,
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSGroupExists("aws_iam_group.group", &conf),
+					testAccCheckAWSGroupAttributes(&conf),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAWSGroupDestroy(s *terraform.State) error {
+	iamconn := testAccProvider.Meta().(*AWSClient).iamconn
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_iam_group" {
+			continue
+		}
+
+		// Try to get group
+		_, err := iamconn.GetGroup(&iam.GetGroupInput{
+			GroupName: aws.String(rs.Primary.ID),
+		})
+		if err == nil {
+			return fmt.Errorf("still exist.")
+		}
+
+		// Verify the error is what we want
+		ec2err, ok := err.(aws.APIError)
+		if !ok {
+			return err
+		}
+		if ec2err.Code != "NoSuchEntity" {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func testAccCheckAWSGroupExists(n string, res *iam.GetGroupOutput) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+		if !ok {
+			return fmt.Errorf("Not found: %s", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return fmt.Errorf("No Group name is set")
+		}
+
+		iamconn := testAccProvider.Meta().(*AWSClient).iamconn
+
+		resp, err := iamconn.GetGroup(&iam.GetGroupInput{
+			GroupName: aws.String(rs.Primary.ID),
+		})
+		if err != nil {
+			return err
+		}
+
+		*res = *resp
+
+		return nil
+	}
+}
+
+func testAccCheckAWSGroupAttributes(group *iam.GetGroupOutput) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		if *group.Group.GroupName != "test-group" {
+			return fmt.Errorf("Bad name: %s", *group.Group.GroupName)
+		}
+
+		if *group.Group.Path != "/" {
+			return fmt.Errorf("Bad path: %s", *group.Group.Path)
+		}
+
+		return nil
+	}
+}
+
+const testAccAWSGroupConfig = `
+resource "aws_iam_group" "group" {
+	name = "test-group"
+	path = "/"
+}
+`
diff --git a/builtin/providers/aws/resource_aws_iam_role_policy.go b/builtin/providers/aws/resource_aws_iam_role_policy.go
@@ -59,7 +59,7 @@ func resourceAwsIamRolePolicyPut(d *schema.ResourceData, meta interface{}) error
 func resourceAwsIamRolePolicyRead(d *schema.ResourceData, meta interface{}) error {
 	iamconn := meta.(*AWSClient).iamconn
 
-	role, name := resourceAwsIamRolePolicyParseId(d)
+	role, name := resourceAwsIamRolePolicyParseId(d.Id())
 
 	request := &iam.GetRolePolicyInput{
 		PolicyName: aws.String(name),
@@ -89,7 +89,7 @@ func resourceAwsIamRolePolicyRead(d *schema.ResourceData, meta interface{}) erro
 func resourceAwsIamRolePolicyDelete(d *schema.ResourceData, meta interface{}) error {
 	iamconn := meta.(*AWSClient).iamconn
 
-	role, name := resourceAwsIamRolePolicyParseId(d)
+	role, name := resourceAwsIamRolePolicyParseId(d.Id())
 
 	request := &iam.DeleteRolePolicyInput{
 		PolicyName: aws.String(name),
@@ -102,9 +102,9 @@ func resourceAwsIamRolePolicyDelete(d *schema.ResourceData, meta interface{}) er
 	return nil
 }
 
-func resourceAwsIamRolePolicyParseId(d *schema.ResourceData) (userName, policyName string) {
-	parts := strings.SplitN(d.Id(), ":", 2)
-	userName = parts[0]
+func resourceAwsIamRolePolicyParseId(id string) (roleName, policyName string) {
+	parts := strings.SplitN(id, ":", 2)
+	roleName = parts[0]
 	policyName = parts[1]
 	return
 }