resource/aws_codebuild_project: Add registry_credential to resourceAw…

…sCodeBuildProjectEnvironmentHash This is to catch a very subtle bug where its not possible to trigger updates on the environment TypeSet for registry_credential changes, since TypeSet updates only occur when the hash is updated. Output from acceptance testing: ``` --- PASS: TestAccAWSCodeBuildProject_Source_Type_Bitbucket (24.02s) --- PASS: TestAccAWSCodeBuildProject_basic (24.13s) --- PASS: TestAccAWSCodeBuildProject_Source_Auth (24.35s) --- PASS: TestAccAWSCodeBuildProject_SecondarySources_CodeCommit (24.40s) --- PASS: TestAccAWSCodeBuildProject_importBasic (25.59s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_Bitbucket (32.31s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHubEnterprise (32.63s) --- PASS: TestAccAWSCodeBuildProject_Source_GitCloneDepth (32.90s) --- PASS: TestAccAWSCodeBuildProject_BuildTimeout (33.12s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable_Type (33.13s) --- PASS: TestAccAWSCodeBuildProject_Description (33.84s) --- PASS: TestAccAWSCodeBuildProject_BadgeEnabled (33.93s) --- PASS: TestAccAWSCodeBuildProject_SecondaryArtifacts (35.97s) --- PASS: TestAccAWSCodeBuildProject_Artifacts_EncryptionDisabled (36.12s) --- PASS: TestAccAWSCodeBuildProject_Environment_Certificate (39.08s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSourceInvalid (7.32s) --- PASS: TestAccAWSCodeBuildProject_Source_InsecureSSL (40.11s) --- PASS: TestAccAWSCodeBuildProject_Environment_RegistryCredential (41.34s) --- PASS: TestAccAWSCodeBuildProject_Environment_EnvironmentVariable (42.96s) --- PASS: TestAccAWSCodeBuildProject_WindowsContainer (20.95s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_GitHubEnterprise (20.79s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodePipeline (21.18s) --- PASS: TestAccAWSCodeBuildProject_EncryptionKey (52.34s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_NoSource (20.67s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_S3 (32.59s) --- PASS: TestAccAWSCodeBuildProject_Source_Type_CodeCommit (32.69s) --- PASS: TestAccAWSCodeBuildProject_Tags (28.28s) --- PASS: TestAccAWSCodeBuildProject_Source_ReportBuildStatus_GitHub (29.05s) --- PASS: TestAccAWSCodeBuildProject_Cache (62.92s) ```
hashicorp · Jul 8, 2019 · 5d5dcbb · 5d5dcbb
1 parent de2a15b
commit 5d5dcbb
Show file tree

Hide file tree

Showing 2 changed files with 90 additions and 33 deletions.
diff --git a/aws/resource_aws_codebuild_project.go b/aws/resource_aws_codebuild_project.go
@@ -1167,6 +1167,17 @@ func resourceAwsCodeBuildProjectEnvironmentHash(v interface{}) int {
 	if v, ok := m["certificate"]; ok && v.(string) != "" {
 		buf.WriteString(fmt.Sprintf("%s-", v.(string)))
 	}
+	if v, ok := m["registry_credential"]; ok && len(v.([]interface{})) > 0 && v.([]interface{})[0] != nil {
+		m := v.([]interface{})[0].(map[string]interface{})
+
+		if v, ok := m["credential"]; ok && v.(string) != "" {
+			buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+		}
+
+		if v, ok := m["credential_provider"]; ok && v.(string) != "" {
+			buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+		}
+	}
 	for _, e := range environmentVariables {
 		if e != nil { // Old statefiles might have nil values in them
 			ev := e.(map[string]interface{})

diff --git a/aws/resource_aws_codebuild_project_test.go b/aws/resource_aws_codebuild_project_test.go
@@ -907,7 +907,7 @@ func TestAccAWSCodeBuildProject_Environment_RegistryCredential(t *testing.T) {
 		CheckDestroy: testAccCheckAWSCodeBuildProjectDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccAWSCodeBuildProjectConfig_Environment_RegistryCredential(rName),
+				Config: testAccAWSCodeBuildProjectConfig_Environment_RegistryCredential1(rName),
 				Check: resource.ComposeTestCheckFunc(
 					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
 				),
@@ -917,6 +917,12 @@ func TestAccAWSCodeBuildProject_Environment_RegistryCredential(t *testing.T) {
 				ImportState:       true,
 				ImportStateVerify: true,
 			},
+			{
+				Config: testAccAWSCodeBuildProjectConfig_Environment_RegistryCredential2(rName),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeBuildProjectExists(resourceName, &project),
+				),
+			},
 		},
 	})
 }
@@ -1424,43 +1430,83 @@ resource "aws_codebuild_project" "test" {
 `, oName, rName)
 }
 
-func testAccAWSCodeBuildProjectConfig_Environment_RegistryCredential(rName string) string {
+func testAccAWSCodeBuildProjectConfig_Environment_RegistryCredential1(rName string) string {
 	return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(`
-  resource "aws_codebuild_project" "test" {
-    name         = %[1]q
-    service_role = "${aws_iam_role.test.arn}"
-  
-    artifacts {
-      type = "NO_ARTIFACTS"
-    }
-  
-    environment {
-      compute_type                = "BUILD_GENERAL1_SMALL"
-      image                       = "2"
-      type                        = "LINUX_CONTAINER"
-      image_pull_credentials_type = "SERVICE_ROLE"
-  
-      registry_credential {
-        credential          = "${aws_secretsmanager_secret_version.test.arn}"
-        credential_provider = "SECRETS_MANAGER"
-      }
-    }
-  
-    source {
-      type     = "GITHUB"
-      location = "https://github.com/hashicorp/packer.git"
+resource "aws_codebuild_project" "test" {
+  name         = %[1]q
+  service_role = "${aws_iam_role.test.arn}"
+
+  artifacts {
+    type = "NO_ARTIFACTS"
+  }
+
+  environment {
+    compute_type                = "BUILD_GENERAL1_SMALL"
+    image                       = "2"
+    type                        = "LINUX_CONTAINER"
+    image_pull_credentials_type = "SERVICE_ROLE"
+
+    registry_credential {
+      credential          = "${aws_secretsmanager_secret_version.test.arn}"
+      credential_provider = "SECRETS_MANAGER"
     }
   }
-  
-  resource "aws_secretsmanager_secret" "test" {
-    name = "test"
-    recovery_window_in_days = 0
+
+  source {
+    type     = "GITHUB"
+    location = "https://github.com/hashicorp/packer.git"
   }
-  
-  resource "aws_secretsmanager_secret_version" "test" {
-    secret_id     = "${aws_secretsmanager_secret.test.id}"
-    secret_string = "${jsonencode(map("username", "user", "password", "pass"))}"
+}
+
+resource "aws_secretsmanager_secret" "test" {
+  name                    = "%[1]s-1"
+  recovery_window_in_days = 0
+}
+
+resource "aws_secretsmanager_secret_version" "test" {
+  secret_id     = "${aws_secretsmanager_secret.test.id}"
+  secret_string = "${jsonencode(map("username", "user", "password", "pass"))}"
+}
+`, rName)
+}
+
+func testAccAWSCodeBuildProjectConfig_Environment_RegistryCredential2(rName string) string {
+	return testAccAWSCodeBuildProjectConfig_Base_ServiceRole(rName) + fmt.Sprintf(`
+resource "aws_codebuild_project" "test" {
+  name         = %[1]q
+  service_role = "${aws_iam_role.test.arn}"
+
+  artifacts {
+    type = "NO_ARTIFACTS"
+  }
+
+  environment {
+    compute_type                = "BUILD_GENERAL1_SMALL"
+    image                       = "2"
+    type                        = "LINUX_CONTAINER"
+    image_pull_credentials_type = "SERVICE_ROLE"
+
+    registry_credential {
+      credential          = "${aws_secretsmanager_secret_version.test.arn}"
+      credential_provider = "SECRETS_MANAGER"
+    }
+  }
+
+  source {
+    type     = "GITHUB"
+    location = "https://github.com/hashicorp/packer.git"
   }
+}
+
+resource "aws_secretsmanager_secret" "test" {
+  name                    = "%[1]s-2"
+  recovery_window_in_days = 0
+}
+
+resource "aws_secretsmanager_secret_version" "test" {
+  secret_id     = "${aws_secretsmanager_secret.test.id}"
+  secret_string = "${jsonencode(map("username", "user", "password", "pass"))}"
+}
 `, rName)
 }