From c9e1c4b6cc1c701c47db5a59929f0585b1611753 Mon Sep 17 00:00:00 2001
From: tombuildsstuff <git@ibuildstuff.co.uk>
Date: Thu, 24 Aug 2017 10:16:04 +0100
Subject: [PATCH 1/2] Adding validation for the key vault secret name

---
 azurerm/resource_arm_key_vault.go      | 19 +++++++--
 azurerm/resource_arm_key_vault_test.go | 58 ++++++++++++++++++++++++++
 2 files changed, 73 insertions(+), 4 deletions(-)

diff --git a/azurerm/resource_arm_key_vault.go b/azurerm/resource_arm_key_vault.go
index 95fa3df45de9..d88c9f8d928e 100644
--- a/azurerm/resource_arm_key_vault.go
+++ b/azurerm/resource_arm_key_vault.go
@@ -3,6 +3,7 @@ package azurerm
 import (
 	"fmt"
 	"log"
+	"regexp"
 
 	"github.com/Azure/azure-sdk-for-go/arm/keyvault"
 	"github.com/hashicorp/terraform/helper/schema"
@@ -27,9 +28,10 @@ func resourceArmKeyVault() *schema.Resource {
 
 		Schema: map[string]*schema.Schema{
 			"name": {
-				Type:     schema.TypeString,
-				Required: true,
-				ForceNew: true,
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validateKeyVaultName,
 			},
 
 			"location": locationSchema(),
@@ -207,7 +209,7 @@ func resourceArmKeyVaultRead(d *schema.ResourceData, meta interface{}) error {
 			d.SetId("")
 			return nil
 		}
-		return fmt.Errorf("Error making Read request on Azure KeyVault %s: %s", name, err)
+		return fmt.Errorf("Error making Read request on Azure KeyVault %s: %+v", name, err)
 	}
 
 	d.Set("name", resp.Name)
@@ -322,3 +324,12 @@ func flattenKeyVaultAccessPolicies(policies *[]keyvault.AccessPolicyEntry) []int
 
 	return result
 }
+
+func validateKeyVaultName(v interface{}, k string) (ws []string, errors []error) {
+	value := v.(string)
+	if matched := regexp.MustCompile(`^[a-zA-Z0-9-]{3,24}$`).Match([]byte(value)); !matched {
+		errors = append(errors, fmt.Errorf("%q may only contain alphanumeric characters and dashes and must be between 3-24 chars", k))
+	}
+
+	return
+}
diff --git a/azurerm/resource_arm_key_vault_test.go b/azurerm/resource_arm_key_vault_test.go
index 8d92865bf6e6..c82b0fc8503c 100644
--- a/azurerm/resource_arm_key_vault_test.go
+++ b/azurerm/resource_arm_key_vault_test.go
@@ -10,6 +10,64 @@ import (
 	"github.com/hashicorp/terraform/terraform"
 )
 
+func TestAccAzureRMKeyVault_name(t *testing.T) {
+	cases := []struct {
+		Input       string
+		ExpectError bool
+	}{
+		{
+			Input:       "",
+			ExpectError: true,
+		},
+		{
+			Input:       "hi",
+			ExpectError: true,
+		},
+		{
+			Input:       "hello",
+			ExpectError: false,
+		},
+		{
+			Input:       "hello-world",
+			ExpectError: false,
+		},
+		{
+			Input:       "hello-world-21",
+			ExpectError: false,
+		},
+		{
+			Input:       "hello_world_21",
+			ExpectError: true,
+		},
+		{
+			Input:       "Hello-World",
+			ExpectError: false,
+		},
+		{
+			Input:       "20202020",
+			ExpectError: false,
+		},
+		{
+			Input:       "ABC123!@£",
+			ExpectError: true,
+		},
+		{
+			Input:       "abcdefghijklmnopqrstuvwxyz",
+			ExpectError: true,
+		},
+	}
+
+	for _, tc := range cases {
+		_, errors := validateKeyVaultName(tc.Input, "")
+
+		hasError := len(errors) > 0
+
+		if tc.ExpectError && !hasError {
+			t.Fatalf("Expected the Key Vault Name to trigger a validation error for '%s'", tc.Input)
+		}
+	}
+}
+
 func TestAccAzureRMKeyVault_basic(t *testing.T) {
 	ri := acctest.RandInt()
 	config := testAccAzureRMKeyVault_basic(ri, testLocation())

From 2f745dcb74bfd73a1d06e9a226cc85db3858ee34 Mon Sep 17 00:00:00 2001
From: tombuildsstuff <git@ibuildstuff.co.uk>
Date: Thu, 24 Aug 2017 10:22:37 +0100
Subject: [PATCH 2/2] Refactoring

---
 azurerm/resource_arm_key_vault_test.go | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/azurerm/resource_arm_key_vault_test.go b/azurerm/resource_arm_key_vault_test.go
index c82b0fc8503c..efbd34b1e84c 100644
--- a/azurerm/resource_arm_key_vault_test.go
+++ b/azurerm/resource_arm_key_vault_test.go
@@ -2,7 +2,6 @@ package azurerm
 
 import (
 	"fmt"
-	"net/http"
 	"testing"
 
 	"github.com/hashicorp/terraform/helper/acctest"
@@ -135,15 +134,13 @@ func testCheckAzureRMKeyVaultDestroy(s *terraform.State) error {
 
 		resp, err := client.Get(resourceGroup, name)
 		if err != nil {
-			if resp.StatusCode == http.StatusNotFound {
+			if responseWasNotFound(resp.Response) {
 				return nil
 			}
 			return err
 		}
 
-		if resp.StatusCode != http.StatusNotFound {
-			return fmt.Errorf("Key Vault still exists:\n%#v", resp.Properties)
-		}
+		return fmt.Errorf("Key Vault still exists:\n%#v", resp.Properties)
 	}
 
 	return nil
@@ -167,11 +164,11 @@ func testCheckAzureRMKeyVaultExists(name string) resource.TestCheckFunc {
 
 		resp, err := client.Get(resourceGroup, vaultName)
 		if err != nil {
-			return fmt.Errorf("Bad: Get on keyVaultClient: %+v", err)
-		}
+			if responseWasNotFound(resp.Response) {
+				return fmt.Errorf("Bad: Vault %q (resource group: %q) does not exist", vaultName, resourceGroup)
+			}
 
-		if resp.StatusCode == http.StatusNotFound {
-			return fmt.Errorf("Bad: Vault %q (resource group: %q) does not exist", vaultName, resourceGroup)
+			return fmt.Errorf("Bad: Get on keyVaultClient: %+v", err)
 		}
 
 		return nil