mirrors
/
pulumi
mirror of https://github.com/pulumi/pulumi.git
0
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
pulumi/tests/integration/integration_test.go

792 lines
24 KiB
Go
Raw Permalink Blame History

// Copyright 2016-2022, Pulumi Corporation.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//go:build all
package ints
import (
"bytes"
"encoding/json"
"fmt"
"os"
"path/filepath"
"testing"
"github.com/stretchr/testify/assert"
"github.com/pulumi/pulumi/pkg/v3/resource/deploy/providers"
"github.com/pulumi/pulumi/pkg/v3/testing/integration"
"github.com/pulumi/pulumi/sdk/v3/go/common/apitype"
ptesting "github.com/pulumi/pulumi/sdk/v3/go/common/testing"
"github.com/pulumi/pulumi/sdk/v3/go/common/workspace"
)
// TestStackTagValidation verifies various error scenarios related to stack names and tags.
func TestStackTagValidation(t *testing.T) {
t.Parallel()
t.Run("Error_StackName", func(t *testing.T) {
t.Parallel()
e := ptesting.NewEnvironment(t)
defer func() {
if !t.Failed() {
e.DeleteEnvironment()
}
}()
e.RunCommand("git", "init")
e.ImportDirectory("stack_project_name")
e.RunCommand("pulumi", "login", "--cloud-url", e.LocalURL())
stdout, stderr := e.RunCommandExpectError("pulumi", "stack", "init", "invalid name (spaces, parens, etc.)")
assert.Equal(t, "", stdout)
assert.Contains(t, stderr,
"stack names are limited to 100 characters and may only contain alphanumeric, hyphens, underscores, or periods")
})
t.Run("Error_DescriptionLength", func(t *testing.T) {
t.Parallel()
e := ptesting.NewEnvironment(t)
defer func() {
if !t.Failed() {
e.DeleteEnvironment()
}
}()
e.RunCommand("git", "init")
e.ImportDirectory("stack_project_name")
e.RunCommand("pulumi", "login", "--cloud-url", e.LocalURL())
prefix := "lorem ipsum dolor sit amet" // 26
prefix = prefix + prefix + prefix + prefix // 104
prefix = prefix + prefix + prefix + prefix // 416 + the current Pulumi.yaml's description
// Change the contents of the Description property of Pulumi.yaml.
yamlPath := filepath.Join(e.CWD, "Pulumi.yaml")
err := integration.ReplaceInFile("description: ", "description: "+prefix, yamlPath)
assert.NoError(t, err)
stdout, stderr := e.RunCommandExpectError("pulumi", "stack", "init", "valid-name")
assert.Equal(t, "", stdout)
assert.Contains(t, stderr, "error: could not create stack:")
assert.Contains(t, stderr, "validating stack properties:")
assert.Contains(t, stderr, "stack tag \"pulumi:description\" value is too long (max length 256 characters)")
})
}
// TestStackInitValidation verifies various error scenarios related to init'ing a stack.
func TestStackInitValidation(t *testing.T) {
t.Parallel()
t.Run("Error_InvalidStackYaml", func(t *testing.T) {
t.Parallel()
e := ptesting.NewEnvironment(t)
defer func() {
if !t.Failed() {
e.DeleteEnvironment()
}
}()
e.RunCommand("git", "init")
e.ImportDirectory("stack_project_name")
e.RunCommand("pulumi", "login", "--cloud-url", e.LocalURL())
// Starting a yaml value with a quote string and then more data is invalid
invalidYaml := "\"this is invalid\" yaml because of trailing data after quote string"
// Change the contents of the Description property of Pulumi.yaml.
yamlPath := filepath.Join(e.CWD, "Pulumi.yaml")
err := integration.ReplaceInFile("description: ", "description: "+invalidYaml, yamlPath)
assert.NoError(t, err)
stdout, stderr := e.RunCommandExpectError("pulumi", "stack", "init", "valid-name")
assert.Equal(t, "", stdout)
assert.Contains(t, stderr, "invalid YAML file")
})
}
// TestConfigPaths ensures that config commands with paths work as expected.
func TestConfigPaths(t *testing.T) {
t.Parallel()
e := ptesting.NewEnvironment(t)
defer func() {
if !t.Failed() {
e.DeleteEnvironment()
}
}()
// Initialize an empty stack.
path := filepath.Join(e.RootPath, "Pulumi.yaml")
err := (&workspace.Project{
Name: "testing-config",
Runtime: workspace.NewProjectRuntimeInfo("nodejs", nil),
}).Save(path)
assert.NoError(t, err)
e.RunCommand("pulumi", "login", "--cloud-url", e.LocalURL())
e.RunCommand("pulumi", "stack", "init", "testing")
namespaces := []string{"", "my:"}
tests := []struct {
Key string
Value string
Secret bool
Path bool
TopLevelKey string
TopLevelExpectedValue string
}{
{
Key: "aConfigValue",
Value: "this value is a value",
TopLevelKey: "aConfigValue",
TopLevelExpectedValue: "this value is a value",
},
{
Key: "anotherConfigValue",
Value: "this value is another value",
TopLevelKey: "anotherConfigValue",
TopLevelExpectedValue: "this value is another value",
},
{
Key: "bEncryptedSecret",
Value: "this super secret is encrypted",
Secret: true,
TopLevelKey: "bEncryptedSecret",
TopLevelExpectedValue: "this super secret is encrypted",
},
{
Key: "anotherEncryptedSecret",
Value: "another encrypted secret",
Secret: true,
TopLevelKey: "anotherEncryptedSecret",
TopLevelExpectedValue: "another encrypted secret",
},
{
Key: "[]",
Value: "square brackets value",
TopLevelKey: "[]",
TopLevelExpectedValue: "square brackets value",
},
{
Key: "x.y",
Value: "x.y value",
TopLevelKey: "x.y",
TopLevelExpectedValue: "x.y value",
},
{
Key: "0",
Value: "0 value",
Path: true,
TopLevelKey: "0",
TopLevelExpectedValue: "0 value",
},
{
Key: "true",
Value: "value",
Path: true,
TopLevelKey: "true",
TopLevelExpectedValue: "value",
},
{
Key: `["test.Key"]`,
Value: "test key value",
Path: true,
TopLevelKey: "test.Key",
TopLevelExpectedValue: "test key value",
},
{
Key: `nested["test.Key"]`,
Value: "nested test key value",
Path: true,
TopLevelKey: "nested",
TopLevelExpectedValue: `{"test.Key":"nested test key value"}`,
},
{
Key: "outer.inner",
Value: "value",
Path: true,
TopLevelKey: "outer",
TopLevelExpectedValue: `{"inner":"value"}`,
},
{
Key: "names[0]",
Value: "a",
Path: true,
TopLevelKey: "names",
TopLevelExpectedValue: `["a"]`,
},
{
Key: "names[1]",
Value: "b",
Path: true,
TopLevelKey: "names",
TopLevelExpectedValue: `["a","b"]`,
},
{
Key: "names[2]",
Value: "c",
Path: true,
TopLevelKey: "names",
TopLevelExpectedValue: `["a","b","c"]`,
},
{
Key: "names[3]",
Value: "super secret name",
Path: true,
Secret: true,
TopLevelKey: "names",
TopLevelExpectedValue: `["a","b","c","super secret name"]`,
},
{
Key: "servers[0].port",
Value: "80",
Path: true,
TopLevelKey: "servers",
TopLevelExpectedValue: `[{"port":80}]`,
},
{
Key: "servers[0].host",
Value: "example",
Path: true,
TopLevelKey: "servers",
TopLevelExpectedValue: `[{"host":"example","port":80}]`,
},
{
Key: "a.b[0].c",
Value: "true",
Path: true,
TopLevelKey: "a",
TopLevelExpectedValue: `{"b":[{"c":true}]}`,
},
{
Key: "a.b[1].c",
Value: "false",
Path: true,
TopLevelKey: "a",
TopLevelExpectedValue: `{"b":[{"c":true},{"c":false}]}`,
},
{
Key: "tokens[0]",
Value: "shh",
Path: true,
Secret: true,
TopLevelKey: "tokens",
TopLevelExpectedValue: `["shh"]`,
},
{
Key: "foo.bar",
Value: "don't tell",
Path: true,
Secret: true,
TopLevelKey: "foo",
TopLevelExpectedValue: `{"bar":"don't tell"}`,
},
{
Key: "semiInner.a.b.c.d",
Value: "1",
Path: true,
TopLevelKey: "semiInner",
TopLevelExpectedValue: `{"a":{"b":{"c":{"d":1}}}}`,
},
{
Key: "wayInner.a.b.c.d.e.f.g.h.i.j.k",
Value: "false",
Path: true,
TopLevelKey: "wayInner",
TopLevelExpectedValue: `{"a":{"b":{"c":{"d":{"e":{"f":{"g":{"h":{"i":{"j":{"k":false}}}}}}}}}}}`,
},
{
Key: "foo1[0]",
Value: "false",
Path: true,
TopLevelKey: "foo1",
TopLevelExpectedValue: `[false]`,
},
{
Key: "foo2[0]",
Value: "true",
Path: true,
TopLevelKey: "foo2",
TopLevelExpectedValue: `[true]`,
},
{
Key: "foo3[0]",
Value: "10",
Path: true,
TopLevelKey: "foo3",
TopLevelExpectedValue: `[10]`,
},
{
Key: "foo4[0]",
Value: "0",
Path: true,
TopLevelKey: "foo4",
TopLevelExpectedValue: `[0]`,
},
{
Key: "foo5[0]",
Value: "00",
Path: true,
TopLevelKey: "foo5",
TopLevelExpectedValue: `["00"]`,
},
{
Key: "foo6[0]",
Value: "01",
Path: true,
TopLevelKey: "foo6",
TopLevelExpectedValue: `["01"]`,
},
{
Key: "foo7[0]",
Value: "0123456",
Path: true,
TopLevelKey: "foo7",
TopLevelExpectedValue: `["0123456"]`,
},
{
Key: "bar1.inner",
Value: "false",
Path: true,
TopLevelKey: "bar1",
TopLevelExpectedValue: `{"inner":false}`,
},
{
Key: "bar2.inner",
Value: "true",
Path: true,
TopLevelKey: "bar2",
TopLevelExpectedValue: `{"inner":true}`,
},
{
Key: "bar3.inner",
Value: "10",
Path: true,
TopLevelKey: "bar3",
TopLevelExpectedValue: `{"inner":10}`,
},
{
Key: "bar4.inner",
Value: "0",
Path: true,
TopLevelKey: "bar4",
TopLevelExpectedValue: `{"inner":0}`,
},
{
Key: "bar5.inner",
Value: "00",
Path: true,
TopLevelKey: "bar5",
TopLevelExpectedValue: `{"inner":"00"}`,
},
{
Key: "bar6.inner",
Value: "01",
Path: true,
TopLevelKey: "bar6",
TopLevelExpectedValue: `{"inner":"01"}`,
},
{
Key: "bar7.inner",
Value: "0123456",
Path: true,
TopLevelKey: "bar7",
TopLevelExpectedValue: `{"inner":"0123456"}`,
},
// Overwriting a top-level string value is allowed.
{
Key: "aConfigValue.inner",
Value: "new value",
Path: true,
TopLevelKey: "aConfigValue",
TopLevelExpectedValue: `{"inner":"new value"}`,
},
{
Key: "anotherConfigValue[0]",
Value: "new value",
Path: true,
TopLevelKey: "anotherConfigValue",
TopLevelExpectedValue: `["new value"]`,
},
{
Key: "bEncryptedSecret.inner",
Value: "new value",
Path: true,
TopLevelKey: "bEncryptedSecret",
TopLevelExpectedValue: `{"inner":"new value"}`,
},
{
Key: "anotherEncryptedSecret[0]",
Value: "new value",
Path: true,
TopLevelKey: "anotherEncryptedSecret",
TopLevelExpectedValue: `["new value"]`,
},
}
validateConfigGet := func(key string, value string, path bool) {
args := []string{"config", "get", key}
if path {
args = append(args, "--path")
}
stdout, stderr := e.RunCommand("pulumi", args...)
assert.Equal(t, fmt.Sprintf("%s\n", value), stdout)
assert.Equal(t, "", stderr)
}
for _, ns := range namespaces {
for _, test := range tests {
key := fmt.Sprintf("%s%s", ns, test.Key)
topLevelKey := fmt.Sprintf("%s%s", ns, test.TopLevelKey)
// Set the value.
args := []string{"config", "set"}
if test.Secret {
args = append(args, "--secret")
}
if test.Path {
args = append(args, "--path")
}
args = append(args, key, test.Value)
stdout, stderr := e.RunCommand("pulumi", args...)
assert.Equal(t, "", stdout)
assert.Equal(t, "", stderr)
// Get the value and validate it.
validateConfigGet(key, test.Value, test.Path)
// Get the top-level value and validate it.
validateConfigGet(topLevelKey, test.TopLevelExpectedValue, false /*path*/)
}
}
badKeys := []string{
// Syntax errors.
"root[",
`root["nested]`,
"root.array[abc]",
"root.[1]",
// First path segment must be a non-empty string.
`[""]`,
"[0]",
// Index out of range.
"names[-1]",
"names[5]",
// A "secure" key that is a map with a single string value is reserved by the system.
"key.secure",
"super.nested.map.secure",
// Type mismatch.
"outer[0]",
"names.nested",
"outer.inner.nested",
"outer.inner[0]",
}
for _, ns := range namespaces {
for _, badKey := range badKeys {
key := fmt.Sprintf("%s%s", ns, badKey)
stdout, stderr := e.RunCommandExpectError("pulumi", "config", "set", "--path", key, "value")
assert.Equal(t, "", stdout)
assert.NotEqual(t, "", stderr)
}
}
e.RunCommand("pulumi", "stack", "rm", "--yes")
}
//nolint:paralleltest // uses parallel programtest
func TestDestroyStackRef(t *testing.T) {
e := ptesting.NewEnvironment(t)
defer func() {
if !t.Failed() {
e.DeleteEnvironment()
}
}()
e.ImportDirectory("large_resource/nodejs")
e.RunCommand("pulumi", "login", "--cloud-url", e.LocalURL())
e.RunCommand("pulumi", "stack", "init", "dev")
e.RunCommand("yarn", "link", "@pulumi/pulumi")
e.RunCommand("yarn", "install")
e.RunCommand("pulumi", "up", "--skip-preview", "--yes")
e.CWD = os.TempDir()
e.RunCommand("pulumi", "destroy", "--skip-preview", "--yes", "-s", "dev")
}
//nolint:paralleltest // uses parallel programtest
func TestJSONOutput(t *testing.T) {
stdout := &bytes.Buffer{}
// Test without env var for streaming preview (should print previewSummary).
integration.ProgramTest(t, &integration.ProgramTestOptions{
Dir: filepath.Join("stack_outputs", "nodejs"),
Dependencies: []string{"@pulumi/pulumi"},
Stdout: stdout,
Verbose: true,
JSONOutput: true,
ExtraRuntimeValidation: func(t *testing.T, stack integration.RuntimeValidationStackInfo) {
output := stdout.String()
// Check that the previewSummary is present.
assert.Regexp(t, previewSummaryRegex, output)
// Check that each event present in the event stream is also in stdout.
for _, evt := range stack.Events {
assertOutputContainsEvent(t, evt, output)
}
},
})
}
func TestProviderDownloadURL(t *testing.T) {
t.Parallel()
validate := func(t *testing.T, stdout []byte) {
deployment := &apitype.UntypedDeployment{}
err := json.Unmarshal(stdout, deployment)
assert.NoError(t, err)
data := &apitype.DeploymentV3{}
err = json.Unmarshal(deployment.Deployment, data)
assert.NoError(t, err)
urlKey := "pluginDownloadURL"
for _, resource := range data.Resources {
switch {
case providers.IsDefaultProvider(resource.URN):
assert.Equalf(t, "get.example.test", resource.Inputs[urlKey], "Inputs")
assert.Equalf(t, "get.example.test", resource.Outputs[urlKey], "Outputs")
case providers.IsProviderType(resource.Type):
assert.Equalf(t, "get.pulumi.test/providers", resource.Inputs[urlKey], "Inputs")
assert.Equal(t, "get.pulumi.test/providers", resource.Outputs[urlKey], "Outputs")
default:
_, hasURL := resource.Inputs[urlKey]
assert.False(t, hasURL)
_, hasURL = resource.Outputs[urlKey]
assert.False(t, hasURL)
}
}
assert.Greater(t, len(data.Resources), 1, "We should construct more then just the stack")
}
languages := []struct {
name string
dependency string
}{
{"python", filepath.Join("..", "..", "sdk", "python", "env", "src")},
{"nodejs", "@pulumi/pulumi"},
{"go", "github.com/pulumi/pulumi/sdk/v3"},
}
//nolint:paralleltest // uses parallel programtest
for _, lang := range languages {
lang := lang
t.Run(lang.name, func(t *testing.T) {
dir := filepath.Join("gather_plugin", lang.name)
integration.ProgramTest(t, &integration.ProgramTestOptions{
Dir: dir,
ExportStateValidator: validate,
SkipPreview: true,
SkipEmptyPreviewUpdate: true,
Dependencies: []string{lang.dependency},
})
})
}
}
func TestExcludeProtected(t *testing.T) {
t.Parallel()
e := ptesting.NewEnvironment(t)
defer func() {
if !t.Failed() {
e.DeleteEnvironment()
}
}()
e.ImportDirectory("exclude_protected")
e.RunCommand("pulumi", "login", "--cloud-url", e.LocalURL())
e.RunCommand("pulumi", "stack", "init", "dev")
e.RunCommand("yarn", "link", "@pulumi/pulumi")
e.RunCommand("yarn", "install")
e.RunCommand("pulumi", "up", "--skip-preview", "--yes")
stdout, _ := e.RunCommand("pulumi", "destroy", "--skip-preview", "--yes", "--exclude-protected")
assert.Contains(t, stdout, "All unprotected resources were destroyed. There are still 7 protected resources")
// We run the command again, but this time there are not unprotected resources to destroy.
stdout, _ = e.RunCommand("pulumi", "destroy", "--skip-preview", "--yes", "--exclude-protected")
assert.Contains(t, stdout, "There were no unprotected resources to destroy. There are still 7")
}
func TestInvalidPluginError(t *testing.T) {
t.Parallel()
e := ptesting.NewEnvironment(t)
defer func() {
if !t.Failed() {
e.DeleteEnvironment()
}
}()
pulumiProject := `
name: invalid-plugin
runtime: yaml
description: A Pulumi program referencing an invalid plugin.
plugins:
providers:
- name: fakeplugin
bin: ./does/not/exist/bin # key should be 'path'
`
integration.CreatePulumiRepo(e, pulumiProject)
e.SetBackend(e.LocalURL())
{
_, stderr := e.RunCommandExpectError("pulumi", "stack", "init", "invalid-resources")
assert.NotContains(t, stderr, "panic: ")
assert.Contains(t, stderr, "error: ")
}
{
_, stderr := e.RunCommandExpectError("pulumi", "pre")
assert.NotContains(t, stderr, "panic: ")
assert.Contains(t, stderr, "error: ")
}
}
// TestSharedProviderConfig validates that providers correctly include shared configuration when the feature is enabled.
// The following cases are checked:
// 1. Default providers load stack configuration
// 2. Explicit providers load project/stack config if the `PULUMI_SHARED_PROVIDER_CONFIG` flag is set.
// 2.1 Provider arguments take precedence over project/stack configuration.
// 2.2 Config values that are JSON strings are merged rather than overwritten.
// 3. Explicit providers do not load project/stack config if the `PULUMI_SHARED_PROVIDER_CONFIG` flag is not set.
func TestSharedProviderConfig(t *testing.T) {
t.Parallel()
validateShared := func(t *testing.T, stdout []byte) {
deployment := &apitype.UntypedDeployment{}
err := json.Unmarshal(stdout, deployment)
assert.NoError(t, err)
data := &apitype.DeploymentV3{}
err = json.Unmarshal(deployment.Deployment, data)
assert.NoError(t, err)
for _, resource := range data.Resources {
switch {
case providers.IsDefaultProvider(resource.URN):
assert.Contains(t, resource.Inputs, "test")
assert.Equal(t, "value", resource.Inputs["test"])
case providers.IsProviderType(resource.Type):
assert.Contains(t, resource.Inputs, "proxy")
var proxyObj map[string]any
err = json.Unmarshal([]byte(resource.Inputs["proxy"].(string)), &proxyObj)
assert.NoError(t, err)
assert.Contains(t, proxyObj, "url")
assert.Equalf(t, "http://override", proxyObj["url"],
"expected Provider arg to override stack config value")
// Matching Provider argument not present, so use the value from the stack config.
assert.Contains(t, proxyObj, "username")
assert.Equalf(t, "anon", proxyObj["username"], "missing stack config value")
assert.Containsf(t, resource.Inputs, "foo/bar", "missing stack config value")
assert.NotContainsf(t, resource.Inputs, "oof/rab",
"unexpected stack config value from another namespace")
assert.Containsf(t, resource.Inputs, "testsecret", "missing stack config value")
assert.IsType(t, map[string]any{}, resource.Inputs["testsecret"],
"secret value appears as string rather than ciphertext")
assert.Contains(t, resource.Inputs["testsecret"], "ciphertext")
}
}
assert.Greater(t, len(data.Resources), 1, "We should construct more then just the stack")
}
validateDefault := func(t *testing.T, stdout []byte) {
deployment := &apitype.UntypedDeployment{}
err := json.Unmarshal(stdout, deployment)
assert.NoError(t, err)
data := &apitype.DeploymentV3{}
err = json.Unmarshal(deployment.Deployment, data)
assert.NoError(t, err)
for _, resource := range data.Resources {
switch {
case providers.IsDefaultProvider(resource.URN):
assert.Contains(t, resource.Inputs, "test")
assert.Equal(t, "value", resource.Inputs["test"])
case providers.IsProviderType(resource.Type):
assert.Contains(t, resource.Inputs, "proxy")
var proxyObj map[string]any
err = json.Unmarshal([]byte(resource.Inputs["proxy"].(string)), &proxyObj)
assert.NoError(t, err)
assert.Contains(t, proxyObj, "url")
assert.Equal(t, "http://override", proxyObj["url"])
// Stack config should not be included by default.
assert.NotContainsf(t, proxyObj, "username", "stack config should not be present")
assert.NotContainsf(t, resource.Inputs, "foo/bar", "stack config should not be present")
assert.NotContainsf(t, resource.Inputs, "testsecret", "stack config should not be present")
}
}
assert.Greater(t, len(data.Resources), 1, "We should construct more then just the stack")
}
testCases := []struct {
name string
shared bool
validateFunc func(t *testing.T, stdout []byte)
}{
{"shared", true, validateShared},
{"default", false, validateDefault},
}
for _, testCase := range testCases {
//nolint:paralleltest // uses parallel programtest
t.Run(testCase.name, func(t *testing.T) {
var env []string
if testCase.shared {
env = append(env, "PULUMI_SHARED_PROVIDER_CONFIG=1")
}
integration.ProgramTest(t, &integration.ProgramTestOptions{
Env: env,
Config: map[string]string{
"other:oof/rab": "zab",
"random:test": "value",
"tls:proxy": `{"url": "http://default", "username": "anon"}`,
"tls:foo/bar": "baz",
},
Secrets: map[string]string{
"tls:testsecret": "verysecret",
},
Dir: "provider_shared_config",
ExportStateValidator: testCase.validateFunc,
SkipPreview: true,
SkipEmptyPreviewUpdate: true,
})
})
}
}
Reference in New Issue View Git Blame Copy Permalink