github.com/nathanielks/terraform@v0.6.1-0.20170509030759-13e1a62319dc/builtin/providers/vault/resource_policy_test.go

github.com/nathanielks/terraform@v0.6.1-0.20170509030759-13e1a62319dc/builtin/providers/vault/resource_policy_test.go (about)

     1  package vault
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	r "github.com/hashicorp/terraform/helper/resource"
     8  	"github.com/hashicorp/terraform/terraform"
     9  	"github.com/hashicorp/vault/api"
    10  )
    11  
    12  func TestResourcePolicy(t *testing.T) {
    13  	r.Test(t, r.TestCase{
    14  		Providers: testProviders,
    15  		PreCheck:  func() { testAccPreCheck(t) },
    16  		Steps: []r.TestStep{
    17  			r.TestStep{
    18  				Config: testResourcePolicy_initialConfig,
    19  				Check:  testResourcePolicy_initialCheck,
    20  			},
    21  			r.TestStep{
    22  				Config: testResourcePolicy_updateConfig,
    23  				Check:  testResourcePolicy_updateCheck,
    24  			},
    25  		},
    26  	})
    27  }
    28  
    29  var testResourcePolicy_initialConfig = `
    30  
    31  resource "vault_policy" "test" {
    32  	name = "dev-team"
    33  	policy = <<EOT
    34  path "secret/*" {
    35  	policy = "read"
    36  }
    37  EOT
    38  }
    39  
    40  `
    41  
    42  func testResourcePolicy_initialCheck(s *terraform.State) error {
    43  	resourceState := s.Modules[0].Resources["vault_policy.test"]
    44  	if resourceState == nil {
    45  		return fmt.Errorf("resource not found in state")
    46  	}
    47  
    48  	instanceState := resourceState.Primary
    49  	if instanceState == nil {
    50  		return fmt.Errorf("resource has no primary instance")
    51  	}
    52  
    53  	name := instanceState.ID
    54  
    55  	if name != instanceState.Attributes["name"] {
    56  		return fmt.Errorf("id doesn't match name")
    57  	}
    58  
    59  	if name != "dev-team" {
    60  		return fmt.Errorf("unexpected policy name")
    61  	}
    62  
    63  	client := testProvider.Meta().(*api.Client)
    64  	policy, err := client.Sys().GetPolicy(name)
    65  	if err != nil {
    66  		return fmt.Errorf("error reading back policy: %s", err)
    67  	}
    68  
    69  	if got, want := policy, "path \"secret/*\" {\n\tpolicy = \"read\"\n}\n"; got != want {
    70  		return fmt.Errorf("policy data is %q; want %q", got, want)
    71  	}
    72  
    73  	return nil
    74  }
    75  
    76  var testResourcePolicy_updateConfig = `
    77  
    78  resource "vault_policy" "test" {
    79  	name = "dev-team"
    80  	policy = <<EOT
    81  path "secret/*" {
    82  	policy = "write"
    83  }
    84  EOT
    85  }
    86  
    87  `
    88  
    89  func testResourcePolicy_updateCheck(s *terraform.State) error {
    90  	resourceState := s.Modules[0].Resources["vault_policy.test"]
    91  	instanceState := resourceState.Primary
    92  
    93  	name := instanceState.ID
    94  
    95  	client := testProvider.Meta().(*api.Client)
    96  
    97  	if name != instanceState.Attributes["name"] {
    98  		return fmt.Errorf("id doesn't match name")
    99  	}
   100  
   101  	if name != "dev-team" {
   102  		return fmt.Errorf("unexpected policy name")
   103  	}
   104  
   105  	policy, err := client.Sys().GetPolicy(name)
   106  	if err != nil {
   107  		return fmt.Errorf("error reading back policy: %s", err)
   108  	}
   109  
   110  	if got, want := policy, "path \"secret/*\" {\n\tpolicy = \"write\"\n}\n"; got != want {
   111  		return fmt.Errorf("policy data is %q; want %q", got, want)
   112  	}
   113  
   114  	return nil
   115  }