Merge pull request #164 from Cox-Automotive/develop

Develop
Cox-Automotive · May 4, 2022 · 5a6f343 · 5a6f343
2 parents 1146926 + 6a9272e
commit 5a6f343
Show file tree

Hide file tree

Showing 22 changed files with 1,300 additions and 0 deletions.
diff --git a/naming.go b/naming.go
@@ -1,9 +1,14 @@
 package main
 
 import (
+	"regexp"
+
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 )
 
+const MaxRoleLen = 64
+
 // NameWithPrefix returns in order:
 // the name if non-empty,
 // a prefix generated name if non-empty,
@@ -31,3 +36,14 @@ func NamePrefixFromName(name string) *string {
 
 	return &namePrefix
 }
+
+// Validate Role name based on https://docs.aws.amazon.com/IAM/latest/APIReference/API_CreateRole.html
+var ValidRoleName = validation.All(
+	validation.StringLenBetween(1, MaxRoleLen),
+	validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]+$`), "must match [\\w+=,.@-]"),
+)
+
+var ValidRolePrefix = validation.All(
+	validation.StringLenBetween(1, MaxRoleLen-resource.UniqueIDSuffixLength),
+	validation.StringMatch(regexp.MustCompile(`^[\w+=,.@-]+$`), "must match [\\w+=,.@-]"),
+)
diff --git a/naming_test.go b/naming_test.go
@@ -48,3 +48,67 @@ func TestNamePrefixFromName_InvalidPrefixedName(t *testing.T) {
 		t.Fatal("expected prefix to be nil")
 	}
 }
+
+func TestValidRoleName_NameTooShort(t *testing.T) {
+	name := ""
+	warn, err := ValidRoleName(name, "")
+	if len(warn) != 0 || len(err) != 2 {
+		t.Fatalf("expected 2 validation errors")
+	}
+}
+
+func TestValidRoleName_NameMaxLength(t *testing.T) {
+	name := "0123456789012345678901234567890123456789012345678901234567890123"
+	warn, err := ValidRoleName(name, "")
+	if len(warn) != 0 || len(err) != 0 {
+		t.Fatalf("expected no validation errors")
+	}
+}
+
+func TestValidRoleName_NameTooLong(t *testing.T) {
+	name := "01234567890123456789012345678901234567890123456789012345678901234"
+	warn, err := ValidRoleName(name, "")
+	if len(warn) != 0 || len(err) != 1 {
+		t.Fatalf("expected 1 validation error")
+	}
+}
+
+func TestValidRoleName_NameInvalidChar(t *testing.T) {
+	name := "name!!!!@#$%^&*()-="
+	warn, err := ValidRoleName(name, "")
+	if len(warn) != 0 || len(err) != 1 {
+		t.Fatalf("expected 1 validation error")
+	}
+}
+
+func TestValidRolePrefix_NamePrefixTooShort(t *testing.T) {
+	prefix := ""
+	warn, err := ValidRolePrefix(prefix, "")
+	if len(warn) != 0 || len(err) != 2 {
+		t.Fatalf("expected 2 validation errors")
+	}
+}
+
+func TestValidRolePrefix_NamePrefixMaxLength(t *testing.T) {
+	prefix := "01234567890123456789012345678901234567"
+	warn, err := ValidRolePrefix(prefix, "")
+	if len(warn) != 0 || len(err) != 0 {
+		t.Fatalf("expected no validation errors")
+	}
+}
+
+func TestValidRolePrefix_NamePrefixTooLong(t *testing.T) {
+	prefix := "012345678901234567890123456789012345678"
+	warn, err := ValidRolePrefix(prefix, "")
+	if len(warn) != 0 || len(err) != 1 {
+		t.Fatalf("expected 1 validation error")
+	}
+}
+
+func TestValidRolePrefix_NamePrefixInvalidChar(t *testing.T) {
+	prefix := "name!!!!@#$%^&*()-="
+	warn, err := ValidRolePrefix(prefix, "")
+	if len(warn) != 0 || len(err) != 1 {
+		t.Fatalf("expected 1 validation error")
+	}
+}
diff --git a/resource_alks_iamrole.go b/resource_alks_iamrole.go
@@ -29,13 +29,15 @@ func resourceAlksIamRole() *schema.Resource {
 				Computed:      true,
 				ForceNew:      true,
 				ConflictsWith: []string{"name_prefix"},
+				ValidateFunc:  ValidRoleName,
 			},
 			"name_prefix": {
 				Type:          schema.TypeString,
 				Optional:      true,
 				Computed:      true,
 				ForceNew:      true,
 				ConflictsWith: []string{"name"},
+				ValidateFunc:  ValidRolePrefix,
 			},
 			"type": {
 				Type:     schema.TypeString,

diff --git a/resource_alks_iamrole_test.go b/resource_alks_iamrole_test.go
@@ -130,6 +130,22 @@ func TestAccIAMRole_NameAndNamePrefixConflict(t *testing.T) {
 	})
 }
 
+func TestAccIAMRole_NameTooLong(t *testing.T) {
+	var resp alks.IamRoleResponse
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAlksIamRoleDestroy(&resp),
+		Steps: []resource.TestStep{
+			{
+				Config:      testAccCheckAlksIamRoleConfigNameTooLong,
+				ExpectError: regexp.MustCompile(".* expected length of name to be in the range \\(1 - 64\\).*"),
+			},
+		},
+	})
+}
+
 func testAccCheckAlksIamRoleDestroy(role *alks.IamRoleResponse) resource.TestCheckFunc {
 	return func(s *terraform.State) error {
 		client := testAccProvider.Meta().(*alks.Client)
@@ -205,3 +221,11 @@ const testAccCheckAlksIamRoleConfigNameAndNamePrefixConflict = `
 		include_default_policies = false
 	}
 `
+
+const testAccCheckAlksIamRoleConfigNameTooLong = `
+  resource "alks_iamrole" "nametoolong" {
+    name = "nameandnametoolongggggggggggggggggggggggggggggggggggggggggggggggg"
+    type = "Amazon EC2"
+		include_default_policies = false
+	}
+`
diff --git a/resource_alks_iamtrustrole.go b/resource_alks_iamtrustrole.go
@@ -30,13 +30,15 @@ func resourceAlksIamTrustRole() *schema.Resource {
 				Computed:      true,
 				ForceNew:      true,
 				ConflictsWith: []string{"name_prefix"},
+				ValidateFunc:  ValidRoleName,
 			},
 			"name_prefix": {
 				Type:          schema.TypeString,
 				Optional:      true,
 				Computed:      true,
 				ForceNew:      true,
 				ConflictsWith: []string{"name"},
+				ValidateFunc:  ValidRolePrefix,
 			},
 			"type": {
 				Type:     schema.TypeString,

diff --git a/resource_alks_iamtrustrole_test.go b/resource_alks_iamtrustrole_test.go
@@ -80,6 +80,22 @@ func TestAccAlksIamTrustRole_NameAndNamePrefixConflict(t *testing.T) {
 	})
 }
 
+func TestAccAlksIamTrustRole_NameTooLong(t *testing.T) {
+	var resp alks.IamRoleResponse
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:     func() { testAccPreCheck(t) },
+		Providers:    testAccProviders,
+		CheckDestroy: testAccCheckAlksIamRoleDestroy(&resp),
+		Steps: []resource.TestStep{
+			{
+				Config:      testAccCheckAlksIamTrustRoleConfigNameTooLong,
+				ExpectError: regexp.MustCompile(".* expected length of name to be in the range \\(1 - 64\\).*"),
+			},
+		},
+	})
+}
+
 const testAccCheckAlksIamTrustRoleConfigBasic = `
 	resource "alks_iamrole" "foo" {
 		name = "foo"
@@ -137,3 +153,17 @@ const testAccCheckAlksIamTrustRoleConfigNameAndNamePrefixConflict = `
 		trust_arn = "${alks_iamrole.nameprefixconflict_role.arn}"
 	}
 `
+
+const testAccCheckAlksIamTrustRoleConfigNameTooLong= `
+	resource "alks_iamrole" "nametoolong_role" {
+		name_prefix = "alks_test_acc_"
+		type = "Amazon EC2"
+		include_default_policies = false
+	}
+
+	resource "alks_iamtrustrole" "nametoolong_trustrole" {
+		name = "nameandnametoolongggggggggggggggggggggggggggggggggggggggggggggggg"
+		type = "Inner Account"
+		trust_arn = "${alks_iamrole.nametoolong_role.arn}"
+	}
+`
diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/expand_json.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/expand_json.go
diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/flatten_json.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/flatten_json.go
diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/normalize_json.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/normalize_json.go
diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/suppress_json_diff.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/structure/suppress_json_diff.go
diff --git a/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation/float.go b/vendor/github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation/float.go