From a0d37a9bb032bdc8729d80c4bbc8afe3cc30711e Mon Sep 17 00:00:00 2001 From: WestonPlatter Date: Thu, 19 Jun 2025 12:39:18 -0600 Subject: [PATCH 1/2] feat: add assertions. tighten group_member_type_invalid --- .gitignore | 1 + tests/variables_groups.tftest.hcl | 15 +++++++++++++++ tests/variables_users.tftest.hcl | 22 +++++++++++++++++++--- 3 files changed, 35 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 2513f01..08902b8 100644 --- a/.gitignore +++ b/.gitignore @@ -46,3 +46,4 @@ backend.tf.json **/.DS_Store .cursor/rules +.claude diff --git a/tests/variables_groups.tftest.hcl b/tests/variables_groups.tftest.hcl index 6ee4f8c..e5bd949 100644 --- a/tests/variables_groups.tftest.hcl +++ b/tests/variables_groups.tftest.hcl @@ -21,6 +21,11 @@ run "email_success" { } } } + + assert { + condition = googleworkspace_group.defaults["team1@example.com"].name == "Team 1" + error_message = "Expected 'name' to be 'Team 1'." + } } run "email_invalid_missing_domain" { @@ -67,6 +72,11 @@ run "group_settings_specific_values" { } } # We expect this plan to succeed as the structure is valid. + + assert { + condition = googleworkspace_group_settings.defaults["settings-test-group@example.com"].who_can_join == "INVITED_CAN_JOIN" + error_message = "Expected 'who_can_join' to be 'INVITED_CAN_JOIN'." + } } run "group_settings_no_settings_block" { @@ -86,4 +96,9 @@ run "group_settings_no_settings_block" { } } # We expect this plan to succeed. + + assert { + condition = googleworkspace_group.defaults["no-settings-test-group@example.com"].name == "No Settings Test Group" + error_message = "Expected 'name' to be 'No Settings Test Group'." + } } diff --git a/tests/variables_users.tftest.hcl b/tests/variables_users.tftest.hcl index 5b9c06c..1d40f05 100644 --- a/tests/variables_users.tftest.hcl +++ b/tests/variables_users.tftest.hcl @@ -22,6 +22,11 @@ run "email_success" { } } } + + assert { + condition = googleworkspace_user.defaults["first.last@example.com"].primary_email == "first.last@example.com" + error_message = "Expected 'primary_email' to be 'first.last@example.com'." + } } run "email_invalid_missing_at_symbol" { @@ -63,10 +68,12 @@ run "password_success" { family_name = "Last" given_name = "First" password = "password" - hash_function = "MD5" } } } + + # pasword is a write only field, so don't test the output + expect_failures = [] } run "password_too_short" { @@ -135,6 +142,11 @@ run "hash_function_md5_success" { } } } + + assert { + condition = googleworkspace_user.defaults["first.last@example.com"].hash_function == "MD5" + error_message = "Expected 'hash_function' to be 'MD5'." + } } run "hash_function_invalid" { @@ -281,7 +293,7 @@ run "custom_schemas_output_verification" { # ----------------------------------------------------------------------------- run "groups_member_role_success" { - command = plan + command = apply providers = { googleworkspace = googleworkspace.mock @@ -307,6 +319,11 @@ run "groups_member_role_success" { } } } + + assert { + condition = googleworkspace_group_member.user_to_groups["team@example.com/first.last@example.com"].role == "MEMBER" + error_message = "Expected 'role' to be 'MEMBER'." + } } run "groups_member_role_invalid" { @@ -460,7 +477,6 @@ run "group_member_type_invalid" { given_name = "Invalid" groups = { "test-group" = { - role = "MEMBER" type = "INVALID-TYPE" } } From d32231a154015d6691b68da4cbfde0f5e1458a43 Mon Sep 17 00:00:00 2001 From: WestonPlatter Date: Thu, 19 Jun 2025 14:12:27 -0600 Subject: [PATCH 2/2] remvoe commented out code --- variables.tf | 2 -- 1 file changed, 2 deletions(-) diff --git a/variables.tf b/variables.tf index b9642cb..4225f60 100644 --- a/variables.tf +++ b/variables.tf @@ -104,8 +104,6 @@ variable "users" { condition = alltrue(flatten([ for user in var.users : [ for group in values(try(user.groups, {})) : ( - # # Check if type is null (default) or one of the allowed values - # group.type == null ? true : (upper(group.type) == "USER" || upper(group.type) == "GROUP" || upper(group.type) == "CUSTOMER") group.type == null || contains(["USER", "GROUP", "CUSTOMER"], upper(group.type)) ) ]