mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-07-03 16:52:40 +00:00
Skip acceptance tests during non-acceptance runs. (#2852)
Signed-off-by: Modular Magician <magic-modules@google.com>
This commit is contained in:
parent
ccf079b014
commit
54dd3ad6e4
|
@ -346,9 +346,14 @@ func (c *Config) loadAndValidate() error {
|
||||||
|
|
||||||
func (c *Config) getTokenSource(clientScopes []string) (oauth2.TokenSource, error) {
|
func (c *Config) getTokenSource(clientScopes []string) (oauth2.TokenSource, error) {
|
||||||
if c.AccessToken != "" {
|
if c.AccessToken != "" {
|
||||||
log.Printf("[INFO] Using configured Google access token (length %d)", len(c.AccessToken))
|
contents, _, err := pathorcontents.Read(c.AccessToken)
|
||||||
|
if err != nil {
|
||||||
|
return nil, fmt.Errorf("Error loading access token: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Printf("[INFO] Authenticating using configured Google JSON 'access_token'...")
|
||||||
log.Printf("[INFO] -- Scopes: %s", clientScopes)
|
log.Printf("[INFO] -- Scopes: %s", clientScopes)
|
||||||
token := &oauth2.Token{AccessToken: c.AccessToken}
|
token := &oauth2.Token{AccessToken: contents}
|
||||||
return oauth2.StaticTokenSource(token), nil
|
return oauth2.StaticTokenSource(token), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -363,12 +368,12 @@ func (c *Config) getTokenSource(clientScopes []string) (oauth2.TokenSource, erro
|
||||||
return nil, fmt.Errorf("Unable to parse credentials from '%s': %s", contents, err)
|
return nil, fmt.Errorf("Unable to parse credentials from '%s': %s", contents, err)
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Printf("[INFO] Requesting Google token using Credential File %q...", c.Credentials)
|
log.Printf("[INFO] Authenticating using configured Google JSON 'credentials'...")
|
||||||
log.Printf("[INFO] -- Scopes: %s", clientScopes)
|
log.Printf("[INFO] -- Scopes: %s", clientScopes)
|
||||||
return creds.TokenSource, nil
|
return creds.TokenSource, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
log.Printf("[INFO] Authenticating using DefaultClient")
|
log.Printf("[INFO] Authenticating using DefaultClient...")
|
||||||
log.Printf("[INFO] -- Scopes: %s", clientScopes)
|
log.Printf("[INFO] -- Scopes: %s", clientScopes)
|
||||||
return googleoauth.DefaultTokenSource(context.Background(), clientScopes...)
|
return googleoauth.DefaultTokenSource(context.Background(), clientScopes...)
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,11 +1,18 @@
|
||||||
package google
|
package google
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"context"
|
||||||
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"os"
|
||||||
"testing"
|
"testing"
|
||||||
|
|
||||||
|
"github.com/hashicorp/terraform/helper/resource"
|
||||||
|
"golang.org/x/oauth2/google"
|
||||||
)
|
)
|
||||||
|
|
||||||
const testFakeCredentialsPath = "./test-fixtures/fake_account.json"
|
const testFakeCredentialsPath = "./test-fixtures/fake_account.json"
|
||||||
|
const testOauthScope = "https://www.googleapis.com/auth/compute"
|
||||||
|
|
||||||
func TestConfigLoadAndValidate_accountFilePath(t *testing.T) {
|
func TestConfigLoadAndValidate_accountFilePath(t *testing.T) {
|
||||||
config := Config{
|
config := Config{
|
||||||
|
@ -49,12 +56,17 @@ func TestConfigLoadAndValidate_accountFileJSONInvalid(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func TestConfigLoadValidate_accessToken(t *testing.T) {
|
func TestAccConfigLoadValidate_credentials(t *testing.T) {
|
||||||
accessToken := getTestAccessTokenFromEnv(t)
|
if os.Getenv(resource.TestEnvVar) == "" {
|
||||||
|
t.Skip(fmt.Sprintf("Network access not allowed; use %s=1 to enable", resource.TestEnvVar))
|
||||||
|
}
|
||||||
|
|
||||||
|
creds := getTestCredsFromEnv()
|
||||||
|
proj := getTestProjectFromEnv()
|
||||||
|
|
||||||
config := Config{
|
config := Config{
|
||||||
AccessToken: accessToken,
|
Credentials: creds,
|
||||||
Project: "my-gce-project",
|
Project: proj,
|
||||||
Region: "us-central1",
|
Region: "us-central1",
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -62,4 +74,44 @@ func TestConfigLoadValidate_accessToken(t *testing.T) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Fatalf("error: %v", err)
|
t.Fatalf("error: %v", err)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_, err = config.clientCompute.Zones.Get(proj, "us-central1-a").Do()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("expected call with loaded config client to work, got error: %s", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func TestAccConfigLoadValidate_accessToken(t *testing.T) {
|
||||||
|
if os.Getenv(resource.TestEnvVar) == "" {
|
||||||
|
t.Skip(fmt.Sprintf("Network access not allowed; use %s=1 to enable", resource.TestEnvVar))
|
||||||
|
}
|
||||||
|
|
||||||
|
creds := getTestCredsFromEnv()
|
||||||
|
proj := getTestProjectFromEnv()
|
||||||
|
|
||||||
|
c, err := google.CredentialsFromJSON(context.Background(), []byte(creds), testOauthScope)
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("invalid test credentials: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
token, err := c.TokenSource.Token()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("Unable to generate test access token: %s", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
config := Config{
|
||||||
|
AccessToken: token.AccessToken,
|
||||||
|
Project: proj,
|
||||||
|
Region: "us-central1",
|
||||||
|
}
|
||||||
|
|
||||||
|
err = config.loadAndValidate()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("error: %v", err)
|
||||||
|
}
|
||||||
|
|
||||||
|
_, err = config.clientCompute.Zones.Get(proj, "us-central1-a").Do()
|
||||||
|
if err != nil {
|
||||||
|
t.Fatalf("expected API call with loaded config to work, got error: %s", err)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -31,8 +31,11 @@ func Provider() terraform.ResourceProvider {
|
||||||
},
|
},
|
||||||
|
|
||||||
"access_token": {
|
"access_token": {
|
||||||
Type: schema.TypeString,
|
Type: schema.TypeString,
|
||||||
Optional: true,
|
Optional: true,
|
||||||
|
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
|
||||||
|
"GOOGLE_OAUTH_ACCESS_TOKEN",
|
||||||
|
}, nil),
|
||||||
ConflictsWith: []string{"credentials"},
|
ConflictsWith: []string{"credentials"},
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
|
@ -57,10 +57,6 @@ var billingAccountEnvVars = []string{
|
||||||
"GOOGLE_BILLING_ACCOUNT",
|
"GOOGLE_BILLING_ACCOUNT",
|
||||||
}
|
}
|
||||||
|
|
||||||
var accessTokenEnvVars = []string{
|
|
||||||
"GOOGLE_OAUTH2_ACCESS_TOKEN",
|
|
||||||
}
|
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
testAccProvider = Provider().(*schema.Provider)
|
testAccProvider = Provider().(*schema.Provider)
|
||||||
testAccRandomProvider = random.Provider().(*schema.Provider)
|
testAccRandomProvider = random.Provider().(*schema.Provider)
|
||||||
|
@ -206,11 +202,6 @@ func getTestServiceAccountFromEnv(t *testing.T) string {
|
||||||
return multiEnvSearch(serviceAccountEnvVars)
|
return multiEnvSearch(serviceAccountEnvVars)
|
||||||
}
|
}
|
||||||
|
|
||||||
func getTestAccessTokenFromEnv(t *testing.T) string {
|
|
||||||
skipIfEnvNotSet(t, accessTokenEnvVars...)
|
|
||||||
return multiEnvSearch(accessTokenEnvVars)
|
|
||||||
}
|
|
||||||
|
|
||||||
func multiEnvSearch(ks []string) string {
|
func multiEnvSearch(ks []string) string {
|
||||||
for _, k := range ks {
|
for _, k := range ks {
|
||||||
if v := os.Getenv(k); v != "" {
|
if v := os.Getenv(k); v != "" {
|
||||||
|
|
|
@ -95,6 +95,17 @@ share the same configuration.
|
||||||
only be used when running Terraform from within [certain GCP resources](https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions).
|
only be used when running Terraform from within [certain GCP resources](https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions).
|
||||||
Credentials obtained through `gcloud` are not guaranteed to work for all APIs.
|
Credentials obtained through `gcloud` are not guaranteed to work for all APIs.
|
||||||
|
|
||||||
|
* `access_token` - (Optional) An temporary [OAuth 2.0 access token](https://developers.google.com/identity/protocols/OAuth2)
|
||||||
|
obtained from the Google Authorization server, i.e. the
|
||||||
|
`Authorization: Bearer` token used to authenticate Google API HTTP requests.
|
||||||
|
|
||||||
|
Access tokens can also be specified using any of the following environment
|
||||||
|
variables (listed in order of precedence):
|
||||||
|
|
||||||
|
* `GOOGLE_OAUTH_ACCESS_TOKEN`
|
||||||
|
|
||||||
|
-> These access tokens cannot be renewed by Terraform and thus will only work for at most 1 hour. If you anticipate Terraform needing access for more than one hour per run, please use `credentials` instead. Credentials are used to complete a two-legged OAuth 2.0 flow on your behalf to obtain access tokens and can be used renew or reauthenticate for tokens as needed.
|
||||||
|
|
||||||
* `project` - (Optional) The ID of the project to apply any resources to. This
|
* `project` - (Optional) The ID of the project to apply any resources to. This
|
||||||
can also be specified using any of the following environment variables (listed
|
can also be specified using any of the following environment variables (listed
|
||||||
in order of precedence):
|
in order of precedence):
|
||||||
|
|
Loading…
Reference in New Issue
Block a user