Skip to content

Commit

Permalink
pubsub: use boostrapped IAM for TestAccPubsubSubscription tests (#1…
Browse files Browse the repository at this point in the history 
…2095) (#8519)

[upstream:e5bbb6c363713d263ca9519b903db89408534228]

Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
@modular-magician
modular-magician authored Oct 25, 2024
1 parent fc27dc1 commit 16b777a
Show file tree
Hide file tree
Showing 4 changed files with 50 additions and 86 deletions.
3 changes: 3 additions & 0 deletions .changelog/12095.txt
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:none

```
46 changes: 10 additions & 36 deletions google-beta/services/pubsub/resource_pubsub_subscription_generated_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,8 @@ func TestAccPubsubSubscription_pubsubSubscriptionPushBqExample(t *testing.T) {
t.Parallel()

context := map[string]interface{}{
"random_suffix": acctest.RandString(t, 10),
"policy_changed": acctest.BootstrapPSARoles(t, "service-", "gcp-sa-pubsub", []string{"roles/bigquery.dataEditor", "roles/bigquery.metadataViewer"}),
"random_suffix": acctest.RandString(t, 10),
}

acctest.VcrTest(t, resource.TestCase{
Expand Down Expand Up @@ -273,31 +274,15 @@ resource "google_pubsub_subscription" "example" {
bigquery_config {
table = "${google_bigquery_table.test.project}.${google_bigquery_table.test.dataset_id}.${google_bigquery_table.test.table_id}"
}
depends_on = [google_project_iam_member.viewer, google_project_iam_member.editor]
}
data "google_project" "project" {
}
resource "google_project_iam_member" "viewer" {
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
resource "google_project_iam_member" "editor" {
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
data "google_project" "project" {}
resource "google_bigquery_dataset" "test" {
dataset_id = "tf_test_example_dataset%{random_suffix}"
}
resource "google_bigquery_table" "test" {
deletion_protection = false
table_id = "tf_test_example_table%{random_suffix}"
dataset_id = google_bigquery_dataset.test.dataset_id
Expand All @@ -311,6 +296,8 @@ resource "google_bigquery_table" "test" {
}
]
EOF
deletion_protection = false
}
`, context)
}
Expand All @@ -319,7 +306,8 @@ func TestAccPubsubSubscription_pubsubSubscriptionPushBqTableSchemaExample(t *tes
t.Parallel()

context := map[string]interface{}{
"random_suffix": acctest.RandString(t, 10),
"policy_changed": acctest.BootstrapPSARoles(t, "service-", "gcp-sa-pubsub", []string{"roles/bigquery.dataEditor", "roles/bigquery.metadataViewer"}),
"random_suffix": acctest.RandString(t, 10),
}

acctest.VcrTest(t, resource.TestCase{
Expand Down Expand Up @@ -354,31 +342,15 @@ resource "google_pubsub_subscription" "example" {
table = "${google_bigquery_table.test.project}.${google_bigquery_table.test.dataset_id}.${google_bigquery_table.test.table_id}"
use_table_schema = true
}
depends_on = [google_project_iam_member.viewer, google_project_iam_member.editor]
}
data "google_project" "project" {
}
resource "google_project_iam_member" "viewer" {
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
resource "google_project_iam_member" "editor" {
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
data "google_project" "project" {}
resource "google_bigquery_dataset" "test" {
dataset_id = "tf_test_example_dataset%{random_suffix}"
}
resource "google_bigquery_table" "test" {
deletion_protection = false
table_id = "tf_test_example_table%{random_suffix}"
dataset_id = google_bigquery_dataset.test.dataset_id
Expand All @@ -392,6 +364,8 @@ resource "google_bigquery_table" "test" {
}
]
EOF
deletion_protection = false
}
`, context)
}
Expand Down
47 changes: 31 additions & 16 deletions google-beta/services/pubsub/resource_pubsub_subscription_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -209,6 +209,9 @@ func TestAccPubsubSubscriptionBigQuery_update(t *testing.T) {
PreCheck: func() { acctest.AccTestPreCheck(t) },
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
CheckDestroy: testAccCheckPubsubSubscriptionDestroyProducer(t),
ExternalProviders: map[string]resource.ExternalProvider{
"time": {},
},
Steps: []resource.TestStep{
{
Config: testAccPubsubSubscriptionBigQuery_basic(dataset, table, topic, subscriptionShort, false, ""),
Expand Down Expand Up @@ -240,10 +243,17 @@ func TestAccPubsubSubscriptionBigQuery_serviceAccount(t *testing.T) {
topic := fmt.Sprintf("tf-test-topic-%s", acctest.RandString(t, 10))
subscriptionShort := fmt.Sprintf("tf-test-sub-%s", acctest.RandString(t, 10))

if acctest.BootstrapPSARoles(t, "service-", "gcp-sa-pubsub", []string{"roles/bigquery.dataEditor", "roles/bigquery.metadataViewer"}) {
t.Fatal("Stopping the test because roles were added to IAM policy.")
}

acctest.VcrTest(t, resource.TestCase{
PreCheck: func() { acctest.AccTestPreCheck(t) },
ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t),
CheckDestroy: testAccCheckPubsubSubscriptionDestroyProducer(t),
ExternalProviders: map[string]resource.ExternalProvider{
"time": {},
},
Steps: []resource.TestStep{
{
Config: testAccPubsubSubscriptionBigQuery_basic(dataset, table, topic, subscriptionShort, false, "bq-test-sa"),
Expand Down Expand Up @@ -683,40 +693,44 @@ resource "google_service_account" "bq_write_service_account" {
}
resource "google_project_iam_member" "viewer" {
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:${google_service_account.bq_write_service_account.email}"
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:${google_service_account.bq_write_service_account.email}"
}
resource "google_project_iam_member" "editor" {
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:${google_service_account.bq_write_service_account.email}"
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:${google_service_account.bq_write_service_account.email}"
}`, serviceAccountId)
serviceAccountEmailField = "service_account_email = google_service_account.bq_write_service_account.email"
} else {
serviceAccountResource = fmt.Sprintf(`
resource "google_project_iam_member" "viewer" {
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
resource "google_project_iam_member" "editor" {
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
`)
}

return fmt.Sprintf(`
data "google_project" "project" { }
data "google_project" "project" {}
resource "time_sleep" "wait_30_seconds" {
create_duration = "30s"
}
%s
resource "google_bigquery_dataset" "test" {
dataset_id = "%s"
dataset_id = "%s"
}
resource "google_bigquery_table" "test" {
Expand Down Expand Up @@ -747,12 +761,13 @@ resource "google_pubsub_subscription" "foo" {
bigquery_config {
table = "${google_bigquery_table.test.project}.${google_bigquery_table.test.dataset_id}.${google_bigquery_table.test.table_id}"
use_table_schema = %t
%s
%s
}
depends_on = [
google_project_iam_member.viewer,
google_project_iam_member.editor
google_project_iam_member.editor,
time_sleep.wait_30_seconds,
]
}
`, serviceAccountResource, dataset, table, topic, subscription, useTableSchema, serviceAccountEmailField)
Expand Down
40 changes: 6 additions & 34 deletions website/docs/r/pubsub_subscription.html.markdown
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,31 +178,15 @@ resource "google_pubsub_subscription" "example" {
bigquery_config {
table = "${google_bigquery_table.test.project}.${google_bigquery_table.test.dataset_id}.${google_bigquery_table.test.table_id}"
}
depends_on = [google_project_iam_member.viewer, google_project_iam_member.editor]
}
data "google_project" "project" {
}
resource "google_project_iam_member" "viewer" {
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
resource "google_project_iam_member" "editor" {
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
data "google_project" "project" {}
resource "google_bigquery_dataset" "test" {
dataset_id = "example_dataset"
}
resource "google_bigquery_table" "test" {
deletion_protection = false
table_id = "example_table"
dataset_id = google_bigquery_dataset.test.dataset_id
Expand All @@ -216,6 +200,8 @@ resource "google_bigquery_table" "test" {
}
]
EOF
deletion_protection = false
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
Expand All @@ -239,31 +225,15 @@ resource "google_pubsub_subscription" "example" {
table = "${google_bigquery_table.test.project}.${google_bigquery_table.test.dataset_id}.${google_bigquery_table.test.table_id}"
use_table_schema = true
}
depends_on = [google_project_iam_member.viewer, google_project_iam_member.editor]
}
data "google_project" "project" {
}
resource "google_project_iam_member" "viewer" {
project = data.google_project.project.project_id
role = "roles/bigquery.metadataViewer"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
resource "google_project_iam_member" "editor" {
project = data.google_project.project.project_id
role = "roles/bigquery.dataEditor"
member = "serviceAccount:service-${data.google_project.project.number}@gcp-sa-pubsub.iam.gserviceaccount.com"
}
data "google_project" "project" {}
resource "google_bigquery_dataset" "test" {
dataset_id = "example_dataset"
}
resource "google_bigquery_table" "test" {
deletion_protection = false
table_id = "example_table"
dataset_id = google_bigquery_dataset.test.dataset_id
Expand All @@ -277,6 +247,8 @@ resource "google_bigquery_table" "test" {
}
]
EOF
deletion_protection = false
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
Expand Down

0 comments on commit 16b777a

Please sign in to comment.