From 72241a64bc779a9f3f3bbc7074b1f25cc7d1b20d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Wiktor=20Niesiob=C4=99dzki?= Date: Sat, 16 Nov 2024 08:48:42 +0000 Subject: [PATCH] Fix E2E tests --- modules/cloud-run-v2/README.md | 1 + modules/iam-service-account/README.md | 8 +++---- modules/iam-service-account/outputs.tf | 10 ++++----- modules/pubsub/README.md | 10 ++++++++- ...ery-subscription-with-service-account.yaml | 21 +++++++------------ 5 files changed, 25 insertions(+), 25 deletions(-) diff --git a/modules/cloud-run-v2/README.md b/modules/cloud-run-v2/README.md index 1f49509279..3053ae7b16 100644 --- a/modules/cloud-run-v2/README.md +++ b/modules/cloud-run-v2/README.md @@ -112,6 +112,7 @@ module "cloud_run" { } } } + deletion_protection = false } # tftest inventory=gcs-mount.yaml e2e ``` diff --git a/modules/iam-service-account/README.md b/modules/iam-service-account/README.md index f201469523..756836185a 100644 --- a/modules/iam-service-account/README.md +++ b/modules/iam-service-account/README.md @@ -70,8 +70,8 @@ module "myproject-default-service-accounts" { | [email](outputs.tf#L17) | Service account email. | | | [iam_email](outputs.tf#L25) | IAM-format service account email. | | | [id](outputs.tf#L33) | Fully qualified service account id. | | -| [key](outputs.tf#L42) | Service account key. | ✓ | -| [name](outputs.tf#L48) | Service account name. | | -| [service_account](outputs.tf#L57) | Service account resource. | | -| [service_account_credentials](outputs.tf#L62) | Service account json credential templates for uploaded public keys data. | | +| [key](outputs.tf#L41) | Service account key. | ✓ | +| [name](outputs.tf#L47) | Service account name. | | +| [service_account](outputs.tf#L55) | Service account resource. | | +| [service_account_credentials](outputs.tf#L60) | Service account json credential templates for uploaded public keys data. | | diff --git a/modules/iam-service-account/outputs.tf b/modules/iam-service-account/outputs.tf index 79210caec8..88c3b9645c 100644 --- a/modules/iam-service-account/outputs.tf +++ b/modules/iam-service-account/outputs.tf @@ -18,7 +18,7 @@ output "email" { description = "Service account email." value = local.resource_email_static depends_on = [ - local.service_account + local.service_account, ] } @@ -26,7 +26,7 @@ output "iam_email" { description = "IAM-format service account email." value = local.resource_iam_email_static depends_on = [ - local.service_account + local.service_account, ] } @@ -34,8 +34,7 @@ output "id" { description = "Fully qualified service account id." value = local.service_account_id_static depends_on = [ - data.google_service_account.service_account, - google_service_account.service_account + local.service_account, ] } @@ -49,8 +48,7 @@ output "name" { description = "Service account name." value = local.service_account_id_static depends_on = [ - data.google_service_account.service_account, - google_service_account.service_account + local.service_account, ] } diff --git a/modules/pubsub/README.md b/modules/pubsub/README.md index 87d80779d7..9580449069 100644 --- a/modules/pubsub/README.md +++ b/modules/pubsub/README.md @@ -136,6 +136,11 @@ module "iam-service-account" { source = "./fabric/modules/iam-service-account" project_id = var.project_id name = "fixture-service-account" + iam_project_roles = { + "${var.project_id}" = [ + "roles/bigquery.dataEditor", + ] + } } module "pubsub" { @@ -152,8 +157,11 @@ module "pubsub" { } } } + depends_on = [ + module.iam-service-account # wait for IAM grants to finish + ] } -# tftest modules=3 resources=6 fixtures=fixtures/bigquery-dataset.tf inventory=bigquery-subscription-with-service-account.yaml e2e +# tftest fixtures=fixtures/bigquery-dataset.tf inventory=bigquery-subscription-with-service-account.yaml e2e ``` ## Cloud Storage subscriptions diff --git a/tests/modules/pubsub/examples/bigquery-subscription-with-service-account.yaml b/tests/modules/pubsub/examples/bigquery-subscription-with-service-account.yaml index b29232b952..126a7b6ada 100644 --- a/tests/modules/pubsub/examples/bigquery-subscription-with-service-account.yaml +++ b/tests/modules/pubsub/examples/bigquery-subscription-with-service-account.yaml @@ -13,6 +13,12 @@ # limitations under the License. values: + module.iam-service-account.google_project_iam_member.project-roles["project-id-roles/bigquery.dataEditor"]: + project: project-id + role: roles/bigquery.dataEditor + module.iam-service-account.google_service_account.service_account[0]: + account_id: fixture-service-account + project: project-id module.pubsub.google_pubsub_subscription.default["test-bigquery-with-service-account"]: bigquery_config: - drop_unknown_fields: false @@ -23,8 +29,6 @@ values: write_metadata: false cloud_storage_config: [] dead_letter_policy: [] - effective_labels: - goog-terraform-provisioned: 'true' enable_exactly_once_delivery: false enable_message_ordering: false filter: null @@ -35,13 +39,8 @@ values: push_config: [] retain_acked_messages: false retry_policy: [] - terraform_labels: - goog-terraform-provisioned: 'true' - timeouts: null topic: my-topic module.pubsub.google_pubsub_topic.default: - effective_labels: - goog-terraform-provisioned: 'true' ingestion_data_source_settings: [] kms_key_name: null labels: null @@ -49,16 +48,10 @@ values: name: my-topic project: project-id schema_settings: [] - terraform_labels: - goog-terraform-provisioned: 'true' - timeouts: null counts: - google_bigquery_dataset: 1 - google_bigquery_dataset_iam_binding: 1 - google_bigquery_table: 1 + google_project_iam_member: 1 google_pubsub_subscription: 1 google_pubsub_topic: 1 google_service_account: 1 modules: 3 - resources: 6