fix(iam): update tests to match SSH key format update (#2477)

* fix(iam): update tests to match SSH key format update

* feat: compare ssh keys by parsing them

Signed-off-by: Nathanael DEMACON <[email protected]>

* tests: update cassettes

Signed-off-by: Nathanael DEMACON <[email protected]>

* fix linter issues

Signed-off-by: Nathanael DEMACON <[email protected]>

---------

Signed-off-by: Nathanael DEMACON <[email protected]>
Co-authored-by: Maxime Corbin <[email protected]>
Co-authored-by: Nathanael DEMACON <[email protected]>

go.mod

@@ -18,6 +18,7 @@ require (
 	github.com/robfig/cron/v3 v3.0.1
 	github.com/scaleway/scaleway-sdk-go v1.0.0-beta.25.0.20240325161646-a49fad6abe89
 	github.com/stretchr/testify v1.9.0
+	golang.org/x/crypto v0.19.0
 )
 
 require (
@@ -82,7 +83,6 @@ require (
 	go.opentelemetry.io/otel/metric v1.22.0 // indirect
 	go.opentelemetry.io/otel/sdk v1.22.0 // indirect
 	go.opentelemetry.io/otel/trace v1.22.0 // indirect
-	golang.org/x/crypto v0.19.0 // indirect
 	golang.org/x/mod v0.15.0 // indirect
 	golang.org/x/net v0.19.0 // indirect
 	golang.org/x/sys v0.17.0 // indirect

scaleway/data_source_account_ssh_key_test.go

@@ -11,6 +11,7 @@ import (
 
 func TestAccScalewayDataSourceAccountSSHKey_Basic(t *testing.T) {
 	dataSourceAccountSSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHy/M5FVm5ydLGcal3e5LNcfTalbeN7QL/ZGCvDEdqJ [email protected]"
+	dataSourceAccountSSHKeyWithoutComment := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHy/M5FVm5ydLGcal3e5LNcfTalbeN7QL/ZGCvDEdqJ"
 	sshKeyName := "TestAccScalewayDataSourceAccountSSHKey_Basic"
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()
@@ -44,10 +45,10 @@ func TestAccScalewayDataSourceAccountSSHKey_Basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "data.scaleway_account_ssh_key.prod"),
 					resource.TestCheckResourceAttr("data.scaleway_account_ssh_key.prod", "name", sshKeyName),
-					resource.TestCheckResourceAttr("data.scaleway_account_ssh_key.prod", "public_key", dataSourceAccountSSHKey),
+					resource.TestCheckResourceAttr("data.scaleway_account_ssh_key.prod", "public_key", dataSourceAccountSSHKeyWithoutComment),
 					iam.CheckSSHKeyExists(tt, "data.scaleway_account_ssh_key.stg"),
 					resource.TestCheckResourceAttr("data.scaleway_account_ssh_key.stg", "name", sshKeyName),
-					resource.TestCheckResourceAttr("data.scaleway_account_ssh_key.stg", "public_key", dataSourceAccountSSHKey),
+					resource.TestCheckResourceAttr("data.scaleway_account_ssh_key.stg", "public_key", dataSourceAccountSSHKeyWithoutComment),
 				),
 			},
 		},

scaleway/data_source_iam_ssh_key_test.go

@@ -11,6 +11,7 @@ import (
 
 func TestAccScalewayDataSourceIamSSHKey_Basic(t *testing.T) {
 	dataSourceIamSSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHy/M5FVm5ydLGcal3e5LNcfTalbeN7QL/ZGCvDEdqJ [email protected]"
+	dataSourceIamSSHKeyWithoutComment := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILHy/M5FVm5ydLGcal3e5LNcfTalbeN7QL/ZGCvDEdqJ"
 	sshKeyName := "tf-test-ds-iam-ssh-key-basic"
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()
@@ -44,10 +45,10 @@ func TestAccScalewayDataSourceIamSSHKey_Basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "data.scaleway_iam_ssh_key.prod"),
 					resource.TestCheckResourceAttr("data.scaleway_iam_ssh_key.prod", "name", sshKeyName),
-					resource.TestCheckResourceAttr("data.scaleway_iam_ssh_key.prod", "public_key", dataSourceIamSSHKey),
+					resource.TestCheckResourceAttr("data.scaleway_iam_ssh_key.prod", "public_key", dataSourceIamSSHKeyWithoutComment),
 					iam.CheckSSHKeyExists(tt, "data.scaleway_iam_ssh_key.stg"),
 					resource.TestCheckResourceAttr("data.scaleway_iam_ssh_key.stg", "name", sshKeyName),
-					resource.TestCheckResourceAttr("data.scaleway_iam_ssh_key.stg", "public_key", dataSourceIamSSHKey),
+					resource.TestCheckResourceAttr("data.scaleway_iam_ssh_key.stg", "public_key", dataSourceIamSSHKeyWithoutComment),
 				),
 			},
 		},

scaleway/resource_account_ssh_key_test.go

@@ -12,6 +12,7 @@ import (
 func TestAccScalewayAccountSSHKey_basic(t *testing.T) {
 	name := "tf-test-account-ssh-key-basic"
 	SSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEEYrzDOZmhItdKaDAEqJQ4ORS2GyBMtBozYsK5kiXXX [email protected]"
+	FormattedSSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEEYrzDOZmhItdKaDAEqJQ4ORS2GyBMtBozYsK5kiXXX"
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()
 
@@ -30,7 +31,7 @@ func TestAccScalewayAccountSSHKey_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_account_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "name", name),
-					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "public_key", FormattedSSHKey),
 				),
 			},
 			{
@@ -43,7 +44,7 @@ func TestAccScalewayAccountSSHKey_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_account_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "name", name+"-updated"),
-					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "public_key", FormattedSSHKey),
 				),
 			},
 		},
@@ -53,6 +54,7 @@ func TestAccScalewayAccountSSHKey_basic(t *testing.T) {
 func TestAccScalewayAccountSSHKey_WithNewLine(t *testing.T) {
 	name := "tf-test-account-ssh-key-newline"
 	SSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDjfkdWCwkYlVQMDUfiZlVrmjaGOfBYnmkucssae8Iup [email protected]"
+	FormattedSSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDjfkdWCwkYlVQMDUfiZlVrmjaGOfBYnmkucssae8Iup"
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()
 
@@ -71,7 +73,7 @@ func TestAccScalewayAccountSSHKey_WithNewLine(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_account_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "name", name),
-					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_account_ssh_key.main", "public_key", FormattedSSHKey),
 				),
 			},
 		},
@@ -81,6 +83,7 @@ func TestAccScalewayAccountSSHKey_WithNewLine(t *testing.T) {
 func TestAccScalewayAccountSSHKey_ChangeResourceName(t *testing.T) {
 	name := "TestAccScalewayAccountSSHKey_ChangeResourceName"
 	SSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJEoOOgQBLJPs4g/XcPTKT82NywNPpxeuA20FlOPlpO [email protected]"
+	FormattedSSHKey := "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJEoOOgQBLJPs4g/XcPTKT82NywNPpxeuA20FlOPlpO"
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()
 
@@ -99,7 +102,7 @@ func TestAccScalewayAccountSSHKey_ChangeResourceName(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_account_ssh_key.first"),
 					resource.TestCheckResourceAttr("scaleway_account_ssh_key.first", "name", name),
-					resource.TestCheckResourceAttr("scaleway_account_ssh_key.first", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_account_ssh_key.first", "public_key", FormattedSSHKey),
 				),
 			},
 			{
@@ -112,7 +115,7 @@ func TestAccScalewayAccountSSHKey_ChangeResourceName(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_account_ssh_key.second"),
 					resource.TestCheckResourceAttr("scaleway_account_ssh_key.second", "name", name),
-					resource.TestCheckResourceAttr("scaleway_account_ssh_key.second", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_account_ssh_key.second", "public_key", FormattedSSHKey),
 				),
 			},
 		},

scaleway/resource_iam_ssh_key.go

@@ -1,6 +1,7 @@
 package scaleway
 
 import (
+	"bytes"
 	"context"
 	"strings"
 
@@ -10,6 +11,7 @@ import (
 	"github.com/scaleway/scaleway-sdk-go/scw"
 	"github.com/scaleway/terraform-provider-scaleway/v2/internal/httperrors"
 	"github.com/scaleway/terraform-provider-scaleway/v2/internal/types"
+	"golang.org/x/crypto/ssh"
 )
 
 func ResourceScalewayIamSSKKey() *schema.Resource {
@@ -36,7 +38,21 @@ func ResourceScalewayIamSSKKey() *schema.Resource {
 				Description: "The public SSH key",
 				// We don't consider trailing \n as diff
 				DiffSuppressFunc: func(_, oldValue, newValue string, _ *schema.ResourceData) bool {
-					return strings.Trim(oldValue, "\n") == strings.Trim(newValue, "\n")
+					parsedOldValue, _, _, _, err := ssh.ParseAuthorizedKey([]byte(oldValue))
+					if err != nil {
+						return false
+					}
+
+					parsedNewValue, _, _, _, err := ssh.ParseAuthorizedKey([]byte(newValue))
+					if err != nil {
+						return false
+					}
+
+					marshalledOldValue := ssh.MarshalAuthorizedKey(parsedOldValue)
+					marshalledNewValue := ssh.MarshalAuthorizedKey(parsedNewValue)
+
+					areEqual := bytes.Equal(marshalledOldValue, marshalledNewValue)
+					return areEqual
 				},
 			},
 			"fingerprint": {
@@ -175,3 +191,11 @@ func resourceScalewayIamSSKKeyDelete(ctx context.Context, d *schema.ResourceData
 
 	return nil
 }
+
+func removePublicSSHKeyComment(publicKey string) string {
+	parts := strings.Split(publicKey, " ")
+	if len(parts) == 3 {
+		return strings.Join(parts[:2], " ")
+	}
+	return publicKey
+}

scaleway/resource_iam_ssh_key_test.go

@@ -12,7 +12,10 @@ import (
 	"github.com/scaleway/terraform-provider-scaleway/v2/internal/services/iam"
 )
 
-const SSHKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJEoOOgQBLJPs4g/XcPTKT82NywNPpxeuA20FlOPlpO [email protected]"
+const (
+	SSHKey               = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJEoOOgQBLJPs4g/XcPTKT82NywNPpxeuA20FlOPlpO [email protected]"
+	SSHKeyWithoutComment = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICJEoOOgQBLJPs4g/XcPTKT82NywNPpxeuA20FlOPlpO"
+)
 
 func init() {
 	resource.AddTestSweepers("scaleway_iam_ssh_key", &resource.Sweeper{
@@ -68,7 +71,7 @@ func TestAccScalewayIamSSHKey_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "name", name),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKeyWithoutComment),
 				),
 			},
 			{
@@ -81,7 +84,7 @@ func TestAccScalewayIamSSHKey_basic(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "name", name+"-updated"),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKeyWithoutComment),
 				),
 			},
 		},
@@ -108,7 +111,7 @@ func TestAccScalewayIamSSHKey_WithNewLine(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "name", name),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKeyWithoutComment),
 				),
 			},
 		},
@@ -135,7 +138,7 @@ func TestAccScalewayIamSSHKey_ChangeResourceName(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.first"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.first", "name", name),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.first", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.first", "public_key", SSHKeyWithoutComment),
 				),
 			},
 			{
@@ -148,7 +151,7 @@ func TestAccScalewayIamSSHKey_ChangeResourceName(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.second"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.second", "name", name),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.second", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.second", "public_key", SSHKeyWithoutComment),
 				),
 			},
 		},
@@ -175,7 +178,7 @@ func TestAccScalewayIamSSHKey_Disabled(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "name", name),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKeyWithoutComment),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "disabled", "false"),
 				),
 			},
@@ -190,7 +193,7 @@ func TestAccScalewayIamSSHKey_Disabled(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "name", name),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKeyWithoutComment),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "disabled", "true"),
 				),
 			},
@@ -205,7 +208,7 @@ func TestAccScalewayIamSSHKey_Disabled(t *testing.T) {
 				Check: resource.ComposeTestCheckFunc(
 					iam.CheckSSHKeyExists(tt, "scaleway_iam_ssh_key.main"),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "name", name),
-					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKey),
+					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "public_key", SSHKeyWithoutComment),
 					resource.TestCheckResourceAttr("scaleway_iam_ssh_key.main", "disabled", "false"),
 				),
 			},