Add team API key tests

internal/provider/teamapikey/team_permission_resource_test.go

@@ -0,0 +1,135 @@
+package teamapikey_test
+
+import (
+	"fmt"
+	"github.com/futurice/terraform-provider-dependencytrack/internal/testutils"
+	"github.com/futurice/terraform-provider-dependencytrack/internal/testutils/teamtestutils"
+	"github.com/hashicorp/terraform-plugin-testing/helper/acctest"
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+	"os"
+	"testing"
+)
+
+var testDependencyTrack *testutils.TestDependencyTrack
+
+func TestMain(m *testing.M) {
+	if os.Getenv(resource.EnvTfAcc) != "" {
+		var cleanup func()
+		testDependencyTrack, cleanup = testutils.InitTestDependencyTrack()
+		defer cleanup()
+	}
+
+	m.Run()
+}
+
+func TestAccTeamResource_basic(t *testing.T) {
+	ctx := testutils.CreateTestContext(t)
+
+	teamName := acctest.RandomWithPrefix("test-team")
+
+	teamResourceName := teamtestutils.CreateTeamResourceName("test")
+	otherTeamResourceName := teamtestutils.CreateTeamResourceName("test-other")
+	apiKeyResourceName := teamtestutils.CreateTeamAPIKeyResourceName("test")
+
+	var teamID, otherTeamID, teamAPIKey, otherTeamAPIKey string
+
+	resource.Test(t, resource.TestCase{
+		PreCheck:                 func() { testutils.TestAccPreCheck(t) },
+		ProtoV6ProviderFactories: testutils.TestAccProtoV6ProviderFactories,
+		Steps: []resource.TestStep{
+			{
+				Config: testAccTeamAPIKeyConfigBasic(testDependencyTrack, teamName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					teamtestutils.TestAccCheckGetTeamSingleAPIKey(ctx, testDependencyTrack, teamResourceName, &teamAPIKey),
+					testutils.TestAccCheckGetResourceID(teamResourceName, &teamID),
+					resource.TestCheckResourceAttrPtr(apiKeyResourceName, "team_id", &teamID),
+					resource.TestCheckResourceAttrPtr(apiKeyResourceName, "value", &teamAPIKey),
+				),
+			},
+			{
+				Config: testAccTeamAPIKeyConfigOtherTeam(testDependencyTrack, teamName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					teamtestutils.TestAccCheckTeamHasNoAPIKeys(ctx, testDependencyTrack, teamResourceName),
+					teamtestutils.TestAccCheckGetTeamSingleAPIKey(ctx, testDependencyTrack, otherTeamResourceName, &otherTeamAPIKey),
+					testutils.TestAccCheckGetResourceID(otherTeamResourceName, &otherTeamID),
+					resource.TestCheckResourceAttrPtr(apiKeyResourceName, "team_id", &otherTeamID),
+					resource.TestCheckResourceAttrPtr(apiKeyResourceName, "value", &otherTeamAPIKey),
+				),
+			},
+			{
+				Config: testAccTeamPermissionConfigNoAPIKey(testDependencyTrack, teamName),
+				Check: resource.ComposeAggregateTestCheckFunc(
+					teamtestutils.TestAccCheckTeamHasNoAPIKeys(ctx, testDependencyTrack, teamResourceName),
+					teamtestutils.TestAccCheckTeamHasNoAPIKeys(ctx, testDependencyTrack, otherTeamResourceName),
+				),
+			},
+		},
+		// CheckDestroy is not practical here since the team is destroyed as well, and we can no longer query its permissions
+	})
+}
+
+func testAccTeamAPIKeyConfigBasic(testDependencyTrack *testutils.TestDependencyTrack, teamName string) string {
+	return testDependencyTrack.AddProviderConfiguration(
+		testutils.ComposeConfigs(
+			fmt.Sprintf(`
+resource "dependencytrack_team" "test" {
+	name        = %[1]q
+}
+`,
+				teamName,
+			),
+			`
+resource "dependencytrack_team_api_key" "test" {
+	team_id = dependencytrack_team.test.id
+}
+`,
+		),
+	)
+}
+
+func testAccTeamAPIKeyConfigOtherTeam(testDependencyTrack *testutils.TestDependencyTrack, teamName string) string {
+	return testDependencyTrack.AddProviderConfiguration(
+		testutils.ComposeConfigs(
+			fmt.Sprintf(`
+resource "dependencytrack_team" "test" {
+	name        = %[1]q
+}
+`,
+				teamName,
+			),
+			fmt.Sprintf(`
+resource "dependencytrack_team" "test-other" {
+	name        = "%[1]s-other"
+}
+`,
+				teamName,
+			),
+			`
+resource "dependencytrack_team_api_key" "test" {
+	team_id = dependencytrack_team.test-other.id
+}
+`,
+		),
+	)
+}
+
+func testAccTeamPermissionConfigNoAPIKey(testDependencyTrack *testutils.TestDependencyTrack, teamName string) string {
+	return testDependencyTrack.AddProviderConfiguration(
+		testutils.ComposeConfigs(
+			fmt.Sprintf(`
+resource "dependencytrack_team" "test" {
+	name        = %[1]q
+}
+`,
+				teamName,
+			),
+			fmt.Sprintf(`
+resource "dependencytrack_team" "test-other" {
+	name        = "%[1]s-other"
+}
+`,
+				teamName,
+			),
+		),
+	)
+}

internal/testutils/teamtestutils/teamtestutils.go

@@ -2,7 +2,6 @@ package teamtestutils
 
 import (
 	"context"
-	"errors"
 	"fmt"
 	dtrack "github.com/futurice/dependency-track-client-go"
 	"github.com/futurice/terraform-provider-dependencytrack/internal/testutils"
@@ -82,6 +81,44 @@ func TestAccCheckTeamHasExpectedPermissions(ctx context.Context, testDependencyT
 	}
 }
 
+func TestAccCheckTeamHasNoAPIKeys(ctx context.Context, testDependencyTrack *testutils.TestDependencyTrack, resourceName string) resource.TestCheckFunc {
+	return func(state *terraform.State) error {
+		team, err := FindTeamByResourceName(ctx, testDependencyTrack, state, resourceName)
+		if err != nil {
+			return err
+		}
+		if team == nil {
+			return fmt.Errorf("team for resource %s does not exist in Dependency-Track", resourceName)
+		}
+
+		if len(team.APIKeys) != 0 {
+			return fmt.Errorf("team for resource %s has %d API keys instead of the expected 0", resourceName, len(team.APIKeys))
+		}
+
+		return nil
+	}
+}
+
+func TestAccCheckGetTeamSingleAPIKey(ctx context.Context, testDependencyTrack *testutils.TestDependencyTrack, resourceName string, apiKeyTarget *string) resource.TestCheckFunc {
+	return func(state *terraform.State) error {
+		team, err := FindTeamByResourceName(ctx, testDependencyTrack, state, resourceName)
+		if err != nil {
+			return err
+		}
+		if team == nil {
+			return fmt.Errorf("team for resource %s does not exist in Dependency-Track", resourceName)
+		}
+
+		if len(team.APIKeys) != 1 {
+			return fmt.Errorf("team for resource %s has %d API keys instead of the expected 1", resourceName, len(team.APIKeys))
+		}
+
+		*apiKeyTarget = team.APIKeys[0].Key
+
+		return nil
+	}
+}
+
 func FindTeamByResourceName(ctx context.Context, testDependencyTrack *testutils.TestDependencyTrack, state *terraform.State, resourceName string) (*dtrack.Team, error) {
 	teamID, err := testutils.GetResourceID(state, resourceName)
 	if err != nil {
@@ -97,23 +134,31 @@ func FindTeamByResourceName(ctx context.Context, testDependencyTrack *testutils.
 }
 
 func FindTeam(ctx context.Context, testDependencyTrack *testutils.TestDependencyTrack, teamID uuid.UUID) (*dtrack.Team, error) {
-	team, err := testDependencyTrack.Client.Team.Get(ctx, teamID)
+	// Currently the endpoint for getting one team does not return most of the data
+	//   see https://github.com/DependencyTrack/dependency-track/issues/4000
+	teams, err := testDependencyTrack.Client.Team.GetAll(ctx, dtrack.PageOptions{})
 	if err != nil {
-		var apiErr *dtrack.APIError
-		ok := errors.As(err, &apiErr)
-		if !ok || apiErr.StatusCode != 404 {
-			return nil, fmt.Errorf("failed to get team from Dependency-Track: %w", err)
-		}
-
-		return nil, nil
+		return nil, fmt.Errorf("failed to get teams from Dependency-Track: %w", err)
 	}
 
-	// normalize the returned object not to contain an empty array reference
-	if len(team.Permissions) == 0 {
-		team.Permissions = nil
+	for _, team := range teams.Items {
+		if team.UUID == teamID {
+			// normalize the returned object not to contain empty array references
+			if len(team.Permissions) == 0 {
+				team.Permissions = nil
+			}
+			if len(team.APIKeys) == 0 {
+				team.APIKeys = nil
+			}
+			if len(team.MappedOIDCGroups) == 0 {
+				team.MappedOIDCGroups = nil
+			}
+
+			return &team, nil
+		}
 	}
 
-	return &team, nil
+	return nil, nil
 }
 
 func CreateTeamResourceName(localName string) string {
@@ -123,3 +168,7 @@ func CreateTeamResourceName(localName string) string {
 func CreateTeamPermissionResourceName(localName string) string {
 	return fmt.Sprintf("dependencytrack_team_permission.%s", localName)
 }
+
+func CreateTeamAPIKeyResourceName(localName string) string {
+	return fmt.Sprintf("dependencytrack_team_api_key.%s", localName)
+}