github.com/graywolf-at-work-2/terraform-vendor@v1.4.5/internal/backend/remote-state/azure/backend_test.go (about) 1 package azure 2 3 import ( 4 "context" 5 "os" 6 "testing" 7 8 "github.com/hashicorp/terraform/internal/backend" 9 "github.com/hashicorp/terraform/internal/legacy/helper/acctest" 10 ) 11 12 func TestBackend_impl(t *testing.T) { 13 var _ backend.Backend = new(Backend) 14 } 15 16 func TestBackendConfig(t *testing.T) { 17 // This test just instantiates the client. Shouldn't make any actual 18 // requests nor incur any costs. 19 20 config := map[string]interface{}{ 21 "storage_account_name": "tfaccount", 22 "container_name": "tfcontainer", 23 "key": "state", 24 "snapshot": false, 25 // Access Key must be Base64 26 "access_key": "QUNDRVNTX0tFWQ0K", 27 } 28 29 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(config)).(*Backend) 30 31 if b.containerName != "tfcontainer" { 32 t.Fatalf("Incorrect bucketName was populated") 33 } 34 if b.keyName != "state" { 35 t.Fatalf("Incorrect keyName was populated") 36 } 37 if b.snapshot != false { 38 t.Fatalf("Incorrect snapshot was populated") 39 } 40 } 41 42 func TestAccBackendAccessKeyBasic(t *testing.T) { 43 testAccAzureBackend(t) 44 rs := acctest.RandString(4) 45 res := testResourceNames(rs, "testState") 46 armClient := buildTestClient(t, res) 47 48 ctx := context.TODO() 49 err := armClient.buildTestResources(ctx, &res) 50 defer armClient.destroyTestResources(ctx, res) 51 if err != nil { 52 armClient.destroyTestResources(ctx, res) 53 t.Fatalf("Error creating Test Resources: %q", err) 54 } 55 56 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 57 "storage_account_name": res.storageAccountName, 58 "container_name": res.storageContainerName, 59 "key": res.storageKeyName, 60 "access_key": res.storageAccountAccessKey, 61 "environment": os.Getenv("ARM_ENVIRONMENT"), 62 "endpoint": os.Getenv("ARM_ENDPOINT"), 63 })).(*Backend) 64 65 backend.TestBackendStates(t, b) 66 } 67 68 func TestAccBackendSASTokenBasic(t *testing.T) { 69 testAccAzureBackend(t) 70 rs := acctest.RandString(4) 71 res := testResourceNames(rs, "testState") 72 armClient := buildTestClient(t, res) 73 74 ctx := context.TODO() 75 err := armClient.buildTestResources(ctx, &res) 76 defer armClient.destroyTestResources(ctx, res) 77 if err != nil { 78 t.Fatalf("Error creating Test Resources: %q", err) 79 } 80 81 sasToken, err := buildSasToken(res.storageAccountName, res.storageAccountAccessKey) 82 if err != nil { 83 t.Fatalf("Error building SAS Token: %+v", err) 84 } 85 86 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 87 "storage_account_name": res.storageAccountName, 88 "container_name": res.storageContainerName, 89 "key": res.storageKeyName, 90 "sas_token": *sasToken, 91 "environment": os.Getenv("ARM_ENVIRONMENT"), 92 "endpoint": os.Getenv("ARM_ENDPOINT"), 93 })).(*Backend) 94 95 backend.TestBackendStates(t, b) 96 } 97 98 func TestAccBackendOIDCBasic(t *testing.T) { 99 testAccAzureBackend(t) 100 rs := acctest.RandString(4) 101 res := testResourceNames(rs, "testState") 102 armClient := buildTestClient(t, res) 103 104 ctx := context.TODO() 105 err := armClient.buildTestResources(ctx, &res) 106 defer armClient.destroyTestResources(ctx, res) 107 if err != nil { 108 t.Fatalf("Error creating Test Resources: %q", err) 109 } 110 111 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 112 "storage_account_name": res.storageAccountName, 113 "container_name": res.storageContainerName, 114 "key": res.storageKeyName, 115 "resource_group_name": res.resourceGroup, 116 "use_oidc": true, 117 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 118 "tenant_id": os.Getenv("ARM_TENANT_ID"), 119 "environment": os.Getenv("ARM_ENVIRONMENT"), 120 "endpoint": os.Getenv("ARM_ENDPOINT"), 121 })).(*Backend) 122 123 backend.TestBackendStates(t, b) 124 } 125 126 func TestAccBackendAzureADAuthBasic(t *testing.T) { 127 testAccAzureBackend(t) 128 rs := acctest.RandString(4) 129 res := testResourceNames(rs, "testState") 130 res.useAzureADAuth = true 131 armClient := buildTestClient(t, res) 132 133 ctx := context.TODO() 134 err := armClient.buildTestResources(ctx, &res) 135 defer armClient.destroyTestResources(ctx, res) 136 if err != nil { 137 armClient.destroyTestResources(ctx, res) 138 t.Fatalf("Error creating Test Resources: %q", err) 139 } 140 141 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 142 "storage_account_name": res.storageAccountName, 143 "container_name": res.storageContainerName, 144 "key": res.storageKeyName, 145 "access_key": res.storageAccountAccessKey, 146 "environment": os.Getenv("ARM_ENVIRONMENT"), 147 "endpoint": os.Getenv("ARM_ENDPOINT"), 148 "use_azuread_auth": true, 149 })).(*Backend) 150 151 backend.TestBackendStates(t, b) 152 } 153 154 func TestAccBackendManagedServiceIdentityBasic(t *testing.T) { 155 testAccAzureBackendRunningInAzure(t) 156 rs := acctest.RandString(4) 157 res := testResourceNames(rs, "testState") 158 armClient := buildTestClient(t, res) 159 160 ctx := context.TODO() 161 err := armClient.buildTestResources(ctx, &res) 162 defer armClient.destroyTestResources(ctx, res) 163 if err != nil { 164 t.Fatalf("Error creating Test Resources: %q", err) 165 } 166 167 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 168 "storage_account_name": res.storageAccountName, 169 "container_name": res.storageContainerName, 170 "key": res.storageKeyName, 171 "resource_group_name": res.resourceGroup, 172 "use_msi": true, 173 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 174 "tenant_id": os.Getenv("ARM_TENANT_ID"), 175 "environment": os.Getenv("ARM_ENVIRONMENT"), 176 "endpoint": os.Getenv("ARM_ENDPOINT"), 177 })).(*Backend) 178 179 backend.TestBackendStates(t, b) 180 } 181 182 func TestAccBackendServicePrincipalClientCertificateBasic(t *testing.T) { 183 testAccAzureBackend(t) 184 185 clientCertPassword := os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD") 186 clientCertPath := os.Getenv("ARM_CLIENT_CERTIFICATE_PATH") 187 if clientCertPath == "" { 188 t.Skip("Skipping since `ARM_CLIENT_CERTIFICATE_PATH` is not specified!") 189 } 190 191 rs := acctest.RandString(4) 192 res := testResourceNames(rs, "testState") 193 armClient := buildTestClient(t, res) 194 195 ctx := context.TODO() 196 err := armClient.buildTestResources(ctx, &res) 197 defer armClient.destroyTestResources(ctx, res) 198 if err != nil { 199 t.Fatalf("Error creating Test Resources: %q", err) 200 } 201 202 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 203 "storage_account_name": res.storageAccountName, 204 "container_name": res.storageContainerName, 205 "key": res.storageKeyName, 206 "resource_group_name": res.resourceGroup, 207 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 208 "tenant_id": os.Getenv("ARM_TENANT_ID"), 209 "client_id": os.Getenv("ARM_CLIENT_ID"), 210 "client_certificate_password": clientCertPassword, 211 "client_certificate_path": clientCertPath, 212 "environment": os.Getenv("ARM_ENVIRONMENT"), 213 "endpoint": os.Getenv("ARM_ENDPOINT"), 214 })).(*Backend) 215 216 backend.TestBackendStates(t, b) 217 } 218 219 func TestAccBackendServicePrincipalClientSecretBasic(t *testing.T) { 220 testAccAzureBackend(t) 221 rs := acctest.RandString(4) 222 res := testResourceNames(rs, "testState") 223 armClient := buildTestClient(t, res) 224 225 ctx := context.TODO() 226 err := armClient.buildTestResources(ctx, &res) 227 defer armClient.destroyTestResources(ctx, res) 228 if err != nil { 229 t.Fatalf("Error creating Test Resources: %q", err) 230 } 231 232 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 233 "storage_account_name": res.storageAccountName, 234 "container_name": res.storageContainerName, 235 "key": res.storageKeyName, 236 "resource_group_name": res.resourceGroup, 237 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 238 "tenant_id": os.Getenv("ARM_TENANT_ID"), 239 "client_id": os.Getenv("ARM_CLIENT_ID"), 240 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 241 "environment": os.Getenv("ARM_ENVIRONMENT"), 242 "endpoint": os.Getenv("ARM_ENDPOINT"), 243 })).(*Backend) 244 245 backend.TestBackendStates(t, b) 246 } 247 248 func TestAccBackendServicePrincipalClientSecretCustomEndpoint(t *testing.T) { 249 testAccAzureBackend(t) 250 251 // this is only applicable for Azure Stack. 252 endpoint := os.Getenv("ARM_ENDPOINT") 253 if endpoint == "" { 254 t.Skip("Skipping as ARM_ENDPOINT isn't configured") 255 } 256 257 rs := acctest.RandString(4) 258 res := testResourceNames(rs, "testState") 259 armClient := buildTestClient(t, res) 260 261 ctx := context.TODO() 262 err := armClient.buildTestResources(ctx, &res) 263 defer armClient.destroyTestResources(ctx, res) 264 if err != nil { 265 t.Fatalf("Error creating Test Resources: %q", err) 266 } 267 268 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 269 "storage_account_name": res.storageAccountName, 270 "container_name": res.storageContainerName, 271 "key": res.storageKeyName, 272 "resource_group_name": res.resourceGroup, 273 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 274 "tenant_id": os.Getenv("ARM_TENANT_ID"), 275 "client_id": os.Getenv("ARM_CLIENT_ID"), 276 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 277 "environment": os.Getenv("ARM_ENVIRONMENT"), 278 "endpoint": endpoint, 279 })).(*Backend) 280 281 backend.TestBackendStates(t, b) 282 } 283 284 func TestAccBackendAccessKeyLocked(t *testing.T) { 285 testAccAzureBackend(t) 286 rs := acctest.RandString(4) 287 res := testResourceNames(rs, "testState") 288 armClient := buildTestClient(t, res) 289 290 ctx := context.TODO() 291 err := armClient.buildTestResources(ctx, &res) 292 defer armClient.destroyTestResources(ctx, res) 293 if err != nil { 294 t.Fatalf("Error creating Test Resources: %q", err) 295 } 296 297 b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 298 "storage_account_name": res.storageAccountName, 299 "container_name": res.storageContainerName, 300 "key": res.storageKeyName, 301 "access_key": res.storageAccountAccessKey, 302 "environment": os.Getenv("ARM_ENVIRONMENT"), 303 "endpoint": os.Getenv("ARM_ENDPOINT"), 304 })).(*Backend) 305 306 b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 307 "storage_account_name": res.storageAccountName, 308 "container_name": res.storageContainerName, 309 "key": res.storageKeyName, 310 "access_key": res.storageAccountAccessKey, 311 "environment": os.Getenv("ARM_ENVIRONMENT"), 312 "endpoint": os.Getenv("ARM_ENDPOINT"), 313 })).(*Backend) 314 315 backend.TestBackendStateLocks(t, b1, b2) 316 backend.TestBackendStateForceUnlock(t, b1, b2) 317 318 backend.TestBackendStateLocksInWS(t, b1, b2, "foo") 319 backend.TestBackendStateForceUnlockInWS(t, b1, b2, "foo") 320 } 321 322 func TestAccBackendServicePrincipalLocked(t *testing.T) { 323 testAccAzureBackend(t) 324 rs := acctest.RandString(4) 325 res := testResourceNames(rs, "testState") 326 armClient := buildTestClient(t, res) 327 328 ctx := context.TODO() 329 err := armClient.buildTestResources(ctx, &res) 330 defer armClient.destroyTestResources(ctx, res) 331 if err != nil { 332 t.Fatalf("Error creating Test Resources: %q", err) 333 } 334 335 b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 336 "storage_account_name": res.storageAccountName, 337 "container_name": res.storageContainerName, 338 "key": res.storageKeyName, 339 "access_key": res.storageAccountAccessKey, 340 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 341 "tenant_id": os.Getenv("ARM_TENANT_ID"), 342 "client_id": os.Getenv("ARM_CLIENT_ID"), 343 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 344 "environment": os.Getenv("ARM_ENVIRONMENT"), 345 "endpoint": os.Getenv("ARM_ENDPOINT"), 346 })).(*Backend) 347 348 b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 349 "storage_account_name": res.storageAccountName, 350 "container_name": res.storageContainerName, 351 "key": res.storageKeyName, 352 "access_key": res.storageAccountAccessKey, 353 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 354 "tenant_id": os.Getenv("ARM_TENANT_ID"), 355 "client_id": os.Getenv("ARM_CLIENT_ID"), 356 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 357 "environment": os.Getenv("ARM_ENVIRONMENT"), 358 "endpoint": os.Getenv("ARM_ENDPOINT"), 359 })).(*Backend) 360 361 backend.TestBackendStateLocks(t, b1, b2) 362 backend.TestBackendStateForceUnlock(t, b1, b2) 363 364 backend.TestBackendStateLocksInWS(t, b1, b2, "foo") 365 backend.TestBackendStateForceUnlockInWS(t, b1, b2, "foo") 366 }