Add aws_codebuild_source_credential resource

hashicorp · Feb 21, 2019 · b3cdb37 · b3cdb37
1 parent b6e70e1
commit b3cdb37
Show file tree

Hide file tree

Showing 3 changed files with 284 additions and 0 deletions.
diff --git a/aws/provider.go b/aws/provider.go
@@ -381,6 +381,7 @@ func Provider() terraform.ResourceProvider {
 			"aws_codecommit_repository":                        resourceAwsCodeCommitRepository(),
 			"aws_codecommit_trigger":                           resourceAwsCodeCommitTrigger(),
 			"aws_codebuild_project":                            resourceAwsCodeBuildProject(),
+			"aws_codebuild_source_credential":                  resourceAwsCodeBuildSourceCredential(),
 			"aws_codebuild_webhook":                            resourceAwsCodeBuildWebhook(),
 			"aws_codepipeline":                                 resourceAwsCodePipeline(),
 			"aws_codepipeline_webhook":                         resourceAwsCodePipelineWebhook(),

diff --git a/aws/resource_aws_codebuild_source_credential.go b/aws/resource_aws_codebuild_source_credential.go
@@ -0,0 +1,130 @@
+package aws
+
+import (
+	"fmt"
+	"log"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/codebuild"
+	"github.com/hashicorp/terraform/helper/schema"
+	"github.com/hashicorp/terraform/helper/validation"
+)
+
+func resourceAwsCodeBuildSourceCredential() *schema.Resource {
+	return &schema.Resource{
+		Create: resourceAwsCodeBuildSourceCredentialCreate,
+		Read:   resourceAwsCodeBuildSourceCredentialRead,
+		Delete: resourceAwsCodeBuildSourceCredentialDelete,
+
+		Schema: map[string]*schema.Schema{
+			"arn": {
+				Type:     schema.TypeString,
+				Computed: true,
+			},
+			"auth_type": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+				ValidateFunc: validation.StringInSlice([]string{
+					codebuild.AuthTypeBasicAuth,
+					codebuild.AuthTypePersonalAccessToken,
+				}, false),
+			},
+			"server_type": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+				ValidateFunc: validation.StringInSlice([]string{
+					codebuild.ServerTypeGithub,
+					codebuild.ServerTypeBitbucket,
+					codebuild.ServerTypeGithubEnterprise,
+				}, false),
+			},
+			"token": {
+				Type:     schema.TypeString,
+				Required: true,
+				ForceNew: true,
+			},
+			"user_name": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ForceNew: true,
+			},
+		},
+	}
+}
+
+func resourceAwsCodeBuildSourceCredentialCreate(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).codebuildconn
+
+	authType := d.Get("auth_type").(string)
+
+	createOpts := &codebuild.ImportSourceCredentialsInput{
+		AuthType:   aws.String(authType),
+		ServerType: aws.String(d.Get("server_type").(string)),
+		Token:      aws.String(d.Get("token").(string)),
+	}
+
+	if attr, ok := d.GetOk("user_name"); ok && attr.(string) != "" && authType == codebuild.AuthTypeBasicAuth {
+		createOpts.Username = aws.String(attr.(string))
+	}
+
+	resp, err := conn.ImportSourceCredentials(createOpts)
+	if err != nil {
+		return fmt.Errorf("Error importing source credentials: %s", err)
+	}
+
+	d.SetId(aws.StringValue(resp.Arn))
+	d.Set("arn", resp.Arn)
+
+	return nil
+}
+
+func resourceAwsCodeBuildSourceCredentialRead(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).codebuildconn
+
+	resp, err := conn.ListSourceCredentials(&codebuild.ListSourceCredentialsInput{})
+	if err != nil {
+		return fmt.Errorf("Error list source credentials: %s", err)
+	}
+
+	if len(resp.SourceCredentialsInfos) == 0 {
+		log.Printf("[WARN] Source Credentials(%s) is already deleted", d.Id())
+		d.SetId("")
+		return nil
+	}
+
+	resourceNotFound := true
+	for _, sourceCredentialsInfo := range resp.SourceCredentialsInfos {
+		if d.Id() == aws.StringValue(sourceCredentialsInfo.Arn) {
+			d.Set("auth_type", sourceCredentialsInfo.AuthType)
+			d.Set("server_type", sourceCredentialsInfo.ServerType)
+			resourceNotFound = false
+		}
+	}
+
+	if resourceNotFound {
+		log.Printf("[WARN] Source Credentials(%s) is already deleted", d.Id())
+		d.SetId("")
+		return nil
+	}
+
+	return nil
+}
+
+func resourceAwsCodeBuildSourceCredentialDelete(d *schema.ResourceData, meta interface{}) error {
+	conn := meta.(*AWSClient).codebuildconn
+
+	deleteOpts := &codebuild.DeleteSourceCredentialsInput{
+		Arn: aws.String(d.Id()),
+	}
+
+	if _, err := conn.DeleteSourceCredentials(deleteOpts); err != nil {
+		if !isAWSErr(err, codebuild.ErrCodeResourceNotFoundException, "") {
+			return nil
+		}
+		return fmt.Errorf("Error deleting Source Credentials(%s): %s", d.Id(), err)
+	}
+
+	return nil
+}
diff --git a/aws/resource_aws_codebuild_source_credential_test.go b/aws/resource_aws_codebuild_source_credential_test.go
@@ -0,0 +1,153 @@
+package aws
+
+import (
+	"fmt"
+	"regexp"
+	"testing"
+
+	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/service/codebuild"
+
+	"github.com/hashicorp/terraform/helper/acctest"
+	"github.com/hashicorp/terraform/helper/resource"
+	"github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSCodeBuildSourceCredential_Basic(t *testing.T) {
+	var sourceCredentialsInfo codebuild.SourceCredentialsInfo
+	token := acctest.RandomWithPrefix("token")
+	resourceName := "aws_codebuild_source_credential.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSCodeBuildSourceCredentialDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSCodeBuildSourceCredential_Basic("PERSONAL_ACCESS_TOKEN", "GITHUB", token),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeBuildSourceCredentialExists(resourceName, &sourceCredentialsInfo),
+					testAccMatchResourceAttrRegionalARN(resourceName, "arn", "codebuild", regexp.MustCompile(`token/github`)),
+					resource.TestCheckResourceAttr(resourceName, "server_type", "GITHUB"),
+					resource.TestCheckResourceAttr(resourceName, "auth_type", "PERSONAL_ACCESS_TOKEN"),
+				),
+			},
+			{
+				Config: testAccAWSCodeBuildSourceCredential_Basic("PERSONAL_ACCESS_TOKEN", "GITHUB_ENTERPRISE", token),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeBuildSourceCredentialExists(resourceName, &sourceCredentialsInfo),
+					testAccMatchResourceAttrRegionalARN(resourceName, "arn", "codebuild", regexp.MustCompile(`token/github_enterprise`)),
+					resource.TestCheckResourceAttr(resourceName, "server_type", "GITHUB_ENTERPRISE"),
+					resource.TestCheckResourceAttr(resourceName, "auth_type", "PERSONAL_ACCESS_TOKEN"),
+				),
+			},
+		},
+	})
+}
+
+func TestAccAWSCodeBuildSourceCredential_BasicAuth(t *testing.T) {
+	var sourceCredentialsInfo codebuild.SourceCredentialsInfo
+	token := acctest.RandomWithPrefix("token")
+	resourceName := "aws_codebuild_source_credential.test"
+
+	resource.ParallelTest(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t); testAccPreCheckAWSCodeBuild(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAWSCodeBuildSourceCredentialDestroy,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccAWSCodeBuildSourceCredential_BasicAuth(token, "user1"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeBuildSourceCredentialExists(resourceName, &sourceCredentialsInfo),
+					testAccMatchResourceAttrRegionalARN(resourceName, "arn", "codebuild", regexp.MustCompile(`token/bitbucket`)),
+					resource.TestCheckResourceAttr(resourceName, "user_name", "user1"),
+					resource.TestCheckResourceAttr(resourceName, "server_type", "BITBUCKET"),
+					resource.TestCheckResourceAttr(resourceName, "auth_type", "BASIC_AUTH"),
+				),
+			},
+			{
+				Config: testAccAWSCodeBuildSourceCredential_BasicAuth(token, "user2"),
+				Check: resource.ComposeTestCheckFunc(
+					testAccCheckAWSCodeBuildSourceCredentialExists(resourceName, &sourceCredentialsInfo),
+					resource.TestCheckResourceAttr(resourceName, "user_name", "user2"),
+				),
+			},
+		},
+	})
+}
+
+func testAccCheckAWSCodeBuildSourceCredentialDestroy(s *terraform.State) error {
+	conn := testAccProvider.Meta().(*AWSClient).codebuildconn
+
+	for _, rs := range s.RootModule().Resources {
+		if rs.Type != "aws_codebuild_source_credential" {
+			continue
+		}
+
+		resp, err := conn.ListSourceCredentials(&codebuild.ListSourceCredentialsInput{})
+		if err != nil {
+			return err
+		}
+
+		if len(resp.SourceCredentialsInfos) == 0 {
+			return nil
+		}
+
+		for _, sourceCredentialsInfo := range resp.SourceCredentialsInfos {
+			if rs.Primary.ID == aws.StringValue(sourceCredentialsInfo.Arn) {
+				return fmt.Errorf("Found Source Credential %s", rs.Primary.ID)
+			}
+		}
+	}
+	return nil
+}
+
+func testAccCheckAWSCodeBuildSourceCredentialExists(name string, sourceCredential *codebuild.SourceCredentialsInfo) resource.TestCheckFunc {
+	return func(s *terraform.State) error {
+		rs, ok := s.RootModule().Resources[name]
+		if !ok {
+			return fmt.Errorf("Not found: %s", name)
+		}
+
+		conn := testAccProvider.Meta().(*AWSClient).codebuildconn
+
+		resp, err := conn.ListSourceCredentials(&codebuild.ListSourceCredentialsInput{})
+		if err != nil {
+			return err
+		}
+
+		if len(resp.SourceCredentialsInfos) == 0 {
+			return fmt.Errorf("Source Credential %s not found", rs.Primary.ID)
+		}
+
+		for _, sourceCredentialsInfo := range resp.SourceCredentialsInfos {
+			if rs.Primary.ID == aws.StringValue(sourceCredentialsInfo.Arn) {
+				*sourceCredential = *sourceCredentialsInfo
+				return nil
+			}
+		}
+
+		return fmt.Errorf("Source Credential %s not found", rs.Primary.ID)
+	}
+}
+
+func testAccAWSCodeBuildSourceCredential_Basic(authType, serverType, token string) string {
+	return fmt.Sprintf(`
+resource "aws_codebuild_source_credential" "test" {
+  auth_type = "%s"
+  server_type = "%s"
+  token = "%s"
+}
+`, authType, serverType, token)
+}
+
+func testAccAWSCodeBuildSourceCredential_BasicAuth(token, userName string) string {
+	return fmt.Sprintf(`
+resource "aws_codebuild_source_credential" "test" {
+  auth_type = "BASIC_AUTH"
+  server_type = "BITBUCKET"
+  token = "%s"
+  user_name = "%s"
+}
+`, token, userName)
+}