From 0ab91ce3c6b7e219dec4f7a9443067ba2266dad7 Mon Sep 17 00:00:00 2001 From: Agnes Tevesz Date: Fri, 1 Nov 2024 22:47:44 -0500 Subject: [PATCH] Add role and policy creation to dw acceptance test Use the default role to create an environment and DW cluster. The AWS policy is queried via CLI. --- cdpacctest/acctest.go | 131 ++++++++++++++++++++++++++- resources/dw/resource_dw_acc_test.go | 67 +++++++++++--- 2 files changed, 181 insertions(+), 17 deletions(-) diff --git a/cdpacctest/acctest.go b/cdpacctest/acctest.go index e524e4d8..bffa5232 100644 --- a/cdpacctest/acctest.go +++ b/cdpacctest/acctest.go @@ -11,6 +11,7 @@ package cdpacctest import ( + "encoding/base64" "fmt" "math/rand" "os" @@ -22,8 +23,11 @@ import ( "github.com/hashicorp/terraform-plugin-go/tfprotov6" "github.com/hashicorp/terraform-plugin-testing/helper/resource" "github.com/pkg/errors" + "github.com/stretchr/testify/assert" "github.com/cloudera/terraform-provider-cdp/cdp-sdk-go/cdp" + environmentoperations "github.com/cloudera/terraform-provider-cdp/cdp-sdk-go/gen/environments/client/operations" + environmentsmodels "github.com/cloudera/terraform-provider-cdp/cdp-sdk-go/gen/environments/models" "github.com/cloudera/terraform-provider-cdp/provider" ) @@ -51,6 +55,11 @@ var ( VersionConstraint: "~> 3.4", }, } + TimeExternalProvider = map[string]resource.ExternalProvider{ + "time": { + Source: "hashicorp/time", + }, + } cdpClientOnce sync.Once cdpClient *cdp.Client @@ -96,11 +105,25 @@ provider "cdp" { ` } -func TestAccAwsProviderConfig() string { - return ` -provider "aws" { +type AwsProvider struct { + profile string + region string } -` + +func NewAwsProvider(profile, region string) *AwsProvider { + return &AwsProvider{ + profile: profile, + region: region, + } +} + +func TestAccAwsProviderConfig(p *AwsProvider) string { + return fmt.Sprintf(` + provider "aws" { + profile = %[1]q + region = %[2]q + } +`, p.profile, p.region) } // CheckCrn Checks whether the value is set and is a properly formatted CRN @@ -127,3 +150,103 @@ func GetCdpClientForAccTest() *cdp.Client { }) return cdpClient } + +type AwsAccountCredentials struct { + name string + accountID string + externalID string + defaultPolicy string +} + +func NewAwsAccountCredentials(name string) *AwsAccountCredentials { + return &AwsAccountCredentials{ + name: name, + } +} + +func getEnvironmentPrerequisites(t *testing.T, cloudPlatform string) *environmentsmodels.GetCredentialPrerequisitesResponse { + client := GetCdpClientForAccTest() + response, err := client.Environments. + Operations. + GetCredentialPrerequisites( + environmentoperations.NewGetCredentialPrerequisitesParams(). + WithInput(&environmentsmodels.GetCredentialPrerequisitesRequest{ + CloudPlatform: &cloudPlatform, + }), + ) + assert.Nil(t, err) + payload := response.GetPayload() + assert.NotNil(t, payload) + return payload +} + +func (a *AwsAccountCredentials) WithPolicy(t *testing.T) *AwsAccountCredentials { + payload := getEnvironmentPrerequisites(t, "AWS") + assert.NotNil(t, payload) + decodedBytes, err := base64.StdEncoding.DecodeString(*payload.Aws.PolicyJSON) + assert.Nil(t, err) + a.defaultPolicy = string(decodedBytes) + return a +} + +func (a *AwsAccountCredentials) WithExternalID(t *testing.T) *AwsAccountCredentials { + payload := getEnvironmentPrerequisites(t, "AWS") + assert.NotNil(t, payload) + a.externalID = *payload.Aws.ExternalID + return a +} + +func (a *AwsAccountCredentials) WithAccountID(t *testing.T) *AwsAccountCredentials { + payload := getEnvironmentPrerequisites(t, "AWS") + assert.NotNil(t, payload) + a.accountID = payload.AccountID + return a +} + +func CreateDefaultRoleAndPolicy(p *AwsAccountCredentials) string { + return fmt.Sprintf(` + resource "aws_iam_role" "cdp_test_role" { + name = "%[1]s-role" + + assume_role_policy = <