public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-07-03 16:52:40 +00:00
Code Issues Projects Releases Wiki Activity

Skip acceptance tests during non-acceptance runs. (#2852)

Browse Source 
Signed-off-by: Modular Magician <magic-modules@google.com>
This commit is contained in:
The Magician 2019-01-09 18:46:59 -08:00 committed by Nathan McKinley
parent ccf079b014
commit 54dd3ad6e4
5 changed files with 81 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
google/config.go
View File

@ -346,9 +346,14 @@ func (c *Config) loadAndValidate() error {
func (c *Config) getTokenSource(clientScopes []string) (oauth2.TokenSource, error) { func (c *Config) getTokenSource(clientScopes []string) (oauth2.TokenSource, error) {
if c.AccessToken != "" { if c.AccessToken != "" {
log.Printf("[INFO] Using configured Google access token (length %d)", len(c.AccessToken)) contents, _, err := pathorcontents.Read(c.AccessToken)
if err != nil {
return nil, fmt.Errorf("Error loading access token: %s", err)
}
log.Printf("[INFO] Authenticating using configured Google JSON 'access_token'...")
log.Printf("[INFO] -- Scopes: %s", clientScopes) log.Printf("[INFO] -- Scopes: %s", clientScopes)
token := &oauth2.Token{AccessToken: c.AccessToken} token := &oauth2.Token{AccessToken: contents}
return oauth2.StaticTokenSource(token), nil return oauth2.StaticTokenSource(token), nil
} }
@ -363,12 +368,12 @@ func (c *Config) getTokenSource(clientScopes []string) (oauth2.TokenSource, erro
return nil, fmt.Errorf("Unable to parse credentials from '%s': %s", contents, err) return nil, fmt.Errorf("Unable to parse credentials from '%s': %s", contents, err)
} }
log.Printf("[INFO] Requesting Google token using Credential File %q...", c.Credentials) log.Printf("[INFO] Authenticating using configured Google JSON 'credentials'...")
log.Printf("[INFO] -- Scopes: %s", clientScopes) log.Printf("[INFO] -- Scopes: %s", clientScopes)
return creds.TokenSource, nil return creds.TokenSource, nil
} }
log.Printf("[INFO] Authenticating using DefaultClient") log.Printf("[INFO] Authenticating using DefaultClient...")
log.Printf("[INFO] -- Scopes: %s", clientScopes) log.Printf("[INFO] -- Scopes: %s", clientScopes)
return googleoauth.DefaultTokenSource(context.Background(), clientScopes...) return googleoauth.DefaultTokenSource(context.Background(), clientScopes...)
} }

60
google/config_test.go
View File

@ -1,11 +1,18 @@
package google package google
import ( import (
"context"
"fmt"
"io/ioutil" "io/ioutil"
"os"
"testing" "testing"
"github.com/hashicorp/terraform/helper/resource"
"golang.org/x/oauth2/google"
) )
const testFakeCredentialsPath = "./test-fixtures/fake_account.json" const testFakeCredentialsPath = "./test-fixtures/fake_account.json"
const testOauthScope = "https://www.googleapis.com/auth/compute"
func TestConfigLoadAndValidate_accountFilePath(t *testing.T) { func TestConfigLoadAndValidate_accountFilePath(t *testing.T) {
config := Config{ config := Config{
@ -49,12 +56,17 @@ func TestConfigLoadAndValidate_accountFileJSONInvalid(t *testing.T) {
} }
} }
func TestConfigLoadValidate_accessToken(t *testing.T) { func TestAccConfigLoadValidate_credentials(t *testing.T) {
accessToken := getTestAccessTokenFromEnv(t) if os.Getenv(resource.TestEnvVar) == "" {
t.Skip(fmt.Sprintf("Network access not allowed; use %s=1 to enable", resource.TestEnvVar))
}
creds := getTestCredsFromEnv()
proj := getTestProjectFromEnv()
config := Config{ config := Config{
AccessToken: accessToken, Credentials: creds,
Project: "my-gce-project", Project: proj,
Region: "us-central1", Region: "us-central1",
} }
@ -62,4 +74,44 @@ func TestConfigLoadValidate_accessToken(t *testing.T) {
if err != nil { if err != nil {
t.Fatalf("error: %v", err) t.Fatalf("error: %v", err)
} }
_, err = config.clientCompute.Zones.Get(proj, "us-central1-a").Do()
if err != nil {
t.Fatalf("expected call with loaded config client to work, got error: %s", err)
}
}
func TestAccConfigLoadValidate_accessToken(t *testing.T) {
if os.Getenv(resource.TestEnvVar) == "" {
t.Skip(fmt.Sprintf("Network access not allowed; use %s=1 to enable", resource.TestEnvVar))
}
creds := getTestCredsFromEnv()
proj := getTestProjectFromEnv()
c, err := google.CredentialsFromJSON(context.Background(), []byte(creds), testOauthScope)
if err != nil {
t.Fatalf("invalid test credentials: %s", err)
}
token, err := c.TokenSource.Token()
if err != nil {
t.Fatalf("Unable to generate test access token: %s", err)
}
config := Config{
AccessToken: token.AccessToken,
Project: proj,
Region: "us-central1",
}
err = config.loadAndValidate()
if err != nil {
t.Fatalf("error: %v", err)
}
_, err = config.clientCompute.Zones.Get(proj, "us-central1-a").Do()
if err != nil {
t.Fatalf("expected API call with loaded config to work, got error: %s", err)
}
} }

7
google/provider.go
View File

@ -31,8 +31,11 @@ func Provider() terraform.ResourceProvider {
}, },
"access_token": { "access_token": {
Type: schema.TypeString, Type: schema.TypeString,
Optional: true, Optional: true,
DefaultFunc: schema.MultiEnvDefaultFunc([]string{
"GOOGLE_OAUTH_ACCESS_TOKEN",
}, nil),
ConflictsWith: []string{"credentials"}, ConflictsWith: []string{"credentials"},
}, },

9
google/provider_test.go
View File

@ -57,10 +57,6 @@ var billingAccountEnvVars = []string{
"GOOGLE_BILLING_ACCOUNT", "GOOGLE_BILLING_ACCOUNT",
} }
var accessTokenEnvVars = []string{
"GOOGLE_OAUTH2_ACCESS_TOKEN",
}
func init() { func init() {
testAccProvider = Provider().(*schema.Provider) testAccProvider = Provider().(*schema.Provider)
testAccRandomProvider = random.Provider().(*schema.Provider) testAccRandomProvider = random.Provider().(*schema.Provider)
@ -206,11 +202,6 @@ func getTestServiceAccountFromEnv(t *testing.T) string {
return multiEnvSearch(serviceAccountEnvVars) return multiEnvSearch(serviceAccountEnvVars)
} }
func getTestAccessTokenFromEnv(t *testing.T) string {
skipIfEnvNotSet(t, accessTokenEnvVars...)
return multiEnvSearch(accessTokenEnvVars)
}
func multiEnvSearch(ks []string) string { func multiEnvSearch(ks []string) string {
for _, k := range ks { for _, k := range ks {
if v := os.Getenv(k); v != "" { if v := os.Getenv(k); v != "" {

11
website/docs/provider_reference.html.markdown
View File

@ -95,6 +95,17 @@ share the same configuration.
only be used when running Terraform from within [certain GCP resources](https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions). only be used when running Terraform from within [certain GCP resources](https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions).
Credentials obtained through `gcloud` are not guaranteed to work for all APIs. Credentials obtained through `gcloud` are not guaranteed to work for all APIs.
* `access_token` - (Optional) An temporary [OAuth 2.0 access token](https://developers.google.com/identity/protocols/OAuth2)
obtained from the Google Authorization server, i.e. the
`Authorization: Bearer` token used to authenticate Google API HTTP requests.
Access tokens can also be specified using any of the following environment
variables (listed in order of precedence):
* `GOOGLE_OAUTH_ACCESS_TOKEN`
-> These access tokens cannot be renewed by Terraform and thus will only work for at most 1 hour. If you anticipate Terraform needing access for more than one hour per run, please use `credentials` instead. Credentials are used to complete a two-legged OAuth 2.0 flow on your behalf to obtain access tokens and can be used renew or reauthenticate for tokens as needed.
* `project` - (Optional) The ID of the project to apply any resources to. This * `project` - (Optional) The ID of the project to apply any resources to. This
can also be specified using any of the following environment variables (listed can also be specified using any of the following environment variables (listed
in order of precedence): in order of precedence):