From 2dec896173fb26aa06b2d11c0a0fdfbba8024479 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Wed, 26 Jan 2022 15:49:41 -0500 Subject: [PATCH 01/10] Add support for configuring a DB secret's plugin_name --- ...urce_database_secret_backend_connection.go | 212 ++++++++++-------- ...database_secret_backend_connection_test.go | 172 +++++++++++++- 2 files changed, 285 insertions(+), 99 deletions(-) diff --git a/vault/resource_database_secret_backend_connection.go b/vault/resource_database_secret_backend_connection.go index 5a54e69bf..b14f3d434 100644 --- a/vault/resource_database_secret_backend_connection.go +++ b/vault/resource_database_secret_backend_connection.go @@ -44,26 +44,49 @@ const ( var ( databaseSecretBackendConnectionBackendFromPathRegex = regexp.MustCompile("^(.+)/config/.+$") databaseSecretBackendConnectionNameFromPathRegex = regexp.MustCompile("^.+/config/(.+$)") - dbBackendTypes = []string{ - dbBackendCassandra, - dbBackendCouchbase, - dbBackendElasticSearch, - dbBackendHana, - dbBackendInfluxDB, - dbBackendMSSQL, - dbBackendMongoDB, - dbBackendMongoDBAtlas, - dbBackendMySQL, - dbBackendMySQLAurora, - dbBackendMySQLLegacy, - dbBackendMySQLRDS, - dbBackendPostgres, - dbBackendOracle, - dbBackendSnowflake, - dbBackendRedshift, - } + + // map all dbBackends to their corresponding dbEngineInfo's + // XXX: This map must be updated whenever a new database engine is added. + dbEngines = map[string]*dbEngineInfo{ + dbBackendCassandra: {name: dbBackendCassandra}, + dbBackendCouchbase: {name: dbBackendCouchbase}, + dbBackendElasticSearch: {name: dbBackendElasticSearch}, + dbBackendHana: {name: dbBackendHana}, + dbBackendInfluxDB: {name: dbBackendInfluxDB}, + dbBackendMSSQL: {name: dbBackendMSSQL}, + dbBackendMongoDB: {name: dbBackendMongoDB}, + dbBackendMongoDBAtlas: {name: dbBackendMongoDBAtlas}, + dbBackendMySQL: {name: dbBackendMySQL}, + dbBackendMySQLAurora: {name: dbBackendMySQLAurora}, + dbBackendMySQLLegacy: {name: dbBackendMySQLLegacy}, + dbBackendMySQLRDS: {name: dbBackendMySQLRDS}, + dbBackendPostgres: {name: dbBackendPostgres}, + dbBackendOracle: {name: dbBackendOracle}, + dbBackendSnowflake: {name: dbBackendSnowflake}, + dbBackendRedshift: {name: dbBackendRedshift}, + } + // dbEngines key values, initialized in init() + dbBackendTypes []string ) +func init() { + for k := range dbEngines { + dbBackendTypes = append(dbBackendTypes, k) + } +} + +type dbEngineInfo struct { + name string +} + +func (i *dbEngineInfo) getPluginName(d *schema.ResourceData) string { + if val, ok := d.GetOk("plugin_name"); ok { + return val.(string) + } + + return fmt.Sprintf("%s-database-plugin", strings.Replace(i.name, "_", "-", -1)) +} + func databaseSecretBackendConnectionResource() *schema.Resource { return &schema.Resource{ Create: databaseSecretBackendConnectionCreate, @@ -82,6 +105,12 @@ func databaseSecretBackendConnectionResource() *schema.Resource { Description: "Name of the database connection.", ForceNew: true, }, + "plugin_name": { + Type: schema.TypeString, + Optional: true, + Computed: true, + Description: "Specifies the name of the plugin to use for this connection.", + }, "verify_connection": { Type: schema.TypeBool, Optional: true, @@ -561,56 +590,28 @@ func mssqlConnectionStringResource() *schema.Resource { return r } -func getDatabasePluginName(d *schema.ResourceData) (string, error) { - switch { - case len(d.Get(dbBackendCassandra).([]interface{})) > 0: - return "cassandra-database-plugin", nil - case len(d.Get(dbBackendCouchbase).([]interface{})) > 0: - return "couchbase-database-plugin", nil - case len(d.Get(dbBackendInfluxDB).([]interface{})) > 0: - return "influxdb-database-plugin", nil - case len(d.Get(dbBackendHana).([]interface{})) > 0: - return "hana-database-plugin", nil - case len(d.Get(dbBackendMongoDBAtlas).([]interface{})) > 0: - return "mongodbatlas-database-plugin", nil - case len(d.Get(dbBackendMongoDB).([]interface{})) > 0: - return "mongodb-database-plugin", nil - case len(d.Get(dbBackendMSSQL).([]interface{})) > 0: - return "mssql-database-plugin", nil - case len(d.Get(dbBackendMySQL).([]interface{})) > 0: - return "mysql-database-plugin", nil - case len(d.Get(dbBackendMySQLRDS).([]interface{})) > 0: - return "mysql-rds-database-plugin", nil - case len(d.Get(dbBackendMySQLAurora).([]interface{})) > 0: - return "mysql-aurora-database-plugin", nil - case len(d.Get(dbBackendMySQLLegacy).([]interface{})) > 0: - return "mysql-legacy-database-plugin", nil - case len(d.Get(dbBackendOracle).([]interface{})) > 0: - return "oracle-database-plugin", nil - case len(d.Get(dbBackendPostgres).([]interface{})) > 0: - return "postgresql-database-plugin", nil - case len(d.Get(dbBackendElasticSearch).([]interface{})) > 0: - return "elasticsearch-database-plugin", nil - case len(d.Get(dbBackendSnowflake).([]interface{})) > 0: - return "snowflake-database-plugin", nil - case len(d.Get(dbBackendRedshift).([]interface{})) > 0: - return "redshift-database-plugin", nil - default: - return "", fmt.Errorf("at least one database plugin must be configured") +func getDBEngineInfo(d *schema.ResourceData) (*dbEngineInfo, error) { + for k, v := range dbEngines { + if i, ok := d.GetOk(k); ok && len(i.([]interface{})) > 0 { + return v, nil + } } + + return nil, fmt.Errorf("no supported database engines configured") } func getDatabaseAPIData(d *schema.ResourceData) (map[string]interface{}, error) { - plugin, err := getDatabasePluginName(d) + dbInfo, err := getDBEngineInfo(d) if err != nil { return nil, err } + data := map[string]interface{}{ - "plugin_name": plugin, + "plugin_name": dbInfo.getPluginName(d), } - switch plugin { - case "cassandra-database-plugin": + switch dbInfo.name { + case dbBackendCassandra: if v, ok := d.GetOk("cassandra.0.hosts"); ok { log.Printf("[DEBUG] Cassandra hosts: %v", v.([]interface{})) var hosts []string @@ -649,15 +650,15 @@ func getDatabaseAPIData(d *schema.ResourceData) (map[string]interface{}, error) if v, ok := d.GetOkExists("cassandra.0.connect_timeout"); ok { data["connect_timeout"] = v.(int) } - case "couchbase-database-plugin": + case dbBackendCouchbase: setCouchbaseDatabaseConnectionData(d, "couchbase.0.", data) - case "influxdb-database-plugin": + case dbBackendInfluxDB: setInfluxDBDatabaseConnectionData(d, "influxdb.0.", data) - case "hana-database-plugin": + case dbBackendHana: setDatabaseConnectionData(d, "hana.0.", data) - case "mongodb-database-plugin": + case dbBackendMongoDB: setDatabaseConnectionData(d, "mongodb.0.", data) - case "mongodbatlas-database-plugin": + case dbBackendMongoDBAtlas: if v, ok := d.GetOk("mongodbatlas.0.public_key"); ok { data["public_key"] = v.(string) } @@ -667,25 +668,25 @@ func getDatabaseAPIData(d *schema.ResourceData) (map[string]interface{}, error) if v, ok := d.GetOk("mongodbatlas.0.project_id"); ok { data["project_id"] = v.(string) } - case "mssql-database-plugin": + case dbBackendMSSQL: setMSSQLDatabaseConnectionData(d, "mssql.0.", data) - case "mysql-database-plugin": + case dbBackendMySQL: setMySQLDatabaseConnectionData(d, "mysql.0.", data) - case "mysql-rds-database-plugin": + case dbBackendMySQLRDS: setDatabaseConnectionData(d, "mysql_rds.0.", data) - case "mysql-aurora-database-plugin": + case dbBackendMySQLAurora: setDatabaseConnectionData(d, "mysql_aurora.0.", data) - case "mysql-legacy-database-plugin": + case dbBackendMySQLLegacy: setDatabaseConnectionData(d, "mysql_legacy.0.", data) - case "oracle-database-plugin": + case dbBackendOracle: setDatabaseConnectionData(d, "oracle.0.", data) - case "postgresql-database-plugin": + case dbBackendPostgres: setDatabaseConnectionData(d, "postgresql.0.", data) - case "elasticsearch-database-plugin": + case dbBackendElasticSearch: setElasticsearchDatabaseConnectionData(d, "elasticsearch.0.", data) - case "snowflake-database-plugin": + case dbBackendSnowflake: setDatabaseConnectionDataWithUserPass(d, "snowflake.0.", data) - case "redshift-database-plugin": + case dbBackendRedshift: setDatabaseConnectionDataWithUserPass(d, "redshift.0.", data) } @@ -1119,6 +1120,11 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ path := d.Id() + dbInfo, err := getDBEngineInfo(d) + if err != nil { + return err + } + backend, err := databaseSecretBackendConnectionBackendFromPath(path) if err != nil { return fmt.Errorf("invalid path %q for database connection: %s", path, err) @@ -1141,8 +1147,8 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ return nil } - switch resp.Data["plugin_name"].(string) { - case "cassandra-database-plugin": + switch dbInfo.name { + case dbBackendCassandra: details := resp.Data["connection_details"] data, ok := details.(map[string]interface{}) if ok { @@ -1199,15 +1205,15 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ } d.Set("cassandra", []map[string]interface{}{result}) } - case "couchbase-database-plugin": + case dbBackendCouchbase: d.Set("couchbase", getCouchbaseConnectionDetailsFromResponse(d, "couchbase.0.", resp)) - case "influxdb-database-plugin": + case dbBackendInfluxDB: d.Set("influxdb", getInfluxDBConnectionDetailsFromResponse(d, "influxdb.0.", resp)) - case "hana-database-plugin": + case dbBackendHana: d.Set("hana", getConnectionDetailsFromResponse(d, "hana.0.", resp)) - case "mongodb-database-plugin": + case dbBackendMongoDB: d.Set("mongodb", getConnectionDetailsFromResponse(d, "mongodb.0.", resp)) - case "mongodbatlas-database-plugin": + case dbBackendMongoDBAtlas: details := resp.Data["connection_details"] data, ok := details.(map[string]interface{}) if ok { @@ -1224,27 +1230,27 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ } d.Set("mongodbatlas", []map[string]interface{}{result}) } - case "mssql-database-plugin": + case dbBackendMSSQL: var values []map[string]interface{} if values, err = getMSSQLConnectionDetailsFromResponse(d, "mssql.0.", resp); err == nil { // err is returned outside of the switch case d.Set("mssql", values) } - case "mysql-database-plugin": + case dbBackendMySQL: d.Set("mysql", getMySQLConnectionDetailsFromResponse(d, "mysql.0.", resp)) - case "mysql-rds-database-plugin": + case dbBackendMySQLRDS: d.Set("mysql_rds", getConnectionDetailsFromResponse(d, "mysql_rds.0.", resp)) - case "mysql-aurora-database-plugin": + case dbBackendMySQLAurora: d.Set("mysql_aurora", getConnectionDetailsFromResponse(d, "mysql_aurora.0.", resp)) - case "mysql-legacy-database-plugin": + case dbBackendMySQLLegacy: d.Set("mysql_legacy", getConnectionDetailsFromResponse(d, "mysql_legacy.0.", resp)) - case "oracle-database-plugin": + case dbBackendOracle: d.Set("oracle", getConnectionDetailsFromResponse(d, "oracle.0.", resp)) - case "postgresql-database-plugin": + case dbBackendPostgres: d.Set("postgresql", getConnectionDetailsFromResponse(d, "postgresql.0.", resp)) - case "elasticsearch-database-plugin": + case dbBackendElasticSearch: d.Set("elasticsearch", getElasticsearchConnectionDetailsFromResponse(d, "elasticsearch.0.", resp)) - case "snowflake-database-plugin": + case dbBackendSnowflake: d.Set("snowflake", getSnowflakeConnectionDetailsFromResponse(d, "snowflake.0.", resp)) } @@ -1257,12 +1263,30 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ roles = append(roles, role.(string)) } - d.Set("allowed_roles", roles) - d.Set("backend", backend) - d.Set("name", name) - d.Set("root_rotation_statements", resp.Data["root_credentials_rotate_statements"]) + if err := d.Set("allowed_roles", roles); err != nil { + return err + } + + if err := d.Set("backend", backend); err != nil { + return err + } + + if err := d.Set("name", name); err != nil { + return err + } + + if err := d.Set("root_rotation_statements", resp.Data["root_credentials_rotate_statements"]); err != nil { + return err + } + if v, ok := resp.Data["verify_connection"]; ok { - d.Set("verify_connection", v.(bool)) + if err := d.Set("verify_connection", v.(bool)); err != nil { + return err + } + } + + if err := d.Set("plugin_name", resp.Data["plugin_name"]); err != nil { + return err } return nil diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index 37bb7c658..c2440f2e5 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -2,15 +2,18 @@ package vault import ( "database/sql" + "errors" "fmt" "log" "os" + "reflect" "strings" "testing" _ "github.com/denisenkom/go-mssqldb" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" "github.com/hashicorp/vault/api" mssqlhelper "github.com/hashicorp/vault/helper/testhelpers/mssql" @@ -19,6 +22,10 @@ import ( "github.com/hashicorp/terraform-provider-vault/testutil" ) +// TODO: add support for automating tests for plugin_name +// Currently we have to configure the Vault server with a plugin_directory, +// copy/build a db plugin and install it with a unique name, then register it in vault. + func TestAccDatabaseSecretBackendConnection_import(t *testing.T) { MaybeSkipDBTests(t, dbBackendPostgres) @@ -317,15 +324,20 @@ func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { backend := acctest.RandomWithPrefix("tf-test-db") name := acctest.RandomWithPrefix("db") + + // should match dbEngineInfo.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMSSQL) + resource.Test(t, resource.TestCase{ Providers: testProviders, PreCheck: func() { testutil.TestAccPreCheck(t) }, CheckDestroy: testAccDatabaseSecretBackendConnectionCheckDestroy, Steps: []resource.TestStep{ { - Config: testAccDatabaseSecretBackendConnectionConfig_mssql(name, backend, connURL, false), + Config: testAccDatabaseSecretBackendConnectionConfig_mssql(name, backend, connURL, pluginName, false), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), + resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "plugin_name", pluginName), resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), @@ -341,9 +353,10 @@ func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { ), }, { - Config: testAccDatabaseSecretBackendConnectionConfig_mssql(name, backend, connURL, true), + Config: testAccDatabaseSecretBackendConnectionConfig_mssql(name, backend, connURL, pluginName, true), Check: resource.ComposeTestCheckFunc( resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), + resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "plugin_name", pluginName), resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), @@ -941,7 +954,7 @@ resource "vault_database_secret_backend_connection" "test" { `, path, name, connURL) } -func testAccDatabaseSecretBackendConnectionConfig_mssql(name, path, connURL string, containedDB bool) string { +func testAccDatabaseSecretBackendConnectionConfig_mssql(name, path, connURL, pluginName string, containedDB bool) string { var config string if containedDB { config = ` @@ -956,7 +969,7 @@ func testAccDatabaseSecretBackendConnectionConfig_mssql(name, path, connURL stri }` } - return fmt.Sprintf(` + result := fmt.Sprintf(` resource "vault_mount" "db" { path = "%s" type = "database" @@ -964,12 +977,14 @@ resource "vault_mount" "db" { resource "vault_database_secret_backend_connection" "test" { backend = vault_mount.db.path + plugin_name = "%s" name = "%s" allowed_roles = ["dev", "prod"] root_rotation_statements = ["FOOBAR"] %s } -`, path, name, fmt.Sprintf(config, connURL)) +`, path, pluginName, name, fmt.Sprintf(config, connURL)) + return result } func testAccDatabaseSecretBackendConnectionConfig_mysql(name, path, connURL, password string) string { @@ -1247,3 +1262,150 @@ func MaybeSkipDBTests(t *testing.T, engine string) { } testutil.SkipTestEnvSet(t, envVars...) } + +func Test_dbEngineInfo_getPluginName(t *testing.T) { + type fields struct { + name string + } + type args struct { + d *schema.ResourceData + } + tests := []struct { + name string + fields fields + args args + want string + }{ + { + name: "default", + fields: fields{ + name: "foo", + }, + args: args{ + schema.TestResourceDataRaw( + t, + map[string]*schema.Schema{ + "plugin_name": { + Type: schema.TypeString, + Required: false, + }, + }, + map[string]interface{}{}), + }, + want: "foo-database-plugin", + }, + { + name: "set", + fields: fields{ + name: "foo", + }, + args: args{ + schema.TestResourceDataRaw( + t, + map[string]*schema.Schema{ + "plugin_name": { + Type: schema.TypeString, + Required: false, + }, + }, + map[string]interface{}{ + "plugin_name": "baz-qux", + }), + }, + want: "baz-qux", + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + i := &dbEngineInfo{ + name: tt.fields.name, + } + if got := i.getPluginName(tt.args.d); got != tt.want { + t.Errorf("getPluginName() expected %v, actual %v", tt.want, got) + } + }) + } +} + +func Test_getDBEngineInfo(t *testing.T) { + type args struct { + d *schema.ResourceData + } + tests := []struct { + name string + args args + want *dbEngineInfo + wantErr bool + expectedErr error + }{ + { + name: "basic", + args: args{ + schema.TestResourceDataRaw( + t, + map[string]*schema.Schema{ + "mssql": { + Type: schema.TypeList, + Optional: true, + Description: "Connection parameters for the mssql-database-plugin plugin.", + Elem: mssqlConnectionStringResource(), + MaxItems: 1, + }, + }, + map[string]interface{}{ + "mssql": []interface{}{ + map[string]interface{}{ + "connection_url": "foo", + }, + }, + }), + }, + want: &dbEngineInfo{ + name: dbBackendMSSQL, + }, + wantErr: false, + }, + { + name: "not-found", + args: args{ + schema.TestResourceDataRaw( + t, + map[string]*schema.Schema{ + "unknown": { + Type: schema.TypeList, + Optional: true, + Description: "Connection parameters for the mssql-database-plugin plugin.", + Elem: mssqlConnectionStringResource(), + MaxItems: 1, + }, + }, + map[string]interface{}{ + "mssql": []interface{}{ + map[string]interface{}{ + "connection_url": "foo", + }, + }, + }), + }, + wantErr: true, + expectedErr: errors.New("no supported database engines configured"), + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got, err := getDBEngineInfo(tt.args.d) + if (err != nil) != tt.wantErr { + t.Errorf("getDBEngineInfo() error = %v, wantErr %v", err, tt.wantErr) + } + + if tt.wantErr && tt.expectedErr != nil { + if !reflect.DeepEqual(err, tt.expectedErr) { + t.Fatalf("getDBEngineInfo() expected err %v, actual %v", tt.expectedErr, err) + } + } + if !reflect.DeepEqual(got, tt.want) { + t.Errorf("getDBEngineInfo() expected %v, actual %v", tt.want, got) + } + }) + } +} From 4ffeab5ac101203bf94bd823cd1c751ec0312ed9 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Wed, 26 Jan 2022 15:56:15 -0500 Subject: [PATCH 02/10] Minor whitespace update --- vault/resource_database_secret_backend_connection_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index c2440f2e5..090ea54b4 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -984,6 +984,7 @@ resource "vault_database_secret_backend_connection" "test" { %s } `, path, pluginName, name, fmt.Sprintf(config, connURL)) + return result } From b5861dbbe263c7507a37c16171b728d6e0ad3ce7 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Wed, 26 Jan 2022 16:46:08 -0500 Subject: [PATCH 03/10] Rename dbEngineInfo to dbEngine --- ...urce_database_secret_backend_connection.go | 20 +++++++++---------- ...database_secret_backend_connection_test.go | 20 +++++++++---------- 2 files changed, 20 insertions(+), 20 deletions(-) diff --git a/vault/resource_database_secret_backend_connection.go b/vault/resource_database_secret_backend_connection.go index b14f3d434..83de2c264 100644 --- a/vault/resource_database_secret_backend_connection.go +++ b/vault/resource_database_secret_backend_connection.go @@ -45,9 +45,9 @@ var ( databaseSecretBackendConnectionBackendFromPathRegex = regexp.MustCompile("^(.+)/config/.+$") databaseSecretBackendConnectionNameFromPathRegex = regexp.MustCompile("^.+/config/(.+$)") - // map all dbBackends to their corresponding dbEngineInfo's + // map all dbBackends to their corresponding dbEngine's // XXX: This map must be updated whenever a new database engine is added. - dbEngines = map[string]*dbEngineInfo{ + dbEngines = map[string]*dbEngine{ dbBackendCassandra: {name: dbBackendCassandra}, dbBackendCouchbase: {name: dbBackendCouchbase}, dbBackendElasticSearch: {name: dbBackendElasticSearch}, @@ -75,11 +75,11 @@ func init() { } } -type dbEngineInfo struct { +type dbEngine struct { name string } -func (i *dbEngineInfo) getPluginName(d *schema.ResourceData) string { +func (i *dbEngine) getPluginName(d *schema.ResourceData) string { if val, ok := d.GetOk("plugin_name"); ok { return val.(string) } @@ -590,7 +590,7 @@ func mssqlConnectionStringResource() *schema.Resource { return r } -func getDBEngineInfo(d *schema.ResourceData) (*dbEngineInfo, error) { +func getDBEngine(d *schema.ResourceData) (*dbEngine, error) { for k, v := range dbEngines { if i, ok := d.GetOk(k); ok && len(i.([]interface{})) > 0 { return v, nil @@ -601,16 +601,16 @@ func getDBEngineInfo(d *schema.ResourceData) (*dbEngineInfo, error) { } func getDatabaseAPIData(d *schema.ResourceData) (map[string]interface{}, error) { - dbInfo, err := getDBEngineInfo(d) + db, err := getDBEngine(d) if err != nil { return nil, err } data := map[string]interface{}{ - "plugin_name": dbInfo.getPluginName(d), + "plugin_name": db.getPluginName(d), } - switch dbInfo.name { + switch db.name { case dbBackendCassandra: if v, ok := d.GetOk("cassandra.0.hosts"); ok { log.Printf("[DEBUG] Cassandra hosts: %v", v.([]interface{})) @@ -1120,7 +1120,7 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ path := d.Id() - dbInfo, err := getDBEngineInfo(d) + db, err := getDBEngine(d) if err != nil { return err } @@ -1147,7 +1147,7 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ return nil } - switch dbInfo.name { + switch db.name { case dbBackendCassandra: details := resp.Data["connection_details"] data, ok := details.(map[string]interface{}) diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index 090ea54b4..ba05ffec0 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -325,7 +325,7 @@ func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { backend := acctest.RandomWithPrefix("tf-test-db") name := acctest.RandomWithPrefix("db") - // should match dbEngineInfo.getPluginName()'s default return value + // should match dbEngine.getPluginName()'s default return value pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMSSQL) resource.Test(t, resource.TestCase{ @@ -1264,7 +1264,7 @@ func MaybeSkipDBTests(t *testing.T, engine string) { testutil.SkipTestEnvSet(t, envVars...) } -func Test_dbEngineInfo_getPluginName(t *testing.T) { +func Test_dbEngine_getPluginName(t *testing.T) { type fields struct { name string } @@ -1318,7 +1318,7 @@ func Test_dbEngineInfo_getPluginName(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - i := &dbEngineInfo{ + i := &dbEngine{ name: tt.fields.name, } if got := i.getPluginName(tt.args.d); got != tt.want { @@ -1328,14 +1328,14 @@ func Test_dbEngineInfo_getPluginName(t *testing.T) { } } -func Test_getDBEngineInfo(t *testing.T) { +func Test_getDBEngine(t *testing.T) { type args struct { d *schema.ResourceData } tests := []struct { name string args args - want *dbEngineInfo + want *dbEngine wantErr bool expectedErr error }{ @@ -1361,7 +1361,7 @@ func Test_getDBEngineInfo(t *testing.T) { }, }), }, - want: &dbEngineInfo{ + want: &dbEngine{ name: dbBackendMSSQL, }, wantErr: false, @@ -1394,18 +1394,18 @@ func Test_getDBEngineInfo(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := getDBEngineInfo(tt.args.d) + got, err := getDBEngine(tt.args.d) if (err != nil) != tt.wantErr { - t.Errorf("getDBEngineInfo() error = %v, wantErr %v", err, tt.wantErr) + t.Errorf("getDBEngine() error = %v, wantErr %v", err, tt.wantErr) } if tt.wantErr && tt.expectedErr != nil { if !reflect.DeepEqual(err, tt.expectedErr) { - t.Fatalf("getDBEngineInfo() expected err %v, actual %v", tt.expectedErr, err) + t.Fatalf("getDBEngine() expected err %v, actual %v", tt.expectedErr, err) } } if !reflect.DeepEqual(got, tt.want) { - t.Errorf("getDBEngineInfo() expected %v, actual %v", tt.want, got) + t.Errorf("getDBEngine() expected %v, actual %v", tt.want, got) } }) } From 10bb5fc9256f928f6304e617c1d5b8cf915d95a0 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Wed, 26 Jan 2022 16:50:49 -0500 Subject: [PATCH 04/10] Document plugin_name --- website/docs/r/database_secret_backend_connection.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/website/docs/r/database_secret_backend_connection.md b/website/docs/r/database_secret_backend_connection.md index 7cd3d4f46..97f2814d1 100644 --- a/website/docs/r/database_secret_backend_connection.md +++ b/website/docs/r/database_secret_backend_connection.md @@ -45,6 +45,8 @@ The following arguments are supported: * `backend` - (Required) The unique name of the Vault mount to configure. +* `plugin_name` - (Optional) Specifies the name of the plugin to use. + * `verify_connection` - (Optional) Whether the connection should be verified on initial configuration or not. From c26b4d4dfc5ef6bfbcdb9a781381383a884f58b8 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Wed, 26 Jan 2022 17:18:55 -0500 Subject: [PATCH 05/10] Test getPluginName() with name containing underscores --- ..._database_secret_backend_connection_test.go | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index ba05ffec0..553e56d03 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -1295,6 +1295,24 @@ func Test_dbEngine_getPluginName(t *testing.T) { }, want: "foo-database-plugin", }, + { + name: "default-underscored", + fields: fields{ + name: "foo_qux_baz", + }, + args: args{ + schema.TestResourceDataRaw( + t, + map[string]*schema.Schema{ + "plugin_name": { + Type: schema.TypeString, + Required: false, + }, + }, + map[string]interface{}{}), + }, + want: "foo-qux-baz-database-plugin", + }, { name: "set", fields: fields{ From 34cbaf6118d1ff264345d31b033633cce0b2c9e3 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Wed, 26 Jan 2022 21:21:36 -0500 Subject: [PATCH 06/10] Drop use of init() --- .../resource_database_secret_backend_connection.go | 13 +++++-------- ...ource_database_secret_backend_connection_test.go | 7 ++----- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/vault/resource_database_secret_backend_connection.go b/vault/resource_database_secret_backend_connection.go index 83de2c264..60dd1140e 100644 --- a/vault/resource_database_secret_backend_connection.go +++ b/vault/resource_database_secret_backend_connection.go @@ -65,16 +65,8 @@ var ( dbBackendSnowflake: {name: dbBackendSnowflake}, dbBackendRedshift: {name: dbBackendRedshift}, } - // dbEngines key values, initialized in init() - dbBackendTypes []string ) -func init() { - for k := range dbEngines { - dbBackendTypes = append(dbBackendTypes, k) - } -} - type dbEngine struct { name string } @@ -88,6 +80,11 @@ func (i *dbEngine) getPluginName(d *schema.ResourceData) string { } func databaseSecretBackendConnectionResource() *schema.Resource { + dbBackendTypes := []string{} + for k := range dbEngines { + dbBackendTypes = append(dbBackendTypes, k) + } + return &schema.Resource{ Create: databaseSecretBackendConnectionCreate, Read: databaseSecretBackendConnectionRead, diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index 553e56d03..b3a796b94 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -1255,11 +1255,8 @@ func MaybeSkipDBTests(t *testing.T, engine string) { testutil.SkipTestAcc(t) envVars := []string{"SKIP_DB_TESTS"} - for _, e := range dbBackendTypes { - if e == engine { - envVars = append(envVars, envVars[0]+"_"+strings.ToUpper(engine)) - break - } + if _, ok := dbEngines[engine]; ok { + envVars = append(envVars, envVars[0]+"_"+strings.ToUpper(engine)) } testutil.SkipTestEnvSet(t, envVars...) } From c304faa637b595c173277b37b2cdc02572b89287 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Thu, 27 Jan 2022 16:30:26 -0500 Subject: [PATCH 07/10] Factor out common TestFuncs - ensure that all fields common to each db engine are tested. --- ...database_secret_backend_connection_test.go | 570 +++++++++--------- 1 file changed, 284 insertions(+), 286 deletions(-) diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index b3a796b94..c2e5a8685 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -22,6 +22,8 @@ import ( "github.com/hashicorp/terraform-provider-vault/testutil" ) +const testDefaultDatabaseSecretBackendResource = "vault_database_secret_backend_connection.test" + // TODO: add support for automating tests for plugin_name // Currently we have to configure the Vault server with a plugin_directory, // copy/build a db plugin and install it with a unique name, then register it in vault. @@ -34,7 +36,10 @@ func TestAccDatabaseSecretBackendConnection_import(t *testing.T) { connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendPostgres) name := acctest.RandomWithPrefix("db") + userTempl := "{{.DisplayName}}" resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -43,24 +48,22 @@ func TestAccDatabaseSecretBackendConnection_import(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_postgresql(name, backend, connURL, userTempl), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.username_template", userTempl), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.username_template", userTempl), ), }, { - ResourceName: "vault_database_secret_backend_connection.test", + ResourceName: testDefaultDatabaseSecretBackendResource, ImportState: true, ImportStateVerify: true, ImportStateVerifyIgnore: []string{"verify_connection", "postgresql.0.connection_url"}, @@ -79,6 +82,7 @@ func TestAccDatabaseSecretBackendConnection_cassandra(t *testing.T) { username := os.Getenv("CASSANDRA_USERNAME") password := os.Getenv("CASSANDRA_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendCassandra) name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -87,26 +91,24 @@ func TestAccDatabaseSecretBackendConnection_cassandra(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_cassandra(name, backend, host, username, password), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.hosts.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.hosts.0", host), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.port", "9042"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.username", username), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.password", password), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.tls", "false"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.insecure_tls", "false"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.pem_bundle", ""), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.pem_json", ""), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.protocol_version", "4"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.connect_timeout", "5"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.hosts.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.hosts.0", host), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.port", "9042"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.username", username), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.password", password), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.tls", "false"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.insecure_tls", "false"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.pem_bundle", ""), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.pem_json", ""), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.protocol_version", "4"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.connect_timeout", "5"), ), }, }, @@ -123,6 +125,8 @@ func TestAccDatabaseSecretBackendConnection_cassandraProtocol(t *testing.T) { username := os.Getenv("CASSANDRA_USERNAME") password := os.Getenv("CASSANDRA_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendCassandra) name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -131,26 +135,24 @@ func TestAccDatabaseSecretBackendConnection_cassandraProtocol(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_cassandraProtocol(name, backend, host, username, password), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.hosts.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.hosts.0", host), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.port", "9042"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.username", username), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.password", password), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.tls", "false"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.insecure_tls", "false"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.pem_bundle", ""), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.pem_json", ""), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.protocol_version", "5"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "cassandra.0.connect_timeout", "5"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.hosts.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.hosts.0", host), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.port", "9042"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.username", username), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.password", password), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.tls", "false"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.insecure_tls", "false"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.pem_bundle", ""), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.pem_json", ""), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.protocol_version", "5"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "cassandra.0.connect_timeout", "5"), ), }, }, @@ -166,8 +168,10 @@ func TestAccDatabaseSecretBackendConnection_couchbase(t *testing.T) { username := values[2] password := values[3] backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendCouchbase) name := acctest.RandomWithPrefix("db") - resourceName := "vault_database_secret_backend_connection.test" + resourceName := testDefaultDatabaseSecretBackendResource resource.Test(t, resource.TestCase{ Providers: testProviders, PreCheck: func() { testutil.TestAccPreCheck(t) }, @@ -175,9 +179,7 @@ func TestAccDatabaseSecretBackendConnection_couchbase(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_couchbase(name, backend, host1, host2, username, password), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "name", name), - resource.TestCheckResourceAttr(resourceName, "backend", backend), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, resource.TestCheckResourceAttr(resourceName, "allowed_roles.#", "2"), resource.TestCheckResourceAttr(resourceName, "allowed_roles.0", "dev"), resource.TestCheckResourceAttr(resourceName, "allowed_roles.1", "prod"), @@ -214,8 +216,10 @@ func TestAccDatabaseSecretBackendConnection_influxdb(t *testing.T) { username := os.Getenv("INFLUXDB_USERNAME") password := os.Getenv("INFLUXDB_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendInfluxDB) name := acctest.RandomWithPrefix("db") - resourceName := "vault_database_secret_backend_connection.test" + resourceName := testDefaultDatabaseSecretBackendResource resource.Test(t, resource.TestCase{ Providers: testProviders, PreCheck: func() { testutil.TestAccPreCheck(t) }, @@ -223,9 +227,7 @@ func TestAccDatabaseSecretBackendConnection_influxdb(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_influxdb(name, backend, host, username, password), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr(resourceName, "name", name), - resource.TestCheckResourceAttr(resourceName, "backend", backend), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, resource.TestCheckResourceAttr(resourceName, "allowed_roles.#", "2"), resource.TestCheckResourceAttr(resourceName, "allowed_roles.0", "dev"), resource.TestCheckResourceAttr(resourceName, "allowed_roles.1", "prod"), @@ -257,6 +259,8 @@ func TestAccDatabaseSecretBackendConnection_mongodbatlas(t *testing.T) { privateKey := os.Getenv("MONGODB_ATLAS_PRIVATE_KEY") projectID := os.Getenv("MONGODB_ATLAS_PROJECT_ID") backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMongoDBAtlas) name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -265,18 +269,16 @@ func TestAccDatabaseSecretBackendConnection_mongodbatlas(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_mongodbatlas(name, backend, publicKey, privateKey, projectID), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mongodbatlas.0.public_key", publicKey), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mongodbatlas.0.private_key", privateKey), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mongodbatlas.0.project_id", projectID), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mongodbatlas.0.public_key", publicKey), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mongodbatlas.0.private_key", privateKey), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mongodbatlas.0.project_id", projectID), ), }, }, @@ -291,6 +293,8 @@ func TestAccDatabaseSecretBackendConnection_mongodb(t *testing.T) { connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMongoDB) name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -299,16 +303,14 @@ func TestAccDatabaseSecretBackendConnection_mongodb(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_mongodb(name, backend, connURL), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mongodb.0.connection_url", connURL), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mongodb.0.connection_url", connURL), ), }, }, @@ -323,10 +325,9 @@ func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { t.Cleanup(cleanupFunc) backend := acctest.RandomWithPrefix("tf-test-db") - name := acctest.RandomWithPrefix("db") - // should match dbEngine.getPluginName()'s default return value pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMSSQL) + name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -335,40 +336,36 @@ func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_mssql(name, backend, connURL, pluginName, false), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "plugin_name", pluginName), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.contained_db", "false"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "plugin_name", pluginName), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.contained_db", "false"), ), }, { Config: testAccDatabaseSecretBackendConnectionConfig_mssql(name, backend, connURL, pluginName, true), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "plugin_name", pluginName), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mssql.0.contained_db", "true"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "plugin_name", pluginName), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mssql.0.contained_db", "true"), ), }, }, @@ -383,6 +380,8 @@ func TestAccDatabaseSecretBackendConnection_mysql(t *testing.T) { connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) name := acctest.RandomWithPrefix("db") password := acctest.RandomWithPrefix("password") resource.Test(t, resource.TestCase{ @@ -392,78 +391,81 @@ func TestAccDatabaseSecretBackendConnection_mysql(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_mysql(name, backend, connURL, password), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.%", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.password", password), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.%", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.password", password), ), }, { Config: testAccDatabaseSecretBackendConnectionConfig_mysql_rds(name, backend, connURL), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_rds.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_rds.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_rds.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_rds.0.max_connection_lifetime", "0"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_rds.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_rds.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_rds.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_rds.0.max_connection_lifetime", "0"), ), }, { Config: testAccDatabaseSecretBackendConnectionConfig_mysql_aurora(name, backend, connURL), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_aurora.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_aurora.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_aurora.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_aurora.0.max_connection_lifetime", "0"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_aurora.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_aurora.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_aurora.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_aurora.0.max_connection_lifetime", "0"), ), }, { Config: testAccDatabaseSecretBackendConnectionConfig_mysql_legacy(name, backend, connURL), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_legacy.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_legacy.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_legacy.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql_legacy.0.max_connection_lifetime", "0"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_legacy.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_legacy.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_legacy.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql_legacy.0.max_connection_lifetime", "0"), ), }, }, }) } +func testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName string, fs ...resource.TestCheckFunc) resource.TestCheckFunc { + funcs := []resource.TestCheckFunc{ + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "name", name), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "backend", backend), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "plugin_name", pluginName), + } + funcs = append(funcs, fs...) + + return resource.ComposeTestCheckFunc(funcs...) +} + func TestAccDatabaseSecretBackendConnectionUpdate_mysql(t *testing.T) { MaybeSkipDBTests(t, dbBackendMySQL) @@ -472,6 +474,8 @@ func TestAccDatabaseSecretBackendConnectionUpdate_mysql(t *testing.T) { connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) name := acctest.RandomWithPrefix("db") password := acctest.RandomWithPrefix("password") resource.Test(t, resource.TestCase{ @@ -481,38 +485,34 @@ func TestAccDatabaseSecretBackendConnectionUpdate_mysql(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfigUpdate_mysql(name, backend, connURL, password, 0), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.%", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.password", password), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.%", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.password", password), ), }, { Config: testAccDatabaseSecretBackendConnectionConfigUpdate_mysql(name, backend, connURL, password, 10), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_connection_lifetime", "10"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.%", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.password", password), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_connection_lifetime", "10"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.%", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.password", password), ), }, }, @@ -539,6 +539,8 @@ func TestAccDatabaseSecretBackendConnectionTemplatedUpdateExcludePassword_mysql( } backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) name := acctest.RandomWithPrefix("db") testUsername := acctest.RandomWithPrefix("username") testPassword := acctest.RandomWithPrefix("password") @@ -556,18 +558,16 @@ func TestAccDatabaseSecretBackendConnectionTemplatedUpdateExcludePassword_mysql( Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfigTemplated_mysql(name, backend, testConnURL, testUsername, testPassword, 0), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.connection_url", testConnURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.%", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.username", testUsername), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.password", testPassword), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.connection_url", testConnURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.%", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.username", testUsername), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.password", testPassword), ), }, { @@ -581,18 +581,16 @@ func TestAccDatabaseSecretBackendConnectionTemplatedUpdateExcludePassword_mysql( log.Printf("rotate-root: %v", resp) }, - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.connection_url", testConnURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_connection_lifetime", "10"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.%", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.username", testUsername), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.password", testPassword), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.connection_url", testConnURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_connection_lifetime", "10"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.%", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.username", testUsername), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.password", testPassword), ), }, }, @@ -607,6 +605,8 @@ func TestAccDatabaseSecretBackendConnection_mysql_tls(t *testing.T) { tlsCA, connURL, tlsCertificateKey := values[0], values[1], values[2] backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) name := acctest.RandomWithPrefix("db") password := acctest.RandomWithPrefix("password") resource.Test(t, resource.TestCase{ @@ -616,23 +616,21 @@ func TestAccDatabaseSecretBackendConnection_mysql_tls(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_mysql_tls(name, backend, connURL, password, tlsCA, tlsCertificateKey), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.%", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "data.password", password), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.tlsCA", tlsCA+"\n"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "mysql.0.tls_certificate_key", tlsCertificateKey+"\n"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.%", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "data.password", password), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.tlsCA", tlsCA+"\n"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "mysql.0.tls_certificate_key", tlsCertificateKey+"\n"), ), }, }, @@ -647,6 +645,8 @@ func TestAccDatabaseSecretBackendConnection_postgresql(t *testing.T) { connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendPostgres) name := acctest.RandomWithPrefix("db") userTempl := "{{.DisplayName}}" resource.Test(t, resource.TestCase{ @@ -656,20 +656,18 @@ func TestAccDatabaseSecretBackendConnection_postgresql(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_postgresql(name, backend, connURL, userTempl), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.max_connection_lifetime", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "postgresql.0.username_template", userTempl), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.max_connection_lifetime", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "postgresql.0.username_template", userTempl), ), }, }, @@ -686,6 +684,8 @@ func TestAccDatabaseSecretBackendConnection_elasticsearch(t *testing.T) { username := os.Getenv("ELASTIC_USERNAME") password := os.Getenv("ELASTIC_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendElasticSearch) name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ @@ -695,14 +695,12 @@ func TestAccDatabaseSecretBackendConnection_elasticsearch(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_elasticsearch(name, backend, connURL, username, password), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "elasticsearch.0.url", connURL), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "elasticsearch.0.url", connURL), ), }, }, @@ -719,6 +717,8 @@ func TestAccDatabaseSecretBackendConnection_snowflake(t *testing.T) { username := os.Getenv("SNOWFLAKE_USERNAME") password := os.Getenv("SNOWFLAKE_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendSnowflake) name := acctest.RandomWithPrefix("db") userTempl := "{{.DisplayName}}" @@ -730,17 +730,15 @@ func TestAccDatabaseSecretBackendConnection_snowflake(t *testing.T) { Steps: []resource.TestStep{ { Config: config, - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "snowflake.0.connection_url", connURL), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "snowflake.0.username", username), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "snowflake.0.password", password), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "snowflake.0.username_template", userTempl), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "snowflake.0.connection_url", connURL), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "snowflake.0.username", username), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "snowflake.0.password", password), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "snowflake.0.username_template", userTempl), ), }, }, @@ -755,6 +753,8 @@ func TestAccDatabaseSecretBackendConnection_redshift(t *testing.T) { t.Skip("REDSHIFT_URL not set") } backend := acctest.RandomWithPrefix("tf-test-db") + // should match dbEngine.getPluginName()'s default return value + pluginName := fmt.Sprintf("%s-database-plugin", dbBackendRedshift) name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -763,19 +763,17 @@ func TestAccDatabaseSecretBackendConnection_redshift(t *testing.T) { Steps: []resource.TestStep{ { Config: testAccDatabaseSecretBackendConnectionConfig_redshift(name, backend, url), - Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "name", name), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "backend", backend), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.#", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.0", "dev"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "allowed_roles.1", "prod"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.#", "1"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "root_rotation_statements.0", "FOOBAR"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "verify_connection", "true"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "redshift.0.connection_url", url), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "redshift.0.max_open_connections", "2"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "redshift.0.max_idle_connections", "0"), - resource.TestCheckResourceAttr("vault_database_secret_backend_connection.test", "redshift.0.max_connection_lifetime", "0"), + Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.#", "1"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "root_rotation_statements.0", "FOOBAR"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "verify_connection", "true"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "redshift.0.connection_url", url), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "redshift.0.max_open_connections", "2"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "redshift.0.max_idle_connections", "0"), + resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "redshift.0.max_connection_lifetime", "0"), ), }, }, From 36231a6d2ab1290c902ba699db5da35e48055b73 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Thu, 27 Jan 2022 16:40:34 -0500 Subject: [PATCH 08/10] Add changelog entry --- CHANGELOG.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 937d88bf2..245a5609f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,9 @@ BUGS: * `resource/kubernetes_auth_backend_config`: Ensure `disable_iss_validation` is honored in all cases ([#1315](https://github.com/hashicorp/terraform-provider-vault/pull/1315)) +IMPROVEMENTS: +* `resource/database_secret_backend_connection`: Add support for configuring the secret engine's `plugin_name` ([#1320](https://github.com/hashicorp/terraform-provider-vault/pull/1320)) + ## 3.2.1 (January 20, 2022) BUGS: * `resource/rabbitmq_secret_backend_role`: Add nil check when reading RabbitMQ role from Vault ([#1312](https://github.com/hashicorp/terraform-provider-vault/pull/1312)) From 8405679b6b58e4e1f09543b55eaabef825e4e978 Mon Sep 17 00:00:00 2001 From: Ben Ash Date: Thu, 27 Jan 2022 22:15:15 -0500 Subject: [PATCH 09/10] Drop duplicate plugin_name test. --- vault/resource_database_secret_backend_connection_test.go | 1 - 1 file changed, 1 deletion(-) diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index c2e5a8685..13ab2a6a2 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -337,7 +337,6 @@ func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { { Config: testAccDatabaseSecretBackendConnectionConfig_mssql(name, backend, connURL, pluginName, false), Check: testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName, - resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "plugin_name", pluginName), resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.#", "2"), resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.0", "dev"), resource.TestCheckResourceAttr(testDefaultDatabaseSecretBackendResource, "allowed_roles.1", "prod"), From 902dc1df9c133bc6e0498200cc74b2552566ec28 Mon Sep 17 00:00:00 2001 From: Ben Ash <32777270+benashz@users.noreply.github.com> Date: Fri, 28 Jan 2022 18:47:52 -0500 Subject: [PATCH 10/10] Use dbEngine instances in place of constants. (#1326) * Use dbEngine instances in place of constants. - replace the use of map for looking up dbEngine instances by name with a slice - factor out dbBackend* constants to dbEngine instances. * Use dbEngine names in db Schema fields. * Add some public getter methods to the dbEngine --- ...urce_database_secret_backend_connection.go | 297 +++++++++++------- ...database_secret_backend_connection_test.go | 145 +++++---- 2 files changed, 259 insertions(+), 183 deletions(-) diff --git a/vault/resource_database_secret_backend_connection.go b/vault/resource_database_secret_backend_connection.go index 60dd1140e..c8325f901 100644 --- a/vault/resource_database_secret_backend_connection.go +++ b/vault/resource_database_secret_backend_connection.go @@ -2,6 +2,7 @@ package vault import ( "encoding/json" + "errors" "fmt" "log" "regexp" @@ -23,66 +24,137 @@ type connectionStringConfig struct { } const ( - dbBackendCassandra = "cassandra" - dbBackendCouchbase = "couchbase" - dbBackendElasticSearch = "elasticsearch" - dbBackendHana = "hana" - dbBackendInfluxDB = "influxdb" - dbBackendMSSQL = "mssql" - dbBackendMongoDB = "mongodb" - dbBackendMongoDBAtlas = "mongodbatlas" - dbBackendMySQL = "mysql" - dbBackendMySQLAurora = "mysql_aurora" - dbBackendMySQLLegacy = "mysql_legacy" - dbBackendMySQLRDS = "mysql_rds" - dbBackendPostgres = "postgresql" - dbBackendOracle = "oracle" - dbBackendSnowflake = "snowflake" - dbBackendRedshift = "redshift" + dbPluginSuffix = "-database-plugin" ) var ( databaseSecretBackendConnectionBackendFromPathRegex = regexp.MustCompile("^(.+)/config/.+$") databaseSecretBackendConnectionNameFromPathRegex = regexp.MustCompile("^.+/config/(.+$)") - // map all dbBackends to their corresponding dbEngine's - // XXX: This map must be updated whenever a new database engine is added. - dbEngines = map[string]*dbEngine{ - dbBackendCassandra: {name: dbBackendCassandra}, - dbBackendCouchbase: {name: dbBackendCouchbase}, - dbBackendElasticSearch: {name: dbBackendElasticSearch}, - dbBackendHana: {name: dbBackendHana}, - dbBackendInfluxDB: {name: dbBackendInfluxDB}, - dbBackendMSSQL: {name: dbBackendMSSQL}, - dbBackendMongoDB: {name: dbBackendMongoDB}, - dbBackendMongoDBAtlas: {name: dbBackendMongoDBAtlas}, - dbBackendMySQL: {name: dbBackendMySQL}, - dbBackendMySQLAurora: {name: dbBackendMySQLAurora}, - dbBackendMySQLLegacy: {name: dbBackendMySQLLegacy}, - dbBackendMySQLRDS: {name: dbBackendMySQLRDS}, - dbBackendPostgres: {name: dbBackendPostgres}, - dbBackendOracle: {name: dbBackendOracle}, - dbBackendSnowflake: {name: dbBackendSnowflake}, - dbBackendRedshift: {name: dbBackendRedshift}, + dbEngineCassandra = &dbEngine{ + name: "cassandra", + defaultPluginName: "cassandra" + dbPluginSuffix, + } + dbEngineCouchbase = &dbEngine{ + name: "couchbase", + defaultPluginName: "couchbase" + dbPluginSuffix, + } + + dbEngineElasticSearch = &dbEngine{ + name: "elasticsearch", + defaultPluginName: "elasticsearch" + dbPluginSuffix, + } + dbEngineHana = &dbEngine{ + name: "hana", + defaultPluginName: "hana" + dbPluginSuffix, + } + dbEngineInfluxDB = &dbEngine{ + name: "influxdb", + defaultPluginName: "influxdb" + dbPluginSuffix, + } + dbEngineMSSQL = &dbEngine{ + name: "mssql", + defaultPluginName: "mssql" + dbPluginSuffix, + } + dbEngineMongoDB = &dbEngine{ + name: "mongodb", + defaultPluginName: "mongodb" + dbPluginSuffix, + } + dbEngineMongoDBAtlas = &dbEngine{ + name: "mongodbatlas", + defaultPluginName: "mongodbatlas" + dbPluginSuffix, + } + dbEngineMySQL = &dbEngine{ + name: "mysql", + defaultPluginName: "mysql" + dbPluginSuffix, + } + dbEngineMySQLAurora = &dbEngine{ + name: "mysql_aurora", + defaultPluginName: "mysql-aurora" + dbPluginSuffix, + } + dbEngineMySQLLegacy = &dbEngine{ + name: "mysql_legacy", + defaultPluginName: "mysql-legacy" + dbPluginSuffix, + } + dbEngineMySQLRDS = &dbEngine{ + name: "mysql_rds", + defaultPluginName: "mysql-rds" + dbPluginSuffix, + } + dbEnginePostgres = &dbEngine{ + name: "postgresql", + defaultPluginName: "postgresql" + dbPluginSuffix, + } + dbEngineOracle = &dbEngine{ + name: "oracle", + defaultPluginName: "oracle" + dbPluginSuffix, + } + dbEngineSnowflake = &dbEngine{ + name: "snowflake", + defaultPluginName: "snowflake" + dbPluginSuffix, + } + dbEngineRedshift = &dbEngine{ + name: "redshift", + defaultPluginName: "redshift" + dbPluginSuffix, + } + + dbEngines = []*dbEngine{ + dbEngineCassandra, + dbEngineCouchbase, + dbEngineElasticSearch, + dbEngineHana, + dbEngineInfluxDB, + dbEngineMSSQL, + dbEngineMongoDB, + dbEngineMongoDBAtlas, + dbEngineMySQL, + dbEngineMySQLAurora, + dbEngineMySQLLegacy, + dbEngineMySQLRDS, + dbEnginePostgres, + dbEngineOracle, + dbEngineSnowflake, + dbEngineRedshift, } ) type dbEngine struct { - name string + name string + defaultPluginName string } -func (i *dbEngine) getPluginName(d *schema.ResourceData) string { +// GetPluginName from the schema.ResourceData if it is configured, +// otherwise return the default plugin name. +// Return an error if no plugin name can be found. +func (i *dbEngine) GetPluginName(d *schema.ResourceData) (string, error) { if val, ok := d.GetOk("plugin_name"); ok { - return val.(string) + return val.(string), nil } - return fmt.Sprintf("%s-database-plugin", strings.Replace(i.name, "_", "-", -1)) + if i.defaultPluginName == "" { + return "", errors.New("default plugin name not set") + } + + return i.defaultPluginName, nil +} + +func (i *dbEngine) String() string { + return i.name +} + +// Name of the Vault DB secrets engine. +func (i *dbEngine) Name() string { + return i.name +} + +// DefaultPluginName for this dbEngine. +func (i *dbEngine) DefaultPluginName() string { + return i.defaultPluginName } func databaseSecretBackendConnectionResource() *schema.Resource { - dbBackendTypes := []string{} - for k := range dbEngines { - dbBackendTypes = append(dbBackendTypes, k) + dbEngineTypes := []string{} + for _, e := range dbEngines { + dbEngineTypes = append(dbEngineTypes, e.name) } return &schema.Resource{ @@ -162,10 +234,10 @@ func databaseSecretBackendConnectionResource() *schema.Resource { }, }, MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendElasticSearch, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineElasticSearch.Name(), dbEngineTypes), }, - "cassandra": { + dbEngineCassandra.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the cassandra-database-plugin plugin.", @@ -237,10 +309,10 @@ func databaseSecretBackendConnectionResource() *schema.Resource { }, }, MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendCassandra, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineCassandra.Name(), dbEngineTypes), }, - "couchbase": { + dbEngineCouchbase.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the couchbase-database-plugin plugin.", @@ -296,10 +368,10 @@ func databaseSecretBackendConnectionResource() *schema.Resource { }, }, MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendCouchbase, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineCouchbase.Name(), dbEngineTypes), }, - "influxdb": { + dbEngineInfluxDB.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the influxdb-database-plugin plugin.", @@ -367,19 +439,19 @@ func databaseSecretBackendConnectionResource() *schema.Resource { }, }, MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendInfluxDB, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineInfluxDB.Name(), dbEngineTypes), }, - "mongodb": { + dbEngineMongoDB.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the mongodb-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendMongoDB, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineMongoDB.Name(), dbEngineTypes), }, - "mongodbatlas": { + dbEngineMongoDBAtlas.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the mongodbatlas-database-plugin plugin.", @@ -404,10 +476,10 @@ func databaseSecretBackendConnectionResource() *schema.Resource { }, }, MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendMongoDBAtlas, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineMongoDBAtlas.Name(), dbEngineTypes), }, - "hana": { + dbEngineHana.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the hana-database-plugin plugin.", @@ -415,85 +487,85 @@ func databaseSecretBackendConnectionResource() *schema.Resource { excludeUsernameTemplate: true, }), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendHana, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineHana.Name(), dbEngineTypes), }, - "mssql": { + dbEngineMSSQL.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the mssql-database-plugin plugin.", Elem: mssqlConnectionStringResource(), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendMSSQL, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineMSSQL.Name(), dbEngineTypes), }, - "mysql": { + dbEngineMySQL.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the mysql-database-plugin plugin.", Elem: mysqlConnectionStringResource(), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendMySQL, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineMySQL.Name(), dbEngineTypes), }, - "mysql_rds": { + dbEngineMySQLRDS.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the mysql-rds-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendMySQLRDS, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineMySQLRDS.Name(), dbEngineTypes), }, - "mysql_aurora": { + dbEngineMySQLAurora.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the mysql-aurora-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendMySQLAurora, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineMySQLAurora.Name(), dbEngineTypes), }, - "mysql_legacy": { + dbEngineMySQLLegacy.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the mysql-legacy-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendMySQLLegacy, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineMySQLLegacy.Name(), dbEngineTypes), }, - "postgresql": { + dbEnginePostgres.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the postgresql-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendPostgres, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEnginePostgres.Name(), dbEngineTypes), }, - "oracle": { + dbEngineOracle.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the oracle-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendOracle, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineOracle.Name(), dbEngineTypes), }, - "redshift": { + dbEngineRedshift.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the redshift-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{includeUserPass: true}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendRedshift, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineRedshift.Name(), dbEngineTypes), }, - "snowflake": { + dbEngineSnowflake.name: { Type: schema.TypeList, Optional: true, Description: "Connection parameters for the snowflake-database-plugin plugin.", Elem: connectionStringResource(&connectionStringConfig{includeUserPass: true}), MaxItems: 1, - ConflictsWith: util.CalculateConflictsWith(dbBackendSnowflake, dbBackendTypes), + ConflictsWith: util.CalculateConflictsWith(dbEngineSnowflake.Name(), dbEngineTypes), }, "backend": { @@ -588,9 +660,9 @@ func mssqlConnectionStringResource() *schema.Resource { } func getDBEngine(d *schema.ResourceData) (*dbEngine, error) { - for k, v := range dbEngines { - if i, ok := d.GetOk(k); ok && len(i.([]interface{})) > 0 { - return v, nil + for _, e := range dbEngines { + if i, ok := d.GetOk(e.name); ok && len(i.([]interface{})) > 0 { + return e, nil } } @@ -603,12 +675,17 @@ func getDatabaseAPIData(d *schema.ResourceData) (map[string]interface{}, error) return nil, err } + pluginName, err := db.GetPluginName(d) + if err != nil { + return nil, err + } + data := map[string]interface{}{ - "plugin_name": db.getPluginName(d), + "plugin_name": pluginName, } - switch db.name { - case dbBackendCassandra: + switch db { + case dbEngineCassandra: if v, ok := d.GetOk("cassandra.0.hosts"); ok { log.Printf("[DEBUG] Cassandra hosts: %v", v.([]interface{})) var hosts []string @@ -647,15 +724,15 @@ func getDatabaseAPIData(d *schema.ResourceData) (map[string]interface{}, error) if v, ok := d.GetOkExists("cassandra.0.connect_timeout"); ok { data["connect_timeout"] = v.(int) } - case dbBackendCouchbase: + case dbEngineCouchbase: setCouchbaseDatabaseConnectionData(d, "couchbase.0.", data) - case dbBackendInfluxDB: + case dbEngineInfluxDB: setInfluxDBDatabaseConnectionData(d, "influxdb.0.", data) - case dbBackendHana: + case dbEngineHana: setDatabaseConnectionData(d, "hana.0.", data) - case dbBackendMongoDB: + case dbEngineMongoDB: setDatabaseConnectionData(d, "mongodb.0.", data) - case dbBackendMongoDBAtlas: + case dbEngineMongoDBAtlas: if v, ok := d.GetOk("mongodbatlas.0.public_key"); ok { data["public_key"] = v.(string) } @@ -665,25 +742,25 @@ func getDatabaseAPIData(d *schema.ResourceData) (map[string]interface{}, error) if v, ok := d.GetOk("mongodbatlas.0.project_id"); ok { data["project_id"] = v.(string) } - case dbBackendMSSQL: + case dbEngineMSSQL: setMSSQLDatabaseConnectionData(d, "mssql.0.", data) - case dbBackendMySQL: + case dbEngineMySQL: setMySQLDatabaseConnectionData(d, "mysql.0.", data) - case dbBackendMySQLRDS: + case dbEngineMySQLRDS: setDatabaseConnectionData(d, "mysql_rds.0.", data) - case dbBackendMySQLAurora: + case dbEngineMySQLAurora: setDatabaseConnectionData(d, "mysql_aurora.0.", data) - case dbBackendMySQLLegacy: + case dbEngineMySQLLegacy: setDatabaseConnectionData(d, "mysql_legacy.0.", data) - case dbBackendOracle: + case dbEngineOracle: setDatabaseConnectionData(d, "oracle.0.", data) - case dbBackendPostgres: + case dbEnginePostgres: setDatabaseConnectionData(d, "postgresql.0.", data) - case dbBackendElasticSearch: + case dbEngineElasticSearch: setElasticsearchDatabaseConnectionData(d, "elasticsearch.0.", data) - case dbBackendSnowflake: + case dbEngineSnowflake: setDatabaseConnectionDataWithUserPass(d, "snowflake.0.", data) - case dbBackendRedshift: + case dbEngineRedshift: setDatabaseConnectionDataWithUserPass(d, "redshift.0.", data) } @@ -1144,8 +1221,8 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ return nil } - switch db.name { - case dbBackendCassandra: + switch db { + case dbEngineCassandra: details := resp.Data["connection_details"] data, ok := details.(map[string]interface{}) if ok { @@ -1202,15 +1279,15 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ } d.Set("cassandra", []map[string]interface{}{result}) } - case dbBackendCouchbase: + case dbEngineCouchbase: d.Set("couchbase", getCouchbaseConnectionDetailsFromResponse(d, "couchbase.0.", resp)) - case dbBackendInfluxDB: + case dbEngineInfluxDB: d.Set("influxdb", getInfluxDBConnectionDetailsFromResponse(d, "influxdb.0.", resp)) - case dbBackendHana: + case dbEngineHana: d.Set("hana", getConnectionDetailsFromResponse(d, "hana.0.", resp)) - case dbBackendMongoDB: + case dbEngineMongoDB: d.Set("mongodb", getConnectionDetailsFromResponse(d, "mongodb.0.", resp)) - case dbBackendMongoDBAtlas: + case dbEngineMongoDBAtlas: details := resp.Data["connection_details"] data, ok := details.(map[string]interface{}) if ok { @@ -1227,27 +1304,27 @@ func databaseSecretBackendConnectionRead(d *schema.ResourceData, meta interface{ } d.Set("mongodbatlas", []map[string]interface{}{result}) } - case dbBackendMSSQL: + case dbEngineMSSQL: var values []map[string]interface{} if values, err = getMSSQLConnectionDetailsFromResponse(d, "mssql.0.", resp); err == nil { // err is returned outside of the switch case d.Set("mssql", values) } - case dbBackendMySQL: + case dbEngineMySQL: d.Set("mysql", getMySQLConnectionDetailsFromResponse(d, "mysql.0.", resp)) - case dbBackendMySQLRDS: + case dbEngineMySQLRDS: d.Set("mysql_rds", getConnectionDetailsFromResponse(d, "mysql_rds.0.", resp)) - case dbBackendMySQLAurora: + case dbEngineMySQLAurora: d.Set("mysql_aurora", getConnectionDetailsFromResponse(d, "mysql_aurora.0.", resp)) - case dbBackendMySQLLegacy: + case dbEngineMySQLLegacy: d.Set("mysql_legacy", getConnectionDetailsFromResponse(d, "mysql_legacy.0.", resp)) - case dbBackendOracle: + case dbEngineOracle: d.Set("oracle", getConnectionDetailsFromResponse(d, "oracle.0.", resp)) - case dbBackendPostgres: + case dbEnginePostgres: d.Set("postgresql", getConnectionDetailsFromResponse(d, "postgresql.0.", resp)) - case dbBackendElasticSearch: + case dbEngineElasticSearch: d.Set("elasticsearch", getElasticsearchConnectionDetailsFromResponse(d, "elasticsearch.0.", resp)) - case dbBackendSnowflake: + case dbEngineSnowflake: d.Set("snowflake", getSnowflakeConnectionDetailsFromResponse(d, "snowflake.0.", resp)) } diff --git a/vault/resource_database_secret_backend_connection_test.go b/vault/resource_database_secret_backend_connection_test.go index 13ab2a6a2..2c87d2ba8 100644 --- a/vault/resource_database_secret_backend_connection_test.go +++ b/vault/resource_database_secret_backend_connection_test.go @@ -29,15 +29,14 @@ const testDefaultDatabaseSecretBackendResource = "vault_database_secret_backend_ // copy/build a db plugin and install it with a unique name, then register it in vault. func TestAccDatabaseSecretBackendConnection_import(t *testing.T) { - MaybeSkipDBTests(t, dbBackendPostgres) + MaybeSkipDBTests(t, dbEnginePostgres) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "POSTGRES_URL") connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendPostgres) + pluginName := dbEnginePostgres.DefaultPluginName() name := acctest.RandomWithPrefix("db") userTempl := "{{.DisplayName}}" @@ -73,7 +72,7 @@ func TestAccDatabaseSecretBackendConnection_import(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_cassandra(t *testing.T) { - MaybeSkipDBTests(t, dbBackendCassandra) + MaybeSkipDBTests(t, dbEngineCassandra) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "CASSANDRA_HOST") @@ -82,7 +81,7 @@ func TestAccDatabaseSecretBackendConnection_cassandra(t *testing.T) { username := os.Getenv("CASSANDRA_USERNAME") password := os.Getenv("CASSANDRA_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendCassandra) + pluginName := dbEngineCassandra.DefaultPluginName() name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -116,7 +115,7 @@ func TestAccDatabaseSecretBackendConnection_cassandra(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_cassandraProtocol(t *testing.T) { - MaybeSkipDBTests(t, dbBackendCassandra) + MaybeSkipDBTests(t, dbEngineCassandra) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "CASSANDRA_HOST") @@ -125,8 +124,7 @@ func TestAccDatabaseSecretBackendConnection_cassandraProtocol(t *testing.T) { username := os.Getenv("CASSANDRA_USERNAME") password := os.Getenv("CASSANDRA_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendCassandra) + pluginName := dbEngineCassandra.DefaultPluginName() name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -160,7 +158,7 @@ func TestAccDatabaseSecretBackendConnection_cassandraProtocol(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_couchbase(t *testing.T) { - MaybeSkipDBTests(t, dbBackendCouchbase) + MaybeSkipDBTests(t, dbEngineCouchbase) values := testutil.SkipTestEnvUnset(t, "COUCHBASE_HOST_1", "COUCHBASE_HOST_2", "COUCHBASE_USERNAME", "COUCHBASE_PASSWORD") host1 := values[0] @@ -168,8 +166,7 @@ func TestAccDatabaseSecretBackendConnection_couchbase(t *testing.T) { username := values[2] password := values[3] backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendCouchbase) + pluginName := dbEngineCouchbase.DefaultPluginName() name := acctest.RandomWithPrefix("db") resourceName := testDefaultDatabaseSecretBackendResource resource.Test(t, resource.TestCase{ @@ -207,7 +204,7 @@ func TestAccDatabaseSecretBackendConnection_couchbase(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_influxdb(t *testing.T) { - MaybeSkipDBTests(t, dbBackendInfluxDB) + MaybeSkipDBTests(t, dbEngineInfluxDB) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "INFLUXDB_HOST") @@ -216,8 +213,7 @@ func TestAccDatabaseSecretBackendConnection_influxdb(t *testing.T) { username := os.Getenv("INFLUXDB_USERNAME") password := os.Getenv("INFLUXDB_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendInfluxDB) + pluginName := dbEngineInfluxDB.DefaultPluginName() name := acctest.RandomWithPrefix("db") resourceName := testDefaultDatabaseSecretBackendResource resource.Test(t, resource.TestCase{ @@ -250,7 +246,7 @@ func TestAccDatabaseSecretBackendConnection_influxdb(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_mongodbatlas(t *testing.T) { - MaybeSkipDBTests(t, dbBackendMongoDBAtlas) + MaybeSkipDBTests(t, dbEngineMongoDBAtlas) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "MONGODB_ATLAS_PUBLIC_KEY") @@ -259,8 +255,7 @@ func TestAccDatabaseSecretBackendConnection_mongodbatlas(t *testing.T) { privateKey := os.Getenv("MONGODB_ATLAS_PRIVATE_KEY") projectID := os.Getenv("MONGODB_ATLAS_PROJECT_ID") backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMongoDBAtlas) + pluginName := dbEngineMongoDBAtlas.DefaultPluginName() name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -286,15 +281,14 @@ func TestAccDatabaseSecretBackendConnection_mongodbatlas(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_mongodb(t *testing.T) { - MaybeSkipDBTests(t, dbBackendMongoDB) + MaybeSkipDBTests(t, dbEngineMongoDB) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "MONGODB_URL") connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMongoDB) + pluginName := dbEngineMongoDB.DefaultPluginName() name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -318,15 +312,14 @@ func TestAccDatabaseSecretBackendConnection_mongodb(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { - MaybeSkipDBTests(t, dbBackendMSSQL) + MaybeSkipDBTests(t, dbEngineMSSQL) cleanupFunc, connURL := mssqlhelper.PrepareMSSQLTestContainer(t) t.Cleanup(cleanupFunc) backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMSSQL) + pluginName := dbEngineMSSQL.DefaultPluginName() name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ @@ -372,15 +365,14 @@ func TestAccDatabaseSecretBackendConnection_mssql(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_mysql(t *testing.T) { - MaybeSkipDBTests(t, dbBackendMySQL) + MaybeSkipDBTests(t, dbEngineMySQL) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "MYSQL_URL") connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) + pluginName := dbEngineMySQL.DefaultPluginName() name := acctest.RandomWithPrefix("db") password := acctest.RandomWithPrefix("password") resource.Test(t, resource.TestCase{ @@ -466,15 +458,14 @@ func testComposeCheckFuncCommonDatabaseSecretBackend(name, backend, pluginName s } func TestAccDatabaseSecretBackendConnectionUpdate_mysql(t *testing.T) { - MaybeSkipDBTests(t, dbBackendMySQL) + MaybeSkipDBTests(t, dbEngineMySQL) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "MYSQL_URL") connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) + pluginName := dbEngineMySQL.DefaultPluginName() name := acctest.RandomWithPrefix("db") password := acctest.RandomWithPrefix("password") resource.Test(t, resource.TestCase{ @@ -519,7 +510,7 @@ func TestAccDatabaseSecretBackendConnectionUpdate_mysql(t *testing.T) { } func TestAccDatabaseSecretBackendConnectionTemplatedUpdateExcludePassword_mysql(t *testing.T) { - MaybeSkipDBTests(t, dbBackendMySQL) + MaybeSkipDBTests(t, dbEngineMySQL) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, @@ -538,8 +529,7 @@ func TestAccDatabaseSecretBackendConnectionTemplatedUpdateExcludePassword_mysql( } backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) + pluginName := dbEngineMySQL.DefaultPluginName() name := acctest.RandomWithPrefix("db") testUsername := acctest.RandomWithPrefix("username") testPassword := acctest.RandomWithPrefix("password") @@ -597,15 +587,14 @@ func TestAccDatabaseSecretBackendConnectionTemplatedUpdateExcludePassword_mysql( } func TestAccDatabaseSecretBackendConnection_mysql_tls(t *testing.T) { - MaybeSkipDBTests(t, dbBackendMySQL) + MaybeSkipDBTests(t, dbEngineMySQL) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "MYSQL_CA", "MYSQL_URL", "MYSQL_CERTIFICATE_KEY") tlsCA, connURL, tlsCertificateKey := values[0], values[1], values[2] backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendMySQL) + pluginName := dbEngineMySQL.DefaultPluginName() name := acctest.RandomWithPrefix("db") password := acctest.RandomWithPrefix("password") resource.Test(t, resource.TestCase{ @@ -637,15 +626,14 @@ func TestAccDatabaseSecretBackendConnection_mysql_tls(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_postgresql(t *testing.T) { - MaybeSkipDBTests(t, dbBackendPostgres) + MaybeSkipDBTests(t, dbEnginePostgres) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "POSTGRES_URL") connURL := values[0] backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendPostgres) + pluginName := dbEnginePostgres.DefaultPluginName() name := acctest.RandomWithPrefix("db") userTempl := "{{.DisplayName}}" resource.Test(t, resource.TestCase{ @@ -674,7 +662,7 @@ func TestAccDatabaseSecretBackendConnection_postgresql(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_elasticsearch(t *testing.T) { - MaybeSkipDBTests(t, dbBackendElasticSearch) + MaybeSkipDBTests(t, dbEngineElasticSearch) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "ELASTIC_URL") @@ -683,8 +671,7 @@ func TestAccDatabaseSecretBackendConnection_elasticsearch(t *testing.T) { username := os.Getenv("ELASTIC_USERNAME") password := os.Getenv("ELASTIC_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendElasticSearch) + pluginName := dbEngineElasticSearch.DefaultPluginName() name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ @@ -707,7 +694,7 @@ func TestAccDatabaseSecretBackendConnection_elasticsearch(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_snowflake(t *testing.T) { - MaybeSkipDBTests(t, dbBackendSnowflake) + MaybeSkipDBTests(t, dbEngineSnowflake) // TODO: make these fatal once we auto provision the required test infrastructure. values := testutil.SkipTestEnvUnset(t, "SNOWFLAKE_URL") @@ -716,8 +703,7 @@ func TestAccDatabaseSecretBackendConnection_snowflake(t *testing.T) { username := os.Getenv("SNOWFLAKE_USERNAME") password := os.Getenv("SNOWFLAKE_PASSWORD") backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendSnowflake) + pluginName := dbEngineSnowflake.DefaultPluginName() name := acctest.RandomWithPrefix("db") userTempl := "{{.DisplayName}}" @@ -745,15 +731,14 @@ func TestAccDatabaseSecretBackendConnection_snowflake(t *testing.T) { } func TestAccDatabaseSecretBackendConnection_redshift(t *testing.T) { - MaybeSkipDBTests(t, dbBackendRedshift) + MaybeSkipDBTests(t, dbEngineRedshift) url := os.Getenv("REDSHIFT_URL") if url == "" { t.Skip("REDSHIFT_URL not set") } backend := acctest.RandomWithPrefix("tf-test-db") - // should match dbEngine.getPluginName()'s default return value - pluginName := fmt.Sprintf("%s-database-plugin", dbBackendRedshift) + pluginName := dbEngineRedshift.DefaultPluginName() name := acctest.RandomWithPrefix("db") resource.Test(t, resource.TestCase{ Providers: testProviders, @@ -1247,34 +1232,40 @@ func deleteMySQLUser(t *testing.T, db *sql.DB, username string) { } } -func MaybeSkipDBTests(t *testing.T, engine string) { +func MaybeSkipDBTests(t *testing.T, engine *dbEngine) { // require TF_ACC to be set testutil.SkipTestAcc(t) envVars := []string{"SKIP_DB_TESTS"} - if _, ok := dbEngines[engine]; ok { - envVars = append(envVars, envVars[0]+"_"+strings.ToUpper(engine)) + for _, e := range dbEngines { + if e == engine { + envVars = append(envVars, envVars[0]+"_"+strings.ToUpper(engine.name)) + break + } } testutil.SkipTestEnvSet(t, envVars...) } -func Test_dbEngine_getPluginName(t *testing.T) { +func Test_dbEngine_GetPluginName(t *testing.T) { type fields struct { - name string + name string + defaultPluginName string } type args struct { d *schema.ResourceData } tests := []struct { - name string - fields fields - args args - want string + name string + fields fields + args args + want string + wantErr bool }{ { name: "default", fields: fields{ - name: "foo", + name: "foo", + defaultPluginName: "foo-database-plugin", }, args: args{ schema.TestResourceDataRaw( @@ -1290,9 +1281,9 @@ func Test_dbEngine_getPluginName(t *testing.T) { want: "foo-database-plugin", }, { - name: "default-underscored", + name: "set", fields: fields{ - name: "foo_qux_baz", + name: "foo", }, args: args{ schema.TestResourceDataRaw( @@ -1303,14 +1294,16 @@ func Test_dbEngine_getPluginName(t *testing.T) { Required: false, }, }, - map[string]interface{}{}), + map[string]interface{}{ + "plugin_name": "baz-qux", + }), }, - want: "foo-qux-baz-database-plugin", + want: "baz-qux", }, { - name: "set", + name: "fail", fields: fields{ - name: "foo", + name: "fail", }, args: args{ schema.TestResourceDataRaw( @@ -1321,20 +1314,28 @@ func Test_dbEngine_getPluginName(t *testing.T) { Required: false, }, }, - map[string]interface{}{ - "plugin_name": "baz-qux", - }), + map[string]interface{}{}, + ), }, - want: "baz-qux", + wantErr: true, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { i := &dbEngine{ - name: tt.fields.name, + name: tt.fields.name, + defaultPluginName: tt.fields.defaultPluginName, } - if got := i.getPluginName(tt.args.d); got != tt.want { - t.Errorf("getPluginName() expected %v, actual %v", tt.want, got) + + got, err := i.GetPluginName(tt.args.d) + if (err != nil) != tt.wantErr { + t.Errorf("GetPluginName() error = %v, wantErr %v", err, tt.wantErr) + + return + } + + if got != tt.want { + t.Errorf("GetPluginName() expected %v, actual %v", tt.want, got) } }) } @@ -1373,9 +1374,7 @@ func Test_getDBEngine(t *testing.T) { }, }), }, - want: &dbEngine{ - name: dbBackendMSSQL, - }, + want: dbEngineMSSQL, wantErr: false, }, {