github.com/danp/terraform@v0.9.5-0.20170426144147-39d740081351/builtin/providers/vault/resource_policy_test.go (about) 1 package vault 2 3 import ( 4 "fmt" 5 "testing" 6 7 r "github.com/hashicorp/terraform/helper/resource" 8 "github.com/hashicorp/terraform/terraform" 9 "github.com/hashicorp/vault/api" 10 ) 11 12 func TestResourcePolicy(t *testing.T) { 13 r.Test(t, r.TestCase{ 14 Providers: testProviders, 15 PreCheck: func() { testAccPreCheck(t) }, 16 Steps: []r.TestStep{ 17 r.TestStep{ 18 Config: testResourcePolicy_initialConfig, 19 Check: testResourcePolicy_initialCheck, 20 }, 21 r.TestStep{ 22 Config: testResourcePolicy_updateConfig, 23 Check: testResourcePolicy_updateCheck, 24 }, 25 }, 26 }) 27 } 28 29 var testResourcePolicy_initialConfig = ` 30 31 resource "vault_policy" "test" { 32 name = "dev-team" 33 policy = <<EOT 34 path "secret/*" { 35 policy = "read" 36 } 37 EOT 38 } 39 40 ` 41 42 func testResourcePolicy_initialCheck(s *terraform.State) error { 43 resourceState := s.Modules[0].Resources["vault_policy.test"] 44 if resourceState == nil { 45 return fmt.Errorf("resource not found in state") 46 } 47 48 instanceState := resourceState.Primary 49 if instanceState == nil { 50 return fmt.Errorf("resource has no primary instance") 51 } 52 53 name := instanceState.ID 54 55 if name != instanceState.Attributes["name"] { 56 return fmt.Errorf("id doesn't match name") 57 } 58 59 if name != "dev-team" { 60 return fmt.Errorf("unexpected policy name") 61 } 62 63 client := testProvider.Meta().(*api.Client) 64 policy, err := client.Sys().GetPolicy(name) 65 if err != nil { 66 return fmt.Errorf("error reading back policy: %s", err) 67 } 68 69 if got, want := policy, "path \"secret/*\" {\n\tpolicy = \"read\"\n}\n"; got != want { 70 return fmt.Errorf("policy data is %q; want %q", got, want) 71 } 72 73 return nil 74 } 75 76 var testResourcePolicy_updateConfig = ` 77 78 resource "vault_policy" "test" { 79 name = "dev-team" 80 policy = <<EOT 81 path "secret/*" { 82 policy = "write" 83 } 84 EOT 85 } 86 87 ` 88 89 func testResourcePolicy_updateCheck(s *terraform.State) error { 90 resourceState := s.Modules[0].Resources["vault_policy.test"] 91 instanceState := resourceState.Primary 92 93 name := instanceState.ID 94 95 client := testProvider.Meta().(*api.Client) 96 97 if name != instanceState.Attributes["name"] { 98 return fmt.Errorf("id doesn't match name") 99 } 100 101 if name != "dev-team" { 102 return fmt.Errorf("unexpected policy name") 103 } 104 105 policy, err := client.Sys().GetPolicy(name) 106 if err != nil { 107 return fmt.Errorf("error reading back policy: %s", err) 108 } 109 110 if got, want := policy, "path \"secret/*\" {\n\tpolicy = \"write\"\n}\n"; got != want { 111 return fmt.Errorf("policy data is %q; want %q", got, want) 112 } 113 114 return nil 115 }