Fixes trailing slash issue for namespaces (#390)

* Currently the answer from the API returns a trailing slash
* Looking in other resources, we validate against having a trailing slash
* use `filepath.Clean` to trim trailing slash from API response
* Added test to delete resource so test could be run multiple times

vault/resource_namespace.go

@@ -1,8 +1,11 @@
 package vault
 
 import (
+	"errors"
 	"fmt"
 	"log"
+	"path/filepath"
+	"strings"
 
 	"github.com/hashicorp/terraform/helper/schema"
 	"github.com/hashicorp/vault/api"
@@ -23,6 +26,13 @@ func namespaceResource() *schema.Resource {
 				Type:        schema.TypeString,
 				Required:    true,
 				Description: "Path of the namespace.",
+				ValidateFunc: func(v interface{}, k string) (ws []string, errs []error) {
+					value := v.(string)
+					if strings.HasSuffix(value, "/") {
+						errs = append(errs, errors.New("cannot write to a path ending in '/'"))
+					}
+					return
+				},
 			},
 		},
 	}
@@ -70,7 +80,10 @@ func namespaceRead(d *schema.ResourceData, meta interface{}) error {
 		return fmt.Errorf("error reading from Vault: %s", err)
 	}
 
-	d.Set("path", resp.Data["path"].(string))
+	// remove trailing slash
+	namespacePath := filepath.Clean(resp.Data["path"].(string))
+
+	d.Set("path", namespacePath)
 	d.SetId(resp.Data["id"].(string))
 
 	return nil

vault/resource_namespace_test.go

@@ -2,13 +2,15 @@ package vault
 
 import (
 	"fmt"
+	"regexp"
 	"testing"
 
 	"os"
 
 	"github.com/hashicorp/terraform/helper/acctest"
 	"github.com/hashicorp/terraform/helper/resource"
 	"github.com/hashicorp/terraform/terraform"
+	"github.com/hashicorp/vault/api"
 )
 
 func TestNamespace_basic(t *testing.T) {
@@ -18,16 +20,22 @@ func TestNamespace_basic(t *testing.T) {
 		t.Skip("TF_ACC_ENTERPRISE is not set, test is applicable only for Enterprise version of Vault")
 	}
 
-	namespacePath := acctest.RandomWithPrefix("test-namespace") + "/"
+	namespacePath := acctest.RandomWithPrefix("test-namespace")
 
 	resource.Test(t, resource.TestCase{
-		PreCheck:  func() { testAccPreCheck(t) },
-		Providers: testProviders,
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testProviders,
+		CheckDestroy: testNamespaceDestroy(namespacePath),
 		Steps: []resource.TestStep{
 			{
 				Config: testNamespaceConfig(namespacePath),
 				Check:  testNamespaceCheckAttrs(),
 			},
+			{
+				Config:      testNamespaceConfig(namespacePath + "/"),
+				Destroy:     false,
+				ExpectError: regexp.MustCompile("vault_namespace\\.test: cannot write to a path ending in '/'"),
+			},
 		},
 	})
 }
@@ -48,6 +56,22 @@ func testNamespaceCheckAttrs() resource.TestCheckFunc {
 	}
 }
 
+func testNamespaceDestroy(path string) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		client := testProvider.Meta().(*api.Client)
+
+		namespaceRef, err := client.Logical().Read(fmt.Sprintf("/sys/namespaces/%s", path))
+		if err != nil {
+			return fmt.Errorf("error reading back configuration: %s", err)
+		}
+		if namespaceRef != nil {
+			return fmt.Errorf("namespace still exists")
+		}
+
+		return nil
+	}
+}
+
 func testNamespaceConfig(path string) string {
 	return fmt.Sprintf(`
 resource "vault_namespace" "test" {

website/docs/r/namespace.html.md

@@ -16,15 +16,15 @@ Provides a resource to manage [Namespaces](https://www.vaultproject.io/docs/ente
 
 ```hcl
 resource "vault_namespace" "ns1" {
-  path = "ns1/"
+  path = "ns1"
 }
 ```
 
 ## Argument Reference
 
 The following arguments are supported:
 
-* `path` - (Required) The path of the namespace
+* `path` - (Required) The path of the namespace. Must not have a trailing `/`
 
 ## Attributes Reference