254 lines
8.1 KiB
Go
254 lines
8.1 KiB
Go
package azure
|
|
|
|
import (
|
|
"fmt"
|
|
"strings"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/Azure/azure-sdk-for-go/management/sql"
|
|
"github.com/hashicorp/terraform/helper/resource"
|
|
"github.com/hashicorp/terraform/terraform"
|
|
)
|
|
|
|
func TestAccAzureSqlDatabaseServerFirewallRuleBasic(t *testing.T) {
|
|
name := "azure_sql_database_server_firewall_rule.foo"
|
|
|
|
resource.Test(t, resource.TestCase{
|
|
PreCheck: func() { testAccPreCheck(t) },
|
|
Providers: testAccProviders,
|
|
CheckDestroy: testAccAzureDatabaseServerFirewallRuleDeleted(testAccAzureSqlServerNames),
|
|
Steps: []resource.TestStep{
|
|
resource.TestStep{
|
|
Config: testAccAzureDatabaseServerFirewallRuleBasicConfig,
|
|
Check: resource.ComposeTestCheckFunc(
|
|
testAccAzureSqlDatabaseServerGetNames,
|
|
testAccAzureSqlDatabaseServersNumber(1),
|
|
testAccAzureDatabaseServerFirewallRuleExists(name, testAccAzureSqlServerNames),
|
|
resource.TestCheckResourceAttr(name, "name", "terraform-testing-rule"),
|
|
resource.TestCheckResourceAttr(name, "start_ip", "10.0.0.0"),
|
|
resource.TestCheckResourceAttr(name, "end_ip", "10.0.0.255"),
|
|
),
|
|
},
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestAccAzureSqlDatabaseServerFirewallRuleAdvanced(t *testing.T) {
|
|
name1 := "azure_sql_database_server_firewall_rule.foo"
|
|
name2 := "azure_sql_database_server_firewall_rule.bar"
|
|
|
|
resource.Test(t, resource.TestCase{
|
|
PreCheck: func() { testAccPreCheck(t) },
|
|
Providers: testAccProviders,
|
|
CheckDestroy: testAccAzureDatabaseServerFirewallRuleDeleted(testAccAzureSqlServerNames),
|
|
Steps: []resource.TestStep{
|
|
resource.TestStep{
|
|
Config: testAccAzureDatabaseServerFirewallRuleAdvancedConfig,
|
|
Check: resource.ComposeTestCheckFunc(
|
|
testAccAzureSqlDatabaseServerGetNames,
|
|
testAccAzureSqlDatabaseServersNumber(2),
|
|
//testAccAzureDatabaseServerFirewallRuleExists(name1, testAccAzureSqlServerNames),
|
|
resource.TestCheckResourceAttr(name1, "name", "terraform-testing-rule1"),
|
|
resource.TestCheckResourceAttr(name1, "start_ip", "10.0.0.0"),
|
|
resource.TestCheckResourceAttr(name1, "end_ip", "10.0.0.255"),
|
|
//testAccAzureDatabaseServerFirewallRuleExists(name2, testAccAzureSqlServerNames),
|
|
resource.TestCheckResourceAttr(name2, "name", "terraform-testing-rule2"),
|
|
resource.TestCheckResourceAttr(name2, "start_ip", "200.0.0.0"),
|
|
resource.TestCheckResourceAttr(name2, "end_ip", "200.255.255.255"),
|
|
),
|
|
},
|
|
},
|
|
})
|
|
}
|
|
|
|
func TestAccAzureSqlDatabaseServerFirewallRuleUpdate(t *testing.T) {
|
|
name1 := "azure_sql_database_server_firewall_rule.foo"
|
|
name2 := "azure_sql_database_server_firewall_rule.bar"
|
|
|
|
resource.Test(t, resource.TestCase{
|
|
PreCheck: func() { testAccPreCheck(t) },
|
|
Providers: testAccProviders,
|
|
CheckDestroy: testAccAzureDatabaseServerFirewallRuleDeleted(testAccAzureSqlServerNames),
|
|
Steps: []resource.TestStep{
|
|
resource.TestStep{
|
|
Config: testAccAzureDatabaseServerFirewallRuleAdvancedConfig,
|
|
Check: resource.ComposeTestCheckFunc(
|
|
testAccAzureSqlDatabaseServerGetNames,
|
|
testAccAzureSqlDatabaseServersNumber(2),
|
|
//testAccAzureDatabaseServerFirewallRuleExists(name1, testAccAzureSqlServerNames),
|
|
resource.TestCheckResourceAttr(name1, "name", "terraform-testing-rule1"),
|
|
resource.TestCheckResourceAttr(name1, "start_ip", "10.0.0.0"),
|
|
resource.TestCheckResourceAttr(name1, "end_ip", "10.0.0.255"),
|
|
//testAccAzureDatabaseServerFirewallRuleExists(name2, testAccAzureSqlServerNames),
|
|
resource.TestCheckResourceAttr(name2, "name", "terraform-testing-rule2"),
|
|
resource.TestCheckResourceAttr(name2, "start_ip", "200.0.0.0"),
|
|
resource.TestCheckResourceAttr(name2, "end_ip", "200.255.255.255"),
|
|
),
|
|
},
|
|
resource.TestStep{
|
|
Config: testAccAzureDatabaseServerFirewallRuleUpdateConfig,
|
|
Check: resource.ComposeTestCheckFunc(
|
|
testAccAzureSqlDatabaseServerGetNames,
|
|
testAccAzureSqlDatabaseServersNumber(2),
|
|
//testAccAzureDatabaseServerFirewallRuleExists(name1, testAccAzureSqlServerNames),
|
|
resource.TestCheckResourceAttr(name1, "name", "terraform-testing-rule1"),
|
|
resource.TestCheckResourceAttr(name1, "start_ip", "11.0.0.0"),
|
|
resource.TestCheckResourceAttr(name1, "end_ip", "11.0.0.255"),
|
|
),
|
|
},
|
|
},
|
|
})
|
|
}
|
|
|
|
func testAccAzureDatabaseServerFirewallRuleExists(name string, servers []string) resource.TestCheckFunc {
|
|
return func(s *terraform.State) error {
|
|
res, ok := s.RootModule().Resources[name]
|
|
if !ok {
|
|
return fmt.Errorf("Azure Database Server Firewall Rule %q doesn't exist.", name)
|
|
}
|
|
|
|
if res.Primary.ID == "" {
|
|
return fmt.Errorf("Azure Database Server Firewall Rule %q res ID not set.", name)
|
|
}
|
|
|
|
sqlClient := testAccProvider.Meta().(*Client).sqlClient
|
|
|
|
for _, server := range servers {
|
|
var rules sql.ListFirewallRulesResponse
|
|
|
|
err := resource.Retry(15*time.Minute, func() *resource.RetryError {
|
|
var erri error
|
|
rules, erri = sqlClient.ListFirewallRules(server)
|
|
if erri != nil {
|
|
return resource.RetryableError(
|
|
fmt.Errorf("Error listing Azure Database Server Firewall Rules for Server %q: %s", server, erri))
|
|
}
|
|
|
|
return nil
|
|
})
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
var found bool
|
|
for _, rule := range rules.FirewallRules {
|
|
if rule.Name == res.Primary.ID {
|
|
found = true
|
|
break
|
|
}
|
|
}
|
|
if !found {
|
|
return fmt.Errorf("Azure Database Server Firewall Rule %q doesn't exists on server %q.", res.Primary.ID, server)
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func testAccAzureDatabaseServerFirewallRuleDeleted(servers []string) resource.TestCheckFunc {
|
|
return func(s *terraform.State) error {
|
|
for _, resource := range s.RootModule().Resources {
|
|
if resource.Type != "azure_sql_database_server_firewall_rule" {
|
|
continue
|
|
}
|
|
|
|
if resource.Primary.ID == "" {
|
|
return fmt.Errorf("Azure Database Server Firewall Rule resource ID not set.")
|
|
}
|
|
|
|
sqlClient := testAccProvider.Meta().(*Client).sqlClient
|
|
|
|
for _, server := range servers {
|
|
rules, err := sqlClient.ListFirewallRules(server)
|
|
if err != nil {
|
|
// ¯\_(ツ)_/¯
|
|
if strings.Contains(err.Error(), "Cannot open server") {
|
|
return nil
|
|
}
|
|
return fmt.Errorf("Error listing Azure Database Server Firewall Rules for Server %q: %s", server, err)
|
|
}
|
|
|
|
for _, rule := range rules.FirewallRules {
|
|
if rule.Name == resource.Primary.ID {
|
|
return fmt.Errorf("Azure Database Server Firewall Rule %q still exists on Server %q.", resource.Primary.ID, err)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return nil
|
|
}
|
|
}
|
|
|
|
var testAccAzureDatabaseServerFirewallRuleBasicConfig = `
|
|
resource "azure_sql_database_server" "foo" {
|
|
location = "West US"
|
|
username = "SuperUser"
|
|
password = "SuperSEKR3T"
|
|
version = "2.0"
|
|
}
|
|
|
|
resource "azure_sql_database_server_firewall_rule" "foo" {
|
|
name = "terraform-testing-rule"
|
|
depends_on = ["azure_sql_database_server.foo"]
|
|
start_ip = "10.0.0.0"
|
|
end_ip = "10.0.0.255"
|
|
database_server_names = ["${azure_sql_database_server.foo.name}"]
|
|
}
|
|
`
|
|
|
|
var testAccAzureDatabaseServerFirewallRuleAdvancedConfig = `
|
|
resource "azure_sql_database_server" "foo" {
|
|
location = "West US"
|
|
username = "SuperUser"
|
|
password = "SuperSEKR3T"
|
|
version = "2.0"
|
|
}
|
|
|
|
resource "azure_sql_database_server" "bar" {
|
|
location = "West US"
|
|
username = "SuperUser"
|
|
password = "SuperSEKR3T"
|
|
version = "2.0"
|
|
}
|
|
|
|
resource "azure_sql_database_server_firewall_rule" "foo" {
|
|
name = "terraform-testing-rule1"
|
|
start_ip = "10.0.0.0"
|
|
end_ip = "10.0.0.255"
|
|
database_server_names = ["${azure_sql_database_server.foo.name}", "${azure_sql_database_server.bar.name}"]
|
|
}
|
|
|
|
resource "azure_sql_database_server_firewall_rule" "bar" {
|
|
name = "terraform-testing-rule2"
|
|
start_ip = "200.0.0.0"
|
|
end_ip = "200.255.255.255"
|
|
database_server_names = ["${azure_sql_database_server.foo.name}", "${azure_sql_database_server.bar.name}"]
|
|
}
|
|
`
|
|
|
|
var testAccAzureDatabaseServerFirewallRuleUpdateConfig = `
|
|
resource "azure_sql_database_server" "foo" {
|
|
location = "West US"
|
|
username = "SuperUser"
|
|
password = "SuperSEKR3T"
|
|
version = "2.0"
|
|
}
|
|
|
|
resource "azure_sql_database_server" "bar" {
|
|
location = "West US"
|
|
username = "SuperUser"
|
|
password = "SuperSEKR3T"
|
|
version = "2.0"
|
|
}
|
|
|
|
resource "azure_sql_database_server_firewall_rule" "foo" {
|
|
name = "terraform-testing-rule1"
|
|
start_ip = "11.0.0.0"
|
|
end_ip = "11.0.0.255"
|
|
database_server_names = ["${azure_sql_database_server.foo.name}"]
|
|
}
|
|
`
|