add acceptance tests for databricks_grants (#3034)

nkvuong · web-flow · commit 306d9b6beacc · 2023-12-18T13:52:37.000Z
* add acceptance tests for `databricks_grants`

* fix privilege name
diff --git a/internal/acceptance/grants_test.go b/internal/acceptance/grants_test.go
@@ -0,0 +1,112 @@
+package acceptance
+
+import (
+	"strings"
+	"testing"
+)
+
+var grantsTemplate = `
+resource "databricks_catalog" "sandbox" {
+	name         = "sandbox{var.STICKY_RANDOM}"
+	comment      = "this catalog is managed by terraform"
+	properties = {
+		purpose = "testing"
+	}
+}
+
+resource "databricks_schema" "things" {
+	catalog_name = databricks_catalog.sandbox.id
+	name         = "things{var.STICKY_RANDOM}"
+	comment      = "this database is managed by terraform"
+	properties = {
+		kind = "various"
+	}
+}
+
+resource "databricks_table" "mytable" {
+	catalog_name = databricks_catalog.sandbox.id
+	schema_name = databricks_schema.things.name
+	name = "bar"
+	table_type = "MANAGED"
+	data_source_format = "DELTA"
+	
+	column {
+		name      = "id"
+		position  = 0
+		type_name = "INT"
+		type_text = "int"
+		type_json = "{\"name\":\"id\",\"type\":\"integer\",\"nullable\":true,\"metadata\":{}}"
+	}
+}
+
+resource "databricks_storage_credential" "external" {
+	name = "cred-{var.STICKY_RANDOM}"
+	aws_iam_role {
+		role_arn = "{env.TEST_METASTORE_DATA_ACCESS_ARN}"
+	}
+	comment = "Managed by TF"
+}
+
+resource "databricks_external_location" "some" {
+	name            = "external-{var.STICKY_RANDOM}"
+	url             = "s3://{env.TEST_BUCKET}/some{var.STICKY_RANDOM}"
+	credential_name = databricks_storage_credential.external.id
+	comment         = "Managed by TF"
+}
+		
+resource "databricks_grants" "metastore" {
+	metastore = "{env.TEST_METASTORE_ID}"
+	grant {
+		principal  = "%s"
+		privileges = ["CREATE_STORAGE_CREDENTIAL"]
+	}
+}
+
+resource "databricks_grants" "catalog" {
+	catalog = databricks_catalog.sandbox.id
+	grant {
+		principal  = "%s"
+		privileges = ["ALL_PRIVILEGES"]
+	}
+}
+
+resource "databricks_grants" "schema" {
+	schema = databricks_schema.things.id
+	grant {
+		principal  = "%s"
+		privileges = ["ALL_PRIVILEGES"]
+	}
+}
+
+resource "databricks_grants" "table" {
+	table = databricks_table.mytable.id
+	grant {
+		principal  = "%s"
+		privileges = ["ALL_PRIVILEGES"]
+	}
+}
+
+resource "databricks_grants" "cred" {
+	storage_credential = databricks_storage_credential.external.id
+	grant {
+		principal  = "%s"
+		privileges = ["ALL_PRIVILEGES"]
+	}
+}
+
+resource "databricks_grants" "some" {
+	external_location = databricks_external_location.some.id
+	grant {
+		principal  = "%s"
+		privileges = ["ALL_PRIVILEGES"]
+	}
+}`
+
+func TestUcAccGrants(t *testing.T) {
+	unityWorkspaceLevel(t, step{
+		Template: strings.ReplaceAll(grantsTemplate, "%s", "{env.TEST_DATA_ENG_GROUP}"),
+	},
+		step{
+			Template: strings.ReplaceAll(grantsTemplate, "%s", "{env.TEST_DATA_SCI_GROUP}"),
+		})
+}
