Fixing up the tests so they actually pass

Running the tests without these changes results in this error first:

```
--- FAIL: TestAccAWSNetworkAclsOnlyIngressRulesChange (24.92 seconds)
  testing.go:121: Step 0 error: Check failed: Invalid number of ingress
entries found; count = %!s(int=3)
FAIL
exit status 1
FAIL  github.com/hashicorp/terraform/builtin/providers/aws  24.974s
```

And after fixing that one you also get a few unexpected values due to
an expected order mismatch between the items in the set versus the
items in the config.

Those are also fixed, so the test is passing now.
This commit is contained in:
Sander van Harmelen 2014-12-12 13:25:44 +01:00
parent 7a3b4fa7ce
commit cc4710c952
1 changed files with 70 additions and 70 deletions

View File

@ -71,9 +71,9 @@ func TestAccAWSNetworkAclsOnlyIngressRules(t *testing.T) {
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.rule_no", "2"), "aws_network_acl.foos", "ingress.0.rule_no", "2"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.from_port", "0"), "aws_network_acl.foos", "ingress.0.from_port", "443"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.to_port", "22"), "aws_network_acl.foos", "ingress.0.to_port", "443"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.action", "deny"), "aws_network_acl.foos", "ingress.0.action", "deny"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
@ -84,59 +84,6 @@ func TestAccAWSNetworkAclsOnlyIngressRules(t *testing.T) {
}) })
} }
const testAccAWSNetworkAclIngressConfig = `
resource "aws_vpc" "foo" {
cidr_block = "10.1.0.0/16"
}
resource "aws_subnet" "blob" {
cidr_block = "10.1.1.0/24"
vpc_id = "${aws_vpc.foo.id}"
map_public_ip_on_launch = true
}
resource "aws_network_acl" "foos" {
vpc_id = "${aws_vpc.foo.id}"
ingress = {
protocol = "tcp"
rule_no = 1
action = "deny"
cidr_block = "10.2.2.3/18"
from_port = 0
to_port = 22
}
ingress = {
protocol = "tcp"
rule_no = 2
action = "deny"
cidr_block = "10.2.2.3/18"
from_port = 443
to_port = 443
}
subnet_id = "${aws_subnet.blob.id}"
}
`
const testAccAWSNetworkAclIngressConfigChange = `
resource "aws_vpc" "foo" {
cidr_block = "10.1.0.0/16"
}
resource "aws_subnet" "blob" {
cidr_block = "10.1.1.0/24"
vpc_id = "${aws_vpc.foo.id}"
map_public_ip_on_launch = true
}
resource "aws_network_acl" "foos" {
vpc_id = "${aws_vpc.foo.id}"
ingress = {
protocol = "tcp"
rule_no = 1
action = "deny"
cidr_block = "10.2.2.3/18"
from_port = 0
to_port = 22
}
subnet_id = "${aws_subnet.blob.id}"
}
`
func TestAccAWSNetworkAclsOnlyIngressRulesChange(t *testing.T) { func TestAccAWSNetworkAclsOnlyIngressRulesChange(t *testing.T) {
var networkAcl ec2.NetworkAcl var networkAcl ec2.NetworkAcl
@ -153,19 +100,21 @@ func TestAccAWSNetworkAclsOnlyIngressRulesChange(t *testing.T) {
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.protocol", "tcp"), "aws_network_acl.foos", "ingress.0.protocol", "tcp"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.rule_no", "1"), "aws_network_acl.foos", "ingress.0.rule_no", "2"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.from_port", "0"), "aws_network_acl.foos", "ingress.0.from_port", "443"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.to_port", "22"), "aws_network_acl.foos", "ingress.0.to_port", "443"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.action", "deny"), "aws_network_acl.foos", "ingress.0.action", "deny"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.cidr_block", "10.2.2.3/18"), "aws_network_acl.foos", "ingress.0.cidr_block", "10.2.2.3/18"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.1.from_port", "443"), "aws_network_acl.foos", "ingress.1.rule_no", "1"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.1.rule_no", "2"), "aws_network_acl.foos", "ingress.1.from_port", "0"),
resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.1.to_port", "22"),
), ),
}, },
resource.TestStep{ resource.TestStep{
@ -176,11 +125,11 @@ func TestAccAWSNetworkAclsOnlyIngressRulesChange(t *testing.T) {
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.protocol", "tcp"), "aws_network_acl.foos", "ingress.0.protocol", "tcp"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.rule_no", "2"), "aws_network_acl.foos", "ingress.0.rule_no", "1"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.from_port", "0"), "aws_network_acl.foos", "ingress.0.from_port", "443"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.to_port", "22"), "aws_network_acl.foos", "ingress.0.to_port", "443"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
"aws_network_acl.foos", "ingress.0.action", "deny"), "aws_network_acl.foos", "ingress.0.action", "deny"),
resource.TestCheckResourceAttr( resource.TestCheckResourceAttr(
@ -210,8 +159,6 @@ func TestAccAWSNetworkAclsOnlyEgressRules(t *testing.T) {
}) })
} }
func TestAccNetworkAcl_SubnetChange(t *testing.T) { func TestAccNetworkAcl_SubnetChange(t *testing.T) {
resource.Test(t, resource.TestCase{ resource.Test(t, resource.TestCase{
@ -295,15 +242,17 @@ func testAccCheckAWSNetworkAclExists(n string, networkAcl *ec2.NetworkAcl) resou
} }
func testIngressRuleLength(networkAcl *ec2.NetworkAcl, length int) resource.TestCheckFunc { func testIngressRuleLength(networkAcl *ec2.NetworkAcl, length int) resource.TestCheckFunc {
return func(s *terraform.State) error{ return func(s *terraform.State) error {
var ingressEntries []ec2.NetworkAclEntry var ingressEntries []ec2.NetworkAclEntry
for _, e := range networkAcl.EntrySet { for _, e := range networkAcl.EntrySet {
if e.Egress == false { if e.Egress == false {
ingressEntries = append(ingressEntries, e) ingressEntries = append(ingressEntries, e)
} }
} }
if len(ingressEntries) != length { // There is always a default rule (ALL Traffic ... DENY)
return fmt.Errorf("Invalid number of ingress entries found; count = %s", len(ingressEntries)) // so we have to increase the lenght by 1
if len(ingressEntries) != length+1 {
return fmt.Errorf("Invalid number of ingress entries found; count = %d", len(ingressEntries))
} }
return nil return nil
} }
@ -354,7 +303,58 @@ func testAccCheckSubnetIsNotAssociatedWithAcl(acl string, subnet string) resourc
} }
} }
const testAccAWSNetworkAclIngressConfig = `
resource "aws_vpc" "foo" {
cidr_block = "10.1.0.0/16"
}
resource "aws_subnet" "blob" {
cidr_block = "10.1.1.0/24"
vpc_id = "${aws_vpc.foo.id}"
map_public_ip_on_launch = true
}
resource "aws_network_acl" "foos" {
vpc_id = "${aws_vpc.foo.id}"
ingress = {
protocol = "tcp"
rule_no = 1
action = "deny"
cidr_block = "10.2.2.3/18"
from_port = 0
to_port = 22
}
ingress = {
protocol = "tcp"
rule_no = 2
action = "deny"
cidr_block = "10.2.2.3/18"
from_port = 443
to_port = 443
}
subnet_id = "${aws_subnet.blob.id}"
}
`
const testAccAWSNetworkAclIngressConfigChange = `
resource "aws_vpc" "foo" {
cidr_block = "10.1.0.0/16"
}
resource "aws_subnet" "blob" {
cidr_block = "10.1.1.0/24"
vpc_id = "${aws_vpc.foo.id}"
map_public_ip_on_launch = true
}
resource "aws_network_acl" "foos" {
vpc_id = "${aws_vpc.foo.id}"
ingress = {
protocol = "tcp"
rule_no = 1
action = "deny"
cidr_block = "10.2.2.3/18"
from_port = 443
to_port = 443
}
subnet_id = "${aws_subnet.blob.id}"
}
`
const testAccAWSNetworkAclEgressConfig = ` const testAccAWSNetworkAclEgressConfig = `
resource "aws_vpc" "foo" { resource "aws_vpc" "foo" {