Skip to content

Commit ed6904a

Browse files
renato-rudnickirenato-rudnicki
committed
update integration tests
1 parent f471283 commit ed6904a

File tree

5 files changed

+52
-0
lines changed

5 files changed

+52
-0
lines changed

5-app-infra/business_unit_1/development/outputs.tf

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,3 +52,14 @@ output "region" {
5252
value = module.gce_instance.region
5353
}
5454

55+
output "workload_pool_provider_id" {
56+
description = "Workload pool provider used by confidential space."
57+
value = module.confidential_space.workload_pool_provider_id
58+
}
59+
60+
output "workload_identity_pool_id" {
61+
description = "Workload identity pool ID."
62+
value = module.confidential_space.workload_identity_pool_id
63+
64+
}
65+

5-app-infra/business_unit_1/nonproduction/outputs.tf

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,3 +52,14 @@ output "region" {
5252
value = module.gce_instance.region
5353
}
5454

55+
output "workload_pool_provider_id" {
56+
description = "Workload pool provider used by confidential space."
57+
value = module.confidential_space.workload_pool_provider_id
58+
}
59+
60+
output "workload_identity_pool_id" {
61+
description = "Workload identity pool ID."
62+
value = module.confidential_space.workload_identity_pool_id
63+
64+
}
65+

5-app-infra/business_unit_1/production/outputs.tf

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,3 +52,14 @@ output "region" {
5252
value = module.gce_instance.region
5353
}
5454

55+
output "workload_pool_provider_id" {
56+
description = "Workload pool provider used by confidential space."
57+
value = module.confidential_space.workload_pool_provider_id
58+
}
59+
60+
output "workload_identity_pool_id" {
61+
description = "Workload identity pool ID."
62+
value = module.confidential_space.workload_identity_pool_id
63+
64+
}
65+

5-app-infra/modules/confidential_space/outputs.tf

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,3 +39,14 @@ output "confidential_image_digest" {
3939
value = var.confidential_image_digest
4040
}
4141

42+
output "workload_pool_provider_id" {
43+
description = "Workload pool provider used by confidential space."
44+
value = google_iam_workload_identity_pool_provider.attestation_verifier.workload_identity_pool_provider_id
45+
}
46+
47+
output "workload_identity_pool_id" {
48+
description = "Workload identity pool ID."
49+
value = google_iam_workload_identity_pool.confidential_space_pool.workload_identity_pool_id
50+
51+
}
52+

test/integration/app-infra/app_infra_test.go

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -70,13 +70,16 @@ func TestAppInfra(t *testing.T) {
7070
appInfra.DefineVerify(
7171
func(assert *assert.Assertions) {
7272
projectID := appInfra.GetStringOutput("project_id")
73+
workloadPoolProvider := appInfra.GetStringOutput("workload_pool_provider_id")
74+
workloadIdentityPool := appInfra.GetStringOutput("workload_identity_pool_id")
7375
instanceName := terraform.OutputList(t, appInfra.GetTFOptions(), "instances_names")[0]
7476
instanceZone := terraform.OutputList(t, appInfra.GetTFOptions(), "instances_zones")[0]
7577
machineType := fmt.Sprintf("https://www.googleapis.com/compute/v1/projects/%s/zones/%s/machineTypes/f1-micro", projectID, instanceZone)
7678

7779
gcOps := gcloud.WithCommonArgs([]string{"--project", projectID, "--zone", instanceZone, "--format", "json"})
7880
instance := gcloud.Run(t, fmt.Sprintf("compute instances describe %s", instanceName), gcOps)
7981
assert.Equal(machineType, instance.Get("machineType").String(), "should have machine_type f1-micro")
82+
8083
computeInstanceList := gcloud.Run(t, fmt.Sprintf("compute instances list --format=json --project %s --filter name=confidential-instance", projectID))
8184
assert.Len(computeInstanceList.Array(), 1)
8285
computeInstance := computeInstanceList.Array()[0]
@@ -87,6 +90,11 @@ func TestAppInfra(t *testing.T) {
8790
serviceAccounts := computeInstance.Get("serviceAccounts").Array()
8891
assert.Len(serviceAccounts, 1)
8992
assert.Equal(fmt.Sprintf("confidential-space-workload-sa@%s.iam.gserviceaccount.com", projectID), serviceAccounts[0].Get("email").String())
93+
workloadIdentityPoolProviderID := gcloud.Runf(t, "iam workload-identity-pools providers describe %s --workload-identity-pool=confidential-space-pool --location=global --project %s", workloadPoolProvider, projectID)
94+
assert.Equal(workloadPoolProvider, workloadIdentityPoolProviderID.Get("displayName").String(), fmt.Sprintf("workload identity pool provider should have name equals to %s", workloadIdentityPoolProviderID))
95+
gcPoolOps := gcloud.WithCommonArgs([]string{"--project", projectID, "--format", "value(name.basename())"})
96+
workloadIdentityPoolName := gcloud.Runf(t, fmt.Sprintf("iam workload-identity-pools describe confidential-space-pool --location=global"), gcPoolOps)
97+
assert.Equal(workloadIdentityPool, workloadIdentityPoolName.Get("name").String(), fmt.Sprintf("workload identity pool should have name equals to %s", workloadIdentityPoolName))
9098
})
9199

92100
appInfra.Test()

0 commit comments

Comments
 (0)