kubeform.dev/terraform-backend-sdk@v0.0.0-20220310143633-45f07fe731c5/backend/remote-state/azure/backend_test.go (about) 1 package azure 2 3 import ( 4 "context" 5 "os" 6 "testing" 7 8 "kubeform.dev/terraform-backend-sdk/backend" 9 "kubeform.dev/terraform-backend-sdk/legacy/helper/acctest" 10 ) 11 12 func TestBackend_impl(t *testing.T) { 13 var _ backend.Backend = new(Backend) 14 } 15 16 func TestBackendConfig(t *testing.T) { 17 // This test just instantiates the client. Shouldn't make any actual 18 // requests nor incur any costs. 19 20 config := map[string]interface{}{ 21 "storage_account_name": "tfaccount", 22 "container_name": "tfcontainer", 23 "key": "state", 24 "snapshot": false, 25 // Access Key must be Base64 26 "access_key": "QUNDRVNTX0tFWQ0K", 27 } 28 29 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(config)).(*Backend) 30 31 if b.containerName != "tfcontainer" { 32 t.Fatalf("Incorrect bucketName was populated") 33 } 34 if b.keyName != "state" { 35 t.Fatalf("Incorrect keyName was populated") 36 } 37 if b.snapshot != false { 38 t.Fatalf("Incorrect snapshot was populated") 39 } 40 } 41 42 func TestBackendAccessKeyBasic(t *testing.T) { 43 testAccAzureBackend(t) 44 rs := acctest.RandString(4) 45 res := testResourceNames(rs, "testState") 46 armClient := buildTestClient(t, res) 47 48 ctx := context.TODO() 49 err := armClient.buildTestResources(ctx, &res) 50 defer armClient.destroyTestResources(ctx, res) 51 if err != nil { 52 armClient.destroyTestResources(ctx, res) 53 t.Fatalf("Error creating Test Resources: %q", err) 54 } 55 56 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 57 "storage_account_name": res.storageAccountName, 58 "container_name": res.storageContainerName, 59 "key": res.storageKeyName, 60 "access_key": res.storageAccountAccessKey, 61 "environment": os.Getenv("ARM_ENVIRONMENT"), 62 "endpoint": os.Getenv("ARM_ENDPOINT"), 63 })).(*Backend) 64 65 backend.TestBackendStates(t, b) 66 } 67 68 func TestBackendManagedServiceIdentityBasic(t *testing.T) { 69 testAccAzureBackendRunningInAzure(t) 70 rs := acctest.RandString(4) 71 res := testResourceNames(rs, "testState") 72 armClient := buildTestClient(t, res) 73 74 ctx := context.TODO() 75 err := armClient.buildTestResources(ctx, &res) 76 defer armClient.destroyTestResources(ctx, res) 77 if err != nil { 78 t.Fatalf("Error creating Test Resources: %q", err) 79 } 80 81 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 82 "storage_account_name": res.storageAccountName, 83 "container_name": res.storageContainerName, 84 "key": res.storageKeyName, 85 "resource_group_name": res.resourceGroup, 86 "use_msi": true, 87 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 88 "tenant_id": os.Getenv("ARM_TENANT_ID"), 89 "environment": os.Getenv("ARM_ENVIRONMENT"), 90 "endpoint": os.Getenv("ARM_ENDPOINT"), 91 })).(*Backend) 92 93 backend.TestBackendStates(t, b) 94 } 95 96 func TestBackendSASTokenBasic(t *testing.T) { 97 testAccAzureBackend(t) 98 rs := acctest.RandString(4) 99 res := testResourceNames(rs, "testState") 100 armClient := buildTestClient(t, res) 101 102 ctx := context.TODO() 103 err := armClient.buildTestResources(ctx, &res) 104 defer armClient.destroyTestResources(ctx, res) 105 if err != nil { 106 t.Fatalf("Error creating Test Resources: %q", err) 107 } 108 109 sasToken, err := buildSasToken(res.storageAccountName, res.storageAccountAccessKey) 110 if err != nil { 111 t.Fatalf("Error building SAS Token: %+v", err) 112 } 113 114 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 115 "storage_account_name": res.storageAccountName, 116 "container_name": res.storageContainerName, 117 "key": res.storageKeyName, 118 "sas_token": *sasToken, 119 "environment": os.Getenv("ARM_ENVIRONMENT"), 120 "endpoint": os.Getenv("ARM_ENDPOINT"), 121 })).(*Backend) 122 123 backend.TestBackendStates(t, b) 124 } 125 126 func TestBackendAzureADAuthBasic(t *testing.T) { 127 testAccAzureBackend(t) 128 rs := acctest.RandString(4) 129 res := testResourceNames(rs, "testState") 130 res.useAzureADAuth = true 131 armClient := buildTestClient(t, res) 132 133 ctx := context.TODO() 134 err := armClient.buildTestResources(ctx, &res) 135 defer armClient.destroyTestResources(ctx, res) 136 if err != nil { 137 armClient.destroyTestResources(ctx, res) 138 t.Fatalf("Error creating Test Resources: %q", err) 139 } 140 141 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 142 "storage_account_name": res.storageAccountName, 143 "container_name": res.storageContainerName, 144 "key": res.storageKeyName, 145 "access_key": res.storageAccountAccessKey, 146 "environment": os.Getenv("ARM_ENVIRONMENT"), 147 "endpoint": os.Getenv("ARM_ENDPOINT"), 148 "use_azuread_auth": true, 149 })).(*Backend) 150 151 backend.TestBackendStates(t, b) 152 } 153 154 func TestBackendServicePrincipalClientCertificateBasic(t *testing.T) { 155 testAccAzureBackend(t) 156 157 clientCertPassword := os.Getenv("ARM_CLIENT_CERTIFICATE_PASSWORD") 158 clientCertPath := os.Getenv("ARM_CLIENT_CERTIFICATE_PATH") 159 if clientCertPath == "" { 160 t.Skip("Skipping since `ARM_CLIENT_CERTIFICATE_PATH` is not specified!") 161 } 162 163 rs := acctest.RandString(4) 164 res := testResourceNames(rs, "testState") 165 armClient := buildTestClient(t, res) 166 167 ctx := context.TODO() 168 err := armClient.buildTestResources(ctx, &res) 169 defer armClient.destroyTestResources(ctx, res) 170 if err != nil { 171 t.Fatalf("Error creating Test Resources: %q", err) 172 } 173 174 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 175 "storage_account_name": res.storageAccountName, 176 "container_name": res.storageContainerName, 177 "key": res.storageKeyName, 178 "resource_group_name": res.resourceGroup, 179 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 180 "tenant_id": os.Getenv("ARM_TENANT_ID"), 181 "client_id": os.Getenv("ARM_CLIENT_ID"), 182 "client_certificate_password": clientCertPassword, 183 "client_certificate_path": clientCertPath, 184 "environment": os.Getenv("ARM_ENVIRONMENT"), 185 "endpoint": os.Getenv("ARM_ENDPOINT"), 186 })).(*Backend) 187 188 backend.TestBackendStates(t, b) 189 } 190 191 func TestBackendServicePrincipalClientSecretBasic(t *testing.T) { 192 testAccAzureBackend(t) 193 rs := acctest.RandString(4) 194 res := testResourceNames(rs, "testState") 195 armClient := buildTestClient(t, res) 196 197 ctx := context.TODO() 198 err := armClient.buildTestResources(ctx, &res) 199 defer armClient.destroyTestResources(ctx, res) 200 if err != nil { 201 t.Fatalf("Error creating Test Resources: %q", err) 202 } 203 204 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 205 "storage_account_name": res.storageAccountName, 206 "container_name": res.storageContainerName, 207 "key": res.storageKeyName, 208 "resource_group_name": res.resourceGroup, 209 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 210 "tenant_id": os.Getenv("ARM_TENANT_ID"), 211 "client_id": os.Getenv("ARM_CLIENT_ID"), 212 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 213 "environment": os.Getenv("ARM_ENVIRONMENT"), 214 "endpoint": os.Getenv("ARM_ENDPOINT"), 215 })).(*Backend) 216 217 backend.TestBackendStates(t, b) 218 } 219 220 func TestBackendServicePrincipalClientSecretCustomEndpoint(t *testing.T) { 221 testAccAzureBackend(t) 222 223 // this is only applicable for Azure Stack. 224 endpoint := os.Getenv("ARM_ENDPOINT") 225 if endpoint == "" { 226 t.Skip("Skipping as ARM_ENDPOINT isn't configured") 227 } 228 229 rs := acctest.RandString(4) 230 res := testResourceNames(rs, "testState") 231 armClient := buildTestClient(t, res) 232 233 ctx := context.TODO() 234 err := armClient.buildTestResources(ctx, &res) 235 defer armClient.destroyTestResources(ctx, res) 236 if err != nil { 237 t.Fatalf("Error creating Test Resources: %q", err) 238 } 239 240 b := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 241 "storage_account_name": res.storageAccountName, 242 "container_name": res.storageContainerName, 243 "key": res.storageKeyName, 244 "resource_group_name": res.resourceGroup, 245 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 246 "tenant_id": os.Getenv("ARM_TENANT_ID"), 247 "client_id": os.Getenv("ARM_CLIENT_ID"), 248 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 249 "environment": os.Getenv("ARM_ENVIRONMENT"), 250 "endpoint": endpoint, 251 })).(*Backend) 252 253 backend.TestBackendStates(t, b) 254 } 255 256 func TestBackendAccessKeyLocked(t *testing.T) { 257 testAccAzureBackend(t) 258 rs := acctest.RandString(4) 259 res := testResourceNames(rs, "testState") 260 armClient := buildTestClient(t, res) 261 262 ctx := context.TODO() 263 err := armClient.buildTestResources(ctx, &res) 264 defer armClient.destroyTestResources(ctx, res) 265 if err != nil { 266 t.Fatalf("Error creating Test Resources: %q", err) 267 } 268 269 b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 270 "storage_account_name": res.storageAccountName, 271 "container_name": res.storageContainerName, 272 "key": res.storageKeyName, 273 "access_key": res.storageAccountAccessKey, 274 "environment": os.Getenv("ARM_ENVIRONMENT"), 275 "endpoint": os.Getenv("ARM_ENDPOINT"), 276 })).(*Backend) 277 278 b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 279 "storage_account_name": res.storageAccountName, 280 "container_name": res.storageContainerName, 281 "key": res.storageKeyName, 282 "access_key": res.storageAccountAccessKey, 283 "environment": os.Getenv("ARM_ENVIRONMENT"), 284 "endpoint": os.Getenv("ARM_ENDPOINT"), 285 })).(*Backend) 286 287 backend.TestBackendStateLocks(t, b1, b2) 288 backend.TestBackendStateForceUnlock(t, b1, b2) 289 290 backend.TestBackendStateLocksInWS(t, b1, b2, "foo") 291 backend.TestBackendStateForceUnlockInWS(t, b1, b2, "foo") 292 } 293 294 func TestBackendServicePrincipalLocked(t *testing.T) { 295 testAccAzureBackend(t) 296 rs := acctest.RandString(4) 297 res := testResourceNames(rs, "testState") 298 armClient := buildTestClient(t, res) 299 300 ctx := context.TODO() 301 err := armClient.buildTestResources(ctx, &res) 302 defer armClient.destroyTestResources(ctx, res) 303 if err != nil { 304 t.Fatalf("Error creating Test Resources: %q", err) 305 } 306 307 b1 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 308 "storage_account_name": res.storageAccountName, 309 "container_name": res.storageContainerName, 310 "key": res.storageKeyName, 311 "access_key": res.storageAccountAccessKey, 312 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 313 "tenant_id": os.Getenv("ARM_TENANT_ID"), 314 "client_id": os.Getenv("ARM_CLIENT_ID"), 315 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 316 "environment": os.Getenv("ARM_ENVIRONMENT"), 317 "endpoint": os.Getenv("ARM_ENDPOINT"), 318 })).(*Backend) 319 320 b2 := backend.TestBackendConfig(t, New(), backend.TestWrapConfig(map[string]interface{}{ 321 "storage_account_name": res.storageAccountName, 322 "container_name": res.storageContainerName, 323 "key": res.storageKeyName, 324 "access_key": res.storageAccountAccessKey, 325 "subscription_id": os.Getenv("ARM_SUBSCRIPTION_ID"), 326 "tenant_id": os.Getenv("ARM_TENANT_ID"), 327 "client_id": os.Getenv("ARM_CLIENT_ID"), 328 "client_secret": os.Getenv("ARM_CLIENT_SECRET"), 329 "environment": os.Getenv("ARM_ENVIRONMENT"), 330 "endpoint": os.Getenv("ARM_ENDPOINT"), 331 })).(*Backend) 332 333 backend.TestBackendStateLocks(t, b1, b2) 334 backend.TestBackendStateForceUnlock(t, b1, b2) 335 336 backend.TestBackendStateLocksInWS(t, b1, b2, "foo") 337 backend.TestBackendStateForceUnlockInWS(t, b1, b2, "foo") 338 }