Disable testing of EST authenticator cert_role parameter

- Workaround not releasing 1.16.3 for the fix within hashicorp/vault-enterprise#5785 by not setting the cert_role parameter within the cert authenticator definition
hashicorp · May 28, 2024 · 2dc02f3 · 2dc02f3
1 parent cb70fec
commit 2dc02f3
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/vault/resource_pki_secret_backend_config_est_test.go b/vault/resource_pki_secret_backend_config_est_test.go
@@ -96,7 +96,8 @@ func TestAccPKISecretBackendConfigEst_AllFields(t *testing.T) {
 					resource.TestCheckResourceAttr(resourceBackend, consts.FieldAuthenticators+".0.%", "2"),
 					resource.TestCheckResourceAttr(resourceBackend, consts.FieldAuthenticators+".0.cert.%", "2"),
 					resource.TestCheckResourceAttr(resourceBackend, consts.FieldAuthenticators+".0.cert.accessor", "test"),
-					resource.TestCheckResourceAttr(resourceBackend, consts.FieldAuthenticators+".0.cert.cert_role", "a-role"),
+					// @TODO add these back in when Vault 1.16.3 is released (https://github.com/hashicorp/vault-enterprise/pull/5785)
+					// resource.TestCheckResourceAttr(resourceBackend, consts.FieldAuthenticators+".0.cert.cert_role", "a-role"),
 					resource.TestCheckResourceAttr(resourceBackend, consts.FieldAuthenticators+".0.userpass.%", "1"),
 					resource.TestCheckResourceAttr(resourceBackend, consts.FieldAuthenticators+".0.userpass.accessor", "test2"),
 					resource.TestCheckResourceAttr(resourceBackend, consts.FieldEnableSentinelParsing, "true"),
@@ -115,7 +116,8 @@ func TestAccPKISecretBackendConfigEst_AllFields(t *testing.T) {
 					resource.TestCheckResourceAttr(dataName, consts.FieldAuthenticators+".0.%", "2"),
 					resource.TestCheckResourceAttr(dataName, consts.FieldAuthenticators+".0.cert.%", "2"),
 					resource.TestCheckResourceAttr(dataName, consts.FieldAuthenticators+".0.cert.accessor", "test"),
-					resource.TestCheckResourceAttr(dataName, consts.FieldAuthenticators+".0.cert.cert_role", "a-role"),
+					// @TODO add these back in when Vault 1.16.3 is released (https://github.com/hashicorp/vault-enterprise/pull/5785)
+					// resource.TestCheckResourceAttr(dataName, consts.FieldAuthenticators+".0.cert.cert_role", "a-role"),
 					resource.TestCheckResourceAttr(dataName, consts.FieldAuthenticators+".0.userpass.%", "1"),
 					resource.TestCheckResourceAttr(dataName, consts.FieldAuthenticators+".0.userpass.accessor", "test2"),
 					resource.TestCheckResourceAttr(dataName, consts.FieldEnableSentinelParsing, "true"),
@@ -162,7 +164,9 @@ resource "vault_pki_secret_backend_config_est" "test" {
      "test-label-2": format("role:%%s", vault_pki_secret_backend_role.est_role_2.name)
   }
   authenticators { 
-	cert = { "accessor" = "test", "cert_role" = "a-role" } 
+	# @TODO add these back in when Vault 1.16.3 is released (https://github.com/hashicorp/vault-enterprise/pull/5785)
+	# cert = { "accessor" = "test", "cert_role" = "a-role" }
+	cert = { "accessor" = "test", "cert_role" = "" }
 	userpass = { "accessor" = "test2" } 
   }	
   enable_sentinel_parsing = true