public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-06-29 06:42:36 +00:00
Code Issues Projects Releases Wiki Activity
cf3c406fee
terraform-provider-google/google/resource_google_billing_account_iam_test.go
The Magician 5928101e2f Add billing account IAM (#2413)
2018-12-20 17:22:22 -08:00

179 lines
5.5 KiB
Go
Raw Blame History

package google
import (
"fmt"
"reflect"
"sort"
"testing"
"github.com/hashicorp/terraform/helper/acctest"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)
func TestAccBillingAccountIam(t *testing.T) {
t.Parallel()
billing := getTestBillingAccountFromEnv(t)
account := acctest.RandomWithPrefix("tf-test")
role := "roles/billing.viewer"
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
// Test Iam Binding creation
Config: testAccBillingAccountIamBinding_basic(account, billing, role),
Check: testAccCheckGoogleBillingAccountIamBindingExists("foo", role, []string{
fmt.Sprintf("serviceAccount:%s@%s.iam.gserviceaccount.com", account, getTestProjectFromEnv()),
}),
},
{
ResourceName: "google_billing_account_iam_binding.foo",
ImportStateId: fmt.Sprintf("%s roles/billing.viewer", billing),
ImportState: true,
ImportStateVerify: true,
},
{
// Test Iam Binding update
Config: testAccBillingAccountIamBinding_update(account, billing, role),
Check: testAccCheckGoogleBillingAccountIamBindingExists("foo", role, []string{
fmt.Sprintf("serviceAccount:%s@%s.iam.gserviceaccount.com", account, getTestProjectFromEnv()),
fmt.Sprintf("serviceAccount:%s-2@%s.iam.gserviceaccount.com", account, getTestProjectFromEnv()),
}),
},
{
ResourceName: "google_billing_account_iam_binding.foo",
ImportStateId: fmt.Sprintf("%s roles/billing.viewer", billing),
ImportState: true,
ImportStateVerify: true,
},
{
// Test Iam Member creation (no update for member, no need to test)
Config: testAccBillingAccountIamMember_basic(account, billing, role),
Check: testAccCheckGoogleBillingAccountIamMemberExists("foo", "roles/billing.viewer",
fmt.Sprintf("serviceAccount:%s@%s.iam.gserviceaccount.com", account, getTestProjectFromEnv()),
),
},
{
ResourceName: "google_billing_account_iam_member.foo",
ImportStateId: fmt.Sprintf("%s roles/billing.viewer serviceAccount:%s@%s.iam.gserviceaccount.com", billing, account, getTestProjectFromEnv()),
ImportState: true,
ImportStateVerify: true,
},
},
})
}
func testAccCheckGoogleBillingAccountIamBindingExists(bindingResourceName, role string, members []string) resource.TestCheckFunc {
return func(s *terraform.State) error {
bindingRs, ok := s.RootModule().Resources["google_billing_account_iam_binding."+bindingResourceName]
if !ok {
return fmt.Errorf("Not found: %s", bindingResourceName)
}
config := testAccProvider.Meta().(*Config)
p, err := config.clientBilling.BillingAccounts.GetIamPolicy("billingAccounts/" + bindingRs.Primary.Attributes["billing_account_id"]).Do()
if err != nil {
return err
}
for _, binding := range p.Bindings {
if binding.Role == role {
sort.Strings(members)
sort.Strings(binding.Members)
if reflect.DeepEqual(members, binding.Members) {
return nil
}
return fmt.Errorf("Binding found but expected members is %v, got %v", members, binding.Members)
}
}
return fmt.Errorf("No binding for role %q", role)
}
}
func testAccCheckGoogleBillingAccountIamMemberExists(n, role, member string) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources["google_billing_account_iam_member."+n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}
config := testAccProvider.Meta().(*Config)
p, err := config.clientBilling.BillingAccounts.GetIamPolicy("billingAccounts/" + rs.Primary.Attributes["billing_account_id"]).Do()
if err != nil {
return err
}
for _, binding := range p.Bindings {
if binding.Role == role {
for _, m := range binding.Members {
if m == member {
return nil
}
}
return fmt.Errorf("Missing member %q, got %v", member, binding.Members)
}
}
return fmt.Errorf("No binding for role %q", role)
}
}
func testAccBillingAccountIamBinding_basic(account, billingAccountId, role string) string {
return fmt.Sprintf(`
resource "google_service_account" "test-account" {
account_id = "%s"
display_name = "Iam Testing Account"
}
resource "google_billing_account_iam_binding" "foo" {
billing_account_id = "%s"
role = "%s"
members = ["serviceAccount:${google_service_account.test-account.email}"]
}
`, account, billingAccountId, role)
}
func testAccBillingAccountIamBinding_update(account, billingAccountId, role string) string {
return fmt.Sprintf(`
resource "google_service_account" "test-account" {
account_id = "%s"
display_name = "Iam Testing Account"
}
resource "google_service_account" "test-account-2" {
account_id = "%s-2"
display_name = "Iam Testing Account"
}
resource "google_billing_account_iam_binding" "foo" {
billing_account_id = "%s"
role = "%s"
members = [
"serviceAccount:${google_service_account.test-account.email}",
"serviceAccount:${google_service_account.test-account-2.email}"
]
}
`, account, account, billingAccountId, role)
}
func testAccBillingAccountIamMember_basic(account, billingAccountId, role string) string {
return fmt.Sprintf(`
resource "google_service_account" "test-account" {
account_id = "%s"
display_name = "Iam Testing Account"
}
resource "google_billing_account_iam_member" "foo" {
billing_account_id = "%s"
role = "%s"
member = "serviceAccount:${google_service_account.test-account.email}"
}
`, account, billingAccountId, role)
}
Reference in New Issue View Git Blame Copy Permalink