-
Notifications
You must be signed in to change notification settings - Fork 630
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix test cases for 'access_group' acceptance tests
- Loading branch information
Showing
1 changed file
with
69 additions
and
108 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -77,7 +77,7 @@ var ( | |
| accessGroup cloudflare.AccessGroup | ||
| ) | ||
|
|
||
| func TestAccCloudflareAccessGroup_ConfigBasicZone(t *testing.T) { | ||
| func TestAccCloudflareAccessGroup_ConfigBasicAccount(t *testing.T) { | ||
| rnd := utils.GenerateRandomResourceName() | ||
| name := fmt.Sprintf("cloudflare_zero_trust_access_group.%s", rnd) | ||
|
|
||
|
|
@@ -95,13 +95,13 @@ func TestAccCloudflareAccessGroup_ConfigBasicZone(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "include.0.any_valid_service_token", "true"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.0", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.1", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.0", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.1", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.domain", "example.com"), | ||
| resource.TestCheckResourceAttrSet(name, "include.0.any_valid_service_token.%"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.ip", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip.ip", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.id", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip_list.id", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| ), | ||
| }, | ||
| { | ||
|
|
@@ -110,20 +110,20 @@ func TestAccCloudflareAccessGroup_ConfigBasicZone(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "include.0.any_valid_service_token", "true"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.0", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.1", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.0", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.1", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.domain", "example.com"), | ||
| resource.TestCheckResourceAttrSet(name, "include.0.any_valid_service_token.%"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.ip", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip.ip", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.id", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip_list.id", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| ), | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func TestAccCloudflareAccessGroup_ConfigBasicAccount(t *testing.T) { | ||
| func TestAccCloudflareAccessGroup_ConfigBasicZone(t *testing.T) { | ||
| rnd := utils.GenerateRandomResourceName() | ||
| name := fmt.Sprintf("cloudflare_zero_trust_access_group.%s", rnd) | ||
|
|
||
|
|
@@ -140,21 +140,21 @@ func TestAccCloudflareAccessGroup_ConfigBasicAccount(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.ZoneIdentifier(zoneID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, consts.ZoneIDSchemaKey, zoneID), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "include.0.any_valid_service_token", "true"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.0", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.1", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.0", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.1", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.0.attribute_name", "Name1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.0.attribute_value", "Value1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.1.attribute_name", "Name2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.1.attribute_value", "Value2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.0.id.0", "group1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.0.identity_provider_id", "1234"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.1.id.0", "group2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.1.identity_provider_id", "5678"), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.domain", "example.com"), | ||
| resource.TestCheckResourceAttrSet(name, "include.0.any_valid_service_token.%"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.ip", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip.ip", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.id", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip_list.id", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.attribute_name", "Name1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.attribute_value", "Value1"), | ||
| resource.TestCheckResourceAttr(name, "include.1.saml.attribute_name", "Name2"), | ||
| resource.TestCheckResourceAttr(name, "include.1.saml.attribute_value", "Value2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure_ad.id", "group1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure_ad.identity_provider_id", "1234"), | ||
| resource.TestCheckResourceAttr(name, "include.1.azure_ad.id", "group2"), | ||
| resource.TestCheckResourceAttr(name, "include.1.azure_ad.identity_provider_id", "5678"), | ||
| ), | ||
| }, | ||
| { | ||
|
|
@@ -163,21 +163,21 @@ func TestAccCloudflareAccessGroup_ConfigBasicAccount(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.ZoneIdentifier(zoneID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, consts.ZoneIDSchemaKey, zoneID), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "include.0.any_valid_service_token", "true"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.0", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.1", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.0", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.1", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.0.attribute_name", "Name1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.0.attribute_value", "Value1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.1.attribute_name", "Name2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.1.attribute_value", "Value2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.0.id.0", "group1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.0.identity_provider_id", "1234"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.1.id.0", "group2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure.1.identity_provider_id", "5678"), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.domain", "example.com"), | ||
| resource.TestCheckResourceAttrSet(name, "include.0.any_valid_service_token.%"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip.ip", "192.0.2.1/32"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip.ip", "192.0.2.2/32"), | ||
| resource.TestCheckResourceAttr(name, "include.0.ip_list.id", "e3a0f205-c525-4e48-a293-ba5d1f00e638"), | ||
| resource.TestCheckResourceAttr(name, "include.1.ip_list.id", "5d54cd30-ce52-46e4-9a46-a47887e1a167"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.attribute_name", "Name1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.saml.attribute_value", "Value1"), | ||
| resource.TestCheckResourceAttr(name, "include.1.saml.attribute_name", "Name2"), | ||
| resource.TestCheckResourceAttr(name, "include.1.saml.attribute_value", "Value2"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure_ad.id", "group1"), | ||
| resource.TestCheckResourceAttr(name, "include.0.azure_ad.identity_provider_id", "1234"), | ||
| resource.TestCheckResourceAttr(name, "include.1.azure_ad.id", "group2"), | ||
| resource.TestCheckResourceAttr(name, "include.1.azure_ad.identity_provider_id", "5678"), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -203,12 +203,12 @@ func TestAccCloudflareAccessGroup_ConfigEmailList(t *testing.T) { | |
| Check: resource.ComposeTestCheckFunc( | ||
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttrSet(name, "include.0.email_list.0"), | ||
| resource.TestCheckResourceAttrSet(name, "include.0.email_list.id"), | ||
|
|
||
| // Check that the email list is destroyed | ||
| resource.TestCheckResourceAttr(emailListName, "name", rnd2), | ||
| resource.TestCheckResourceAttr(emailListName, "type", "EMAIL"), | ||
| resource.TestCheckResourceAttr(emailListName, "items.0", "[email protected]"), | ||
| resource.TestCheckResourceAttr(emailListName, "items.0.value", "[email protected]"), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -233,9 +233,9 @@ func TestAccCloudflareAccessGroup_Exclude(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "exclude.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.domain", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "exclude.0.email.email", email), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -260,9 +260,9 @@ func TestAccCloudflareAccessGroup_Require(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "require.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.domain", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "require.0.email.email", email), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -287,13 +287,12 @@ func TestAccCloudflareAccessGroup_FullConfig(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(name, "name", rnd), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "exclude.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "require.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.common_names.0", "common"), | ||
| resource.TestCheckResourceAttr(name, "include.0.common_names.1", "name"), | ||
| resource.TestCheckNoResourceAttr(name, "include.0.common_name.0"), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.domain", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "exclude.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "require.0.email.email", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.common_name.common_name", "common"), | ||
| resource.TestCheckResourceAttr(name, "include.1.common_name.common_name", "name"), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -320,9 +319,9 @@ func TestAccCloudflareAccessGroup_WithIDP(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(groupName, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(groupName, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(groupName, "name", rnd), | ||
| resource.TestCheckResourceAttrSet(groupName, "include.0.github.0.identity_provider_id"), | ||
| resource.TestCheckResourceAttr(groupName, "include.0.github.0.name", githubOrg), | ||
| resource.TestCheckResourceAttr(groupName, "include.0.github.0.teams.0", team), | ||
| resource.TestCheckResourceAttrSet(groupName, "include.0.github_organization.identity_provider_id"), | ||
| resource.TestCheckResourceAttr(groupName, "include.0.github_organization.name", githubOrg), | ||
| resource.TestCheckResourceAttr(groupName, "include.0.github_organization.team", team), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -349,9 +348,9 @@ func TestAccCloudflareAccessGroup_WithIDPAuthContext(t *testing.T) { | |
| testAccCheckCloudflareAccessGroupExists(groupName, cloudflare.AccountIdentifier(accountID), &accessGroup), | ||
| resource.TestCheckResourceAttr(groupName, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(groupName, "name", rnd), | ||
| resource.TestCheckResourceAttrSet(groupName, "require.0.auth_context.0.identity_provider_id"), | ||
| resource.TestCheckResourceAttr(groupName, "require.0.auth_context.0.id", ctxID), | ||
| resource.TestCheckResourceAttr(groupName, "require.0.auth_context.0.ac_id", ctxACID), | ||
| resource.TestCheckResourceAttrSet(groupName, "require.0.auth_context.identity_provider_id"), | ||
| resource.TestCheckResourceAttr(groupName, "require.0.auth_context.id", ctxID), | ||
| resource.TestCheckResourceAttr(groupName, "require.0.auth_context.ac_id", ctxACID), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -382,44 +381,7 @@ func TestAccCloudflareAccessGroup_Updated(t *testing.T) { | |
| Check: resource.ComposeTestCheckFunc( | ||
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &after), | ||
| testAccCheckCloudflareAccessGroupIDUnchanged(&before, &after), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", "[email protected]"), | ||
| ), | ||
| }, | ||
| }, | ||
| }) | ||
| } | ||
|
|
||
| func TestAccCloudflareAccessGroup_CreateAfterManualDestroy(t *testing.T) { | ||
| var before, after cloudflare.AccessGroup | ||
| var initialID string | ||
| rnd := utils.GenerateRandomResourceName() | ||
| name := fmt.Sprintf("cloudflare_zero_trust_access_group.%s", rnd) | ||
|
|
||
| resource.Test(t, resource.TestCase{ | ||
| PreCheck: func() { | ||
| acctest.TestAccPreCheck(t) | ||
| acctest.TestAccPreCheck_AccountID(t) | ||
| }, | ||
| ProtoV6ProviderFactories: acctest.TestAccProtoV6ProviderFactories, | ||
| CheckDestroy: testAccCheckCloudflareAccessGroupDestroy, | ||
| Steps: []resource.TestStep{ | ||
| { | ||
| Config: testAccCloudflareAccessGroupConfigBasic(rnd, email, cloudflare.AccountIdentifier(accountID)), | ||
| Check: resource.ComposeTestCheckFunc( | ||
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &before), | ||
| testAccManuallyDeleteAccessGroup(name, &initialID), | ||
| ), | ||
| ExpectNonEmptyPlan: true, | ||
| }, | ||
| { | ||
| Config: testAccCloudflareAccessGroupConfigBasicWithUpdate(rnd, accountID, email), | ||
| Check: resource.ComposeTestCheckFunc( | ||
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &after), | ||
| testAccCheckCloudflareAccessGroupRecreated(&before, &after), | ||
| resource.TestCheckResourceAttr(name, consts.AccountIDSchemaKey, accountID), | ||
| resource.TestCheckResourceAttr(name, "name", fmt.Sprintf("%s-updated", rnd)), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.0", email), | ||
| resource.TestCheckResourceAttr(name, "include.0.email_domain.0", "example.com"), | ||
| resource.TestCheckResourceAttr(name, "include.0.email.email", "[email protected]"), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
@@ -450,9 +412,8 @@ func TestAccCloudflareAccessGroup_UpdatedFromCommonNameToCommonNames(t *testing. | |
| Check: resource.ComposeTestCheckFunc( | ||
| testAccCheckCloudflareAccessGroupExists(name, cloudflare.AccountIdentifier(accountID), &after), | ||
| testAccCheckCloudflareAccessGroupIDUnchanged(&before, &after), | ||
| resource.TestCheckResourceAttr(name, "include.0.common_names.0", "common"), | ||
| resource.TestCheckResourceAttr(name, "include.0.common_names.1", "name"), | ||
| resource.TestCheckNoResourceAttr(name, "include.0.common_name.0"), | ||
| resource.TestCheckResourceAttr(name, "include.0.common_name.common_name", "common"), | ||
| resource.TestCheckResourceAttr(name, "include.1.common_name.common_name", "name"), | ||
| ), | ||
| }, | ||
| }, | ||
|
|
||