public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-06-29 06:42:36 +00:00
Code Issues Projects Releases Wiki Activity
cf3c406fee
terraform-provider-google/google/data_source_google_kms_secret_test.go
The Magician c605b0bc4b [Terraform]: Apply gofmt -s to all files managed by MM (#2676) 
<!-- This change is generated by MagicModules. -->
/cc @rileykarson
2018-12-20 17:22:22 -08:00

97 lines
2.9 KiB
Go
Raw Blame History

package google
import (
"encoding/base64"
"fmt"
"log"
"testing"
"github.com/hashicorp/terraform/helper/acctest"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
"google.golang.org/api/cloudkms/v1"
)
func TestAccKmsSecret_basic(t *testing.T) {
t.Parallel()
projectOrg := getTestOrgFromEnv(t)
projectBillingAccount := getTestBillingAccountFromEnv(t)
projectId := "terraform-" + acctest.RandString(10)
keyRingName := fmt.Sprintf("tf-test-%s", acctest.RandString(10))
cryptoKeyName := fmt.Sprintf("tf-test-%s", acctest.RandString(10))
plaintext := fmt.Sprintf("secret-%s", acctest.RandString(10))
// The first test creates resources needed to encrypt plaintext and produce ciphertext
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testGoogleKmsCryptoKey_basic(projectId, projectOrg, projectBillingAccount, keyRingName, cryptoKeyName),
Check: func(s *terraform.State) error {
ciphertext, cryptoKeyId, err := testAccEncryptSecretDataWithCryptoKey(s, "google_kms_crypto_key.crypto_key", plaintext)
if err != nil {
return err
}
// The second test asserts that the data source has the correct plaintext, given the created ciphertext
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testGoogleKmsSecret_datasource(cryptoKeyId.terraformId(), ciphertext),
Check: resource.TestCheckResourceAttr("data.google_kms_secret.acceptance", "plaintext", plaintext),
},
},
})
return nil
},
},
},
})
}
func testAccEncryptSecretDataWithCryptoKey(s *terraform.State, cryptoKeyResourceName, plaintext string) (string, *kmsCryptoKeyId, error) {
config := testAccProvider.Meta().(*Config)
rs, ok := s.RootModule().Resources[cryptoKeyResourceName]
if !ok {
return "", nil, fmt.Errorf("Resource not found: %s", cryptoKeyResourceName)
}
cryptoKeyId, err := parseKmsCryptoKeyId(rs.Primary.Attributes["id"], config)
if err != nil {
return "", nil, err
}
kmsEncryptRequest := &cloudkms.EncryptRequest{
Plaintext: base64.StdEncoding.EncodeToString([]byte(plaintext)),
}
encryptResponse, err := config.clientKms.Projects.Locations.KeyRings.CryptoKeys.Encrypt(cryptoKeyId.cryptoKeyId(), kmsEncryptRequest).Do()
if err != nil {
return "", nil, fmt.Errorf("Error encrypting plaintext: %s", err)
}
log.Printf("[INFO] Successfully encrypted plaintext and got ciphertext: %s", encryptResponse.Ciphertext)
return encryptResponse.Ciphertext, cryptoKeyId, nil
}
func testGoogleKmsSecret_datasource(cryptoKeyTerraformId, ciphertext string) string {
return fmt.Sprintf(`
data "google_kms_secret" "acceptance" {
crypto_key = "%s"
ciphertext = "%s"
}
`, cryptoKeyTerraformId, ciphertext)
}
Reference in New Issue View Git Blame Copy Permalink