github.com/nevins-b/terraform@v0.3.8-0.20170215184714-bbae22007d5a/builtin/providers/google/resource_google_project_test.go (about) 1 package google 2 3 import ( 4 "fmt" 5 "os" 6 "testing" 7 8 "github.com/hashicorp/terraform/helper/acctest" 9 "github.com/hashicorp/terraform/helper/resource" 10 "github.com/hashicorp/terraform/terraform" 11 "google.golang.org/api/cloudresourcemanager/v1" 12 ) 13 14 var ( 15 org = multiEnvSearch([]string{ 16 "GOOGLE_ORG", 17 }) 18 19 pname = "Terraform Acceptance Tests" 20 originalPolicy *cloudresourcemanager.Policy 21 ) 22 23 func multiEnvSearch(ks []string) string { 24 for _, k := range ks { 25 if v := os.Getenv(k); v != "" { 26 return v 27 } 28 } 29 return "" 30 } 31 32 // Test that a Project resource can be created and an IAM policy 33 // associated 34 func TestAccGoogleProject_create(t *testing.T) { 35 pid := "terraform-" + acctest.RandString(10) 36 resource.Test(t, resource.TestCase{ 37 PreCheck: func() { testAccPreCheck(t) }, 38 Providers: testAccProviders, 39 Steps: []resource.TestStep{ 40 // This step imports an existing project 41 resource.TestStep{ 42 Config: testAccGoogleProject_create(pid, pname, org), 43 Check: resource.ComposeTestCheckFunc( 44 testAccCheckGoogleProjectExists("google_project.acceptance", pid), 45 ), 46 }, 47 }, 48 }) 49 } 50 51 // Test that a Project resource merges the IAM policies that already 52 // exist, and won't lock people out. 53 func TestAccGoogleProject_merge(t *testing.T) { 54 pid := "terraform-" + acctest.RandString(10) 55 resource.Test(t, resource.TestCase{ 56 PreCheck: func() { testAccPreCheck(t) }, 57 Providers: testAccProviders, 58 Steps: []resource.TestStep{ 59 // when policy_data is set, merge 60 { 61 Config: testAccGoogleProject_toMerge(pid, pname, org), 62 Check: resource.ComposeTestCheckFunc( 63 testAccCheckGoogleProjectExists("google_project.acceptance", pid), 64 testAccCheckGoogleProjectHasMoreBindingsThan(pid, 1), 65 ), 66 }, 67 // when policy_data is unset, restore to what it was 68 { 69 Config: testAccGoogleProject_mergeEmpty(pid, pname, org), 70 Check: resource.ComposeTestCheckFunc( 71 testAccCheckGoogleProjectExists("google_project.acceptance", pid), 72 testAccCheckGoogleProjectHasMoreBindingsThan(pid, 0), 73 ), 74 }, 75 }, 76 }) 77 } 78 79 func testAccCheckGoogleProjectExists(r, pid string) resource.TestCheckFunc { 80 return func(s *terraform.State) error { 81 rs, ok := s.RootModule().Resources[r] 82 if !ok { 83 return fmt.Errorf("Not found: %s", r) 84 } 85 86 if rs.Primary.ID == "" { 87 return fmt.Errorf("No ID is set") 88 } 89 90 if rs.Primary.ID != pid { 91 return fmt.Errorf("Expected project %q to match ID %q in state", pid, rs.Primary.ID) 92 } 93 94 return nil 95 } 96 } 97 98 func testAccCheckGoogleProjectHasMoreBindingsThan(pid string, count int) resource.TestCheckFunc { 99 return func(s *terraform.State) error { 100 policy, err := getProjectIamPolicy(pid, testAccProvider.Meta().(*Config)) 101 if err != nil { 102 return err 103 } 104 if len(policy.Bindings) <= count { 105 return fmt.Errorf("Expected more than %d bindings, got %d: %#v", count, len(policy.Bindings), policy.Bindings) 106 } 107 return nil 108 } 109 } 110 111 func testAccGoogleProjectImportExisting(pid string) string { 112 return fmt.Sprintf(` 113 resource "google_project" "acceptance" { 114 project_id = "%s" 115 116 } 117 `, pid) 118 } 119 120 func testAccGoogleProjectImportExistingWithIam(pid string) string { 121 return fmt.Sprintf(` 122 resource "google_project" "acceptance" { 123 project_id = "%v" 124 policy_data = "${data.google_iam_policy.admin.policy_data}" 125 } 126 data "google_iam_policy" "admin" { 127 binding { 128 role = "roles/storage.objectViewer" 129 members = [ 130 "user:evanbrown@google.com", 131 ] 132 } 133 binding { 134 role = "roles/compute.instanceAdmin" 135 members = [ 136 "user:evanbrown@google.com", 137 "user:evandbrown@gmail.com", 138 ] 139 } 140 }`, pid) 141 } 142 143 func testAccGoogleProject_toMerge(pid, name, org string) string { 144 return fmt.Sprintf(` 145 resource "google_project" "acceptance" { 146 project_id = "%s" 147 name = "%s" 148 org_id = "%s" 149 policy_data = "${data.google_iam_policy.acceptance.policy_data}" 150 } 151 152 data "google_iam_policy" "acceptance" { 153 binding { 154 role = "roles/storage.objectViewer" 155 members = [ 156 "user:evanbrown@google.com", 157 ] 158 } 159 }`, pid, name, org) 160 } 161 162 func testAccGoogleProject_mergeEmpty(pid, name, org string) string { 163 return fmt.Sprintf(` 164 resource "google_project" "acceptance" { 165 project_id = "%s" 166 name = "%s" 167 org_id = "%s" 168 }`, pid, name, org) 169 }