Skip to content

Commit

Permalink
resource/aws_pinpoint_apns_sandbox_channel: docs + tests
Browse files Browse the repository at this point in the history
  • Loading branch information
marcoreni committed Oct 22, 2018
1 parent 5d4493e commit 37df2f1
Show file tree
Hide file tree
Showing 3 changed files with 319 additions and 0 deletions.
257 changes: 257 additions & 0 deletions aws/resource_aws_pinpoint_apns_sandbox_channel_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,257 @@
package aws

import (
"fmt"
"os"
"strconv"
"strings"
"testing"

"github.com/aws/aws-sdk-go/service/pinpoint"

"github.com/aws/aws-sdk-go/aws"
"github.com/hashicorp/terraform/helper/resource"
"github.com/hashicorp/terraform/terraform"
)

/**
Before running this test, one of the following two ENV variables set must be defined. See here for details:
https://docs.aws.amazon.com/pinpoint/latest/userguide/channels-mobile-manage.html
* Key Configuration (ref. https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server/establishing_a_token-based_connection_to_apns )
APNS_SANDBOX_BUNDLE_ID - APNs Bundle ID
APNS_SANDBOX_TEAM_ID - APNs Team ID
APNS_SANDBOX_TOKEN_KEY - Token key file content (.p8 file)
APNS_SANDBOX_TOKEN_KEY_ID - APNs Token Key ID
* Certificate Configuration (ref. https://developer.apple.com/documentation/usernotifications/setting_up_a_remote_notification_server/establishing_a_certificate-based_connection_to_apns )
APNS_SANDBOX_CERTIFICATE - APNs Certificate content (.pem file content)
APNS_SANDBOX_CERTIFICATE_PRIVATE_KEY - APNs Certificate Private Key File content
**/

type testAccAwsPinpointAPNSSandboxChannelCertConfiguration struct {
Certificate string
PrivateKey string
}

type testAccAwsPinpointAPNSSandboxChannelTokenConfiguration struct {
BundleId string
TeamId string
TokenKey string
TokenKeyId string
}

func testAccAwsPinpointAPNSSandboxChannelCertConfigurationFromEnv(t *testing.T) *testAccAwsPinpointAPNSSandboxChannelCertConfiguration {
var conf *testAccAwsPinpointAPNSSandboxChannelCertConfiguration
if os.Getenv("APNS_SANDBOX_CERTIFICATE") != "" {
if os.Getenv("APNS_SANDBOX_CERTIFICATE_PRIVATE_KEY") == "" {
t.Fatalf("APNS_SANDBOX_CERTIFICATE set but missing APNS_SANDBOX_CERTIFICATE_PRIVATE_KEY")
}

conf = &testAccAwsPinpointAPNSSandboxChannelCertConfiguration{
Certificate: fmt.Sprintf("<<EOF\n%s\nEOF\n", strings.TrimSpace(os.Getenv("APNS_SANDBOX_CERTIFICATE"))),
PrivateKey: fmt.Sprintf("<<EOF\n%s\nEOF\n", strings.TrimSpace(os.Getenv("APNS_SANDBOX_CERTIFICATE_PRIVATE_KEY"))),
}
}

if conf == nil {
t.Skipf("Pinpoint certificate credentials envs are missing, skipping test")
}

return conf
}

func testAccAwsPinpointAPNSSandboxChannelTokenConfigurationFromEnv(t *testing.T) *testAccAwsPinpointAPNSSandboxChannelTokenConfiguration {
if os.Getenv("APNS_SANDBOX_BUNDLE_ID") == "" {
t.Skipf("APNS_SANDBOX_BUNDLE_ID env is missing, skipping test")
}

if os.Getenv("APNS_SANDBOX_TEAM_ID") == "" {
t.Skipf("APNS_SANDBOX_TEAM_ID env is missing, skipping test")
}

if os.Getenv("APNS_SANDBOX_TOKEN_KEY") == "" {
t.Skipf("APNS_SANDBOX_TOKEN_KEY env is missing, skipping test")
}

if os.Getenv("APNS_SANDBOX_TOKEN_KEY_ID") == "" {
t.Skipf("APNS_SANDBOX_TOKEN_KEY_ID env is missing, skipping test")
}

conf := testAccAwsPinpointAPNSSandboxChannelTokenConfiguration{
BundleId: strconv.Quote(strings.TrimSpace(os.Getenv("APNS_SANDBOX_BUNDLE_ID"))),
TeamId: strconv.Quote(strings.TrimSpace(os.Getenv("APNS_SANDBOX_TEAM_ID"))),
TokenKey: fmt.Sprintf("<<EOF\n%s\nEOF\n", strings.TrimSpace(os.Getenv("APNS_SANDBOX_TOKEN_KEY"))),
TokenKeyId: strconv.Quote(strings.TrimSpace(os.Getenv("APNS_SANDBOX_TOKEN_KEY_ID"))),
}

return &conf
}

func TestAccAWSPinpointAPNSSandboxChannel_basicCertificate(t *testing.T) {
oldDefaultRegion := os.Getenv("AWS_DEFAULT_REGION")
os.Setenv("AWS_DEFAULT_REGION", "us-east-1")
defer os.Setenv("AWS_DEFAULT_REGION", oldDefaultRegion)

var channel pinpoint.APNSSandboxChannelResponse
resourceName := "aws_pinpoint_apns_sandbox_channel.test_channel"

configuration := testAccAwsPinpointAPNSSandboxChannelCertConfigurationFromEnv(t)

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
IDRefreshName: resourceName,
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSPinpointAPNSSandboxChannelDestroy,
Steps: []resource.TestStep{
{
Config: testAccAWSPinpointAPNSSandboxChannelConfig_basicCertificate(configuration),
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSPinpointAPNSSandboxChannelExists(resourceName, &channel),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"certificate", "private_key"},
},
{
Config: testAccAWSPinpointAPNSSandboxChannelConfig_basicCertificate(configuration),
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSPinpointAPNSSandboxChannelExists(resourceName, &channel),
),
},
},
})
}

func TestAccAWSPinpointAPNSSandboxChannel_basicToken(t *testing.T) {
oldDefaultRegion := os.Getenv("AWS_DEFAULT_REGION")
os.Setenv("AWS_DEFAULT_REGION", "us-east-1")
defer os.Setenv("AWS_DEFAULT_REGION", oldDefaultRegion)

var channel pinpoint.APNSSandboxChannelResponse
resourceName := "aws_pinpoint_apns_sandbox_channel.test_channel"

configuration := testAccAwsPinpointAPNSSandboxChannelTokenConfigurationFromEnv(t)

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
IDRefreshName: resourceName,
Providers: testAccProviders,
CheckDestroy: testAccCheckAWSPinpointAPNSSandboxChannelDestroy,
Steps: []resource.TestStep{
{
Config: testAccAWSPinpointAPNSSandboxChannelConfig_basicToken(configuration),
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSPinpointAPNSSandboxChannelExists(resourceName, &channel),
),
},
{
ResourceName: resourceName,
ImportState: true,
ImportStateVerify: true,
ImportStateVerifyIgnore: []string{"team_id", "bundle_id", "token_key", "token_key_id"},
},
{
Config: testAccAWSPinpointAPNSSandboxChannelConfig_basicToken(configuration),
Check: resource.ComposeTestCheckFunc(
testAccCheckAWSPinpointAPNSSandboxChannelExists(resourceName, &channel),
),
},
},
})
}

func testAccCheckAWSPinpointAPNSSandboxChannelExists(n string, channel *pinpoint.APNSSandboxChannelResponse) resource.TestCheckFunc {
return func(s *terraform.State) error {
rs, ok := s.RootModule().Resources[n]
if !ok {
return fmt.Errorf("Not found: %s", n)
}

if rs.Primary.ID == "" {
return fmt.Errorf("No Pinpoint APNs Channel with that Application ID exists")
}

conn := testAccProvider.Meta().(*AWSClient).pinpointconn

// Check if the app exists
params := &pinpoint.GetApnsSandboxChannelInput{
ApplicationId: aws.String(rs.Primary.ID),
}
output, err := conn.GetApnsSandboxChannel(params)

if err != nil {
return err
}

*channel = *output.APNSSandboxChannelResponse

return nil
}
}

func testAccAWSPinpointAPNSSandboxChannelConfig_basicCertificate(conf *testAccAwsPinpointAPNSSandboxChannelCertConfiguration) string {
return fmt.Sprintf(`
provider "aws" {
region = "us-east-1"
}
resource "aws_pinpoint_app" "test_app" {}
resource "aws_pinpoint_apns_sandbox_channel" "test_channel" {
application_id = "${aws_pinpoint_app.test_app.application_id}"
enabled = false
default_authentication_method = "CERTIFICATE"
certificate = %s
private_key = %s
}`, conf.Certificate, conf.PrivateKey)
}

func testAccAWSPinpointAPNSSandboxChannelConfig_basicToken(conf *testAccAwsPinpointAPNSSandboxChannelTokenConfiguration) string {
return fmt.Sprintf(`
provider "aws" {
region = "us-east-1"
}
resource "aws_pinpoint_app" "test_app" {}
resource "aws_pinpoint_apns_sandbox_channel" "test_channel" {
application_id = "${aws_pinpoint_app.test_app.application_id}"
enabled = false
default_authentication_method = "TOKEN"
bundle_id = %s
team_id = %s
token_key = %s
token_key_id = %s
}`, conf.BundleId, conf.TeamId, conf.TokenKey, conf.TokenKeyId)
}

func testAccCheckAWSPinpointAPNSSandboxChannelDestroy(s *terraform.State) error {
conn := testAccProvider.Meta().(*AWSClient).pinpointconn

for _, rs := range s.RootModule().Resources {
if rs.Type != "aws_pinpoint_apns_sandbox_channel" {
continue
}

// Check if the channel exists
params := &pinpoint.GetApnsSandboxChannelInput{
ApplicationId: aws.String(rs.Primary.ID),
}
_, err := conn.GetApnsSandboxChannel(params)
if err != nil {
if isAWSErr(err, pinpoint.ErrCodeNotFoundException, "") {
continue
}
return err
}
return fmt.Errorf("APNs Sandbox Channel exists when it should be destroyed!")
}

return nil
}
3 changes: 3 additions & 0 deletions website/aws.erb
Original file line number Diff line number Diff line change
Expand Up @@ -1712,6 +1712,9 @@
<li<%= sidebar_current("docs-aws-resource-pinpoint-apns-channel") %>>
<a href="/docs/providers/aws/r/pinpoint_apns_channel.html">aws_pinpoint_apns_channel</a>
</li>
<li<%= sidebar_current("docs-aws-resource-pinpoint-apns-sandbox-channel") %>>
<a href="/docs/providers/aws/r/pinpoint_apns_sandbox_channel.html">aws_pinpoint_apns_sandbox_channel</a>
</li>
<li<%= sidebar_current("docs-aws-resource-pinpoint-baidu-channel") %>>
<a href="/docs/providers/aws/r/pinpoint_baidu_channel.html">aws_pinpoint_baidu_channel</a>
</li>
Expand Down
59 changes: 59 additions & 0 deletions website/docs/r/pinpoint_apns_sandbox_channel.markdown
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
---
layout: "aws"
page_title: "AWS: aws_pinpoint_apns_sandbox_channel"
sidebar_current: "docs-aws-resource-pinpoint-apns_sandbox-channel"
description: |-
Provides a Pinpoint APNs Sandbox Channel resource.
---

# aws_pinpoint_apns_sandbox_channel

Provides a Pinpoint APNs Sandbox Channel resource.

~> **Note:** All arguments, including certificates and tokens, will be stored in the raw state as plain-text.
[Read more about sensitive data in state](/docs/state/sensitive-data.html).

## Example Usage

```hcl
resource "aws_pinpoint_apns_sandbox_channel" "apns_sandbox" {
application_id = "${aws_pinpoint_app.app.application_id}"
certificate = "${file("./certificate.pem")}"
private_key = "${file("./private_key.key")}"
}
resource "aws_pinpoint_app" "app" {}
```


## Argument Reference

The following arguments are supported:

* `application_id` - (Required) The application ID.
* `enabled` - (Optional) Whether the channel is enabled or disabled. Defaults to `true`.
* `default_authentication_method` - (Optional) The default authentication method used for APNs Sandbox.
__NOTE__: Amazon Pinpoint uses this default for every APNs push notification that you send using the console.
You can override the default when you send a message programmatically using the Amazon Pinpoint API, the AWS CLI, or an AWS SDK.
If your default authentication type fails, Amazon Pinpoint doesn't attempt to use the other authentication type.

One of the following sets of credentials is also required.

If you choose to use __Certificate credentials__ you will have to provide:
* `certificate` - (Required) The pem encoded TLS Certificate from Apple.
* `private_key` - (Required) The Certificate Private Key file (ie. `.key` file).

If you choose to use __Key credentials__ you will have to provide:
* `bundle_id` - (Required) The ID assigned to your iOS app. To find this value, choose Certificates, IDs & Profiles, choose App IDs in the Identifiers section, and choose your app.
* `team_id` - (Required) The ID assigned to your Apple developer account team. This value is provided on the Membership page.
* `token_key` - (Required) The `.p8` file that you download from your Apple developer account when you create an authentication key.
* `token_key_id` - (Required) The ID assigned to your signing key. To find this value, choose Certificates, IDs & Profiles, and choose your key in the Keys section.

## Import

Pinpoint APNs Sandbox Channel can be imported using the `application-id`, e.g.

```
$ terraform import aws_pinpoint_apns_sandbox_channel.apns_sandbox application-id
```

0 comments on commit 37df2f1

Please sign in to comment.