mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-03 01:01:06 +00:00
224 lines
6.0 KiB
Go
224 lines
6.0 KiB
Go
|
package google
|
||
|
|
||
|
import (
|
||
|
"fmt"
|
||
|
"testing"
|
||
|
|
||
|
"github.com/hashicorp/terraform/helper/acctest"
|
||
|
"github.com/hashicorp/terraform/helper/resource"
|
||
|
)
|
||
|
|
||
|
func TestAccDataprocJobIamBinding(t *testing.T) {
|
||
|
t.Parallel()
|
||
|
|
||
|
cluster := "tf-dataproc-iam-cluster" + acctest.RandString(10)
|
||
|
job := "tf-dataproc-iam-job-" + acctest.RandString(10)
|
||
|
account := "tf-dataproc-iam-" + acctest.RandString(10)
|
||
|
role := "roles/editor"
|
||
|
|
||
|
importId := fmt.Sprintf("projects/%s/regions/%s/jobs/%s %s",
|
||
|
getTestProjectFromEnv(), "us-central1", job, role)
|
||
|
|
||
|
resource.Test(t, resource.TestCase{
|
||
|
PreCheck: func() { testAccPreCheck(t) },
|
||
|
Providers: testAccProviders,
|
||
|
Steps: []resource.TestStep{
|
||
|
{
|
||
|
// Test IAM Binding creation
|
||
|
Config: testAccDataprocJobIamBinding_basic(cluster, job, account, role),
|
||
|
},
|
||
|
{
|
||
|
ResourceName: "google_dataproc_job_iam_binding.binding",
|
||
|
ImportStateId: importId,
|
||
|
ImportState: true,
|
||
|
ImportStateVerify: true,
|
||
|
},
|
||
|
{
|
||
|
// Test IAM Binding update
|
||
|
Config: testAccDataprocJobIamBinding_update(cluster, job, account, role),
|
||
|
},
|
||
|
{
|
||
|
ResourceName: "google_dataproc_job_iam_binding.binding",
|
||
|
ImportStateId: importId,
|
||
|
ImportState: true,
|
||
|
ImportStateVerify: true,
|
||
|
},
|
||
|
},
|
||
|
})
|
||
|
}
|
||
|
|
||
|
func TestAccDataprocJobIamMember(t *testing.T) {
|
||
|
t.Parallel()
|
||
|
|
||
|
cluster := "tf-dataproc-iam-cluster" + acctest.RandString(10)
|
||
|
job := "tf-dataproc-iam-jobid-" + acctest.RandString(10)
|
||
|
account := "tf-dataproc-iam-" + acctest.RandString(10)
|
||
|
role := "roles/editor"
|
||
|
|
||
|
importId := fmt.Sprintf("projects/%s/regions/%s/jobs/%s %s serviceAccount:%s",
|
||
|
getTestProjectFromEnv(),
|
||
|
"us-central1",
|
||
|
job,
|
||
|
role,
|
||
|
serviceAccountCanonicalEmail(account))
|
||
|
|
||
|
resource.Test(t, resource.TestCase{
|
||
|
PreCheck: func() { testAccPreCheck(t) },
|
||
|
Providers: testAccProviders,
|
||
|
Steps: []resource.TestStep{
|
||
|
{
|
||
|
// Test IAM Binding creation
|
||
|
Config: testAccDataprocJobIamMember(cluster, job, account, role),
|
||
|
},
|
||
|
{
|
||
|
ResourceName: "google_dataproc_job_iam_member.member",
|
||
|
ImportStateId: importId,
|
||
|
ImportState: true,
|
||
|
ImportStateVerify: true,
|
||
|
},
|
||
|
},
|
||
|
})
|
||
|
}
|
||
|
|
||
|
func TestAccDataprocJobIamPolicy(t *testing.T) {
|
||
|
t.Parallel()
|
||
|
|
||
|
cluster := "tf-dataproc-iam-cluster" + acctest.RandString(10)
|
||
|
job := "tf-dataproc-iam-jobid-" + acctest.RandString(10)
|
||
|
account := "tf-dataproc-iam-" + acctest.RandString(10)
|
||
|
role := "roles/editor"
|
||
|
|
||
|
importId := fmt.Sprintf("projects/%s/regions/%s/jobs/%s",
|
||
|
getTestProjectFromEnv(), "us-central1", job)
|
||
|
|
||
|
resource.Test(t, resource.TestCase{
|
||
|
PreCheck: func() { testAccPreCheck(t) },
|
||
|
Providers: testAccProviders,
|
||
|
Steps: []resource.TestStep{
|
||
|
{
|
||
|
// Test IAM Binding creation
|
||
|
Config: testAccDataprocJobIamPolicy(cluster, job, account, role),
|
||
|
},
|
||
|
{
|
||
|
ResourceName: "google_dataproc_job_iam_policy.policy",
|
||
|
ImportStateId: importId,
|
||
|
ImportState: true,
|
||
|
ImportStateVerify: true,
|
||
|
},
|
||
|
},
|
||
|
})
|
||
|
}
|
||
|
|
||
|
var testDataprocIamJobConfig = testDataprocIamSingleNodeCluster + `
|
||
|
resource "google_dataproc_job" "pyspark" {
|
||
|
region = "${google_dataproc_cluster.cluster.region}"
|
||
|
|
||
|
placement {
|
||
|
cluster_name = "${google_dataproc_cluster.cluster.name}"
|
||
|
}
|
||
|
|
||
|
reference {
|
||
|
job_id = "%s"
|
||
|
}
|
||
|
|
||
|
force_delete = true
|
||
|
|
||
|
pyspark_config {
|
||
|
main_python_file_uri = "gs://dataproc-examples-2f10d78d114f6aaec76462e3c310f31f/src/pyspark/hello-world/hello-world.py"
|
||
|
properties = {
|
||
|
"spark.logConf" = "true"
|
||
|
}
|
||
|
logging_config {
|
||
|
driver_log_levels = {
|
||
|
"root" = "INFO"
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
`
|
||
|
|
||
|
func testAccDataprocJobIamBinding_basic(cluster, job, account, role string) string {
|
||
|
return fmt.Sprintf(testDataprocIamJobConfig+`
|
||
|
resource "google_service_account" "test-account1" {
|
||
|
account_id = "%s-1"
|
||
|
display_name = "Dataproc IAM Testing Account"
|
||
|
}
|
||
|
|
||
|
resource "google_service_account" "test-account2" {
|
||
|
account_id = "%s-2"
|
||
|
display_name = "Iam Testing Account"
|
||
|
}
|
||
|
|
||
|
resource "google_dataproc_job_iam_binding" "binding" {
|
||
|
job_id = "${google_dataproc_job.pyspark.reference.0.job_id}"
|
||
|
region = "us-central1"
|
||
|
role = "%s"
|
||
|
members = [
|
||
|
"serviceAccount:${google_service_account.test-account1.email}",
|
||
|
]
|
||
|
}
|
||
|
|
||
|
`, cluster, job, account, account, role)
|
||
|
}
|
||
|
|
||
|
func testAccDataprocJobIamBinding_update(cluster, job, account, role string) string {
|
||
|
return fmt.Sprintf(testDataprocIamJobConfig+`
|
||
|
resource "google_service_account" "test-account1" {
|
||
|
account_id = "%s-1"
|
||
|
display_name = "Dataproc IAM Testing Account"
|
||
|
}
|
||
|
|
||
|
resource "google_service_account" "test-account2" {
|
||
|
account_id = "%s-2"
|
||
|
display_name = "Iam Testing Account"
|
||
|
}
|
||
|
|
||
|
resource "google_dataproc_job_iam_binding" "binding" {
|
||
|
job_id = "${google_dataproc_job.pyspark.reference.0.job_id}"
|
||
|
region = "us-central1"
|
||
|
role = "%s"
|
||
|
members = [
|
||
|
"serviceAccount:${google_service_account.test-account1.email}",
|
||
|
"serviceAccount:${google_service_account.test-account2.email}",
|
||
|
]
|
||
|
}
|
||
|
`, cluster, job, account, account, role)
|
||
|
}
|
||
|
|
||
|
func testAccDataprocJobIamMember(cluster, job, account, role string) string {
|
||
|
return fmt.Sprintf(testDataprocIamJobConfig+`
|
||
|
resource "google_service_account" "test-account" {
|
||
|
account_id = "%s"
|
||
|
display_name = "Dataproc IAM Testing Account"
|
||
|
}
|
||
|
|
||
|
resource "google_dataproc_job_iam_member" "member" {
|
||
|
job_id = "${google_dataproc_job.pyspark.reference.0.job_id}"
|
||
|
role = "%s"
|
||
|
member = "serviceAccount:${google_service_account.test-account.email}"
|
||
|
}
|
||
|
`, cluster, job, account, role)
|
||
|
}
|
||
|
|
||
|
func testAccDataprocJobIamPolicy(cluster, job, account, role string) string {
|
||
|
return fmt.Sprintf(testDataprocIamJobConfig+`
|
||
|
resource "google_service_account" "test-account" {
|
||
|
account_id = "%s"
|
||
|
display_name = "Dataproc IAM Testing Account"
|
||
|
}
|
||
|
|
||
|
data "google_iam_policy" "policy" {
|
||
|
binding {
|
||
|
role = "%s"
|
||
|
members = ["serviceAccount:${google_service_account.test-account.email}"]
|
||
|
}
|
||
|
}
|
||
|
|
||
|
resource "google_dataproc_job_iam_policy" "policy" {
|
||
|
job_id = "${google_dataproc_job.pyspark.reference.0.job_id}"
|
||
|
region = "us-central1"
|
||
|
policy_data = "${data.google_iam_policy.policy.policy_data}"
|
||
|
}
|
||
|
`, cluster, job, account, role)
|
||
|
}
|