Merge branch 'main' into feature/azure-container-apps-1491

gruntwork-io · Jan 6, 2025 · 0c58f9c · 0c58f9c
2 parents 9ce1c1c + e18a4a2
commit 0c58f9c
Show file tree

Hide file tree

Showing 10 changed files with 213 additions and 13 deletions.
diff --git a/modules/aws/rds.go b/modules/aws/rds.go
@@ -213,12 +213,22 @@ func GetAllParametersOfRdsInstanceE(t testing.TestingT, dbInstanceID string, aws
 
 	rdsClient := NewRdsClient(t, awsRegion)
 	input := rds.DescribeDBParametersInput{DBParameterGroupName: aws.String(parameterGroupName)}
-	output, err := rdsClient.DescribeDBParameters(context.Background(), &input)
 
-	if err != nil {
-		return []types.Parameter{}, err
+	var allParameters []types.Parameter
+	for {
+		output, err := rdsClient.DescribeDBParameters(context.Background(), &input)
+		if err != nil {
+			return []types.Parameter{}, err
+		}
+
+		allParameters = append(allParameters, output.Parameters...)
+		if output.Marker == nil {
+			break
+		}
+
+		input.Marker = output.Marker
 	}
-	return output.Parameters, nil
+	return allParameters, nil
 }
 
 // GetRdsInstanceDetailsE gets the details of a single DB instance whose identifier is passed.

diff --git a/modules/aws/s3.go b/modules/aws/s3.go
@@ -420,6 +420,33 @@ func GetS3BucketPolicyE(t testing.TestingT, awsRegion string, bucket string) (st
 	return aws.ToString(res.Policy), nil
 }
 
+func GetS3BucketOwnershipControls(t testing.TestingT, awsRegion, bucket string) []string {
+	rules, err := GetS3BucketOwnershipControlsE(t, awsRegion, bucket)
+	require.NoError(t, err)
+
+	return rules
+}
+
+func GetS3BucketOwnershipControlsE(t testing.TestingT, awsRegion, bucket string) ([]string, error) {
+	s3Client, err := NewS3ClientE(t, awsRegion)
+	if err != nil {
+		return nil, err
+	}
+
+	out, err := s3Client.GetBucketOwnershipControls(context.Background(), &s3.GetBucketOwnershipControlsInput{
+		Bucket: &bucket,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	rules := make([]string, 0, len(out.OwnershipControls.Rules))
+	for _, rule := range out.OwnershipControls.Rules {
+		rules = append(rules, string(rule.ObjectOwnership))
+	}
+	return rules, nil
+}
+
 // AssertS3BucketExists checks if the given S3 bucket exists in the given region and fail the test if it does not.
 func AssertS3BucketExists(t testing.TestingT, region string, name string) {
 	err := AssertS3BucketExistsE(t, region, name)

diff --git a/modules/aws/s3_test.go b/modules/aws/s3_test.go
@@ -267,3 +267,48 @@ func testEmptyBucket(t *testing.T, s3Client *s3.Client, region string, s3BucketN
 	}
 	require.Equal(t, 0, len((*bucketObjects).Contents))
 }
+
+func TestGetS3BucketOwnershipControls(t *testing.T) {
+	t.Parallel()
+
+	region := GetRandomStableRegion(t, nil, nil)
+	id := random.UniqueId()
+	logger.Default.Logf(t, "Random values selected. Region = %s, Id = %s\n", region, id)
+
+	s3BucketName := "gruntwork-terratest-" + strings.ToLower(id)
+	CreateS3Bucket(t, region, s3BucketName)
+	t.Cleanup(func() {
+		DeleteS3Bucket(t, region, s3BucketName)
+	})
+
+	t.Run("Exist", func(t *testing.T) {
+		s3Client, err := NewS3ClientE(t, region)
+		require.NoError(t, err)
+		_, err = s3Client.PutBucketOwnershipControls(context.Background(), &s3.PutBucketOwnershipControlsInput{
+			Bucket: &s3BucketName,
+			OwnershipControls: &types.OwnershipControls{
+				Rules: []types.OwnershipControlsRule{
+					{
+						ObjectOwnership: types.ObjectOwnershipBucketOwnerEnforced,
+					},
+				},
+			},
+		})
+		require.NoError(t, err)
+		t.Cleanup(func() {
+			_, err := s3Client.DeleteBucketOwnershipControls(context.Background(), &s3.DeleteBucketOwnershipControlsInput{
+				Bucket: &s3BucketName,
+			})
+			require.NoError(t, err)
+		})
+
+		controls := GetS3BucketOwnershipControls(t, region, s3BucketName)
+		assert.Equal(t, 1, len(controls))
+		assert.Equal(t, string(types.ObjectOwnershipBucketOwnerEnforced), controls[0])
+	})
+
+	t.Run("NotExist", func(t *testing.T) {
+		_, err := GetS3BucketOwnershipControlsE(t, region, s3BucketName)
+		assert.Error(t, err)
+	})
+}
diff --git a/modules/gcp/oslogin.go b/modules/gcp/oslogin.go
@@ -24,6 +24,27 @@ func ImportSSHKey(t testing.TestingT, user, key string) {
 // The `user` parameter should be the email address of the user.
 // The `key` parameter should be the public key of the SSH key being uploaded.
 func ImportSSHKeyE(t testing.TestingT, user, key string) error {
+	return importProjectSSHKeyE(t, user, key, nil)
+}
+
+// ImportProjectSSHKey will import an SSH key to GCP under the provided user identity.
+// The `user` parameter should be the email address of the user.
+// The `key` parameter should be the public key of the SSH key being uploaded.
+// The `projectID` parameter should be the chosen project ID.
+// This will fail the test if there is an error.
+func ImportProjectSSHKey(t testing.TestingT, user, key, projectID string) {
+	require.NoErrorf(t, ImportProjectSSHKeyE(t, user, key, projectID), "Could not add SSH Key to user %s", user)
+}
+
+// ImportProjectSSHKeyE will import an SSH key to GCP under the provided user identity.
+// The `user` parameter should be the email address of the user.
+// The `key` parameter should be the public key of the SSH key being uploaded.
+// The `projectID` parameter should be the chosen project ID.
+func ImportProjectSSHKeyE(t testing.TestingT, user, key, projectID string) error {
+	return importProjectSSHKeyE(t, user, key, &projectID)
+}
+
+func importProjectSSHKeyE(t testing.TestingT, user, key string, projectID *string) error {
 	logger.Default.Logf(t, "Importing SSH key for user %s", user)
 
 	ctx := context.Background()
@@ -38,7 +59,11 @@ func ImportSSHKeyE(t testing.TestingT, user, key string) error {
 		Key: key,
 	}
 
-	_, err = service.Users.ImportSshPublicKey(parent, sshPublicKey).Context(ctx).Do()
+	req := service.Users.ImportSshPublicKey(parent, sshPublicKey)
+	if projectID != nil {
+		req = req.ProjectId(*projectID)
+	}
+	_, err = req.Context(ctx).Do()
 	if err != nil {
 		return err
 	}

diff --git a/modules/gcp/oslogin_test.go b/modules/gcp/oslogin_test.go
@@ -23,6 +23,19 @@ func TestImportSSHKeyOSLogin(t *testing.T) {
 	ImportSSHKey(t, user, key)
 }
 
+func TestImportProjectSSHKeyOSLogin(t *testing.T) {
+	t.Parallel()
+
+	keyPair := ssh.GenerateRSAKeyPair(t, 2048)
+	key := keyPair.PublicKey
+
+	user := GetGoogleIdentityEmailEnvVar(t)
+	projectID := GetGoogleProjectIDFromEnvVar(t)
+
+	defer DeleteSSHKey(t, user, key)
+	ImportProjectSSHKey(t, user, key, projectID)
+}
+
 func TestGetLoginProfile(t *testing.T) {
 	t.Parallel()
 

diff --git a/modules/k8s/kubectl.go b/modules/k8s/kubectl.go
@@ -34,6 +34,9 @@ func RunKubectlAndGetOutputE(t testing.TestingT, options *KubectlOptions, args .
 	if options.Namespace != "" {
 		cmdArgs = append(cmdArgs, "--namespace", options.Namespace)
 	}
+	if options.RequestTimeout > 0 {
+		cmdArgs = append(cmdArgs, "--request-timeout", options.RequestTimeout.String())
+	}
 	cmdArgs = append(cmdArgs, args...)
 	command := shell.Command{
 		Command: "kubectl",

diff --git a/modules/k8s/kubectl_options.go b/modules/k8s/kubectl_options.go
@@ -1,20 +1,23 @@
 package k8s
 
 import (
+	"time"
+
 	"github.com/gruntwork-io/terratest/modules/logger"
 	"github.com/gruntwork-io/terratest/modules/testing"
 	"k8s.io/client-go/rest"
 )
 
 // KubectlOptions represents common options necessary to specify for all Kubectl calls
 type KubectlOptions struct {
-	ContextName   string
-	ConfigPath    string
-	Namespace     string
-	Env           map[string]string
-	InClusterAuth bool
-	RestConfig    *rest.Config
-	Logger        *logger.Logger
+	ContextName    string
+	ConfigPath     string
+	Namespace      string
+	Env            map[string]string
+	InClusterAuth  bool
+	RestConfig     *rest.Config
+	Logger         *logger.Logger
+	RequestTimeout time.Duration
 }
 
 // NewKubectlOptions will return a pointer to new instance of KubectlOptions with the configured options

diff --git a/modules/k8s/kubectl_test.go b/modules/k8s/kubectl_test.go
@@ -11,10 +11,14 @@ package k8s
 
 import (
 	"fmt"
+	"net/http"
+	"net/http/httptest"
 	"strings"
 	"testing"
+	"time"
 
 	"github.com/gruntwork-io/terratest/modules/random"
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
 
@@ -26,3 +30,62 @@ func TestRunKubectlAndGetOutputReturnsOutput(t *testing.T) {
 	require.NoError(t, err)
 	require.Equal(t, output, "yes")
 }
+
+func TestKubectlRequestTimeout(t *testing.T) {
+	t.Parallel()
+
+	var parsedTimeout time.Duration
+	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		parsedTimeout, _ = time.ParseDuration(r.URL.Query().Get("timeout"))
+		select {
+		case <-time.After(3 * time.Second):
+		case <-r.Context().Done():
+		}
+		w.WriteHeader(http.StatusInternalServerError)
+		w.Write([]byte("dummy-error"))
+	}))
+
+	config := fmt.Sprintf(`
+apiVersion: v1
+kind: Config
+clusters:
+- name: dummy-cluster
+  cluster:
+    server: %s
+users:
+- name: dummy-user
+  user:
+    token: dummy-token
+contexts:
+- name: dummy-context
+  context:
+    cluster: dummy-cluster
+    user: dummy-user
+current-context: dummy-context
+`, server.URL)
+
+	t.Run("WithoutTimeout", func(t *testing.T) {
+		options := &KubectlOptions{
+			ContextName: "dummy-context",
+			ConfigPath:  StoreConfigToTempFile(t, config),
+		}
+		_, err := RunKubectlAndGetOutputE(t, options, "get", "pods")
+		require.Error(t, err)
+		assert.Contains(t, err.Error(), "dummy-error")
+		assert.NotContains(t, err.Error(), "Client.Timeout exceeded while awaiting headers")
+	})
+
+	t.Run("WithTimeout", func(t *testing.T) {
+		options := &KubectlOptions{
+			ContextName:    "dummy-context",
+			ConfigPath:     StoreConfigToTempFile(t, config),
+			RequestTimeout: time.Second,
+		}
+		_, err := RunKubectlAndGetOutputE(t, options, "get", "pods")
+		require.Error(t, err)
+		assert.Equal(t, options.RequestTimeout, parsedTimeout)
+		assert.NotContains(t, err.Error(), "dummy-error")
+		assert.Contains(t, err.Error(), "Client.Timeout exceeded while awaiting headers")
+	})
+
+}
diff --git a/modules/terraform/cmd.go b/modules/terraform/cmd.go
@@ -122,7 +122,7 @@ func RunTerraformCommandAndGetStdoutE(t testing.TestingT, additionalOptions *Opt
 	cmd := generateCommand(options, args...)
 	description := fmt.Sprintf("%s %v", options.TerraformBinary, args)
 	return retry.DoWithRetryableErrorsE(t, description, options.RetryableTerraformErrors, options.MaxRetries, options.TimeBetweenRetries, func() (string, error) {
-		s, err := shell.RunCommandAndGetOutputE(t, cmd)
+		s, err := shell.RunCommandAndGetStdOutE(t, cmd)
 		if err != nil {
 			return s, err
 		}

diff --git a/test/terraform_aws_rds_example_test.go b/test/terraform_aws_rds_example_test.go
@@ -125,10 +125,21 @@ func TestTerraformAwsRdsExample(t *testing.T) {
 			// Verify that the table/schema requested for creation is actually present in the database
 			assert.True(t, schemaExistsInRdsInstance)
 
+			// assert expected parameters
 			for k, v := range tt.expectedParameter {
 				assert.Equal(t, v, aws.GetParameterValueForParameterOfRdsInstance(t, k, dbInstanceID, awsRegion))
 			}
 
+			// assert all parameters
+			params := aws.GetAllParametersOfRdsInstance(t, dbInstanceID, awsRegion)
+			paramNames := map[string]struct{}{}
+			for _, param := range params {
+				paramNames[*param.ParameterName] = struct{}{}
+			}
+			assert.Len(t, paramNames, len(params), "should return no duplicate parameters")
+			assert.True(t, len(paramNames) > 100)
+
+			// assert expected options
 			for k, v := range tt.expectedOptins {
 				// Lookup option values. All defined values are strings in the API call response
 				assert.Equal(t, v, aws.GetOptionSettingForOfRdsInstance(t, k.opName, k.setName, dbInstanceID, awsRegion))