[DM] Cloud DNS - Fix/162 (#165)

* [DM] CloudDNS - Backwards compatibility and bugfixes (#192) Added Backward Compatibility with the old property zoneName. Added Backward Compatibility Integration Test. Fixed Identation of integration tests and added project parameter for gcloud calls. Adjusted schema paterns. Added description for all the tests. Updated README * Fixes #162: [DM] IAM_member folder and org support #162 #151 Added support for folders and organizations: gcp-types/cloudresourcemanager-v1:virtual.projects.iamMemberBinding gcp-types/cloudresourcemanager-v2:virtual.folders.iamMemberBinding gcp-types/cloudresourcemanager-v1:virtual.organizations.iamMemberBinding Updated tests to be non-interactive + added tests for folders Fixed removal of mid-list members
GoogleCloudPlatform · Jul 11, 2019 · 10a3232 · 10a3232
1 parent 7226ace
commit 10a3232
Show file tree

Hide file tree

Showing 4 changed files with 59 additions and 3 deletions.
diff --git a/dm/templates/dns_managed_zone/dns_managed_zone.py.schema b/dm/templates/dns_managed_zone/dns_managed_zone.py.schema
@@ -41,6 +41,14 @@ oneOf:
 additionalProperties: false
 
 properties:
+  zoneName:
+    type: string
+    pattern: ^[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?$
+    description: |
+      Old resource name to support backward compatablility.
+      Value is rescricted by API pattern for `resource.name`
+      The name must be 1-63 characters long, must begin with a letter, end
+      with a letter or digit, and only contain lowercase letters, digits or dashes.
   project:
     type: string
     description: |

diff --git a/dm/templates/iam_member/iam_member.py.schema b/dm/templates/iam_member/iam_member.py.schema
@@ -38,6 +38,21 @@ additionalProperties: false
 required:
   - roles
 
+oneOf:
+  - required:
+      - folderId
+  - required:
+      - organizationId
+  - required:
+      - projectId
+  - allOf:
+      - not:
+          required:
+            - folderId
+      - not:
+          required:
+            - organizationId
+
 properties:
   folderId:
     type: string

diff --git a/dm/templates/iam_member/tests/integration/iam_member.bats b/dm/templates/iam_member/tests/integration/iam_member.bats
@@ -50,7 +50,7 @@ function teardown() {
     # Global teardown; this is executed once per test file.
     if [[ "$BATS_TEST_NUMBER" -eq "${#BATS_TEST_NAMES[@]}" ]]; then
         gcloud iam service-accounts delete "${TEST_SERVICE_ACCOUNT}@${CLOUD_FOUNDATION_PROJECT_ID}.iam.gserviceaccount.com" \
-            --project "${CLOUD_FOUNDATION_PROJECT_ID}"
+            --quiet --project "${CLOUD_FOUNDATION_PROJECT_ID}"
         delete_config
         rm -f "${RANDOM_FILE}"
     fi
@@ -65,7 +65,7 @@ function teardown() {
         --project "${CLOUD_FOUNDATION_PROJECT_ID}"
 }
 
-@test "Verifying that roles were assigned in deployment ${DEPLOYMENT_NAME}" {
+@test "Verifying that roles were assigned to project in deployment ${DEPLOYMENT_NAME}" {
     run gcloud projects get-iam-policy "${CLOUD_FOUNDATION_PROJECT_ID}" \
         --flatten="bindings[].members" \
         --format='table(bindings.role)' \
@@ -74,6 +74,21 @@ function teardown() {
     [[ "$output" =~ "roles/viewer" ]]
 }
 
+@test "Verifying that roles were assigned to folder in deployment ${DEPLOYMENT_NAME}" {
+    # Get the test folder ID and make it available.
+    TEST_ORG_FOLDER_NAME=$(gcloud alpha resource-manager folders list \
+        --project "${CLOUD_FOUNDATION_PROJECT_ID}" \
+        --organization "${CLOUD_FOUNDATION_ORGANIZATION_ID}" | \
+        grep "org-folder-${RAND}" | awk '{print $3}')
+    run gcloud alpha resource-manager folders get-iam-policy "folders/${TEST_ORG_FOLDER_NAME}"  \
+        --flatten="bindings[].members" \
+        --format='table(bindings.role)' \
+        --filter="bindings.members:${TEST_SERVICE_ACCOUNT}@${CLOUD_FOUNDATION_PROJECT_ID}.iam.gserviceaccount.com"
+
+    [[ "$output" =~ "roles/editor" ]]
+    [[ "$output" =~ "roles/viewer" ]]
+}
+
 @test "Deleting deployment" {
     gcloud deployment-manager deployments delete "${DEPLOYMENT_NAME}" \
         --project "${CLOUD_FOUNDATION_PROJECT_ID}" -q

diff --git a/dm/templates/iam_member/tests/integration/iam_member.yaml b/dm/templates/iam_member/tests/integration/iam_member.yaml
@@ -10,7 +10,7 @@ imports:
     name: iam_member.py
 
 resources:
-  - name: iam-member-test-${RAND}
+  - name: iam-member-test-project-${RAND}
     type: iam_member.py
     properties:
       roles:
@@ -20,3 +20,21 @@ resources:
         - role: roles/viewer
           members:
             - serviceAccount:${TEST_SERVICE_ACCOUNT}@${CLOUD_FOUNDATION_PROJECT_ID}.iam.gserviceaccount.com
+  - name: iam-member-test-folder-${RAND}
+    type: iam_member.py
+    properties:
+      folderId: $(ref.test-folder-${RAND}.name)
+      roles:
+        - role: roles/editor
+          members:
+            - serviceAccount:${TEST_SERVICE_ACCOUNT}@${CLOUD_FOUNDATION_PROJECT_ID}.iam.gserviceaccount.com
+        - role: roles/viewer
+          members:
+            - serviceAccount:${TEST_SERVICE_ACCOUNT}@${CLOUD_FOUNDATION_PROJECT_ID}.iam.gserviceaccount.com
+
+  - name: test-folder-${RAND}
+    type: gcp-types/cloudresourcemanager-v2:folders
+    properties:
+      name: org-folder-${RAND}
+      parent: organizations/${CLOUD_FOUNDATION_ORGANIZATION_ID}
+      displayName: org-folder-${RAND}