diff --git a/internal/services/applications/application_password_resource_test.go b/internal/services/applications/application_password_resource_test.go index 2fe5a0795..beb452bb1 100644 --- a/internal/services/applications/application_password_resource_test.go +++ b/internal/services/applications/application_password_resource_test.go @@ -79,6 +79,50 @@ func TestAccApplicationPassword_relativeEndDate(t *testing.T) { }) } +func TestAccApplicationPassword_with_ApplicationInlinePassword(t *testing.T) { + data := acceptance.BuildTestData(t, "azuread_application_password", "test") + application := "azuread_application.test" + + r := ApplicationPasswordResource{} + aR := ApplicationResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.passwordsCombined(data, true), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("application_id").Exists(), + check.That(data.ResourceName).Key("end_date").Exists(), + check.That(data.ResourceName).Key("key_id").Exists(), + check.That(data.ResourceName).Key("start_date").Exists(), + check.That(data.ResourceName).Key("value").Exists(), + /* azuread_application */ + check.That(application).ExistsInAzure(aR), + check.That(application).Key("password.#").HasValue("1"), + check.That(application).Key("password.0.key_id").Exists(), + check.That(application).Key("password.0.value").Exists(), + check.That(application).Key("password.0.start_date").Exists(), + check.That(application).Key("password.0.end_date").Exists(), + check.That(application).Key("password.0.display_name").HasValue(fmt.Sprintf("acctest-appPassword-%s", data.RandomString)), + ), + }, + { + Config: r.passwordsCombined(data, false), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(application).ExistsInAzure(aR), + ), + }, + { + RefreshState: true, + Check: acceptance.ComposeTestCheckFunc( + check.That(application).ExistsInAzure(aR), + check.That(application).Key("password.#").HasValue("0"), + ), + }, + }) +} + func (r ApplicationPasswordResource) Exists(ctx context.Context, clients *clients.Client, state *terraform.InstanceState) (*bool, error) { client := clients.Applications.ApplicationClient @@ -155,3 +199,34 @@ resource "azuread_application_password" "test" { } `, r.template(data), data.RandomString) } + +func (r ApplicationPasswordResource) passwordsCombined(data acceptance.TestData, renderPassword bool) string { + return fmt.Sprintf(` +data "azuread_client_config" "current" {} + +resource "azuread_application" "test" { + display_name = "acctest-appPassword-%[1]d" + owners = [data.azuread_client_config.current.object_id] + + %[3]s +} + +resource "azuread_application_password" "test" { + application_id = azuread_application.test.id + display_name = "acctest-application-password-%[2]s" +} + +`, data.RandomInteger, data.RandomString, r.applicationPassword(data.RandomString, renderPassword)) +} + +func (r ApplicationPasswordResource) applicationPassword(randomString string, renderPassword bool) string { + if renderPassword { + return fmt.Sprintf(` + password { + display_name = "acctest-appPassword-%[1]s" + } +`, randomString) + } + + return "" +} diff --git a/internal/services/applications/application_resource.go b/internal/services/applications/application_resource.go index 9a34f5946..de2a83255 100644 --- a/internal/services/applications/application_resource.go +++ b/internal/services/applications/application_resource.go @@ -410,7 +410,6 @@ func applicationResource() *pluginsdk.Resource { Description: "App password definition", Type: pluginsdk.TypeSet, Optional: true, - Computed: true, MaxItems: 1, Elem: &pluginsdk.Resource{ Schema: map[string]*pluginsdk.Schema{ diff --git a/internal/services/applications/application_resource_test.go b/internal/services/applications/application_resource_test.go index 91d91dee5..789c0cdaf 100644 --- a/internal/services/applications/application_resource_test.go +++ b/internal/services/applications/application_resource_test.go @@ -662,6 +662,41 @@ func TestAccApplication_passwordNotSet(t *testing.T) { }) } +func TestAccApplication_PasswordSetAndRemove(t *testing.T) { + data := acceptance.BuildTestData(t, "azuread_application", "test") + startDate := time.Now().AddDate(0, 0, 7).UTC().Format(time.RFC3339) + endDate := time.Now().AddDate(0, 5, 27).UTC().Format(time.RFC3339) + r := ApplicationResource{} + + data.ResourceTest(t, r, []acceptance.TestStep{ + { + Config: r.passwordComplete(data, startDate, endDate), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("password.#").HasValue("1"), + check.That(data.ResourceName).Key("password.0.key_id").Exists(), + check.That(data.ResourceName).Key("password.0.value").Exists(), + check.That(data.ResourceName).Key("password.0.start_date").Exists(), + check.That(data.ResourceName).Key("password.0.end_date").Exists(), + check.That(data.ResourceName).Key("password.0.display_name").HasValue(fmt.Sprintf("acctest-appPasswordComplete-%d", data.RandomInteger)), + ), + }, + { + Config: r.passwordRemoved(data), + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + ), + }, + { + RefreshState: true, + Check: acceptance.ComposeTestCheckFunc( + check.That(data.ResourceName).ExistsInAzure(r), + check.That(data.ResourceName).Key("password.#").HasValue("0"), + ), + }, + }) +} + func (r ApplicationResource) Exists(ctx context.Context, clients *clients.Client, state *terraform.InstanceState) (*bool, error) { client := clients.Applications.ApplicationClient @@ -1699,3 +1734,16 @@ resource "azuread_application" "test" { } `, data.RandomInteger, startDate, endDate) } + +func (r ApplicationResource) passwordRemoved(data acceptance.TestData) string { + return fmt.Sprintf(` +provider "azuread" {} + +data "azuread_client_config" "current" {} + +resource "azuread_application" "test" { + display_name = "acctest-APP-%[1]d" + owners = [data.azuread_client_config.current.object_id] +} +`, data.RandomInteger) +}