Skip to content

Commit

Permalink
Update google_folder import description (hashicorp#2924)
Browse files Browse the repository at this point in the history
Merged PR hashicorp#2924.
  • Loading branch information
modular-magician committed Jan 7, 2020
1 parent a0521bd commit 9df67fe
Show file tree
Hide file tree
Showing 11 changed files with 109 additions and 388 deletions.
3 changes: 3 additions & 0 deletions .changelog/2924.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:none

```
3 changes: 1 addition & 2 deletions google/data_source_google_kms_secret_ciphertext.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,7 @@ import (

func dataSourceGoogleKmsSecretCiphertext() *schema.Resource {
return &schema.Resource{
DeprecationMessage: "Use the google_kms_secret_ciphertext resource instead.",
Read: dataSourceGoogleKmsSecretCiphertextRead,
Read: dataSourceGoogleKmsSecretCiphertextRead,
Schema: map[string]*schema.Schema{
"crypto_key": {
Type: schema.TypeString,
Expand Down
82 changes: 77 additions & 5 deletions google/data_source_google_kms_secret_ciphertext_test.go
Original file line number Diff line number Diff line change
@@ -1,41 +1,113 @@
package google

import (
"encoding/base64"
"fmt"
"log"
"testing"

"github.com/hashicorp/terraform-plugin-sdk/helper/acctest"
"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
"github.com/hashicorp/terraform-plugin-sdk/terraform"
"google.golang.org/api/cloudkms/v1"
)

func TestAccDataKmsSecretCiphertext_basic(t *testing.T) {
func TestAccKmsSecretCiphertext_basic(t *testing.T) {
t.Parallel()

kms := BootstrapKMSKey(t)
projectOrg := getTestOrgFromEnv(t)
projectBillingAccount := getTestBillingAccountFromEnv(t)

projectId := "terraform-" + acctest.RandString(10)
keyRingName := fmt.Sprintf("tf-test-%s", acctest.RandString(10))
cryptoKeyName := fmt.Sprintf("tf-test-%s", acctest.RandString(10))

plaintext := fmt.Sprintf("secret-%s", acctest.RandString(10))

// The first test creates resources needed to encrypt plaintext and produce ciphertext
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testGoogleKmsSecretCiphertext_datasource(kms.CryptoKey.Name, plaintext),
Config: testGoogleKmsCryptoKey_basic(projectId, projectOrg, projectBillingAccount, keyRingName, cryptoKeyName),
Check: func(s *terraform.State) error {
plaintext, err := testAccDecryptSecretDataWithCryptoKey(s, kms.CryptoKey.Name, "data.google_kms_secret_ciphertext.acceptance")
cryptoKeyId, err := getCryptoKeyId(s, "google_kms_crypto_key.crypto_key")

if err != nil {
return err
}

return resource.TestCheckResourceAttr("data.google_kms_secret_ciphertext.acceptance", "plaintext", plaintext)(s)
// The second test asserts that the data source created a ciphertext that can be decrypted to the correct plaintext
resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Providers: testAccProviders,
Steps: []resource.TestStep{
{
Config: testGoogleKmsSecretCiphertext_datasource(cryptoKeyId.terraformId(), plaintext),
Check: func(s *terraform.State) error {
plaintext, err := testAccDecryptSecretDataWithCryptoKey(s, cryptoKeyId, "data.google_kms_secret_ciphertext.acceptance")

if err != nil {
return err
}

return resource.TestCheckResourceAttr("data.google_kms_secret_ciphertext.acceptance", "plaintext", plaintext)(s)
},
},
},
})

return nil
},
},
},
})
}

func getCryptoKeyId(s *terraform.State, cryptoKeyResourceName string) (*kmsCryptoKeyId, error) {
config := testAccProvider.Meta().(*Config)
rs, ok := s.RootModule().Resources[cryptoKeyResourceName]
if !ok {
return nil, fmt.Errorf("Resource not found: %s", cryptoKeyResourceName)
}

return parseKmsCryptoKeyId(rs.Primary.Attributes["id"], config)
}

func testAccDecryptSecretDataWithCryptoKey(s *terraform.State, cryptoKeyId *kmsCryptoKeyId, secretCiphertextResourceName string) (string, error) {
config := testAccProvider.Meta().(*Config)
rs, ok := s.RootModule().Resources[secretCiphertextResourceName]
if !ok {
return "", fmt.Errorf("Resource not found: %s", secretCiphertextResourceName)
}
ciphertext, ok := rs.Primary.Attributes["ciphertext"]
if !ok {
return "", fmt.Errorf("Attribute 'ciphertext' not found in resource '%s'", secretCiphertextResourceName)
}

kmsDecryptRequest := &cloudkms.DecryptRequest{
Ciphertext: ciphertext,
}

decryptResponse, err := config.clientKms.Projects.Locations.KeyRings.CryptoKeys.Decrypt(cryptoKeyId.cryptoKeyId(), kmsDecryptRequest).Do()

if err != nil {
return "", fmt.Errorf("Error decrypting ciphertext: %s", err)
}

plaintextBytes, err := base64.StdEncoding.DecodeString(decryptResponse.Plaintext)

if err != nil {
return "", err
}

plaintext := string(plaintextBytes)
log.Printf("[INFO] Successfully decrypted ciphertext and got plaintext: %s", plaintext)

return plaintext, nil
}

func testGoogleKmsSecretCiphertext_datasource(cryptoKeyTerraformId, plaintext string) string {
return fmt.Sprintf(`
data "google_kms_secret_ciphertext" "acceptance" {
Expand Down
5 changes: 2 additions & 3 deletions google/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -477,9 +477,9 @@ func Provider() terraform.ResourceProvider {
return provider
}

// Generated resources: 96
// Generated resources: 95
// Generated IAM resources: 45
// Total generated resources: 141
// Total generated resources: 140
func ResourceMap() map[string]*schema.Resource {
resourceMap, _ := ResourceMapWithErrors()
return resourceMap
Expand Down Expand Up @@ -597,7 +597,6 @@ func ResourceMapWithErrors() (map[string]*schema.Resource, error) {
"google_identity_platform_tenant": resourceIdentityPlatformTenant(),
"google_kms_key_ring": resourceKMSKeyRing(),
"google_kms_crypto_key": resourceKMSCryptoKey(),
"google_kms_secret_ciphertext": resourceKMSSecretCiphertext(),
"google_logging_metric": resourceLoggingMetric(),
"google_ml_engine_model": resourceMLEngineModel(),
"google_monitoring_alert_policy": resourceMonitoringAlertPolicy(),
Expand Down
165 changes: 0 additions & 165 deletions google/resource_kms_secret_ciphertext.go

This file was deleted.

Loading

0 comments on commit 9df67fe

Please sign in to comment.