feat(iam): add utility class for ServiceAccount test (GoogleCloudPlatform#10058)

* feat(iam): add utility class for ServiceAccount test

* fix typo

* feat(iam): refactor ServiceAccountTests.java

Stop reusing resources from other tests.
Use Util functions to set up and tear down resources.

* make await functions match

* add await for key disabling

* use UUID instead of time for naming

* remove unused env var

* use Util functions in QuickstartTests

* use try/finally blocks to ensure clean up

* use coreMatchers.not to invert Matcher logic

* split tests by sample so they are in their own files

* rename test functions after splitting them to avoid redundancy

* unify tests format and practices

Change assertions to test sample instead of api calls
Use google assertThat
Flush System.out

* fix testRenameServiceAccount

* fix testListServiceAccounts

* add waiting time for assertions after enable/disable operations

* Undo changes to quickstartTest

* fix lint issue quickstartTest

* Ignore test until issue is resolved

GoogleCloudPlatform#10082

Author: alarconesparza

iam/snippets/src/test/java/CreateServiceAccountIT.java

@@ -0,0 +1,79 @@
+/* Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.junit.Assert.assertNotNull;
+
+import com.google.cloud.testing.junit4.MultipleAttemptsRule;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.PrintStream;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+@RunWith(JUnit4.class)
+public class CreateServiceAccountIT {
+
+  private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT");
+  private ByteArrayOutputStream bout;
+  private String serviceAccountName;
+  private final PrintStream originalOut = System.out;
+
+  @Rule public MultipleAttemptsRule multipleAttemptsRule = new MultipleAttemptsRule(3);
+
+  private static void requireEnvVar(String varName) {
+    assertNotNull(
+        System.getenv(varName),
+        String.format("Environment variable '%s' is required to perform these tests.", varName));
+  }
+
+  @BeforeClass
+  public static void checkRequirements() {
+    requireEnvVar("GOOGLE_APPLICATION_CREDENTIALS");
+    requireEnvVar("GOOGLE_CLOUD_PROJECT");
+  }
+
+  @Before
+  public void beforeTest() {
+    bout = new ByteArrayOutputStream();
+    System.setOut(new PrintStream(bout));
+
+    // Set up test
+    serviceAccountName = Util.generateServiceAccountName();
+  }
+
+  @After
+  public void tearDown() throws IOException {
+    // Cleanup test
+    Util.tearDownTest_deleteServiceAccount(PROJECT_ID, serviceAccountName);
+
+    System.out.flush();
+    System.setOut(originalOut);
+  }
+
+  @Test
+  public void testCreateServiceAccount() throws IOException {
+    // Act
+    CreateServiceAccount.createServiceAccount(PROJECT_ID, serviceAccountName);
+
+    // Assert
+    assertThat(bout.toString()).contains("Created service account: " + serviceAccountName);
+  }
+}

iam/snippets/src/test/java/CreateServiceAccountKeyIT.java

@@ -0,0 +1,80 @@
+/* Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.junit.Assert.assertNotNull;
+
+import com.google.cloud.testing.junit4.MultipleAttemptsRule;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.PrintStream;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+@RunWith(JUnit4.class)
+public class CreateServiceAccountKeyIT {
+
+  private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT");
+  private ByteArrayOutputStream bout;
+  private String serviceAccountName;
+  private final PrintStream originalOut = System.out;
+
+  @Rule public MultipleAttemptsRule multipleAttemptsRule = new MultipleAttemptsRule(3);
+
+  private static void requireEnvVar(String varName) {
+    assertNotNull(
+        System.getenv(varName),
+        String.format("Environment variable '%s' is required to perform these tests.", varName));
+  }
+
+  @BeforeClass
+  public static void checkRequirements() {
+    requireEnvVar("GOOGLE_APPLICATION_CREDENTIALS");
+    requireEnvVar("GOOGLE_CLOUD_PROJECT");
+  }
+
+  @Before
+  public void beforeTest() throws IOException, InterruptedException {
+    bout = new ByteArrayOutputStream();
+    System.setOut(new PrintStream(bout));
+
+    // Set up test
+    serviceAccountName = Util.generateServiceAccountName();
+    Util.setUpTest_createServiceAccount(PROJECT_ID, serviceAccountName);
+  }
+
+  @After
+  public void tearDown() throws IOException {
+    // Cleanup test
+    Util.tearDownTest_deleteServiceAccount(PROJECT_ID, serviceAccountName);
+
+    System.out.flush();
+    System.setOut(originalOut);
+  }
+
+  @Test
+  public void testCreateServiceAccountKey() throws IOException, InterruptedException {
+    // Act
+    CreateServiceAccountKey.createKey(PROJECT_ID, serviceAccountName);
+
+    // Assert
+    assertThat(bout.toString()).contains("Key created successfully");
+  }
+}

iam/snippets/src/test/java/DeleteServiceAccountIT.java

@@ -0,0 +1,77 @@
+/* Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.junit.Assert.assertNotNull;
+
+import com.google.cloud.testing.junit4.MultipleAttemptsRule;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.PrintStream;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+@RunWith(JUnit4.class)
+public class DeleteServiceAccountIT {
+
+  private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT");
+  private ByteArrayOutputStream bout;
+  private String serviceAccountName;
+  private final PrintStream originalOut = System.out;
+
+  @Rule public MultipleAttemptsRule multipleAttemptsRule = new MultipleAttemptsRule(3);
+
+  private static void requireEnvVar(String varName) {
+    assertNotNull(
+        System.getenv(varName),
+        String.format("Environment variable '%s' is required to perform these tests.", varName));
+  }
+
+  @BeforeClass
+  public static void checkRequirements() {
+    requireEnvVar("GOOGLE_APPLICATION_CREDENTIALS");
+    requireEnvVar("GOOGLE_CLOUD_PROJECT");
+  }
+
+  @Before
+  public void beforeTest() throws IOException, InterruptedException {
+    bout = new ByteArrayOutputStream();
+    System.setOut(new PrintStream(bout));
+
+    // Set up test
+    serviceAccountName = Util.generateServiceAccountName();
+    Util.setUpTest_createServiceAccount(PROJECT_ID, serviceAccountName);
+  }
+
+  @After
+  public void tearDown() throws IOException {
+    System.out.flush();
+    System.setOut(originalOut);
+  }
+
+  @Test
+  public void testDeleteServiceAccount() throws IOException, InterruptedException {
+    // Act
+    DeleteServiceAccount.deleteServiceAccount(PROJECT_ID, serviceAccountName);
+
+    // Assert
+    assertThat(bout.toString()).contains("Deleted service account: " + serviceAccountName);
+  }
+}

iam/snippets/src/test/java/DeleteServiceAccountKeyIT.java

@@ -0,0 +1,86 @@
+/* Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import static com.google.common.truth.Truth.assertThat;
+import static org.junit.Assert.assertNotNull;
+
+import com.google.cloud.testing.junit4.MultipleAttemptsRule;
+import com.google.iam.admin.v1.ServiceAccountKey;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.PrintStream;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+@RunWith(JUnit4.class)
+public class DeleteServiceAccountKeyIT {
+
+  private static final String PROJECT_ID = System.getenv("GOOGLE_CLOUD_PROJECT");
+  private ByteArrayOutputStream bout;
+  private String serviceAccountName;
+  private String serviceAccountKeyId;
+  private final PrintStream originalOut = System.out;
+
+  @Rule public MultipleAttemptsRule multipleAttemptsRule = new MultipleAttemptsRule(3);
+
+  private static void requireEnvVar(String varName) {
+    assertNotNull(
+        System.getenv(varName),
+        String.format("Environment variable '%s' is required to perform these tests.", varName));
+  }
+
+  @BeforeClass
+  public static void checkRequirements() {
+    requireEnvVar("GOOGLE_APPLICATION_CREDENTIALS");
+    requireEnvVar("GOOGLE_CLOUD_PROJECT");
+  }
+
+  @Before
+  public void beforeTest() throws IOException, InterruptedException {
+    bout = new ByteArrayOutputStream();
+    System.setOut(new PrintStream(bout));
+
+    // Set up test
+    serviceAccountName = Util.generateServiceAccountName();
+    Util.setUpTest_createServiceAccount(PROJECT_ID, serviceAccountName);
+    ServiceAccountKey setupKey =
+        Util.setUpTest_createServiceAccountKey(PROJECT_ID, serviceAccountName);
+    serviceAccountKeyId = Util.getServiceAccountKeyIdFromKey(setupKey);
+  }
+
+  @After
+  public void tearDown() throws IOException {
+    // Cleanup test
+    Util.tearDownTest_deleteServiceAccount(PROJECT_ID, serviceAccountName);
+
+    System.out.flush();
+    System.setOut(originalOut);
+  }
+
+  @Test
+  public void testDeleteServiceAccountKey() throws IOException, InterruptedException {
+    // Act
+    DeleteServiceAccountKey.deleteKey(PROJECT_ID, serviceAccountName, serviceAccountKeyId);
+
+    // Assert
+    String got = bout.toString();
+    assertThat(got).contains("Deleted key: " + serviceAccountKeyId);
+  }
+}

iam/snippets/src/test/java/DenyIT.java

@@ -37,7 +37,6 @@
 public class DenyIT {
 
   private static final String PROJECT_ID = System.getenv("IAM_PROJECT_ID");
-  private static final String GOOGLE_APPLICATION_CREDENTIALS = System.getenv("IAM_CREDENTIALS");
   private static String POLICY_ID;
 
   private ByteArrayOutputStream stdOut;
@@ -55,7 +54,6 @@ public static void setUp()
     final PrintStream out = System.out;
     ByteArrayOutputStream stdOut = new ByteArrayOutputStream();
     System.setOut(new PrintStream(stdOut));
-    requireEnvVar("IAM_CREDENTIALS");
     requireEnvVar("IAM_PROJECT_ID");
 
     POLICY_ID = "limit-project-deletion" + UUID.randomUUID();