Add all tests, tflint and lint checks

hashicorp · Dec 7, 2021 · 020f8a6 · 020f8a6
1 parent 08b1699
commit 020f8a6
Show file tree

Hide file tree

Showing 3 changed files with 407 additions and 13 deletions.
diff --git a/internal/services/policy/assignment_resource_group_resource_test.go b/internal/services/policy/assignment_resource_group_resource_test.go
@@ -306,9 +306,9 @@ resource "azurerm_resource_group_policy_assignment" "test" {
   resource_group_id    = azurerm_resource_group.test.id
   policy_definition_id = data.azurerm_policy_definition.test.id
 
-	non_compliance_message {
-		message = "test"
-	}
+  non_compliance_message {
+    message = "test"
+  }
 
   parameters = jsonencode({
     "listOfAllowedLocations" = {
@@ -420,9 +420,9 @@ resource "azurerm_resource_group_policy_assignment" "test" {
   policy_definition_id = data.azurerm_policy_set_definition.test.id
   location             = azurerm_resource_group.test.location
 
-	non_compliance_message {
-		message = "test"
-	}
+  non_compliance_message {
+    message = "test"
+  }
 
   identity {
     type = "SystemAssigned"
@@ -450,14 +450,14 @@ resource "azurerm_resource_group_policy_assignment" "test" {
   policy_definition_id = data.azurerm_policy_set_definition.test.id
   location             = azurerm_resource_group.test.location
 
-	non_compliance_message {
-		message = "test"
-	}
+  non_compliance_message {
+    message = "test"
+  }
 
-	non_compliance_message {
-		message                        = "test2"
-		policy_definition_reference_id = "AINE_MinimumPasswordLength"
-	}
+  non_compliance_message {
+    message                        = "test2"
+    policy_definition_reference_id = "AINE_MinimumPasswordLength"
+  }
 
   identity {
     type = "SystemAssigned"

diff --git a/internal/services/policy/assignment_resource_test.go b/internal/services/policy/assignment_resource_test.go
@@ -44,6 +44,40 @@ func TestAccResourcePolicyAssignment_basicWithBuiltInPolicy(t *testing.T) {
 	})
 }
 
+func TestAccResourcePolicyAssignment_basicWithBuiltInPolicyNonComplianceMessage(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_resource_policy_assignment", "test")
+	r := ResourceAssignmentTestResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.withBuiltInPolicyNonComplianceMessage(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("non_compliance_message.#").HasValue("1"),
+				check.That(data.ResourceName).Key("non_compliance_message.0.message").HasValue("test"),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.withBuiltInPolicyNonComplianceMessageUpdated(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("non_compliance_message").DoesNotExist(),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.withBuiltInPolicyNonComplianceMessage(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("non_compliance_message.#").HasValue("1"),
+				check.That(data.ResourceName).Key("non_compliance_message.0.message").HasValue("test"),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func TestAccResourcePolicyAssignment_basicWithBuiltInPolicySet(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_resource_policy_assignment", "test")
 	r := ResourceAssignmentTestResource{}
@@ -73,6 +107,43 @@ func TestAccResourcePolicyAssignment_basicWithBuiltInPolicySet(t *testing.T) {
 	})
 }
 
+func TestAccResourcePolicyAssignment_basicWithBuiltInPolicySetNonComplianceMessage(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_resource_policy_assignment", "test")
+	r := ResourceAssignmentTestResource{}
+
+	data.ResourceTest(t, r, []acceptance.TestStep{
+		{
+			Config: r.withBuiltInPolicySetNonComplianceMessage(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("non_compliance_message.#").HasValue("1"),
+				check.That(data.ResourceName).Key("non_compliance_message.0.message").HasValue("test"),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.withBuiltInPolicySetNonComplianceMessageUpdated(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("non_compliance_message.#").HasValue("2"),
+				check.That(data.ResourceName).Key("non_compliance_message.0.message").HasValue("test"),
+				check.That(data.ResourceName).Key("non_compliance_message.1.message").HasValue("test2"),
+				check.That(data.ResourceName).Key("non_compliance_message.1.policy_definition_reference_id").HasValue("AINE_MinimumPasswordLength"),
+			),
+		},
+		data.ImportStep(),
+		{
+			Config: r.withBuiltInPolicySetNonComplianceMessage(data),
+			Check: acceptance.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+				check.That(data.ResourceName).Key("non_compliance_message.#").HasValue("1"),
+				check.That(data.ResourceName).Key("non_compliance_message.0.message").HasValue("test"),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func TestAccResourcePolicyAssignment_basicWithCustomPolicy(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_resource_policy_assignment", "test")
 	r := ResourceAssignmentTestResource{}
@@ -217,6 +288,63 @@ resource "azurerm_resource_policy_assignment" "test" {
 `, template, data.RandomInteger, data.Locations.Secondary)
 }
 
+func (r ResourceAssignmentTestResource) withBuiltInPolicyNonComplianceMessage(data acceptance.TestData) string {
+	template := r.template(data)
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+%s
+
+data "azurerm_policy_definition" "test" {
+  display_name = "Allowed locations"
+}
+
+resource "azurerm_resource_policy_assignment" "test" {
+  name                 = "acctestpa-%[2]d"
+  resource_id          = azurerm_virtual_network.test.id
+  policy_definition_id = data.azurerm_policy_definition.test.id
+
+  non_compliance_message {
+    message = "test"
+  }
+
+  parameters = jsonencode({
+    "listOfAllowedLocations" = {
+      "value" = [azurerm_resource_group.test.location]
+    }
+  })
+}
+`, template, data.RandomInteger)
+}
+
+func (r ResourceAssignmentTestResource) withBuiltInPolicyNonComplianceMessageUpdated(data acceptance.TestData) string {
+	template := r.template(data)
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+%s
+
+data "azurerm_policy_definition" "test" {
+  display_name = "Allowed locations"
+}
+
+resource "azurerm_resource_policy_assignment" "test" {
+  name                 = "acctestpa-%[2]d"
+  resource_id          = azurerm_virtual_network.test.id
+  policy_definition_id = data.azurerm_policy_definition.test.id
+  parameters = jsonencode({
+    "listOfAllowedLocations" = {
+      "value" = [azurerm_resource_group.test.location, "%[3]s"]
+    }
+  })
+}
+`, template, data.RandomInteger, data.Locations.Secondary)
+}
+
 func (r ResourceAssignmentTestResource) withBuiltInPolicySetBasic(data acceptance.TestData) string {
 	template := r.template(data)
 	return fmt.Sprintf(`
@@ -273,6 +401,75 @@ resource "azurerm_resource_policy_assignment" "test" {
 `, template, data.RandomInteger)
 }
 
+func (r ResourceAssignmentTestResource) withBuiltInPolicySetNonComplianceMessage(data acceptance.TestData) string {
+	template := r.template(data)
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+%s
+
+data "azurerm_policy_set_definition" "test" {
+  display_name = "Audit machines with insecure password security settings"
+}
+
+resource "azurerm_resource_policy_assignment" "test" {
+  name                 = "acctestpa-%[2]d"
+  resource_id          = azurerm_virtual_network.test.id
+  policy_definition_id = data.azurerm_policy_set_definition.test.id
+  location             = azurerm_resource_group.test.location
+
+  non_compliance_message {
+    message = "test"
+  }
+
+  identity {
+    type = "SystemAssigned"
+  }
+}
+`, template, data.RandomInteger)
+}
+
+func (r ResourceAssignmentTestResource) withBuiltInPolicySetNonComplianceMessageUpdated(data acceptance.TestData) string {
+	template := r.template(data)
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+%s
+
+data "azurerm_policy_set_definition" "test" {
+  display_name = "Audit machines with insecure password security settings"
+}
+
+resource "azurerm_resource_policy_assignment" "test" {
+  name                 = "acctestpa-%[2]d"
+  resource_id          = azurerm_virtual_network.test.id
+  policy_definition_id = data.azurerm_policy_set_definition.test.id
+  location             = azurerm_resource_group.test.location
+
+  non_compliance_message {
+    message = "test"
+  }
+
+  non_compliance_message {
+    message                        = "test2"
+    policy_definition_reference_id = "AINE_MinimumPasswordLength"
+  }
+
+  identity {
+    type = "SystemAssigned"
+  }
+
+  metadata = jsonencode({
+    "category" : "Testing"
+  })
+}
+`, template, data.RandomInteger)
+}
+
 func (r ResourceAssignmentTestResource) withCustomPolicyBasic(data acceptance.TestData) string {
 	template := r.templateWithCustomPolicy(data)
 	return fmt.Sprintf(`