github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/tls/resource_cert_request_test.go (about) 1 package tls 2 3 import ( 4 "crypto/x509" 5 "encoding/pem" 6 "fmt" 7 "strings" 8 "testing" 9 10 r "github.com/hashicorp/terraform/helper/resource" 11 "github.com/hashicorp/terraform/terraform" 12 ) 13 14 func TestCertRequest(t *testing.T) { 15 r.Test(t, r.TestCase{ 16 Providers: testProviders, 17 Steps: []r.TestStep{ 18 r.TestStep{ 19 Config: fmt.Sprintf(` 20 resource "tls_cert_request" "test" { 21 subject { 22 common_name = "example.com" 23 organization = "Example, Inc" 24 organizational_unit = "Department of Terraform Testing" 25 street_address = ["5879 Cotton Link"] 26 locality = "Pirate Harbor" 27 province = "CA" 28 country = "US" 29 postal_code = "95559-1227" 30 serial_number = "2" 31 } 32 33 dns_names = [ 34 "example.com", 35 "example.net", 36 ] 37 38 ip_addresses = [ 39 "127.0.0.1", 40 "127.0.0.2", 41 ] 42 43 key_algorithm = "RSA" 44 private_key_pem = <<EOT 45 %s 46 EOT 47 } 48 output "key_pem" { 49 value = "${tls_cert_request.test.cert_request_pem}" 50 } 51 `, testPrivateKey), 52 Check: func(s *terraform.State) error { 53 gotUntyped := s.RootModule().Outputs["key_pem"].Value 54 55 got, ok := gotUntyped.(string) 56 if !ok { 57 return fmt.Errorf("output for \"key_pem\" is not a string") 58 } 59 60 if !strings.HasPrefix(got, "-----BEGIN CERTIFICATE REQUEST----") { 61 return fmt.Errorf("key is missing CSR PEM preamble") 62 } 63 block, _ := pem.Decode([]byte(got)) 64 csr, err := x509.ParseCertificateRequest(block.Bytes) 65 if err != nil { 66 return fmt.Errorf("error parsing CSR: %s", err) 67 } 68 if expected, got := "2", csr.Subject.SerialNumber; got != expected { 69 return fmt.Errorf("incorrect subject serial number: expected %v, got %v", expected, got) 70 } 71 if expected, got := "example.com", csr.Subject.CommonName; got != expected { 72 return fmt.Errorf("incorrect subject common name: expected %v, got %v", expected, got) 73 } 74 if expected, got := "Example, Inc", csr.Subject.Organization[0]; got != expected { 75 return fmt.Errorf("incorrect subject organization: expected %v, got %v", expected, got) 76 } 77 if expected, got := "Department of Terraform Testing", csr.Subject.OrganizationalUnit[0]; got != expected { 78 return fmt.Errorf("incorrect subject organizational unit: expected %v, got %v", expected, got) 79 } 80 if expected, got := "5879 Cotton Link", csr.Subject.StreetAddress[0]; got != expected { 81 return fmt.Errorf("incorrect subject street address: expected %v, got %v", expected, got) 82 } 83 if expected, got := "Pirate Harbor", csr.Subject.Locality[0]; got != expected { 84 return fmt.Errorf("incorrect subject locality: expected %v, got %v", expected, got) 85 } 86 if expected, got := "CA", csr.Subject.Province[0]; got != expected { 87 return fmt.Errorf("incorrect subject province: expected %v, got %v", expected, got) 88 } 89 if expected, got := "US", csr.Subject.Country[0]; got != expected { 90 return fmt.Errorf("incorrect subject country: expected %v, got %v", expected, got) 91 } 92 if expected, got := "95559-1227", csr.Subject.PostalCode[0]; got != expected { 93 return fmt.Errorf("incorrect subject postal code: expected %v, got %v", expected, got) 94 } 95 96 if expected, got := 2, len(csr.DNSNames); got != expected { 97 return fmt.Errorf("incorrect number of DNS names: expected %v, got %v", expected, got) 98 } 99 if expected, got := "example.com", csr.DNSNames[0]; got != expected { 100 return fmt.Errorf("incorrect DNS name 0: expected %v, got %v", expected, got) 101 } 102 if expected, got := "example.net", csr.DNSNames[1]; got != expected { 103 return fmt.Errorf("incorrect DNS name 0: expected %v, got %v", expected, got) 104 } 105 106 if expected, got := 2, len(csr.IPAddresses); got != expected { 107 return fmt.Errorf("incorrect number of IP addresses: expected %v, got %v", expected, got) 108 } 109 if expected, got := "127.0.0.1", csr.IPAddresses[0].String(); got != expected { 110 return fmt.Errorf("incorrect IP address 0: expected %v, got %v", expected, got) 111 } 112 if expected, got := "127.0.0.2", csr.IPAddresses[1].String(); got != expected { 113 return fmt.Errorf("incorrect IP address 0: expected %v, got %v", expected, got) 114 } 115 116 return nil 117 }, 118 }, 119 }, 120 }) 121 }