From 03009cbb49c85f61657c20be58710452d23f2708 Mon Sep 17 00:00:00 2001 From: alex hemard Date: Fri, 13 Dec 2024 13:55:17 -0600 Subject: [PATCH] feat(Cloud Databases): Update Database Password Complexity Validation (#5701) * feat(Cloud Databases): Update Database Password Complexity Validation --------- Co-authored-by: Alex Hemard --- .secrets.baseline | 64 ++++++++++++------- ibm/service/database/resource_ibm_database.go | 15 +++-- .../resource_ibm_database_edb_test.go | 12 ++-- ...bm_database_elasticsearch_platinum_test.go | 42 ++++++------ ...esource_ibm_database_elasticsearch_test.go | 42 ++++++------ .../resource_ibm_database_etcd_test.go | 12 ++-- ...ce_ibm_database_mongodb_enterprise_test.go | 14 ++-- ...urce_ibm_database_mongodb_sharding_test.go | 12 ++-- .../resource_ibm_database_mongodb_test.go | 12 ++-- .../resource_ibm_database_mysql_test.go | 10 +-- .../resource_ibm_database_postgresql_test.go | 27 ++++---- .../resource_ibm_database_rabbitmq_test.go | 12 ++-- .../resource_ibm_database_redis_test.go | 10 +-- .../database/resource_ibm_database_test.go | 27 ++++---- 14 files changed, 167 insertions(+), 144 deletions(-) diff --git a/.secrets.baseline b/.secrets.baseline index 299efe9f10..2c57170aac 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "go.mod|go.sum|.*.map|^.secrets.baseline$", "lines": null }, - "generated_at": "2024-12-08T16:17:06Z", + "generated_at": "2024-12-12T19:51:17Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -842,11 +842,19 @@ "type": "Base64 High Entropy String", "verified_result": null }, + { + "hashed_secret": "1f7e33de15e22de9d2eaf502df284ed25ca40018", + "is_secret": false, + "is_verified": false, + "line_number": 1581, + "type": "Secret Keyword", + "verified_result": null + }, { "hashed_secret": "1f614c2eb6b3da22d89bd1b9fd47d7cb7c8fc670", "is_secret": false, "is_verified": false, - "line_number": 3540, + "line_number": 3550, "type": "Secret Keyword", "verified_result": null }, @@ -854,7 +862,7 @@ "hashed_secret": "7abfce65b8504403afc25c9790f358d513dfbcc6", "is_secret": false, "is_verified": false, - "line_number": 3553, + "line_number": 3563, "type": "Secret Keyword", "verified_result": null }, @@ -862,7 +870,7 @@ "hashed_secret": "0c2d85bf9a9b1579b16f220a4ea8c3d62b2e24b1", "is_secret": false, "is_verified": false, - "line_number": 3594, + "line_number": 3604, "type": "Secret Keyword", "verified_result": null } @@ -2130,7 +2138,7 @@ "hashed_secret": "deab23f996709b4e3d14e5499d1cc2de677bfaa8", "is_secret": false, "is_verified": false, - "line_number": 1373, + "line_number": 1311, "type": "Secret Keyword", "verified_result": null }, @@ -2138,7 +2146,7 @@ "hashed_secret": "20a25bac21219ffff1904bde871ded4027eca2f8", "is_secret": false, "is_verified": false, - "line_number": 1974, + "line_number": 1912, "type": "Secret Keyword", "verified_result": null }, @@ -2146,14 +2154,14 @@ "hashed_secret": "b732fb611fd46a38e8667f9972e0cde777fbe37f", "is_secret": false, "is_verified": false, - "line_number": 1993, + "line_number": 1931, "type": "Secret Keyword", "verified_result": null } ], "ibm/service/database/resource_ibm_database_edb_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 278, @@ -2163,7 +2171,7 @@ ], "ibm/service/database/resource_ibm_database_elasticsearch_platinum_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 773, @@ -2173,7 +2181,7 @@ ], "ibm/service/database/resource_ibm_database_elasticsearch_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 819, @@ -2183,7 +2191,7 @@ ], "ibm/service/database/resource_ibm_database_etcd_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 209, @@ -2193,7 +2201,7 @@ ], "ibm/service/database/resource_ibm_database_mongodb_enterprise_test.go": [ { - "hashed_secret": "8cbbbfad0206e5953901f679b0d26d583c4f5ffe", + "hashed_secret": "74f75c4c7dc7e33193565dc5c56b7ab6f72db4df", "is_secret": false, "is_verified": false, "line_number": 253, @@ -2201,7 +2209,7 @@ "verified_result": null }, { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 318, @@ -2219,7 +2227,7 @@ "verified_result": null }, { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 179, @@ -2229,7 +2237,7 @@ ], "ibm/service/database/resource_ibm_database_mongodb_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 213, @@ -2239,7 +2247,7 @@ ], "ibm/service/database/resource_ibm_database_mysql_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 251, @@ -2257,7 +2265,7 @@ "verified_result": null }, { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 568, @@ -2267,7 +2275,7 @@ ], "ibm/service/database/resource_ibm_database_rabbitmq_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 224, @@ -2277,7 +2285,7 @@ ], "ibm/service/database/resource_ibm_database_redis_test.go": [ { - "hashed_secret": "2317aa72dafa0a07f05af47baa2e388f95dcf6f3", + "hashed_secret": "6c6728efbf3da1eadeb8c21e829d70f6dfd4bf8d", "is_secret": false, "is_verified": false, "line_number": 280, @@ -2303,7 +2311,7 @@ "verified_result": null }, { - "hashed_secret": "d67007844d8f7fbc45ea3b27c4bea0bffafb53a0", + "hashed_secret": "92ec408a50ecf51d35e7d26656a9372e50c06a07", "is_secret": false, "is_verified": false, "line_number": 30, @@ -2319,7 +2327,15 @@ "verified_result": null }, { - "hashed_secret": "dad6fac3e5b6be7bb6f274970b4c50739a7e26ee", + "hashed_secret": "2ca8c980f5947600f2749adb4f177fd357d2df53", + "is_secret": false, + "is_verified": false, + "line_number": 46, + "type": "Secret Keyword", + "verified_result": null + }, + { + "hashed_secret": "64034663b9f3ba170ea9281f5e833f93b55f91a1", "is_secret": false, "is_verified": false, "line_number": 62, @@ -2327,7 +2343,7 @@ "verified_result": null }, { - "hashed_secret": "8cbbbfad0206e5953901f679b0d26d583c4f5ffe", + "hashed_secret": "74f75c4c7dc7e33193565dc5c56b7ab6f72db4df", "is_secret": false, "is_verified": false, "line_number": 70, @@ -2354,7 +2370,7 @@ "hashed_secret": "1f5e25be9b575e9f5d39c82dfd1d9f4d73f1975c", "is_secret": false, "is_verified": false, - "line_number": 165, + "line_number": 166, "type": "Secret Keyword", "verified_result": null }, @@ -2362,7 +2378,7 @@ "hashed_secret": "e03932ac8a17ed1819fe161fd253bf323e0e3ec9", "is_secret": false, "is_verified": false, - "line_number": 174, + "line_number": 175, "type": "Secret Keyword", "verified_result": null } diff --git a/ibm/service/database/resource_ibm_database.go b/ibm/service/database/resource_ibm_database.go index a0d2ab72a0..68c6f4f64b 100644 --- a/ibm/service/database/resource_ibm_database.go +++ b/ibm/service/database/resource_ibm_database.go @@ -215,7 +215,7 @@ func ResourceIBMDatabaseInstance() *schema.Resource { Type: schema.TypeString, Optional: true, ValidateFunc: validation.All( - validation.StringLenBetween(15, 32), + validation.StringLenBetween(15, 72), DatabaseUserPasswordValidator("database"), ), Sensitive: true, @@ -1882,7 +1882,7 @@ func resourceIBMDatabaseInstanceUpdate(context context.Context, d *schema.Resour if group.CPU != nil && group.CPU.Allocation*nodeCount != currentGroup.CPU.Allocation { groupScaling.CPU = &clouddatabasesv5.GroupScalingCPU{AllocationCount: core.Int64Ptr(int64(group.CPU.Allocation * nodeCount))} } - if group.HostFlavor != nil && group.HostFlavor.ID != currentGroup.HostFlavor.ID { + if group.HostFlavor != nil { groupScaling.HostFlavor = &clouddatabasesv5.GroupScalingHostFlavor{ID: core.StringPtr(group.HostFlavor.ID)} } @@ -3251,7 +3251,8 @@ func (u *DatabaseUser) ValidatePassword() (err error) { var allowedCharacters = regexp.MustCompile(fmt.Sprintf("^(?:[a-zA-Z0-9]|%s)+$", specialCharPattern)) var beginWithSpecialChar = regexp.MustCompile(fmt.Sprintf("^(?:%s)", specialCharPattern)) - var containsLetter = regexp.MustCompile("[a-zA-Z]") + var containsLower = regexp.MustCompile("[a-z]") + var containsUpper = regexp.MustCompile("[A-Z]") var containsNumber = regexp.MustCompile("[0-9]") var containsSpecialChar = regexp.MustCompile(fmt.Sprintf("(?:%s)", specialCharPattern)) @@ -3265,8 +3266,12 @@ func (u *DatabaseUser) ValidatePassword() (err error) { "password must not begin with a special character (%s)", specialChars)) } - if !containsLetter.MatchString(u.Password) { - errs = append(errs, errors.New("password must contain at least one letter")) + if !containsLower.MatchString(u.Password) { + errs = append(errs, errors.New("password must contain at least one lower case letter")) + } + + if !containsUpper.MatchString(u.Password) { + errs = append(errs, errors.New("password must contain at least one upper case letter")) } if !containsNumber.MatchString(u.Password) { diff --git a/ibm/service/database/resource_ibm_database_edb_test.go b/ibm/service/database/resource_ibm_database_edb_test.go index 76d945b27f..6d8747cf76 100644 --- a/ibm/service/database/resource_ibm_database_edb_test.go +++ b/ibm/service/database/resource_ibm_database_edb_test.go @@ -185,7 +185,7 @@ func testAccCheckIBMDatabaseInstanceEDBBasic(databaseResourceGroup string, name service = "databases-for-enterprisedb" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" host_flavor { @@ -199,7 +199,7 @@ func testAccCheckIBMDatabaseInstanceEDBBasic(databaseResourceGroup string, name tags = ["one:two"] users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -226,7 +226,7 @@ func testAccCheckIBMDatabaseInstanceEDBFullyspecified(databaseResourceGroup stri service = "databases-for-enterprisedb" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" host_flavor { @@ -240,11 +240,11 @@ func testAccCheckIBMDatabaseInstanceEDBFullyspecified(databaseResourceGroup stri tags = ["one:two"] users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -275,7 +275,7 @@ func testAccCheckIBMDatabaseInstanceEDBReduced(databaseResourceGroup string, nam service = "databases-for-enterprisedb" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" host_flavor { diff --git a/ibm/service/database/resource_ibm_database_elasticsearch_platinum_test.go b/ibm/service/database/resource_ibm_database_elasticsearch_platinum_test.go index de598df4df..792a46328f 100644 --- a/ibm/service/database/resource_ibm_database_elasticsearch_platinum_test.go +++ b/ibm/service/database/resource_ibm_database_elasticsearch_platinum_test.go @@ -297,7 +297,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumBasic(databaseResourceG service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -311,7 +311,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumBasic(databaseResourceG } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -340,7 +340,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumFullyspecified(database service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -351,11 +351,11 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumFullyspecified(database } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -389,7 +389,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumReduced(databaseResourc service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -421,7 +421,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumGroupMigration(database service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { @@ -457,7 +457,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumNodeBasic(databaseResou service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -474,7 +474,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumNodeBasic(databaseResou users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -503,7 +503,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumNodeFullyspecified(data service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -519,11 +519,11 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumNodeFullyspecified(data } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -556,7 +556,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumNodeReduced(databaseRes service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -593,7 +593,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumNodeScaleOut(databaseRe service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -630,7 +630,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumGroupBasic(databaseReso service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { @@ -648,7 +648,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumGroupBasic(databaseReso users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -677,7 +677,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumGroupFullyspecified(dat service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { @@ -694,11 +694,11 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumGroupFullyspecified(dat } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -732,7 +732,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumGroupReduced(databaseRe service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { @@ -770,7 +770,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchPlatinumGroupScaleOut(databaseR service = "databases-for-elasticsearch" plan = "platinum" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { diff --git a/ibm/service/database/resource_ibm_database_elasticsearch_test.go b/ibm/service/database/resource_ibm_database_elasticsearch_test.go index 0966bdc52c..407aed352e 100644 --- a/ibm/service/database/resource_ibm_database_elasticsearch_test.go +++ b/ibm/service/database/resource_ibm_database_elasticsearch_test.go @@ -292,11 +292,11 @@ func testAccCheckIBMDatabaseInstanceElasticsearchBasic(databaseResourceGroup str service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -335,15 +335,15 @@ func testAccCheckIBMDatabaseInstanceElasticsearchFullyspecified(databaseResource service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -387,7 +387,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchReduced(databaseResourceGroup s service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { @@ -422,7 +422,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchGroupMigration(databaseResource service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { @@ -461,7 +461,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchNodeBasic(databaseResourceGroup service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { @@ -484,7 +484,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchNodeBasic(databaseResourceGroup } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -513,7 +513,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchNodeFullyspecified(databaseReso service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { group_id = "member" @@ -535,11 +535,11 @@ func testAccCheckIBMDatabaseInstanceElasticsearchNodeFullyspecified(databaseReso } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -572,7 +572,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchNodeReduced(databaseResourceGro service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { group_id = "member" @@ -615,7 +615,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchNodeScaleOut(databaseResourceGr service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { group_id = "member" @@ -658,7 +658,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchGroupBasic(databaseResourceGrou service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { @@ -682,7 +682,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchGroupBasic(databaseResourceGrou users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -711,7 +711,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchGroupFullyspecified(databaseRes service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { @@ -734,11 +734,11 @@ func testAccCheckIBMDatabaseInstanceElasticsearchGroupFullyspecified(databaseRes } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -772,7 +772,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchGroupReduced(databaseResourceGr service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { @@ -816,7 +816,7 @@ func testAccCheckIBMDatabaseInstanceElasticsearchGroupScaleOut(databaseResourceG service = "databases-for-elasticsearch" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { diff --git a/ibm/service/database/resource_ibm_database_etcd_test.go b/ibm/service/database/resource_ibm_database_etcd_test.go index edc988e529..63338cb37e 100644 --- a/ibm/service/database/resource_ibm_database_etcd_test.go +++ b/ibm/service/database/resource_ibm_database_etcd_test.go @@ -122,7 +122,7 @@ func testAccCheckIBMDatabaseInstanceEtcdBasic(databaseResourceGroup string, name service = "databases-for-etcd" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -138,7 +138,7 @@ func testAccCheckIBMDatabaseInstanceEtcdBasic(databaseResourceGroup string, name } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -161,7 +161,7 @@ func testAccCheckIBMDatabaseInstanceEtcdFullyspecified(databaseResourceGroup str service = "databases-for-etcd" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" @@ -174,11 +174,11 @@ func testAccCheckIBMDatabaseInstanceEtcdFullyspecified(databaseResourceGroup str } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -206,7 +206,7 @@ func testAccCheckIBMDatabaseInstanceEtcdReduced(databaseResourceGroup string, na service = "databases-for-etcd" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public-and-private" group { group_id = "member" diff --git a/ibm/service/database/resource_ibm_database_mongodb_enterprise_test.go b/ibm/service/database/resource_ibm_database_mongodb_enterprise_test.go index fa21b34d23..c58aa778e6 100644 --- a/ibm/service/database/resource_ibm_database_mongodb_enterprise_test.go +++ b/ibm/service/database/resource_ibm_database_mongodb_enterprise_test.go @@ -189,7 +189,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBEnterpriseBasic(databaseResourceGroup service = "databases-for-mongodb" plan = "enterprise" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" tags = ["one:two"] service_endpoints = "public" group { @@ -203,7 +203,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBEnterpriseBasic(databaseResourceGroup } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" type = "database" } allowlist { @@ -231,7 +231,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBEnterpriseFullyspecified(databaseReso service = "databases-for-mongodb" plan = "enterprise" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" tags = ["one:two"] service_endpoints = "public" group { @@ -245,12 +245,12 @@ func testAccCheckIBMDatabaseInstanceMongoDBEnterpriseFullyspecified(databaseReso } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" type = "database" } users { name = "user124" - password = "password12345678$password" + password = "secure-Password12345$password" type = "ops_manager" } allowlist { @@ -282,7 +282,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBEnterpriseReduced(databaseResourceGro service = "databases-for-mongodb" plan = "enterprise" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" tags = ["one:two"] group { @@ -315,7 +315,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBEnterpriseGroupBasic(databaseResource service = "databases-for-mongodb" plan = "enterprise" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" tags = ["one:two"] service_endpoints = "public" diff --git a/ibm/service/database/resource_ibm_database_mongodb_sharding_test.go b/ibm/service/database/resource_ibm_database_mongodb_sharding_test.go index 7ccbd24a66..23119c631d 100644 --- a/ibm/service/database/resource_ibm_database_mongodb_sharding_test.go +++ b/ibm/service/database/resource_ibm_database_mongodb_sharding_test.go @@ -85,7 +85,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBShardingBasic(databaseResourceGroup s service = "databases-for-mongodb" plan = "enterprise-sharding" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" host_flavor { @@ -98,7 +98,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBShardingBasic(databaseResourceGroup s service_endpoints = "public" users { name = "user123" - password = "password12345678" + password = "secure-Password12345" type = "database" } allowlist { @@ -126,7 +126,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBShardingFullyspecified(databaseResour service = "databases-for-mongodb" plan = "enterprise-sharding" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" host_flavor { @@ -139,12 +139,12 @@ func testAccCheckIBMDatabaseInstanceMongoDBShardingFullyspecified(databaseResour service_endpoints = "public" users { name = "user123" - password = "password12345678" + password = "secure-Password12345" type = "database" } users { name = "user124" - password = "password$12password" + password = "password$12Password" type = "ops_manager" } allowlist { @@ -176,7 +176,7 @@ func testAccCheckIBMDatabaseInstanceMongoDBShardingReduced(databaseResourceGroup service = "databases-for-mongodb" plan = "enterprise-sharding" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" host_flavor { diff --git a/ibm/service/database/resource_ibm_database_mongodb_test.go b/ibm/service/database/resource_ibm_database_mongodb_test.go index 58b7c59e8e..025027e0a2 100644 --- a/ibm/service/database/resource_ibm_database_mongodb_test.go +++ b/ibm/service/database/resource_ibm_database_mongodb_test.go @@ -126,7 +126,7 @@ func testAccCheckIBMDatabaseInstanceMongodbBasic(databaseResourceGroup string, n service = "databases-for-mongodb" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { group_id = "member" @@ -142,7 +142,7 @@ func testAccCheckIBMDatabaseInstanceMongodbBasic(databaseResourceGroup string, n } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -164,7 +164,7 @@ func testAccCheckIBMDatabaseInstanceMongodbFullyspecified(databaseResourceGroup service = "databases-for-mongodb" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { group_id = "member" @@ -180,11 +180,11 @@ func testAccCheckIBMDatabaseInstanceMongodbFullyspecified(databaseResourceGroup } users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -210,7 +210,7 @@ func testAccCheckIBMDatabaseInstanceMongodbReduced(databaseResourceGroup string, service = "databases-for-mongodb" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { group_id = "member" diff --git a/ibm/service/database/resource_ibm_database_mysql_test.go b/ibm/service/database/resource_ibm_database_mysql_test.go index af0bb87ebb..e97483be7f 100644 --- a/ibm/service/database/resource_ibm_database_mysql_test.go +++ b/ibm/service/database/resource_ibm_database_mysql_test.go @@ -180,7 +180,7 @@ func testAccCheckIBMDatabaseInstanceMysqlBasic(databaseResourceGroup string, nam service = "databases-for-mysql" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" memory { @@ -197,7 +197,7 @@ func testAccCheckIBMDatabaseInstanceMysqlBasic(databaseResourceGroup string, nam tags = ["one:two"] users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -224,7 +224,7 @@ func testAccCheckIBMDatabaseInstanceMysqlFullyspecified(databaseResourceGroup st service = "databases-for-mysql" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" memory { @@ -244,11 +244,11 @@ func testAccCheckIBMDatabaseInstanceMysqlFullyspecified(databaseResourceGroup st tags = ["one:two"] users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" diff --git a/ibm/service/database/resource_ibm_database_postgresql_test.go b/ibm/service/database/resource_ibm_database_postgresql_test.go index 1e1e8a8173..e8c96e6ba1 100644 --- a/ibm/service/database/resource_ibm_database_postgresql_test.go +++ b/ibm/service/database/resource_ibm_database_postgresql_test.go @@ -308,10 +308,11 @@ func testAccCheckIBMDatabaseInstancePostgresBasic(databaseResourceGroup string, service = "databases-for-postgresql" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" service_endpoints = "public" group { group_id = "member" + memory { allocation_mb = 4096 } @@ -325,7 +326,7 @@ func testAccCheckIBMDatabaseInstancePostgresBasic(databaseResourceGroup string, tags = ["one:two"] users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } allowlist { address = "172.168.1.2/32" @@ -359,7 +360,7 @@ func testAccCheckIBMDatabaseInstancePostgresFullyspecified(databaseResourceGroup service = "databases-for-postgresql" plan = "standard" location = "%[3]s" - adminpassword = "password12345678" + adminpassword = "secure-Password12345" group { group_id = "member" memory { @@ -379,15 +380,15 @@ func testAccCheckIBMDatabaseInstancePostgresFullyspecified(databaseResourceGroup tags = ["one:two"] users { name = "user123" - password = "password12345678" + password = "secure-Password12345" } users { name = "user124" - password = "password12345678" + password = "secure-Password12345" } users { name = "repl" - password = "repl123456password" + password = "repl123456Password" } configuration = </?_-)", @@ -67,7 +67,7 @@ func TestValidateUserPassword(t *testing.T) { { user: DatabaseUser{ Username: "testy", - Password: "password12345678$password", + Password: "secure-Password12345$Password", Type: "ops_manager", }, expectedError: "", @@ -78,12 +78,12 @@ func TestValidateUserPassword(t *testing.T) { Password: "~!@#$%^&*()=+[]{}|;:,.<>/?_-", Type: "ops_manager", }, - expectedError: "database user (testy) validation error:\npassword must contain at least one letter\npassword must contain at least one number", + expectedError: "database user (testy) validation error:\npassword must contain at least one lower case letter\npassword must contain at least one upper case letter\npassword must contain at least one number", }, { user: DatabaseUser{ Username: "testy", - Password: "~!@#$%^&*()=+[]{}|;:,.<>/?_-a1", + Password: "~!@#$%^&*()=+[]{}|;:,.<>/?_-aA1", Type: "ops_manager", }, expectedError: "", @@ -91,7 +91,7 @@ func TestValidateUserPassword(t *testing.T) { { user: DatabaseUser{ Username: "testy", - Password: "pizza1pizzapizza1", + Password: "Pizza1pizzapizza1", Type: "database", }, expectedError: "", @@ -101,7 +101,8 @@ func TestValidateUserPassword(t *testing.T) { err := tc.user.ValidatePassword() if tc.expectedError == "" { if err != nil { - t.Errorf("TestValidateUserPassword: %q, %q unexpected error: %q", tc.user.Username, tc.user.Password, err.Error()) + t.Logf("TestValidateUserPassword: %q, %q unexpected error: %q", tc.user.Username, tc.user.Password, err.Error()) + t.Fail() } } else { assert.Equal(t, tc.expectedError, err.Error())