Fix tests with Vault Community Edition (#2040)

hashicorp · Dec 13, 2023 · df2884e · df2884e
1 parent a11653b
commit df2884e
Show file tree

Hide file tree

Showing 7 changed files with 35 additions and 21 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -68,6 +68,7 @@ jobs:
         - "vault-enterprise:1.13.8-ent"
         - "vault-enterprise:1.14.4-ent"
         - "vault-enterprise:1.15.0-ent"
+        - "vault:1.15.0"
     services:
       vault:
         image: hashicorp/${{ matrix.image }}
@@ -198,7 +199,12 @@ jobs:
           LDAP_BINDPASS: "adminpassword"
           LDAP_URL: "ldap://openldap:1389"
         run: |
-          make testacc-ent TESTARGS='-test.v' SKIP_MSSQL_MULTI_CI=true SKIP_RAFT_TESTS=true SKIP_VAULT_NEXT_TESTS=true TF_ACC_K8S_SKIP_IN_CLUSTER=true
+          if [[ ${{ matrix.image }} =~ "-ent" ]]; then
+            target="testacc-ent"
+          else
+            target="testacc"
+          fi
+          make $target TESTARGS='-test.v' SKIP_MSSQL_MULTI_CI=true SKIP_RAFT_TESTS=true SKIP_VAULT_NEXT_TESTS=true TF_ACC_K8S_SKIP_IN_CLUSTER=true
       - name: "Generate Vault API Path Coverage Report"
         run: |
           go run cmd/coverage/main.go -openapi-doc=./testdata/openapi.json
diff --git a/testutil/testutil.go b/testutil/testutil.go
@@ -41,6 +41,7 @@ import (
 
 const (
 	EnvVarSkipVaultNext = "SKIP_VAULT_NEXT_TESTS"
+	EnvVarTfAccEnt      = "TF_ACC_ENTERPRISE"
 )
 
 func TestAccPreCheck(t *testing.T) {
@@ -61,7 +62,7 @@ func SkipTestAcc(t *testing.T) {
 
 func SkipTestAccEnt(t *testing.T) {
 	t.Helper()
-	SkipTestEnvUnset(t, "TF_ACC_ENTERPRISE")
+	SkipTestEnvUnset(t, EnvVarTfAccEnt)
 }
 
 // SkipTestEnvSet skips the test if any of the provided environment variables

diff --git a/vault/resource_gcp_auth_backend_test.go b/vault/resource_gcp_auth_backend_test.go
@@ -91,6 +91,7 @@ func TestGCPAuthBackend_basic(t *testing.T) {
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
 					"credentials",
+					"disable_remount",
 				},
 			},
 			{
@@ -107,6 +108,7 @@ func TestGCPAuthBackend_basic(t *testing.T) {
 				ImportStateVerify: true,
 				ImportStateVerifyIgnore: []string{
 					"credentials",
+					"disable_remount",
 				},
 			},
 		},

diff --git a/vault/resource_github_auth_backend_test.go b/vault/resource_github_auth_backend_test.go
@@ -83,7 +83,7 @@ func TestAccGithubAuthBackend_ns(t *testing.T) {
 
 	resource.Test(t, resource.TestCase{
 		ProviderFactories: providerFactories,
-		PreCheck:          func() { testutil.TestAccPreCheck(t) },
+		PreCheck:          func() { testutil.TestEntPreCheck(t) },
 		CheckDestroy:      testCheckMountDestroyed(resourceType, consts.MountTypeGitHub, consts.FieldPath),
 		Steps: []resource.TestStep{
 			{
@@ -361,7 +361,7 @@ func testAccGithubAuthBackendConfig_tuning(path string) string {
 resource "vault_github_auth_backend" "test" {
   	path = "%s"
   	organization = "%s"
-  
+
   	tune {
 		default_lease_ttl = "10m"
 		max_lease_ttl = "20m"
@@ -381,7 +381,7 @@ func testAccGithubAuthBackendConfig_tuningUpdated(path string) string {
 resource "vault_github_auth_backend" "test" {
   	path = "%s"
 	organization = "%s"
-  
+
   	tune {
 		default_lease_ttl = "50m"
 		max_lease_ttl = "1h10m"
@@ -400,7 +400,7 @@ func testAccGithubAuthBackendConfig_description(path, org, description string) s
 resource "vault_github_auth_backend" "test" {
 	path = "%s"
 	organization = "%s"
-	description = "%s"  
+	description = "%s"
 }
 `, path, org, description)
 }
diff --git a/vault/resource_jwt_auth_backend_test.go b/vault/resource_jwt_auth_backend_test.go
@@ -215,7 +215,7 @@ func TestAccJWTAuthBackend_OIDC(t *testing.T) {
 		ns := acctest.RandomWithPrefix("ns")
 		path := acctest.RandomWithPrefix("oidc")
 		resource.Test(t, resource.TestCase{
-			PreCheck:          func() { testutil.TestAccPreCheck(t) },
+			PreCheck:          func() { testutil.TestEntPreCheck(t) },
 			ProviderFactories: providerFactories,
 			CheckDestroy:      testCheckMountDestroyed(resourceType, consts.MountTypeJWT, consts.FieldPath),
 			Steps:             getSteps(path, ns),

diff --git a/vault/resource_mount_test.go b/vault/resource_mount_test.go
@@ -244,7 +244,7 @@ func TestResourceMountMangedKeys(t *testing.T) {
 
 	resource.Test(t, resource.TestCase{
 		ProviderFactories: providerFactories,
-		PreCheck:          func() { testutil.TestAccPreCheck(t) },
+		PreCheck:          func() { testutil.TestEntPreCheck(t) },
 		Steps: []resource.TestStep{
 			{
 				Config: testResourceMount_managedKeysConfig(keyName, path, false),

diff --git a/vault/resource_pki_secret_backend_crl_config_test.go b/vault/resource_pki_secret_backend_crl_config_test.go
@@ -5,6 +5,7 @@ package vault
 
 import (
 	"fmt"
+	"os"
 	"strconv"
 	"testing"
 
@@ -17,7 +18,7 @@ import (
 	"github.com/hashicorp/terraform-provider-vault/testutil"
 )
 
-func getCRLConfigChecks(resourceName string, isUpdate bool) resource.TestCheckFunc {
+func getCRLConfigChecks(resourceName string, isUpdate, unifiedCrl bool) resource.TestCheckFunc {
 	baseChecks := []resource.TestCheckFunc{
 		resource.TestCheckResourceAttr(resourceName, "expiry", "72h"),
 		resource.TestCheckResourceAttr(resourceName, "disable", "true"),
@@ -48,9 +49,9 @@ func getCRLConfigChecks(resourceName string, isUpdate bool) resource.TestCheckFu
 	}
 
 	v113UpdateChecks := []resource.TestCheckFunc{
-		resource.TestCheckResourceAttr(resourceName, "cross_cluster_revocation", "true"),
-		resource.TestCheckResourceAttr(resourceName, "unified_crl", "true"),
-		resource.TestCheckResourceAttr(resourceName, "unified_crl_on_existing_paths", "true"),
+		resource.TestCheckResourceAttr(resourceName, "cross_cluster_revocation", strconv.FormatBool(unifiedCrl)),
+		resource.TestCheckResourceAttr(resourceName, "unified_crl", strconv.FormatBool(unifiedCrl)),
+		resource.TestCheckResourceAttr(resourceName, "unified_crl_on_existing_paths", strconv.FormatBool(unifiedCrl)),
 	}
 
 	return func(state *terraform.State) error {
@@ -125,14 +126,18 @@ func TestPkiSecretBackendCrlConfig(t *testing.T) {
 func setupCRLConfigTest(t *testing.T, preCheck func(), ignoreImportFields ...string) {
 	rootPath := "pki-root-" + strconv.Itoa(acctest.RandInt())
 	resourceName := "vault_pki_secret_backend_crl_config.test"
+	var unifiedCrl bool
+	if os.Getenv(testutil.EnvVarTfAccEnt) != "" {
+		unifiedCrl = true
+	}
 	steps := []resource.TestStep{
 		{
 			Config: testPkiSecretBackendCrlConfigConfig_defaults(rootPath),
-			Check:  getCRLConfigChecks(resourceName, false),
+			Check:  getCRLConfigChecks(resourceName, false, unifiedCrl),
 		},
 		{
-			Config: testPkiSecretBackendCrlConfigConfig_explicit(rootPath),
-			Check:  getCRLConfigChecks(resourceName, true),
+			Config: testPkiSecretBackendCrlConfigConfig_explicit(rootPath, unifiedCrl),
+			Check:  getCRLConfigChecks(resourceName, true, unifiedCrl),
 		},
 		testutil.GetImportTestStep(resourceName, false, nil, ignoreImportFields...),
 	}
@@ -185,9 +190,9 @@ resource "vault_pki_secret_backend_crl_config" "test" {
 `, testPkiSecretBackendCrlConfigConfig_base(rootPath))
 }
 
-func testPkiSecretBackendCrlConfigConfig_explicit(rootPath string) string {
+func testPkiSecretBackendCrlConfigConfig_explicit(rootPath string, unifiedCrl bool) string {
 	return fmt.Sprintf(`
-%s
+%[1]s
 
 resource "vault_pki_secret_backend_crl_config" "test" {
   backend                   	= vault_pki_secret_backend_root_cert.test-ca.backend
@@ -199,9 +204,9 @@ resource "vault_pki_secret_backend_crl_config" "test" {
   auto_rebuild_grace_period 	= "24h"
   enable_delta              	= true
   delta_rebuild_interval   		= "18m"
-  cross_cluster_revocation  	= true
-  unified_crl					= true
-  unified_crl_on_existing_paths = true
+  cross_cluster_revocation  	= %[2]s
+  unified_crl					= %[2]s
+  unified_crl_on_existing_paths = %[2]s
 }
-`, testPkiSecretBackendCrlConfigConfig_base(rootPath))
+`, testPkiSecretBackendCrlConfigConfig_base(rootPath), strconv.FormatBool(unifiedCrl))
 }