github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/aws/resource_aws_codepipeline_test.go (about) 1 package aws 2 3 import ( 4 "fmt" 5 "os" 6 "testing" 7 8 "github.com/aws/aws-sdk-go/aws" 9 "github.com/aws/aws-sdk-go/service/codepipeline" 10 "github.com/hashicorp/terraform/helper/acctest" 11 "github.com/hashicorp/terraform/helper/resource" 12 "github.com/hashicorp/terraform/terraform" 13 ) 14 15 func TestAccAWSCodePipeline_basic(t *testing.T) { 16 if os.Getenv("GITHUB_TOKEN") == "" { 17 t.Skip("Environment variable GITHUB_TOKEN is not set") 18 } 19 20 name := acctest.RandString(10) 21 22 resource.Test(t, resource.TestCase{ 23 PreCheck: func() { testAccPreCheck(t) }, 24 Providers: testAccProviders, 25 CheckDestroy: testAccCheckAWSCodePipelineDestroy, 26 Steps: []resource.TestStep{ 27 { 28 Config: testAccAWSCodePipelineConfig_basic(name), 29 Check: resource.ComposeTestCheckFunc( 30 testAccCheckAWSCodePipelineExists("aws_codepipeline.bar"), 31 resource.TestCheckResourceAttr("aws_codepipeline.bar", "artifact_store.0.type", "S3"), 32 resource.TestCheckResourceAttr("aws_codepipeline.bar", "artifact_store.0.encryption_key.0.id", "1234"), 33 resource.TestCheckResourceAttr("aws_codepipeline.bar", "artifact_store.0.encryption_key.0.type", "KMS"), 34 ), 35 }, 36 { 37 Config: testAccAWSCodePipelineConfig_basicUpdated(name), 38 Check: resource.ComposeTestCheckFunc( 39 testAccCheckAWSCodePipelineExists("aws_codepipeline.bar"), 40 resource.TestCheckResourceAttr("aws_codepipeline.bar", "artifact_store.0.type", "S3"), 41 resource.TestCheckResourceAttr("aws_codepipeline.bar", "artifact_store.0.encryption_key.0.id", "4567"), 42 resource.TestCheckResourceAttr("aws_codepipeline.bar", "artifact_store.0.encryption_key.0.type", "KMS"), 43 ), 44 }, 45 }, 46 }) 47 } 48 49 func testAccCheckAWSCodePipelineExists(n string) resource.TestCheckFunc { 50 return func(s *terraform.State) error { 51 rs, ok := s.RootModule().Resources[n] 52 if !ok { 53 return fmt.Errorf("Not found: %s", n) 54 } 55 56 if rs.Primary.ID == "" { 57 return fmt.Errorf("No CodePipeline ID is set") 58 } 59 60 conn := testAccProvider.Meta().(*AWSClient).codepipelineconn 61 62 _, err := conn.GetPipeline(&codepipeline.GetPipelineInput{ 63 Name: aws.String(rs.Primary.ID), 64 }) 65 66 if err != nil { 67 return err 68 } 69 return nil 70 } 71 } 72 73 func testAccCheckAWSCodePipelineDestroy(s *terraform.State) error { 74 conn := testAccProvider.Meta().(*AWSClient).codepipelineconn 75 76 for _, rs := range s.RootModule().Resources { 77 if rs.Type != "aws_codepipeline" { 78 continue 79 } 80 81 _, err := conn.GetPipeline(&codepipeline.GetPipelineInput{ 82 Name: aws.String(rs.Primary.ID), 83 }) 84 85 if err == nil { 86 return fmt.Errorf("Expected AWS CodePipeline to be gone, but was still found") 87 } 88 return nil 89 } 90 91 return fmt.Errorf("Default error in CodePipeline Test") 92 } 93 94 func testAccAWSCodePipelineConfig_basic(rName string) string { 95 return fmt.Sprintf(` 96 resource "aws_s3_bucket" "foo" { 97 bucket = "tf-test-pipeline-%s" 98 acl = "private" 99 } 100 101 resource "aws_iam_role" "codepipeline_role" { 102 name = "codepipeline-role-%s" 103 104 assume_role_policy = <<EOF 105 { 106 "Version": "2012-10-17", 107 "Statement": [ 108 { 109 "Effect": "Allow", 110 "Principal": { 111 "Service": "codepipeline.amazonaws.com" 112 }, 113 "Action": "sts:AssumeRole" 114 } 115 ] 116 } 117 EOF 118 } 119 120 resource "aws_iam_role_policy" "codepipeline_policy" { 121 name = "codepipeline_policy" 122 role = "${aws_iam_role.codepipeline_role.id}" 123 124 policy = <<EOF 125 { 126 "Version": "2012-10-17", 127 "Statement": [ 128 { 129 "Effect":"Allow", 130 "Action": [ 131 "s3:GetObject", 132 "s3:GetObjectVersion", 133 "s3:GetBucketVersioning" 134 ], 135 "Resource": [ 136 "${aws_s3_bucket.foo.arn}", 137 "${aws_s3_bucket.foo.arn}/*" 138 ] 139 }, 140 { 141 "Effect": "Allow", 142 "Action": [ 143 "codebuild:BatchGetBuilds", 144 "codebuild:StartBuild" 145 ], 146 "Resource": "*" 147 } 148 ] 149 } 150 EOF 151 } 152 153 resource "aws_codepipeline" "bar" { 154 name = "test-pipeline-%s" 155 role_arn = "${aws_iam_role.codepipeline_role.arn}" 156 157 artifact_store { 158 location = "${aws_s3_bucket.foo.bucket}" 159 type = "S3" 160 161 encryption_key { 162 id = "1234" 163 type = "KMS" 164 } 165 } 166 167 stage { 168 name = "Source" 169 170 action { 171 name = "Source" 172 category = "Source" 173 owner = "ThirdParty" 174 provider = "GitHub" 175 version = "1" 176 output_artifacts = ["test"] 177 178 configuration { 179 Owner = "lifesum-terraform" 180 Repo = "test" 181 Branch = "master" 182 } 183 } 184 } 185 186 stage { 187 name = "Build" 188 189 action { 190 name = "Build" 191 category = "Build" 192 owner = "AWS" 193 provider = "CodeBuild" 194 input_artifacts = ["test"] 195 version = "1" 196 197 configuration { 198 ProjectName = "test" 199 } 200 } 201 } 202 } 203 `, rName, rName, rName) 204 } 205 206 func testAccAWSCodePipelineConfig_basicUpdated(rName string) string { 207 return fmt.Sprintf(` 208 resource "aws_s3_bucket" "foo" { 209 bucket = "tf-test-pipeline-%s" 210 acl = "private" 211 } 212 213 resource "aws_iam_role" "codepipeline_role" { 214 name = "codepipeline-role-%s" 215 216 assume_role_policy = <<EOF 217 { 218 "Version": "2012-10-17", 219 "Statement": [ 220 { 221 "Effect": "Allow", 222 "Principal": { 223 "Service": "codepipeline.amazonaws.com" 224 }, 225 "Action": "sts:AssumeRole" 226 } 227 ] 228 } 229 EOF 230 } 231 232 resource "aws_iam_role_policy" "codepipeline_policy" { 233 name = "codepipeline_policy" 234 role = "${aws_iam_role.codepipeline_role.id}" 235 236 policy = <<EOF 237 { 238 "Version": "2012-10-17", 239 "Statement": [ 240 { 241 "Effect":"Allow", 242 "Action": [ 243 "s3:GetObject", 244 "s3:GetObjectVersion", 245 "s3:GetBucketVersioning" 246 ], 247 "Resource": [ 248 "${aws_s3_bucket.foo.arn}", 249 "${aws_s3_bucket.foo.arn}/*" 250 ] 251 }, 252 { 253 "Effect": "Allow", 254 "Action": [ 255 "codebuild:BatchGetBuilds", 256 "codebuild:StartBuild" 257 ], 258 "Resource": "*" 259 } 260 ] 261 } 262 EOF 263 } 264 265 resource "aws_codepipeline" "bar" { 266 name = "test-pipeline-%s" 267 role_arn = "${aws_iam_role.codepipeline_role.arn}" 268 269 artifact_store { 270 location = "${aws_s3_bucket.foo.bucket}" 271 type = "S3" 272 273 encryption_key { 274 id = "4567" 275 type = "KMS" 276 } 277 } 278 279 stage { 280 name = "Source" 281 282 action { 283 name = "Source" 284 category = "Source" 285 owner = "ThirdParty" 286 provider = "GitHub" 287 version = "1" 288 output_artifacts = ["bar"] 289 290 configuration { 291 Owner = "foo-terraform" 292 Repo = "bar" 293 Branch = "stable" 294 } 295 } 296 } 297 298 stage { 299 name = "Build" 300 301 action { 302 name = "Build" 303 category = "Build" 304 owner = "AWS" 305 provider = "CodeBuild" 306 input_artifacts = ["bar"] 307 version = "1" 308 309 configuration { 310 ProjectName = "foo" 311 } 312 } 313 } 314 } 315 `, rName, rName, rName) 316 }