Skip to content

Commit b380cc1

Browse files
ewbankkitewbankkit
authored
Merge pull request #45176 from hashicorp/td-fix-acctest.CheckACMPCACertificateAuthorityActivateRootCA
Fix `acctest.CheckACMPCACertificateAuthorityActivateRootCA`
2 parents 9d263cd + 2ecbef0 commit b380cc1

File tree

1 file changed

+23
-19
lines changed

1 file changed

+23
-19
lines changed

internal/acctest/acctest.go

Lines changed: 23 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -1916,19 +1916,19 @@ func CheckACMPCACertificateAuthorityActivateRootCA(ctx context.Context, certific
19161916
return fmt.Errorf("attempting to activate ACM PCA %s Certificate Authority", v)
19171917
}
19181918

1919-
arn := aws.ToString(certificateAuthority.Arn)
1919+
caARN := aws.ToString(certificateAuthority.Arn)
19201920

19211921
getCSRInput := acmpca.GetCertificateAuthorityCsrInput{
1922-
CertificateAuthorityArn: aws.String(arn),
1922+
CertificateAuthorityArn: aws.String(caARN),
19231923
}
19241924
getCsrOutput, err := conn.GetCertificateAuthorityCsr(ctx, &getCSRInput)
19251925

19261926
if err != nil {
1927-
return fmt.Errorf("getting ACM PCA Certificate Authority (%s) CSR: %w", arn, err)
1927+
return fmt.Errorf("getting ACM PCA Certificate Authority (%s) CSR: %w", caARN, err)
19281928
}
19291929

19301930
issueCertInput := acmpca.IssueCertificateInput{
1931-
CertificateAuthorityArn: aws.String(arn),
1931+
CertificateAuthorityArn: aws.String(caARN),
19321932
Csr: []byte(aws.ToString(getCsrOutput.Csr)),
19331933
IdempotencyToken: aws.String(id.UniqueId()),
19341934
SigningAlgorithm: certificateAuthority.CertificateAuthorityConfiguration.SigningAlgorithm,
@@ -1940,26 +1940,28 @@ func CheckACMPCACertificateAuthorityActivateRootCA(ctx context.Context, certific
19401940
}
19411941
issueCertOutput, err := conn.IssueCertificate(ctx, &issueCertInput)
19421942
if err != nil {
1943-
return fmt.Errorf("issuing ACM PCA Certificate Authority (%s) Root CA certificate from CSR: %w", arn, err)
1943+
return fmt.Errorf("issuing ACM PCA Certificate Authority (%s) Root CA certificate from CSR: %w", caARN, err)
19441944
}
19451945

1946+
caCertARN := aws.ToString(issueCertOutput.CertificateArn)
1947+
19461948
// Wait for certificate status to become ISSUED.
19471949
getCertOutput, err := tfresource.RetryWhenIsA[*acmpca.GetCertificateOutput, *acmpcatypes.RequestInProgressException](ctx, CertificateIssueTimeout, func(ctx context.Context) (*acmpca.GetCertificateOutput, error) {
1948-
return tfacmpca.FindCertificateByTwoPartKey(ctx, conn, arn, aws.ToString(issueCertOutput.CertificateArn))
1950+
return tfacmpca.FindCertificateByTwoPartKey(ctx, conn, caCertARN, caARN)
19491951
})
19501952

19511953
if err != nil {
1952-
return fmt.Errorf("waiting for ACM PCA Certificate Authority (%s) Root CA certificate to become ISSUED: %w", arn, err)
1954+
return fmt.Errorf("waiting for ACM PCA Certificate Authority (%s) Root CA certificate (%s) to become ISSUED: %w", caARN, caCertARN, err)
19531955
}
19541956

19551957
importCACertificateInput := acmpca.ImportCertificateAuthorityCertificateInput{
1956-
CertificateAuthorityArn: aws.String(arn),
1958+
CertificateAuthorityArn: aws.String(caARN),
19571959
Certificate: []byte(aws.ToString(getCertOutput.Certificate)),
19581960
}
19591961
_, err = conn.ImportCertificateAuthorityCertificate(ctx, &importCACertificateInput)
19601962

19611963
if err != nil {
1962-
return fmt.Errorf("importing ACM PCA Certificate Authority (%s) Root CA certificate: %w", arn, err)
1964+
return fmt.Errorf("importing ACM PCA Certificate Authority (%s) Root CA certificate: %w", caARN, err)
19631965
}
19641966

19651967
return err
@@ -1974,21 +1976,21 @@ func CheckACMPCACertificateAuthorityActivateSubordinateCA(ctx context.Context, r
19741976
return fmt.Errorf("attempting to activate ACM PCA %s Certificate Authority", v)
19751977
}
19761978

1977-
arn := aws.ToString(certificateAuthority.Arn)
1979+
caARN := aws.ToString(certificateAuthority.Arn)
19781980

19791981
getCSRInput := acmpca.GetCertificateAuthorityCsrInput{
1980-
CertificateAuthorityArn: aws.String(arn),
1982+
CertificateAuthorityArn: aws.String(caARN),
19811983
}
19821984
getCsrOutput, err := conn.GetCertificateAuthorityCsr(ctx, &getCSRInput)
19831985

19841986
if err != nil {
1985-
return fmt.Errorf("getting ACM PCA Certificate Authority (%s) CSR: %w", arn, err)
1987+
return fmt.Errorf("getting ACM PCA Certificate Authority (%s) CSR: %w", caARN, err)
19861988
}
19871989

1988-
rootCertificateAuthorityArn := aws.ToString(rootCertificateAuthority.Arn)
1990+
rootCAARN := aws.ToString(rootCertificateAuthority.Arn)
19891991

19901992
issueCertInput := acmpca.IssueCertificateInput{
1991-
CertificateAuthorityArn: aws.String(rootCertificateAuthorityArn),
1993+
CertificateAuthorityArn: aws.String(rootCAARN),
19921994
Csr: []byte(aws.ToString(getCsrOutput.Csr)),
19931995
IdempotencyToken: aws.String(id.UniqueId()),
19941996
SigningAlgorithm: certificateAuthority.CertificateAuthorityConfiguration.SigningAlgorithm,
@@ -2000,27 +2002,29 @@ func CheckACMPCACertificateAuthorityActivateSubordinateCA(ctx context.Context, r
20002002
}
20012003
issueCertOutput, err := conn.IssueCertificate(ctx, &issueCertInput)
20022004
if err != nil {
2003-
return fmt.Errorf("issuing ACM PCA Certificate Authority (%s) Subordinate CA certificate from CSR: %w", arn, err)
2005+
return fmt.Errorf("issuing ACM PCA Certificate Authority (%s) Subordinate CA certificate from CSR: %w", caARN, err)
20042006
}
20052007

2008+
caCertARN := aws.ToString(issueCertOutput.CertificateArn)
2009+
20062010
// Wait for certificate status to become ISSUED.
20072011
getCertOutput, err := tfresource.RetryWhenIsA[*acmpca.GetCertificateOutput, *acmpcatypes.RequestInProgressException](ctx, CertificateIssueTimeout, func(ctx context.Context) (*acmpca.GetCertificateOutput, error) {
2008-
return tfacmpca.FindCertificateByTwoPartKey(ctx, conn, rootCertificateAuthorityArn, aws.ToString(issueCertOutput.CertificateArn))
2012+
return tfacmpca.FindCertificateByTwoPartKey(ctx, conn, caCertARN, rootCAARN)
20092013
})
20102014

20112015
if err != nil {
2012-
return fmt.Errorf("waiting for ACM PCA Certificate Authority (%s) Subordinate CA certificate (%s) to become ISSUED: %w", arn, aws.ToString(issueCertOutput.CertificateArn), err)
2016+
return fmt.Errorf("waiting for ACM PCA Certificate Authority (%s) Subordinate CA certificate (%s) to become ISSUED: %w", caARN, caCertARN, err)
20132017
}
20142018

20152019
importCACertificateInput := acmpca.ImportCertificateAuthorityCertificateInput{
2016-
CertificateAuthorityArn: aws.String(arn),
2020+
CertificateAuthorityArn: aws.String(caARN),
20172021
Certificate: []byte(aws.ToString(getCertOutput.Certificate)),
20182022
CertificateChain: []byte(aws.ToString(getCertOutput.CertificateChain)),
20192023
}
20202024
_, err = conn.ImportCertificateAuthorityCertificate(ctx, &importCACertificateInput)
20212025

20222026
if err != nil {
2023-
return fmt.Errorf("importing ACM PCA Certificate Authority (%s) Subordinate CA certificate: %w", arn, err)
2027+
return fmt.Errorf("importing ACM PCA Certificate Authority (%s) Subordinate CA certificate: %w", caARN, err)
20242028
}
20252029

20262030
return err

0 commit comments

Comments
 (0)