Reorder tests

hashicorp · Sep 26, 2022 · 9e1cd1f · 9e1cd1f
1 parent ceffee1
commit 9e1cd1f
Showing 1 changed file with 33 additions and 32 deletions.
diff --git a/internal/service/acm/certificate_test.go b/internal/service/acm/certificate_test.go
@@ -183,7 +183,7 @@ func TestAccACMCertificate_validationOptions(t *testing.T) {
 	})
 }
 
-func TestAccACMCertificate_privateCertificate(t *testing.T) {
+func TestAccACMCertificate_privateCertificate_renewable(t *testing.T) {
 	certificateAuthorityResourceName := "aws_acmpca_certificate_authority.test"
 	resourceName := "aws_acm_certificate.test"
 	commonName := acctest.RandomDomain()
@@ -197,7 +197,7 @@ func TestAccACMCertificate_privateCertificate(t *testing.T) {
 		CheckDestroy:             testAccCheckCertificateDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccCertificateConfig_privateCertificate(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v1),
 					acctest.MatchResourceAttrRegionalARN(resourceName, "arn", "acm", regexp.MustCompile("certificate/.+$")),
@@ -234,7 +234,7 @@ func TestAccACMCertificate_privateCertificate(t *testing.T) {
 						t.Fatalf("exporting ACM Certificate (%s): %s", aws.StringValue(v1.CertificateArn), err)
 					}
 				},
-				Config: testAccCertificateConfig_privateCertificate(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v2),
 					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityEligible),
@@ -260,7 +260,7 @@ func TestAccACMCertificate_privateCertificate(t *testing.T) {
 						t.Fatalf("renewing ACM Certificate (%s): %s", aws.StringValue(v1.CertificateArn), err)
 					}
 				},
-				Config: testAccCertificateConfig_privateCertificate(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v3),
 					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityEligible),
@@ -278,15 +278,21 @@ func TestAccACMCertificate_privateCertificate(t *testing.T) {
 			},
 			{
 				PreConfig: func() {
-					time.Sleep(10 * time.Second)
+					conn := acctest.Provider.Meta().(*conns.AWSClient).ACMConn
+
+					ctx := context.Background()
+					_, err := tfacm.WaitCertificateRenewed(ctx, conn, aws.StringValue(v1.CertificateArn), 5*time.Minute)
+					if err != nil {
+						t.Fatalf("waiting for ACM Certificate (%s) renewal: %s", aws.StringValue(v1.CertificateArn), err)
+					}
 				},
-				Config: testAccCertificateConfig_privateCertificate(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v3),
-					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityEligible),
+					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityIneligible),
 					resource.TestCheckResourceAttr(resourceName, "renewal_summary.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status", acm.RenewalStatusPendingAutoRenewal),
-					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status_reason", acm.FailureReasonPcaAccessDenied),
+					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status", acm.RenewalStatusSuccess),
+					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status_reason", ""),
 					resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusIssued),
 					resource.TestCheckResourceAttr(resourceName, "type", acm.CertificateTypePrivate),
 				),
@@ -300,7 +306,7 @@ func TestAccACMCertificate_privateCertificate(t *testing.T) {
 	})
 }
 
-func TestAccACMCertificate_privateCertificate_renewable(t *testing.T) {
+func TestAccACMCertificate_privateCertificate_noRenewalPermission(t *testing.T) {
 	certificateAuthorityResourceName := "aws_acmpca_certificate_authority.test"
 	resourceName := "aws_acm_certificate.test"
 	commonName := acctest.RandomDomain()
@@ -314,7 +320,7 @@ func TestAccACMCertificate_privateCertificate_renewable(t *testing.T) {
 		CheckDestroy:             testAccCheckCertificateDestroy,
 		Steps: []resource.TestStep{
 			{
-				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_noRenewalPermission(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v1),
 					acctest.MatchResourceAttrRegionalARN(resourceName, "arn", "acm", regexp.MustCompile("certificate/.+$")),
@@ -351,7 +357,7 @@ func TestAccACMCertificate_privateCertificate_renewable(t *testing.T) {
 						t.Fatalf("exporting ACM Certificate (%s): %s", aws.StringValue(v1.CertificateArn), err)
 					}
 				},
-				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_noRenewalPermission(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v2),
 					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityEligible),
@@ -377,7 +383,7 @@ func TestAccACMCertificate_privateCertificate_renewable(t *testing.T) {
 						t.Fatalf("renewing ACM Certificate (%s): %s", aws.StringValue(v1.CertificateArn), err)
 					}
 				},
-				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_noRenewalPermission(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v3),
 					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityEligible),
@@ -395,21 +401,15 @@ func TestAccACMCertificate_privateCertificate_renewable(t *testing.T) {
 			},
 			{
 				PreConfig: func() {
-					conn := acctest.Provider.Meta().(*conns.AWSClient).ACMConn
-
-					ctx := context.Background()
-					_, err := tfacm.WaitCertificateRenewed(ctx, conn, aws.StringValue(v1.CertificateArn), 5*time.Minute)
-					if err != nil {
-						t.Fatalf("waiting for ACM Certificate (%s) renewal: %s", aws.StringValue(v1.CertificateArn), err)
-					}
+					time.Sleep(10 * time.Second)
 				},
-				Config: testAccCertificateConfig_privateCertificate_renewable(commonName.String(), certificateDomainName),
+				Config: testAccCertificateConfig_privateCertificate_noRenewalPermission(commonName.String(), certificateDomainName),
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckCertificateExists(resourceName, &v3),
-					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityIneligible),
+					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityEligible),
 					resource.TestCheckResourceAttr(resourceName, "renewal_summary.#", "1"),
-					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status", acm.RenewalStatusSuccess),
-					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status_reason", ""),
+					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status", acm.RenewalStatusPendingAutoRenewal),
+					resource.TestCheckResourceAttr(resourceName, "renewal_summary.0.renewal_status_reason", acm.FailureReasonPcaAccessDenied),
 					resource.TestCheckResourceAttr(resourceName, "status", acm.CertificateStatusIssued),
 					resource.TestCheckResourceAttr(resourceName, "type", acm.CertificateTypePrivate),
 				),
@@ -897,6 +897,7 @@ func TestAccACMCertificate_Imported_validityDates(t *testing.T) {
 					testAccCheckCertificateExists(resourceName, &v),
 					acctest.CheckResourceAttrRFC3339(resourceName, "not_after"),
 					acctest.CheckResourceAttrRFC3339(resourceName, "not_before"),
+					resource.TestCheckResourceAttr(resourceName, "pending_renewal", "false"),
 					resource.TestCheckResourceAttr(resourceName, "renewal_eligibility", acm.RenewalEligibilityIneligible),
 					resource.TestCheckResourceAttr(resourceName, "renewal_summary.#", "0"),
 					resource.TestCheckResourceAttr(resourceName, "type", acm.CertificateTypeImported),
@@ -1080,7 +1081,7 @@ resource "aws_acm_certificate" "test" {
 `, rootDomainName, domainName)
 }
 
-func testAccCertificateConfig_privateCertificate(commonName, certificateDomainName string) string {
+func testAccCertificateConfig_privateCertificate_renewable(commonName, certificateDomainName string) string {
 	return fmt.Sprintf(`
 resource "aws_acm_certificate" "test" {
   domain_name               = %[2]q
@@ -1105,6 +1106,12 @@ resource "aws_acmpca_certificate_authority" "test" {
   }
 }
 
+resource "aws_acmpca_permission" "test" {
+  certificate_authority_arn = aws_acmpca_certificate_authority.test.arn
+  principal                 = "acm.amazonaws.com"
+  actions                   = ["IssueCertificate", "GetCertificate", "ListPermissions"]
+}
+
 resource "aws_acmpca_certificate" "test" {
   certificate_authority_arn   = aws_acmpca_certificate_authority.test.arn
   certificate_signing_request = aws_acmpca_certificate_authority.test.certificate_signing_request
@@ -1129,7 +1136,7 @@ data "aws_partition" "current" {}
 `, commonName, certificateDomainName)
 }
 
-func testAccCertificateConfig_privateCertificate_renewable(commonName, certificateDomainName string) string {
+func testAccCertificateConfig_privateCertificate_noRenewalPermission(commonName, certificateDomainName string) string {
 	return fmt.Sprintf(`
 resource "aws_acm_certificate" "test" {
   domain_name               = %[2]q
@@ -1154,12 +1161,6 @@ resource "aws_acmpca_certificate_authority" "test" {
   }
 }
 
-resource "aws_acmpca_permission" "test" {
-  certificate_authority_arn = aws_acmpca_certificate_authority.test.arn
-  principal                 = "acm.amazonaws.com"
-  actions                   = ["IssueCertificate", "GetCertificate", "ListPermissions"]
-}
-
 resource "aws_acmpca_certificate" "test" {
   certificate_authority_arn   = aws_acmpca_certificate_authority.test.arn
   certificate_signing_request = aws_acmpca_certificate_authority.test.certificate_signing_request