fixing data\resource registry for missing parameters in new aqua vers…

…ions

fixing tests to support both SAAS\ on prem environments
Removing static contents from tests
setting init function to support only one token req for all tests.

aquasec/data_application_scope_test.go

@@ -9,6 +9,7 @@ import (
 )
 
 func TestDataApplicationScopePolicy(t *testing.T) {
+
 	name := "Global"
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },

aquasec/data_container_runtime_policy_test.go

@@ -11,6 +11,7 @@ import (
 )
 
 func TestDataAquasecBasicContainerRuntimePolicy(t *testing.T) {
+
 	var basicRuntimePolicy = client.RuntimePolicy{
 		Name:             acctest.RandomWithPrefix("test-container-runtime-policy"),
 		Description:      "This is a test description of container runtime policy",
@@ -44,6 +45,7 @@ func TestDataAquasecBasicContainerRuntimePolicy(t *testing.T) {
 }
 
 func TestDataAquasecComplexContainerRuntimePolicy(t *testing.T) {
+
 	var complexRuntimePolicy = client.RuntimePolicy{
 		Name:                  acctest.RandomWithPrefix("test-container-runtime-policy"),
 		Description:           "This is a test description of container runtime policy",

aquasec/data_enforcer_group_test.go

@@ -9,7 +9,9 @@ import (
 )
 
 func TestAquasecEnforcerGroupDatasource(t *testing.T) {
-	groupID := "local"
+
+	groupID := "default"
+
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
@@ -24,6 +26,7 @@ func TestAquasecEnforcerGroupDatasource(t *testing.T) {
 
 func testAccCheckAquasecEnforcerGroupDataSource(groupID string) string {
 	return fmt.Sprintf(`
+	
 	data "aquasec_enforcer_groups" "testegdata" {
 		group_id = "%s"
 	}

aquasec/data_roles_test.go → aquasec/data_groups_test.go

@@ -7,27 +7,28 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
 )
 
-func TestAquasecRolesDatasource(t *testing.T) {
+func TestAquasecGroupsDatasource(t *testing.T) {
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccCheckAquasecRolesDataSource(),
-				Check:  testAccCheckAquasecRolesDataSourceExists("data.aquasec_roles.testroles"),
+				Config: testAccCheckAquasecGroupsDataSource(),
+				Check:  testAccCheckAquasecGroupsDataSourceExists("data.aquasec_groups.testgroups"),
 			},
 		},
 	})
 }
 
-func testAccCheckAquasecRolesDataSource() string {
+func testAccCheckAquasecGroupsDataSource() string {
 	return `
-	data "aquasec_roles" "testroles" {}
+	
+	data "aquasec_groups" "testgroups" {}
 	`
 
 }
 
-func testAccCheckAquasecRolesDataSourceExists(n string) resource.TestCheckFunc {
+func testAccCheckAquasecGroupsDataSourceExists(n string) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		rs, ok := s.RootModule().Resources[n]
 

aquasec/data_image_test.go

@@ -13,7 +13,7 @@ import (
 var imageData = client.Image{
 	Registry:   acctest.RandomWithPrefix("terraform-test"),
 	Repository: "alpine",
-	Tag:        "3.4",
+	Tag:        "3.13",
 }
 
 func TestDataSourceAquasecImage(t *testing.T) {
@@ -49,9 +49,9 @@ func TestDataSourceAquasecImage(t *testing.T) {
 					resource.TestCheckResourceAttrSet(rootRef, "architecture"),
 					resource.TestCheckResourceAttrSet(rootRef, "image_size"),
 					resource.TestCheckResourceAttrSet(rootRef, "environment_variables.0"),
-					resource.TestCheckResourceAttrSet(rootRef, "vulnerabilities.0.name"),
+					//resource.TestCheckResourceAttrSet(rootRef, "vulnerabilities.0.name"),
 					resource.TestCheckResourceAttrSet(rootRef, "history.0.created"),
-					resource.TestCheckResourceAttrSet(rootRef, "assurance_checks_performed.0.control"),
+					resource.TestCheckResourceAttrSet(rootRef, "disallowed_by_assurance_checks"),
 				),
 			},
 		},
@@ -74,6 +74,7 @@ func getImageDataSource(image *client.Image) string {
 		registry = split("/", aquasec_image.test.id).0
 		repository = split(":", split("/", aquasec_image.test.id).1).0
 		tag = split(":", split("/", aquasec_image.test.id).1).1
+		depends_on = ["aquasec_image.test"]
 	}
 `, image.Repository, image.Tag)
 }

aquasec/data_registry.go

@@ -12,49 +12,54 @@ func dataSourceRegistry() *schema.Resource {
 		Read: dataRegistryRead,
 		Schema: map[string]*schema.Schema{
 			"username": {
-				Type:     schema.TypeString,
+				Type:        schema.TypeString,
 				Description: "The username for registry authentication.",
-				Computed: true,
+				Computed:    true,
 			},
 			"password": {
-				Type:     schema.TypeString,
+				Type:        schema.TypeString,
 				Description: "The password for registry authentication",
-				Computed: true,
+				Computed:    true,
 			},
 			"type": {
-				Type:     schema.TypeString,
+				Type:        schema.TypeString,
 				Description: "Registry type (HUB / V1 / V2 / ENGINE / AWS / GCR).",
-				Computed: true,
+				Computed:    true,
 			},
 			"name": {
-				Type:     schema.TypeString,
+				Type:        schema.TypeString,
 				Description: "The name of the registry; string, required - this will be treated as the registry's ID, so choose a simple alphanumerical name without special signs and spaces",
-				Required: true,
+				Required:    true,
 			},
 			"url": {
-				Type:     schema.TypeString,
+				Type:        schema.TypeString,
 				Description: "The URL, address or region of the registry",
-				Computed: true,
+				Computed:    true,
 			},
 			"auto_pull": {
-				Type:     schema.TypeBool,
+				Type:        schema.TypeBool,
 				Description: "Whether to automatically pull images from the registry on creation and daily",
-				Computed: true,
+				Computed:    true,
 			},
 			"auto_pull_max": {
-				Type:     schema.TypeInt,
+				Type:        schema.TypeInt,
 				Description: "Maximum number of repositories to pull every day, defaults to 100",
-				Computed: true,
+				Computed:    true,
 			},
 			"auto_pull_time": {
-				Type:     schema.TypeString,
+				Type:        schema.TypeString,
 				Description: "The time of day to start pulling new images from the registry, in the format HH:MM (24-hour clock), defaults to 03:00",
-				Computed: true,
+				Computed:    true,
+			},
+			"scanner_type": {
+				Type:        schema.TypeString,
+				Description: "Scanner type",
+				Optional:    true,
 			},
 			"prefixes": {
-				Type:     schema.TypeList,
+				Type:        schema.TypeList,
 				Description: "List of possible prefixes to image names pulled from the registry",
-				Computed: true,
+				Computed:    true,
 				Elem: &schema.Schema{
 					Type: schema.TypeString,
 				},
@@ -78,6 +83,7 @@ func dataRegistryRead(d *schema.ResourceData, m interface{}) error {
 		d.Set("auto_pull", reg.AutoPull)
 		d.Set("auto_pull_max", reg.AutoPullMax)
 		d.Set("auto_pull_time", reg.AutoPullTime)
+		d.Set("scanner_type", reg.ScannerType)
 		d.Set("prefixes", convertStringArr(prefixes))
 		d.SetId(name)
 	} else {

aquasec/data_registry_test.go

@@ -9,7 +9,7 @@ import (
 )
 
 func TestAquasecRegistryDatasource(t *testing.T) {
-	name := "demo"
+	name := "Docker Hub"
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,

aquasec/data_user_sass_test.go

@@ -0,0 +1,48 @@
+package aquasec
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/terraform"
+)
+
+func TestAquasecUserSaasManagementDatasource(t *testing.T) {
+
+	if !isSaasEnv() {
+		t.Skip("Skipping saas user test because its on prem env")
+	}
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:  func() { testAccPreCheck(t) },
+		Providers: testAccProviders,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccCheckAquasecUserSaasDataSource(),
+				Check:  testAccCheckAquasecUsersSaasDataSourceExists("data.aquasec_users_saas.testusers"),
+			},
+		},
+	})
+}
+
+func testAccCheckAquasecUserSaasDataSource() string {
+	return `
+	data "aquasec_users_saas" "testusers" {}
+	`
+}
+
+func testAccCheckAquasecUsersSaasDataSourceExists(n string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[n]
+
+		if !ok {
+			return NewNotFoundErrorf("%s in state", n)
+		}
+
+		if rs.Primary.ID == "" {
+			return NewNotFoundErrorf("Id for %s in state", n)
+		}
+
+		return nil
+	}
+}

aquasec/data_users_test.go

@@ -8,6 +8,11 @@ import (
 )
 
 func TestAquasecUserManagementDatasource(t *testing.T) {
+
+	if isSaasEnv() {
+		t.Skip("Skipping user test because its saas env")
+	}
+
 	resource.Test(t, resource.TestCase{
 		PreCheck:  func() { testAccPreCheck(t) },
 		Providers: testAccProviders,

aquasec/init_tests.go

@@ -0,0 +1,67 @@
+package aquasec
+
+import (
+	"github.com/aquasecurity/terraform-provider-aquasec/client"
+	"io/ioutil"
+	"log"
+	"os"
+	"strconv"
+)
+
+func init() {
+	log.Println("setup suite")
+	var (
+		present, verifyTLS                                       bool
+		username, password, aquaURL, verifyTLSString, caCertPath string
+		err                                                      error
+		caCertByte                                               []byte
+	)
+
+	username, present = os.LookupEnv("AQUA_USER")
+	if !present {
+		panic("AQUA_USER env is missing, please set it")
+	}
+
+	password, present = os.LookupEnv("AQUA_PASSWORD")
+	if !present {
+		panic("AQUA_PASSWORD env is missing, please set it")
+	}
+
+	aquaURL, present = os.LookupEnv("AQUA_URL")
+	if !present {
+		panic("AQUA_URL env is missing, please set it")
+	}
+
+	verifyTLSString, present = os.LookupEnv("AQUA_TLS_VERIFY")
+	if !present {
+		verifyTLSString = "true"
+	}
+
+	caCertPath, present = os.LookupEnv("AQUA_CA_CERT_PATH")
+	if present {
+		if caCertPath != "" {
+			caCertByte, err = ioutil.ReadFile(caCertPath)
+			if err != nil {
+				panic("Unable to read CA certificates")
+			}
+		}
+		panic("AQUA_CA_CERT_PATH env is missing, please set it")
+	}
+
+	verifyTLS, _ = strconv.ParseBool(verifyTLSString)
+
+	aquaClient := client.NewClient(aquaURL, username, password, verifyTLS, caCertByte)
+	token, url, _ := aquaClient.GetAuthToken()
+
+	err = os.Setenv("TESTING_AUTH_TOKEN", token)
+	if err != nil {
+		panic("Failed to set AUTH_TOKEN env")
+	}
+
+	err = os.Setenv("TESTING_URL", url)
+	if err != nil {
+		panic("Failed to set TESTING_URL env")
+	}
+	log.Println("Finished to set token")
+
+}

aquasec/provider.go

@@ -4,14 +4,13 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
-	"log"
-	"os"
-
 	"github.com/aquasecurity/terraform-provider-aquasec/client"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/mitchellh/go-homedir"
+	"io/ioutil"
+	"log"
+	"os"
 )
 
 //Config - godoc
@@ -201,16 +200,27 @@ func providerConfigure(ctx context.Context, d *schema.ResourceData) (interface{}
 
 	aquaClient := client.NewClient(aquaURL, username, password, verifyTLS, caCertByte)
 
-	_, err = aquaClient.GetAuthToken()
+	token, tokenPresent := os.LookupEnv("TESTING_AUTH_TOKEN")
 
-	if err != nil {
-		diags = append(diags, diag.Diagnostic{
-			Severity: diag.Error,
-			Summary:  "Unable to fetch token",
-			Detail:   err.Error(),
-		})
+	url, urlPresent := os.LookupEnv("TESTING_URL")
+
+	if !tokenPresent || !urlPresent {
+		_, _, err = aquaClient.GetAuthToken()
+
+		if err != nil {
+			diags = append(diags, diag.Diagnostic{
+				Severity: diag.Error,
+				Summary:  "Unable to fetch token",
+				Detail:   err.Error(),
+			})
+
+			return nil, diags
+		}
+	} else {
+		aquaClient.SetAuthToken(token)
+		aquaClient.SetUrl(url)
 
-		return nil, diags
 	}
+
 	return aquaClient, diags
 }

aquasec/provider_test.go

@@ -45,4 +45,5 @@ func testAccPreCheck(t *testing.T) {
 	if err := os.Getenv("AQUA_URL"); err == "" {
 		t.Fatal("AQUA_URL must be set for acceptance tests")
 	}
+
 }