-
Notifications
You must be signed in to change notification settings - Fork 44
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This commit swaps all uses of `encoding/json` with `tailscale/hujson`. This allows users of the provider to have a hujson file locally that contains all the features such as comments and trailing commas. When the ACL is pushed to tailscale via the provider, the comments will be lost when encoding/decoding is done into the `ACL` type. However, the source of truth for the ACL will be local along with the terraform configuration files, so this should not be a problem. Closes #17 Signed-off-by: David Bond <[email protected]>
- Loading branch information
1 parent
686f6c9
commit 689ea4a
Showing
23 changed files
with
5,526 additions
and
38 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,9 +6,93 @@ import ( | |
|
||
"github.com/davidsbond/terraform-provider-tailscale/internal/tailscale" | ||
"github.com/google/go-cmp/cmp" | ||
"github.com/tailscale/hujson" | ||
) | ||
|
||
func TestDomainACL_Unmarshal(t *testing.T) { | ||
func TestDomainACL_HuJSON_Unmarshal(t *testing.T) { | ||
acl := ` | ||
{ | ||
// Allow all users access to all ports. | ||
"ACLS": [ | ||
{ | ||
"Action": "accept", | ||
"Users": ["*"], | ||
"Ports": ["*:*"] | ||
} | ||
], | ||
"TagOwners": { | ||
"tag:example": [ | ||
"group:example", | ||
] | ||
}, | ||
"Groups": { | ||
"group:example": [ | ||
"[email protected]", | ||
"[email protected]", | ||
] | ||
}, | ||
"Hosts": { | ||
"example-host-1": "100.100.100.100", | ||
"example-host-2": "100.100.101.100/24", | ||
}, | ||
"Tests": [ | ||
{ | ||
"User": "[email protected]", | ||
"Allow": ["example-host-1:22", "example-host-2:80"], | ||
"Deny": ["exapmle-host-2:100"], | ||
}, | ||
{ | ||
"User": "[email protected]", | ||
"Allow": ["100.60.3.4:22"], | ||
} | ||
] | ||
}` | ||
|
||
var actual tailscale.ACL | ||
if err := hujson.Unmarshal([]byte(acl), &actual); err != nil { | ||
t.Fatal(err) | ||
} | ||
|
||
expected := tailscale.ACL{ | ||
ACLs: []tailscale.ACLEntry{ | ||
{ | ||
Action: "accept", | ||
Ports: []string{"*:*"}, | ||
Users: []string{"*"}, | ||
}, | ||
}, | ||
TagOwners: map[string][]string{ | ||
"tag:example": {"group:example"}, | ||
}, | ||
Hosts: map[string]string{ | ||
"example-host-1": "100.100.100.100", | ||
"example-host-2": "100.100.101.100/24", | ||
}, | ||
Groups: map[string][]string{ | ||
"group:example": { | ||
"[email protected]", | ||
"[email protected]", | ||
}, | ||
}, | ||
Tests: []tailscale.ACLTest{ | ||
{ | ||
User: "[email protected]", | ||
Allow: []string{"example-host-1:22", "example-host-2:80"}, | ||
Deny: []string{"exapmle-host-2:100"}, | ||
}, | ||
{ | ||
User: "[email protected]", | ||
Allow: []string{"100.60.3.4:22"}, | ||
}, | ||
}, | ||
} | ||
|
||
if !cmp.Equal(expected, actual) { | ||
t.Fatal("unmarshalled ACL does not match expected value") | ||
} | ||
} | ||
|
||
func TestDomainACL_JSON_Unmarshal(t *testing.T) { | ||
acl := ` | ||
{ | ||
"acls": [ | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -10,37 +10,40 @@ const testACL = ` | |
resource "tailscale_acl" "test_acl" { | ||
acl = <<EOF | ||
{ | ||
"acls": [ | ||
// Access control lists. | ||
"ACLs": [ | ||
{ | ||
"action": "accept", | ||
"users": ["*"], | ||
"ports": ["*:*"] | ||
"Action": "accept", | ||
"Users": ["*"], | ||
"Ports": ["*:*"] | ||
} | ||
], | ||
"tagowners": { | ||
"TagOwners": { | ||
"tag:example": [ | ||
"group:example" | ||
] | ||
}, | ||
"groups": { | ||
// Declare static groups of users | ||
"Groups": { | ||
"group:example": [ | ||
"[email protected]", | ||
"[email protected]" | ||
] | ||
}, | ||
"hosts": { | ||
// Declare convenient hostname aliases to use in place of IP addresses. | ||
"Hosts": { | ||
"example-host-1": "100.100.100.100", | ||
"example-host-2": "100.100.101.100/24" | ||
}, | ||
"tests": [ | ||
"Tests": [ | ||
{ | ||
"user": "[email protected]", | ||
"allow": ["example-host-1:22", "example-host-2:80"], | ||
"deny": ["exapmle-host-2:100"] | ||
"User": "[email protected]", | ||
"Allow": ["example-host-1:22", "example-host-2:80"], | ||
"Deny": ["exapmle-host-2:100"] | ||
}, | ||
{ | ||
"user": "[email protected]", | ||
"allow": ["100.60.3.4:22"] | ||
"User": "[email protected]", | ||
"Allow": ["100.60.3.4:22"] | ||
} | ||
] | ||
} | ||
|
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.