aherman
/
terraform
mirror of https://github.com/hashicorp/terraform
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adds tests to handle legacy config and envvars

Browse Source
pull/34386/head
Graham Davison 2 years ago
parent c701ad1e2a
commit c9eae74ba7
1 changed files with 191 additions and 27 deletions
Show Stats Download Patch File Download Diff File

218
internal/backend/remote-state/s3/backend_complete_test.go
Unescape View File

@ -2419,14 +2419,17 @@ func TestStsEndpoint(t *testing.T) {
setInvalid
)
testcases := map[string]struct {
Config map[string]any
SetServiceEndpoint settype
SetEnv string
SetInvalidEnv string
Config map[string]any
SetServiceEndpoint settype
SetServiceEndpointLegacy settype
SetEnv string
SetInvalidEnv string
// Use string at index 1 for valid endpoint url and index 2 for invalid endpoint url
ConfigFile string
ExpectedCredentials aws.Credentials
}{
// Service Config
"service config": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
@ -2446,6 +2449,16 @@ func TestStsEndpoint(t *testing.T) {
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service config overrides service envvar legacy": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetServiceEndpoint: setValid,
SetInvalidEnv: "AWS_STS_ENDPOINT",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service config overrides base envvar": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
@ -2496,21 +2509,95 @@ endpoint_url = %[2]s
},
},
"service envvar": {
// Service Config Legacy
"service config legacy": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetEnv: "AWS_ENDPOINT_URL_STS",
ExpectedCredentials: mockdata.MockStaticCredentials,
SetServiceEndpointLegacy: setValid,
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"base envvar": {
"service config legacy overrides service envvar": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetEnv: "AWS_ENDPOINT_URL",
SetServiceEndpointLegacy: setValid,
SetInvalidEnv: "AWS_ENDPOINT_URL_STS",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service config legacy overrides service envvar legacy": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetServiceEndpointLegacy: setValid,
SetInvalidEnv: "AWS_STS_ENDPOINT",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service config legacy overrides base envvar": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetServiceEndpointLegacy: setValid,
SetInvalidEnv: "AWS_ENDPOINT_URL",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service config legacy overrides service config_file": {
Config: map[string]any{
"profile": "default",
},
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
services = sts-test
[services sts-test]
sts =
endpoint_url = %[2]s
`,
SetServiceEndpointLegacy: setValid,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
SecretAccessKey: "DefaultSharedCredentialsSecretKey",
Source: sharedConfigCredentialsProvider,
},
},
"service config legacy overrides base config_file": {
Config: map[string]any{
"profile": "default",
},
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
endpoint_url = %[2]s
`,
SetServiceEndpointLegacy: setValid,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
SecretAccessKey: "DefaultSharedCredentialsSecretKey",
Source: sharedConfigCredentialsProvider,
},
},
// Service Envvar
"service envvar": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetEnv: "AWS_ENDPOINT_URL_STS",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
@ -2524,10 +2611,11 @@ endpoint_url = %[2]s
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service config_file": {
"service envvar overrides service config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_ENDPOINT_URL_STS",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
@ -2536,7 +2624,7 @@ services = sts-test
[services sts-test]
sts =
endpoint_url = %[1]s
endpoint_url = %[2]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
@ -2545,20 +2633,59 @@ sts =
},
},
"service config_file overrides base config_file": {
"service envvar overrides base config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_ENDPOINT_URL_STS",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
services = sts-test
endpoint_url = %[2]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
SecretAccessKey: "DefaultSharedCredentialsSecretKey",
Source: sharedConfigCredentialsProvider,
},
},
// Service Envvar Legacy
"service envvar legacy": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetEnv: "AWS_STS_ENDPOINT",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service envvar legacy overrides base envvar": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetEnv: "AWS_STS_ENDPOINT",
SetInvalidEnv: "AWS_ENDPOINT_URL",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"service envvar legacy overrides service config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_STS_ENDPOINT",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
services = sts-test
[services sts-test]
sts =
endpoint_url = %[1]s
endpoint_url = %[2]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
@ -2567,11 +2694,30 @@ sts =
},
},
"service envvar overrides service config_file": {
"service envvar legacy overrides base config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_STS_ENDPOINT",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
endpoint_url = %[2]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
SecretAccessKey: "DefaultSharedCredentialsSecretKey",
Source: sharedConfigCredentialsProvider,
},
},
// Service Config File
"service config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_ENDPOINT_URL_STS",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
@ -2580,7 +2726,7 @@ services = sts-test
[services sts-test]
sts =
endpoint_url = %[2]s
endpoint_url = %[1]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
@ -2589,20 +2735,20 @@ sts =
},
},
"base envvar overrides service config_file": {
"service config_file overrides base config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_ENDPOINT_URL",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
services = sts-test
endpoint_url = %[2]s
[services sts-test]
sts =
endpoint_url = %[2]s
endpoint_url = %[1]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
@ -2611,15 +2757,31 @@ sts =
},
},
"base config_file": {
// Base envvar
"base envvar": {
Config: map[string]any{
"access_key": servicemocks.MockStaticAccessKey,
"secret_key": servicemocks.MockStaticSecretKey,
},
SetEnv: "AWS_ENDPOINT_URL",
ExpectedCredentials: mockdata.MockStaticCredentials,
},
"base envvar overrides service config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_ENDPOINT_URL",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
endpoint_url = %[1]s
services = sts-test
[services sts-test]
sts =
endpoint_url = %[2]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
@ -2628,16 +2790,15 @@ endpoint_url = %[1]s
},
},
"base envvar overrides base config_file": {
"base config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_ENDPOINT_URL",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
aws_secret_access_key = DefaultSharedCredentialsSecretKey
endpoint_url = %[2]s
endpoint_url = %[1]s
`,
ExpectedCredentials: aws.Credentials{
AccessKeyID: "DefaultSharedCredentialsAccessKey",
@ -2646,11 +2807,11 @@ endpoint_url = %[2]s
},
},
"service envvar overrides base config_file": {
"base envvar overrides base config_file": {
Config: map[string]any{
"profile": "default",
},
SetEnv: "AWS_ENDPOINT_URL_STS",
SetEnv: "AWS_ENDPOINT_URL",
ConfigFile: `
[default]
aws_access_key_id = DefaultSharedCredentialsAccessKey
@ -2693,6 +2854,9 @@ endpoint_url = %[2]s
"sts": stsEndpoint,
}
}
if testcase.SetServiceEndpointLegacy == setValid {
testcase.Config["sts_endpoint"] = stsEndpoint
}
if testcase.SetEnv != "" {
t.Setenv(testcase.SetEnv, stsEndpoint)
}

Write Preview
Loading…
Cancel
Save