Skip to content

Commit 0bc0c93

Browse files
oarbusioarbusi
authored
test: unit test encryption_at_rest resource (#1750)
* move model methods to new file * model file * remove unnecessary function parameters and refactor * model tests * use assert * test: add unit test to database_user resource (#1738) * move model methods to model file * public struct * initial tests * add rest of model tests * move model methods and add tests * move last model methods * typo * use asser * test HandleGcpKmsConfig * test HandleAwsKmsConfigDefaults * test HandleAzureKeyVaultConfigDefaults * create service_encryption_at_rest.go * use service instead of connV2 directly * Test ResourceMongoDBAtlasEncryptionAtRestCreateRefreshFunc * test * change conditions in if to check length * remove custom messages from asserts * remove unnecessary null check * set when creating object * check for null before setting values
1 parent 7f6c97f commit 0bc0c93

File tree

5 files changed

+720
-148
lines changed

5 files changed

+720
-148
lines changed

internal/service/encryptionatrest/model_encryption_at_rest.go

Lines changed: 120 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,120 @@
1+
package encryptionatrest
2+
3+
import (
4+
"context"
5+
6+
"github.com/hashicorp/terraform-plugin-framework/types"
7+
"github.com/mongodb/terraform-provider-mongodbatlas/internal/common/conversion"
8+
"go.mongodb.org/atlas-sdk/v20231115002/admin"
9+
)
10+
11+
func NewTfEncryptionAtRestRSModel(ctx context.Context, projectID string, encryptionResp *admin.EncryptionAtRest) *TfEncryptionAtRestRSModel {
12+
return &TfEncryptionAtRestRSModel{
13+
ID: types.StringValue(projectID),
14+
ProjectID: types.StringValue(projectID),
15+
AwsKmsConfig: NewTFAwsKmsConfig(ctx, encryptionResp.AwsKms),
16+
AzureKeyVaultConfig: NewTFAzureKeyVaultConfig(ctx, encryptionResp.AzureKeyVault),
17+
GoogleCloudKmsConfig: NewTFGcpKmsConfig(ctx, encryptionResp.GoogleCloudKms),
18+
}
19+
}
20+
21+
func NewTFAwsKmsConfig(ctx context.Context, awsKms *admin.AWSKMSConfiguration) []TfAwsKmsConfigModel {
22+
if awsKms == nil {
23+
return []TfAwsKmsConfigModel{}
24+
}
25+
26+
return []TfAwsKmsConfigModel{
27+
{
28+
Enabled: types.BoolPointerValue(awsKms.Enabled),
29+
CustomerMasterKeyID: types.StringValue(awsKms.GetCustomerMasterKeyID()),
30+
Region: types.StringValue(awsKms.GetRegion()),
31+
AccessKeyID: conversion.StringNullIfEmpty(awsKms.GetAccessKeyID()),
32+
SecretAccessKey: conversion.StringNullIfEmpty(awsKms.GetSecretAccessKey()),
33+
RoleID: conversion.StringNullIfEmpty(awsKms.GetRoleId()),
34+
},
35+
}
36+
}
37+
38+
func NewTFAzureKeyVaultConfig(ctx context.Context, az *admin.AzureKeyVault) []TfAzureKeyVaultConfigModel {
39+
if az == nil {
40+
return []TfAzureKeyVaultConfigModel{}
41+
}
42+
43+
return []TfAzureKeyVaultConfigModel{
44+
{
45+
Enabled: types.BoolPointerValue(az.Enabled),
46+
ClientID: types.StringValue(az.GetClientID()),
47+
AzureEnvironment: types.StringValue(az.GetAzureEnvironment()),
48+
SubscriptionID: types.StringValue(az.GetSubscriptionID()),
49+
ResourceGroupName: types.StringValue(az.GetResourceGroupName()),
50+
KeyVaultName: types.StringValue(az.GetKeyVaultName()),
51+
KeyIdentifier: types.StringValue(az.GetKeyIdentifier()),
52+
TenantID: types.StringValue(az.GetTenantID()),
53+
Secret: conversion.StringNullIfEmpty(az.GetSecret()),
54+
},
55+
}
56+
}
57+
58+
func NewTFGcpKmsConfig(ctx context.Context, gcpKms *admin.GoogleCloudKMS) []TfGcpKmsConfigModel {
59+
if gcpKms == nil {
60+
return []TfGcpKmsConfigModel{}
61+
}
62+
63+
return []TfGcpKmsConfigModel{
64+
{
65+
Enabled: types.BoolPointerValue(gcpKms.Enabled),
66+
KeyVersionResourceID: types.StringValue(gcpKms.GetKeyVersionResourceID()),
67+
ServiceAccountKey: conversion.StringNullIfEmpty(gcpKms.GetServiceAccountKey()),
68+
},
69+
}
70+
}
71+
72+
func NewAtlasAwsKms(tfAwsKmsConfigSlice []TfAwsKmsConfigModel) *admin.AWSKMSConfiguration {
73+
if len(tfAwsKmsConfigSlice) == 0 {
74+
return &admin.AWSKMSConfiguration{}
75+
}
76+
v := tfAwsKmsConfigSlice[0]
77+
78+
awsRegion, _ := conversion.ValRegion(v.Region.ValueString())
79+
80+
return &admin.AWSKMSConfiguration{
81+
Enabled: v.Enabled.ValueBoolPointer(),
82+
AccessKeyID: v.AccessKeyID.ValueStringPointer(),
83+
SecretAccessKey: v.SecretAccessKey.ValueStringPointer(),
84+
CustomerMasterKeyID: v.CustomerMasterKeyID.ValueStringPointer(),
85+
Region: conversion.StringPtr(awsRegion),
86+
RoleId: v.RoleID.ValueStringPointer(),
87+
}
88+
}
89+
90+
func NewAtlasGcpKms(tfGcpKmsConfigSlice []TfGcpKmsConfigModel) *admin.GoogleCloudKMS {
91+
if len(tfGcpKmsConfigSlice) == 0 {
92+
return &admin.GoogleCloudKMS{}
93+
}
94+
v := tfGcpKmsConfigSlice[0]
95+
96+
return &admin.GoogleCloudKMS{
97+
Enabled: v.Enabled.ValueBoolPointer(),
98+
ServiceAccountKey: v.ServiceAccountKey.ValueStringPointer(),
99+
KeyVersionResourceID: v.KeyVersionResourceID.ValueStringPointer(),
100+
}
101+
}
102+
103+
func NewAtlasAzureKeyVault(tfAzKeyVaultConfigSlice []TfAzureKeyVaultConfigModel) *admin.AzureKeyVault {
104+
if len(tfAzKeyVaultConfigSlice) == 0 {
105+
return &admin.AzureKeyVault{}
106+
}
107+
v := tfAzKeyVaultConfigSlice[0]
108+
109+
return &admin.AzureKeyVault{
110+
Enabled: v.Enabled.ValueBoolPointer(),
111+
ClientID: v.ClientID.ValueStringPointer(),
112+
AzureEnvironment: v.AzureEnvironment.ValueStringPointer(),
113+
SubscriptionID: v.SubscriptionID.ValueStringPointer(),
114+
ResourceGroupName: v.ResourceGroupName.ValueStringPointer(),
115+
KeyVaultName: v.KeyVaultName.ValueStringPointer(),
116+
KeyIdentifier: v.KeyIdentifier.ValueStringPointer(),
117+
Secret: v.Secret.ValueStringPointer(),
118+
TenantID: v.TenantID.ValueStringPointer(),
119+
}
120+
}

internal/service/encryptionatrest/model_encryption_at_rest_test.go

Lines changed: 273 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,273 @@
1+
package encryptionatrest_test
2+
3+
import (
4+
"context"
5+
"testing"
6+
7+
"github.com/hashicorp/terraform-plugin-framework/types"
8+
"github.com/mongodb/terraform-provider-mongodbatlas/internal/service/encryptionatrest"
9+
"github.com/stretchr/testify/assert"
10+
"go.mongodb.org/atlas-sdk/v20231115002/admin"
11+
)
12+
13+
var (
14+
projectID = "projectID"
15+
enabled = true
16+
customerMasterKeyID = "CustomerMasterKeyID"
17+
region = "Region"
18+
accessKeyID = "AccessKeyID"
19+
secretAccessKey = "SecretAccessKey"
20+
roleID = "RoleID"
21+
clientID = "clientID"
22+
azureEnvironment = "AzureEnvironment"
23+
subscriptionID = "SubscriptionID"
24+
resourceGroupName = "ResourceGroupName"
25+
keyVaultName = "KeyVaultName"
26+
keyIdentifier = "KeyIdentifier"
27+
tenantID = "TenantID"
28+
secret = "Secret"
29+
keyVersionResourceID = "KeyVersionResourceID"
30+
serviceAccountKey = "ServiceAccountKey"
31+
AWSKMSConfiguration = &admin.AWSKMSConfiguration{
32+
Enabled: &enabled,
33+
CustomerMasterKeyID: &customerMasterKeyID,
34+
Region: &region,
35+
AccessKeyID: &accessKeyID,
36+
SecretAccessKey: &secretAccessKey,
37+
RoleId: &roleID,
38+
}
39+
TfAwsKmsConfigModel = encryptionatrest.TfAwsKmsConfigModel{
40+
Enabled: types.BoolValue(enabled),
41+
CustomerMasterKeyID: types.StringValue(customerMasterKeyID),
42+
Region: types.StringValue(region),
43+
AccessKeyID: types.StringValue(accessKeyID),
44+
SecretAccessKey: types.StringValue(secretAccessKey),
45+
RoleID: types.StringValue(roleID),
46+
}
47+
AzureKeyVault = &admin.AzureKeyVault{
48+
Enabled: &enabled,
49+
ClientID: &clientID,
50+
AzureEnvironment: &azureEnvironment,
51+
SubscriptionID: &subscriptionID,
52+
ResourceGroupName: &resourceGroupName,
53+
KeyVaultName: &keyVaultName,
54+
KeyIdentifier: &keyIdentifier,
55+
TenantID: &tenantID,
56+
Secret: &secret,
57+
}
58+
TfAzureKeyVaultConfigModel = encryptionatrest.TfAzureKeyVaultConfigModel{
59+
Enabled: types.BoolValue(enabled),
60+
ClientID: types.StringValue(clientID),
61+
AzureEnvironment: types.StringValue(azureEnvironment),
62+
SubscriptionID: types.StringValue(subscriptionID),
63+
ResourceGroupName: types.StringValue(resourceGroupName),
64+
KeyVaultName: types.StringValue(keyVaultName),
65+
KeyIdentifier: types.StringValue(keyIdentifier),
66+
TenantID: types.StringValue(tenantID),
67+
Secret: types.StringValue(secret),
68+
}
69+
GoogleCloudKMS = &admin.GoogleCloudKMS{
70+
Enabled: &enabled,
71+
KeyVersionResourceID: &keyVersionResourceID,
72+
ServiceAccountKey: &serviceAccountKey,
73+
}
74+
TfGcpKmsConfigModel = encryptionatrest.TfGcpKmsConfigModel{
75+
Enabled: types.BoolValue(enabled),
76+
KeyVersionResourceID: types.StringValue(keyVersionResourceID),
77+
ServiceAccountKey: types.StringValue(serviceAccountKey),
78+
}
79+
EncryptionAtRest = &admin.EncryptionAtRest{
80+
AwsKms: AWSKMSConfiguration,
81+
AzureKeyVault: AzureKeyVault,
82+
GoogleCloudKms: GoogleCloudKMS,
83+
}
84+
)
85+
86+
func TestNewTfEncryptionAtRestRSModel(t *testing.T) {
87+
testCases := []struct {
88+
expectedResult *encryptionatrest.TfEncryptionAtRestRSModel
89+
sdkModel *admin.EncryptionAtRest
90+
name string
91+
}{
92+
{
93+
name: "Success NewTFAwsKmsConfig",
94+
sdkModel: EncryptionAtRest,
95+
expectedResult: &encryptionatrest.TfEncryptionAtRestRSModel{
96+
ID: types.StringValue(projectID),
97+
ProjectID: types.StringValue(projectID),
98+
AwsKmsConfig: []encryptionatrest.TfAwsKmsConfigModel{TfAwsKmsConfigModel},
99+
AzureKeyVaultConfig: []encryptionatrest.TfAzureKeyVaultConfigModel{TfAzureKeyVaultConfigModel},
100+
GoogleCloudKmsConfig: []encryptionatrest.TfGcpKmsConfigModel{TfGcpKmsConfigModel},
101+
},
102+
},
103+
}
104+
105+
for _, tc := range testCases {
106+
t.Run(tc.name, func(t *testing.T) {
107+
resultModel := encryptionatrest.NewTfEncryptionAtRestRSModel(context.Background(), projectID, tc.sdkModel)
108+
assert.Equal(t, tc.expectedResult, resultModel)
109+
})
110+
}
111+
}
112+
113+
func TestNewTFAwsKmsConfig(t *testing.T) {
114+
testCases := []struct {
115+
name string
116+
sdkModel *admin.AWSKMSConfiguration
117+
expectedResult []encryptionatrest.TfAwsKmsConfigModel
118+
}{
119+
{
120+
name: "Success NewTFAwsKmsConfig",
121+
sdkModel: AWSKMSConfiguration,
122+
expectedResult: []encryptionatrest.TfAwsKmsConfigModel{
123+
TfAwsKmsConfigModel,
124+
},
125+
},
126+
{
127+
name: "Empty sdkModel",
128+
sdkModel: nil,
129+
expectedResult: []encryptionatrest.TfAwsKmsConfigModel{},
130+
},
131+
}
132+
133+
for _, tc := range testCases {
134+
t.Run(tc.name, func(t *testing.T) {
135+
resultModel := encryptionatrest.NewTFAwsKmsConfig(context.Background(), tc.sdkModel)
136+
assert.Equal(t, tc.expectedResult, resultModel)
137+
})
138+
}
139+
}
140+
141+
func TestNewTFAzureKeyVaultConfig(t *testing.T) {
142+
testCases := []struct {
143+
name string
144+
sdkModel *admin.AzureKeyVault
145+
expectedResult []encryptionatrest.TfAzureKeyVaultConfigModel
146+
}{
147+
{
148+
name: "Success NewTFAwsKmsConfig",
149+
sdkModel: AzureKeyVault,
150+
expectedResult: []encryptionatrest.TfAzureKeyVaultConfigModel{
151+
TfAzureKeyVaultConfigModel,
152+
},
153+
},
154+
{
155+
name: "Empty sdkModel",
156+
sdkModel: nil,
157+
expectedResult: []encryptionatrest.TfAzureKeyVaultConfigModel{},
158+
},
159+
}
160+
161+
for _, tc := range testCases {
162+
t.Run(tc.name, func(t *testing.T) {
163+
resultModel := encryptionatrest.NewTFAzureKeyVaultConfig(context.Background(), tc.sdkModel)
164+
assert.Equal(t, tc.expectedResult, resultModel)
165+
})
166+
}
167+
}
168+
169+
func TestNewTFGcpKmsConfig(t *testing.T) {
170+
testCases := []struct {
171+
name string
172+
sdkModel *admin.GoogleCloudKMS
173+
expectedResult []encryptionatrest.TfGcpKmsConfigModel
174+
}{
175+
{
176+
name: "Success NewTFGcpKmsConfig",
177+
sdkModel: GoogleCloudKMS,
178+
expectedResult: []encryptionatrest.TfGcpKmsConfigModel{
179+
TfGcpKmsConfigModel,
180+
},
181+
},
182+
{
183+
name: "Empty sdkModel",
184+
sdkModel: nil,
185+
expectedResult: []encryptionatrest.TfGcpKmsConfigModel{},
186+
},
187+
}
188+
189+
for _, tc := range testCases {
190+
t.Run(tc.name, func(t *testing.T) {
191+
resultModel := encryptionatrest.NewTFGcpKmsConfig(context.Background(), tc.sdkModel)
192+
assert.Equal(t, tc.expectedResult, resultModel)
193+
})
194+
}
195+
}
196+
197+
func TestNewAtlasAwsKms(t *testing.T) {
198+
testCases := []struct {
199+
name string
200+
expectedResult *admin.AWSKMSConfiguration
201+
tfModel []encryptionatrest.TfAwsKmsConfigModel
202+
}{
203+
{
204+
name: "Success NewAtlasAwsKms",
205+
tfModel: []encryptionatrest.TfAwsKmsConfigModel{TfAwsKmsConfigModel},
206+
expectedResult: AWSKMSConfiguration,
207+
},
208+
{
209+
name: "Empty tfModel",
210+
tfModel: nil,
211+
expectedResult: &admin.AWSKMSConfiguration{},
212+
},
213+
}
214+
215+
for _, tc := range testCases {
216+
t.Run(tc.name, func(t *testing.T) {
217+
resultModel := encryptionatrest.NewAtlasAwsKms(tc.tfModel)
218+
assert.Equal(t, tc.expectedResult, resultModel)
219+
})
220+
}
221+
}
222+
223+
func TestNewAtlasGcpKms(t *testing.T) {
224+
testCases := []struct {
225+
name string
226+
expectedResult *admin.GoogleCloudKMS
227+
tfModel []encryptionatrest.TfGcpKmsConfigModel
228+
}{
229+
{
230+
name: "Success NewAtlasAwsKms",
231+
tfModel: []encryptionatrest.TfGcpKmsConfigModel{TfGcpKmsConfigModel},
232+
expectedResult: GoogleCloudKMS,
233+
},
234+
{
235+
name: "Empty tfModel",
236+
tfModel: nil,
237+
expectedResult: &admin.GoogleCloudKMS{},
238+
},
239+
}
240+
241+
for _, tc := range testCases {
242+
t.Run(tc.name, func(t *testing.T) {
243+
resultModel := encryptionatrest.NewAtlasGcpKms(tc.tfModel)
244+
assert.Equal(t, tc.expectedResult, resultModel)
245+
})
246+
}
247+
}
248+
249+
func TestNewAtlasAzureKeyVault(t *testing.T) {
250+
testCases := []struct {
251+
name string
252+
expectedResult *admin.AzureKeyVault
253+
tfModel []encryptionatrest.TfAzureKeyVaultConfigModel
254+
}{
255+
{
256+
name: "Success NewAtlasAwsKms",
257+
tfModel: []encryptionatrest.TfAzureKeyVaultConfigModel{TfAzureKeyVaultConfigModel},
258+
expectedResult: AzureKeyVault,
259+
},
260+
{
261+
name: "Empty tfModel",
262+
tfModel: nil,
263+
expectedResult: &admin.AzureKeyVault{},
264+
},
265+
}
266+
267+
for _, tc := range testCases {
268+
t.Run(tc.name, func(t *testing.T) {
269+
resultModel := encryptionatrest.NewAtlasAzureKeyVault(tc.tfModel)
270+
assert.Equal(t, tc.expectedResult, resultModel)
271+
})
272+
}
273+
}

0 commit comments

Comments
 (0)