github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/tls/resource_cert_request_test.go (about)

     1  package tls
     2  
     3  import (
     4  	"crypto/x509"
     5  	"encoding/pem"
     6  	"fmt"
     7  	"strings"
     8  	"testing"
     9  
    10  	r "github.com/hashicorp/terraform/helper/resource"
    11  	"github.com/hashicorp/terraform/terraform"
    12  )
    13  
    14  func TestCertRequest(t *testing.T) {
    15  	r.Test(t, r.TestCase{
    16  		Providers: testProviders,
    17  		Steps: []r.TestStep{
    18  			r.TestStep{
    19  				Config: fmt.Sprintf(`
    20                      resource "tls_cert_request" "test" {
    21                          subject {
    22                              common_name = "example.com"
    23                              organization = "Example, Inc"
    24                              organizational_unit = "Department of Terraform Testing"
    25                              street_address = ["5879 Cotton Link"]
    26                              locality = "Pirate Harbor"
    27                              province = "CA"
    28                              country = "US"
    29                              postal_code = "95559-1227"
    30                              serial_number = "2"
    31                          }
    32  
    33                          dns_names = [
    34                              "example.com",
    35                              "example.net",
    36                          ]
    37  
    38                          ip_addresses = [
    39                              "127.0.0.1",
    40                              "127.0.0.2",
    41                          ]
    42  
    43                          key_algorithm = "RSA"
    44                          private_key_pem = <<EOT
    45  %s
    46  EOT
    47                      }
    48                      output "key_pem" {
    49                          value = "${tls_cert_request.test.cert_request_pem}"
    50                      }
    51                  `, testPrivateKey),
    52  				Check: func(s *terraform.State) error {
    53  					gotUntyped := s.RootModule().Outputs["key_pem"].Value
    54  
    55  					got, ok := gotUntyped.(string)
    56  					if !ok {
    57  						return fmt.Errorf("output for \"key_pem\" is not a string")
    58  					}
    59  
    60  					if !strings.HasPrefix(got, "-----BEGIN CERTIFICATE REQUEST----") {
    61  						return fmt.Errorf("key is missing CSR PEM preamble")
    62  					}
    63  					block, _ := pem.Decode([]byte(got))
    64  					csr, err := x509.ParseCertificateRequest(block.Bytes)
    65  					if err != nil {
    66  						return fmt.Errorf("error parsing CSR: %s", err)
    67  					}
    68  					if expected, got := "2", csr.Subject.SerialNumber; got != expected {
    69  						return fmt.Errorf("incorrect subject serial number: expected %v, got %v", expected, got)
    70  					}
    71  					if expected, got := "example.com", csr.Subject.CommonName; got != expected {
    72  						return fmt.Errorf("incorrect subject common name: expected %v, got %v", expected, got)
    73  					}
    74  					if expected, got := "Example, Inc", csr.Subject.Organization[0]; got != expected {
    75  						return fmt.Errorf("incorrect subject organization: expected %v, got %v", expected, got)
    76  					}
    77  					if expected, got := "Department of Terraform Testing", csr.Subject.OrganizationalUnit[0]; got != expected {
    78  						return fmt.Errorf("incorrect subject organizational unit: expected %v, got %v", expected, got)
    79  					}
    80  					if expected, got := "5879 Cotton Link", csr.Subject.StreetAddress[0]; got != expected {
    81  						return fmt.Errorf("incorrect subject street address: expected %v, got %v", expected, got)
    82  					}
    83  					if expected, got := "Pirate Harbor", csr.Subject.Locality[0]; got != expected {
    84  						return fmt.Errorf("incorrect subject locality: expected %v, got %v", expected, got)
    85  					}
    86  					if expected, got := "CA", csr.Subject.Province[0]; got != expected {
    87  						return fmt.Errorf("incorrect subject province: expected %v, got %v", expected, got)
    88  					}
    89  					if expected, got := "US", csr.Subject.Country[0]; got != expected {
    90  						return fmt.Errorf("incorrect subject country: expected %v, got %v", expected, got)
    91  					}
    92  					if expected, got := "95559-1227", csr.Subject.PostalCode[0]; got != expected {
    93  						return fmt.Errorf("incorrect subject postal code: expected %v, got %v", expected, got)
    94  					}
    95  
    96  					if expected, got := 2, len(csr.DNSNames); got != expected {
    97  						return fmt.Errorf("incorrect number of DNS names: expected %v, got %v", expected, got)
    98  					}
    99  					if expected, got := "example.com", csr.DNSNames[0]; got != expected {
   100  						return fmt.Errorf("incorrect DNS name 0: expected %v, got %v", expected, got)
   101  					}
   102  					if expected, got := "example.net", csr.DNSNames[1]; got != expected {
   103  						return fmt.Errorf("incorrect DNS name 0: expected %v, got %v", expected, got)
   104  					}
   105  
   106  					if expected, got := 2, len(csr.IPAddresses); got != expected {
   107  						return fmt.Errorf("incorrect number of IP addresses: expected %v, got %v", expected, got)
   108  					}
   109  					if expected, got := "127.0.0.1", csr.IPAddresses[0].String(); got != expected {
   110  						return fmt.Errorf("incorrect IP address 0: expected %v, got %v", expected, got)
   111  					}
   112  					if expected, got := "127.0.0.2", csr.IPAddresses[1].String(); got != expected {
   113  						return fmt.Errorf("incorrect IP address 0: expected %v, got %v", expected, got)
   114  					}
   115  
   116  					return nil
   117  				},
   118  			},
   119  		},
   120  	})
   121  }