diff --git a/.ci/acceptance-tests/inspec-integration.sh b/.ci/acceptance-tests/inspec-integration.sh index 908cc4944250..740d024e907a 100755 --- a/.ci/acceptance-tests/inspec-integration.sh +++ b/.ci/acceptance-tests/inspec-integration.sh @@ -19,8 +19,6 @@ set +x echo "${TERRAFORM_KEY}" > /tmp/google-account.json set -x -gcloud auth activate-service-account terraform@graphite-test-sam-chef.iam.gserviceaccount.com --key-file=$GOOGLE_CLOUD_KEYFILE_JSON - pushd magic-modules-new-prs # Compile inspec because we are running off of new-prs @@ -60,8 +58,6 @@ do rm -r inspec-cassettes if inspec exec verify-mm --attrs=attributes/attributes.yaml -t gcp:// --no-distinct-exit; then - # Upload cassettes to storage bucket for unit test use - gsutil cp inspec-cassettes/* gs://magic-modules-inspec-bucket/inspec-cassettes exit 0 fi done diff --git a/.ci/ci.yml.tmpl b/.ci/ci.yml.tmpl index b078b9226b10..e5ef1eedd1da 100644 --- a/.ci/ci.yml.tmpl +++ b/.ci/ci.yml.tmpl @@ -261,31 +261,6 @@ jobs: get_params: skip_clone: true - - name: inspec-test - plan: - - get: magic-modules - version: every - trigger: true - params: - submodules: [build/inspec] - passed: [mm-generate] - - task: test - file: magic-modules/.ci/unit-tests/inspec.yml - params: - TERRAFORM_KEY: ((terraform-key)) - timeout: 30m - on_failure: - do: - - get: magic-modules-new-prs - passed: [mm-generate] - - put: magic-modules-new-prs - params: - status: failure - context: inspec-tests - path: magic-modules-new-prs - get_params: - skip_clone: true - - name: create-prs plan: - get: magic-modules @@ -297,7 +272,6 @@ jobs: - mm-generate - terraform-test - ansible-test - - inspec-test - get: mm-initial-pr attempts: 2 resource: magic-modules-new-prs diff --git a/.ci/containers/inspec/Gemfile b/.ci/containers/inspec/Gemfile index 105fcb740886..4d3e4c764e49 100644 --- a/.ci/containers/inspec/Gemfile +++ b/.ci/containers/inspec/Gemfile @@ -11,5 +11,4 @@ gem 'github_changelog_generator' gem 'passgen' gem 'pry-coolline' gem 'rake' -gem 'vcr' gem 'webmock' diff --git a/.ci/unit-tests/inspec.sh b/.ci/unit-tests/inspec.sh index 57db41369061..a3aa9e5f7f58 100755 --- a/.ci/unit-tests/inspec.sh +++ b/.ci/unit-tests/inspec.sh @@ -3,61 +3,4 @@ set -e set -x -# Service account credentials for GCP to pull VCR cassettes -export GOOGLE_CLOUD_KEYFILE_JSON="/tmp/google-account.json" - -# CI sets the contents of our json account secret in our environment; dump it -# to disk for use in tests. -set +x -echo "${TERRAFORM_KEY}" > /tmp/google-account.json -set -x - -export CLOUD_SDK_REPO="cloud-sdk-stretch" -echo "deb http://packages.cloud.google.com/apt $CLOUD_SDK_REPO main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list -curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - -apt-get update && apt-get install google-cloud-sdk -y - -gcloud auth activate-service-account terraform@graphite-test-sam-chef.iam.gserviceaccount.com --key-file=$GOOGLE_CLOUD_KEYFILE_JSON - -pushd "magic-modules/build/inspec/test/integration" - -# Generate a rsa private key to use in mocks -# Due to using gauth library InSpec + train expect to load a service account file from an env variable -# This service account file must contain a real RSA key, but this key is never used in unit tests. -rsatmp=$(mktemp /tmp/rsatmp.XXXXXX) -yes y | ssh-keygen -f "${rsatmp}" -t rsa -N '' - - -echo '{ - "type": "service_account", - "project_id": "fake", - "private_key_id": "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - "private_key": "<%= @fake_private_key %>", - "client_email": "fake@fake.iam.gserviceaccount.com", - "client_id": "123451234512345123451", - "auth_uri": "https://accounts.google.com/o/oauth2/auth", - "token_uri": "https://oauth2.googleapis.com/token", - "auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs", - "client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/fake%40fake.iam.gserviceaccount.com" -}' > inspec.json.erb - -# Formatting a rsa key file for use is surprisingly difficult -echo -n "@fake_private_key = '$(echo -n "$(cat ${rsatmp})")'.gsub(\"\n\", '\n')" > var.rb -rm ${rsatmp} -erb -r './var' inspec.json.erb > inspec.json - -export GOOGLE_APPLICATION_CREDENTIALS=${PWD}/inspec.json - -bundle install -# TODO change this to use a github repo -gsutil cp -r gs://magic-modules-inspec-bucket/inspec-cassettes . - -function cleanup { - rm -rf inspec-cassettes - rm inspec.json - rm inspec.json.erb - rm var.rb -} -trap cleanup EXIT - -inspec exec verify-mm --attrs=attributes/attributes.yaml -t gcp:// --no-distinct-exit +echo "TODO(slevenick): re add VCR testing" \ No newline at end of file diff --git a/build/inspec b/build/inspec index b4208eb3cd75..10fa4f24d675 160000 --- a/build/inspec +++ b/build/inspec @@ -1 +1 @@ -Subproject commit b4208eb3cd75111f96e16ccb2ed96e759737cc25 +Subproject commit 10fa4f24d675b458880674176d15edce48fc4d64 diff --git a/provider/inspec/Gemfile b/provider/inspec/Gemfile index 6cd3fe88168f..df28b6c9daad 100644 --- a/provider/inspec/Gemfile +++ b/provider/inspec/Gemfile @@ -13,6 +13,5 @@ group :development do gem 'passgen' gem 'pry-coolline' gem 'rake' - gem 'vcr' gem 'webmock' end diff --git a/templates/inspec/integration_test_template.erb b/templates/inspec/integration_test_template.erb index eb1436af804c..37e9dd7c8887 100644 --- a/templates/inspec/integration_test_template.erb +++ b/templates/inspec/integration_test_template.erb @@ -1,7 +1,5 @@ <%= lines(autogen_notice :ruby) -%> -require_relative '../vcr_config' - title 'Test GCP <%= name -%> resource.' <%= compile("templates/inspec/examples/attributes/#{name}.erb") -%> @@ -10,7 +8,5 @@ control '<%= name -%>-1.0' do impact 1.0 title '<%= name -%> resource test' - VCR.use_cassette('<%= name -%>') do -<%= indent(compile("templates/inspec/examples/#{name}.erb"), 4) %> - end +<%= indent(compile("templates/inspec/examples/#{name}.erb"), 2) %> end \ No newline at end of file diff --git a/templates/inspec/tests/integration/verify-mm/vcr_config.rb b/templates/inspec/tests/integration/verify-mm/vcr_config.rb deleted file mode 100644 index 4c8921ce69cb..000000000000 --- a/templates/inspec/tests/integration/verify-mm/vcr_config.rb +++ /dev/null @@ -1,34 +0,0 @@ -# Copyright 2017 Google Inc. -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -require 'vcr' - -VCR.configure do |c| - c.hook_into :webmock - c.cassette_library_dir = 'inspec-cassettes' - c.allow_http_connections_when_no_cassette = true - - c.before_record do |i| - i.response.headers.delete_if { |key| key != 'Content-Type' } - i.request.headers.delete_if { |key| true } - if auth_call?(i) - i.request.body = 'AUTH REQUEST' - i.response.body = "{\n \"access_token\": \"ya29.c.samsamsamsamsamsamsamsamsa-thisisnintysixcharactersoftexttolooklikeanauthtokenthisisnintysixcharactersoftexttolooklikeanaut\",\n \"expires_in\": 3600,\n \"token_type\": \"Bearer\"\n}" - end - end -end - -def auth_call?(interaction) - # Auth calls require extra scrubbing, this method is very broad, this is intentional - interaction.request.uri.include? 'oauth2' -end \ No newline at end of file