Skip to content

Commit

Permalink
Merge pull request hashicorp#279 from gpiper14/fix-role-name-update
Browse files Browse the repository at this point in the history 
Fix token_auth_backend_role role_name updates not working
  • Loading branch information
Becca Petrin authored Jan 25, 2019
2 parents 0013925 + a7c3118 commit 4db521a
Show file tree
Hide file tree
Showing 2 changed files with 41 additions and 0 deletions.
2 changes: 2 additions & 0 deletions vault/resource_token_auth_backend_role.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ func tokenAuthBackendRoleResource() *schema.Resource {
"role_name": {
Type: schema.TypeString,
Required: true,
ForceNew: true,
Description: "Name of the role.",
},
"allowed_policies": {
Expand Down Expand Up @@ -128,6 +129,7 @@ func tokenAuthBackendRoleCreate(d *schema.ResourceData, meta interface{}) error
data["ttl"] = d.Get("ttl").(string)
data["max_ttl"] = d.Get("max_ttl").(string)
data["orphan"] = d.Get("orphan").(bool)
data["period"] = d.Get("period").(string)
data["renewable"] = d.Get("renewable").(bool)
data["path_suffix"] = d.Get("path_suffix").(string)

Expand Down
39 changes: 39 additions & 0 deletions vault/resource_token_auth_backend_role_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@ func TestAccTokenAuthBackendRole(t *testing.T) {

func TestAccTokenAuthBackendRoleUpdate(t *testing.T) {
role := acctest.RandomWithPrefix("test-role")
roleUpdated := acctest.RandomWithPrefix("test-role-updated")

resource.Test(t, resource.TestCase{
PreCheck: func() { testAccPreCheck(t) },
Expand All @@ -64,6 +65,23 @@ func TestAccTokenAuthBackendRoleUpdate(t *testing.T) {
Config: testAccTokenAuthBackendRoleConfigUpdate(role),
Check: resource.ComposeTestCheckFunc(
testAccTokenAuthBackendRoleCheck_attrs(role),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "role_name", role),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "allowed_policies.0", "dev"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "allowed_policies.1", "test"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "disallowed_policies.0", "default"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "orphan", "true"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "period", "86400"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "renewable", "true"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "explicit_max_ttl", "115200"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "path_suffix", "parth-suffix"),
),
},
{
Config: testAccTokenAuthBackendRoleConfigUpdate(roleUpdated),
Check: resource.ComposeTestCheckFunc(
testAccTokenAuthBackendRoleCheck_attrs(roleUpdated),
testAccTokenAuthBackendRoleCheck_deleted(role),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "role_name", roleUpdated),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "allowed_policies.0", "dev"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "allowed_policies.1", "test"),
resource.TestCheckResourceAttr("vault_token_auth_backend_role.role", "disallowed_policies.0", "default"),
Expand Down Expand Up @@ -96,6 +114,27 @@ func testAccCheckTokenAuthBackendRoleDestroy(s *terraform.State) error {
return nil
}

func testAccTokenAuthBackendRoleCheck_deleted(role string) resource.TestCheckFunc {
return func(s *terraform.State) error {
endpoint := "auth/token/roles"
client := testProvider.Meta().(*api.Client)

resp, err := client.Logical().List(endpoint)

if err != nil {
return fmt.Errorf("%q returned unexpectedly", endpoint)
}

apiData := resp.Data["keys"].([]interface{})
for _, r := range apiData {
if r == role {
return fmt.Errorf("%q still exists, extected to be deleted", role)
}
}
return nil
}
}

func testAccTokenAuthBackendRoleCheck_attrs(role string) resource.TestCheckFunc {
return func(s *terraform.State) error {
resourceState := s.Modules[0].Resources["vault_token_auth_backend_role.role"]
Expand Down

0 comments on commit 4db521a

Please sign in to comment.