fix(tests): Skip onprem unsupported policy types

jacalvo · jacalvo · commit a410415f35f9 · 2024-05-13T19:48:57.000+02:00
* Do not run cloud policy types tests with `tf_acc_onprem_secure` tag

* Change rules order to fix `TestAccCustomPolicy`:

```
resource_sysdig_secure_custom_policy_test.go:19: Step 2/12 error running import: ImportStateVerify attributes not equivalent. Difference is shown below. The - symbol indicates attributes missing after import.

          map[string]string{
        -	"rules.0.name": "Write below etc",
        +	"rules.0.name": "TERRAFORM TEST 6yf1pzvnbf - Terminal Shell",
        -	"rules.1.name": "TERRAFORM TEST 6yf1pzvnbf - Terminal Shell",
        +	"rules.1.name": "Write below etc",
          }
```
diff --git a/sysdig/data_source_sysdig_secure_aws_ml_policy_test.go b/sysdig/data_source_sysdig_secure_aws_ml_policy_test.go
@@ -1,4 +1,4 @@
-//go:build tf_acc_sysdig_secure || tf_acc_policies_aws || tf_acc_onprem_secure
+//go:build tf_acc_sysdig_secure || tf_acc_policies_aws
 
 package sysdig_test
 
diff --git a/sysdig/data_source_sysdig_secure_trusted_cloud_identity_test.go b/sysdig/data_source_sysdig_secure_trusted_cloud_identity_test.go
@@ -1,4 +1,4 @@
-//go:build tf_acc_sysdig_secure || tf_acc_onprem_secure
+//go:build tf_acc_sysdig_secure
 
 package sysdig_test
 
diff --git a/sysdig/resource_sysdig_secure_aws_ml_policy_test.go b/sysdig/resource_sysdig_secure_aws_ml_policy_test.go
@@ -1,4 +1,4 @@
-//go:build tf_acc_sysdig_secure || tf_acc_policies_aws || tf_acc_onprem_secure
+//go:build tf_acc_sysdig_secure || tf_acc_policies_aws
 
 package sysdig_test
 
diff --git a/sysdig/resource_sysdig_secure_custom_policy_test.go b/sysdig/resource_sysdig_secure_custom_policy_test.go
@@ -10,59 +10,62 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 
+	"github.com/draios/terraform-provider-sysdig/buildinfo"
 	"github.com/draios/terraform-provider-sysdig/sysdig"
 )
 
 func TestAccCustomPolicy(t *testing.T) {
 	rText := func() string { return acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) }
 	policy1 := rText()
+
+	steps := []resource.TestStep{
+		{
+			Config: customPolicyWithName(policy1),
+		},
+		{
+			ResourceName:      "sysdig_secure_custom_policy.sample",
+			ImportState:       true,
+			ImportStateVerify: true,
+		},
+		{
+			Config: customPolicyWithRulesOrderChange(policy1),
+		},
+		{
+			Config: customPolicyWithoutActions(rText()),
+		},
+		{
+			Config: customPolicyWithoutNotificationChannels(rText()),
+		},
+		{
+			Config: customPolicyWithMinimumConfiguration(rText()),
+		},
+		{
+			Config: customPoliciesWithDifferentSeverities(rText()),
+		},
+		{
+			Config: customPoliciesWithKillAction(rText()),
+		},
+		{
+			Config: customPoliciesWithDisabledRules(rText()),
+		},
+	}
+
+	if !buildinfo.OnpremSecure {
+		steps = append(steps,
+			resource.TestStep{Config: customPoliciesForAWSCloudtrail(rText())},
+			resource.TestStep{Config: customPoliciesForGCPAuditLog(rText())},
+			resource.TestStep{Config: customPoliciesForAzurePlatformlogs(rText())},
+		)
+	}
+
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck: preCheckAnyEnv(t, SysdigSecureApiTokenEnv),
 		ProviderFactories: map[string]func() (*schema.Provider, error){
 			"sysdig": func() (*schema.Provider, error) {
 				return sysdig.Provider(), nil
 			},
 		},
-		Steps: []resource.TestStep{
-			{
-				Config: customPolicyWithName(policy1),
-			},
-			{
-				ResourceName:      "sysdig_secure_custom_policy.sample",
-				ImportState:       true,
-				ImportStateVerify: true,
-			},
-			{
-				Config: customPolicyWithRulesOrderChange(policy1),
-			},
-			{
-				Config: customPolicyWithoutActions(rText()),
-			},
-			{
-				Config: customPolicyWithoutNotificationChannels(rText()),
-			},
-			{
-				Config: customPolicyWithMinimumConfiguration(rText()),
-			},
-			{
-				Config: customPoliciesWithDifferentSeverities(rText()),
-			},
-			{
-				Config: customPoliciesWithKillAction(rText()),
-			},
-			{
-				Config: customPoliciesForAWSCloudtrail(rText()),
-			},
-			{
-				Config: customPoliciesForGCPAuditLog(rText()),
-			},
-			{
-				Config: customPoliciesForAzurePlatformlogs(rText()),
-			},
-			{
-				Config: customPoliciesWithDisabledRules(rText()),
-			},
-		},
+		Steps: steps,
 	})
 }
 
@@ -79,11 +82,11 @@ resource "sysdig_secure_custom_policy" "sample" {
   runbook = "https://sysdig.com"
 
   rules {
-    name = "Write below etc"
+    name = sysdig_secure_rule_falco.terminal_shell.name
     enabled = true
   }
   rules {
-    name = sysdig_secure_rule_falco.terminal_shell.name
+    name = "Write below etc"
     enabled = true
   }
 
diff --git a/sysdig/resource_sysdig_secure_policy_test.go b/sysdig/resource_sysdig_secure_policy_test.go
@@ -10,62 +10,58 @@ import (
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 
+	"github.com/draios/terraform-provider-sysdig/buildinfo"
 	"github.com/draios/terraform-provider-sysdig/sysdig"
 )
 
 func TestAccPolicy(t *testing.T) {
 	rText := func() string { return acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) }
 
+	steps := []resource.TestStep{
+		{
+			Config: policyWithName(rText()),
+		},
+		{
+			ResourceName:      "sysdig_secure_policy.sample",
+			ImportState:       true,
+			ImportStateVerify: true,
+		},
+		{
+			Config: policyWithoutActions(rText()),
+		},
+		{
+			Config: policyWithoutNotificationChannels(rText()),
+		},
+		{
+			Config: policyWithMinimumConfiguration(rText()),
+		},
+		{
+			Config: policiesWithDifferentSeverities(rText()),
+		},
+		{
+			Config: policiesWithKillAction(rText()),
+		},
+	}
+
+	if !buildinfo.OnpremSecure {
+		steps = append(steps,
+			resource.TestStep{Config: policiesForAWSCloudtrail(rText())},
+			resource.TestStep{Config: policiesForGCPAuditLog(rText())},
+			resource.TestStep{Config: policiesForAzurePlatformlogs(rText())},
+			resource.TestStep{Config: policiesForFalcoCloudAWSCloudtrail(rText())},
+			resource.TestStep{Config: policiesForOkta(rText())},
+			resource.TestStep{Config: policiesForGithub(rText())},
+		)
+	}
+
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck: preCheckAnyEnv(t, SysdigSecureApiTokenEnv),
 		ProviderFactories: map[string]func() (*schema.Provider, error){
 			"sysdig": func() (*schema.Provider, error) {
 				return sysdig.Provider(), nil
 			},
 		},
-		Steps: []resource.TestStep{
-			{
-				Config: policyWithName(rText()),
-			},
-			{
-				ResourceName:      "sysdig_secure_policy.sample",
-				ImportState:       true,
-				ImportStateVerify: true,
-			},
-			{
-				Config: policyWithoutActions(rText()),
-			},
-			{
-				Config: policyWithoutNotificationChannels(rText()),
-			},
-			{
-				Config: policyWithMinimumConfiguration(rText()),
-			},
-			{
-				Config: policiesWithDifferentSeverities(rText()),
-			},
-			{
-				Config: policiesWithKillAction(rText()),
-			},
-			{
-				Config: policiesForAWSCloudtrail(rText()),
-			},
-			{
-				Config: policiesForGCPAuditLog(rText()),
-			},
-			{
-				Config: policiesForAzurePlatformlogs(rText()),
-			},
-			{
-				Config: policiesForFalcoCloudAWSCloudtrail(rText()),
-			},
-			{
-				Config: policiesForOkta(rText()),
-			},
-			{
-				Config: policiesForGithub(rText()),
-			},
-		},
+		Steps: steps,
 	})
 }
 

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-//go:build tf_acc_sysdig_secure \|\| tf_acc_policies_aws \|\| tf_acc_onprem_secure`
	`1`	`+//go:build tf_acc_sysdig_secure \|\| tf_acc_policies_aws`
`2`	`2`
`3`	`3`	`package sysdig_test`
`4`	`4`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-//go:build tf_acc_sysdig_secure \|\| tf_acc_onprem_secure`
	`1`	`+//go:build tf_acc_sysdig_secure`
`2`	`2`
`3`	`3`	`package sysdig_test`
`4`	`4`