From 5c4d3202a78769a85ae500ec5d553a3cbc95d14d Mon Sep 17 00:00:00 2001 From: pimielowski Date: Tue, 17 Jan 2023 12:54:59 +0100 Subject: [PATCH] Add ALB test coverage and refactor skeletor --- .gitignore | 2 +- go.mod | 7 ++ go.sum | 69 ++++++++++++- modules/alb/main.tf | 12 +++ scripts/install.sh | 0 scripts/run.sh | 0 tests/README.md | 8 +- tests/alb/main.tf | 102 ++++++++++++++++++++ tests/alb/main_test.go | 92 ++++++++++++++++++ tests/alb/outputs.tf | 7 ++ tests/alb/terraform_full.tfvars | 53 ++++++++++ tests/alb/terraform_minimum.tfvars | 31 ++++++ tests/alb/variables.tf | 63 ++++++++++++ tests/{vpc_read => alb}/versions.tf | 10 +- tests/bootstrap/main_test.go | 11 ++- tests/internal/helpers/helpers.go | 38 ++++++++ tests/internal/testskeleton/testskeleton.go | 50 +++++++++- tests/panorama/main_test.go | 41 ++------ tests/panorama/outputs.tf | 2 +- tests/subnet_set_mod/main_test.go | 19 +++- tests/subnet_set_mod/versions.tf | 10 +- tests/transit_gateway/main_test.go | 14 ++- tests/vpc_plan/main_test.go | 2 +- tests/vpc_plan/versions.tf | 10 +- tests/vpc_read/main.tf | 97 ------------------- tests/vpc_read/main_test.go | 35 ------- 26 files changed, 581 insertions(+), 204 deletions(-) mode change 100755 => 100644 scripts/install.sh mode change 100755 => 100644 scripts/run.sh create mode 100644 tests/alb/main.tf create mode 100644 tests/alb/main_test.go create mode 100644 tests/alb/outputs.tf create mode 100644 tests/alb/terraform_full.tfvars create mode 100644 tests/alb/terraform_minimum.tfvars create mode 100644 tests/alb/variables.tf rename tests/{vpc_read => alb}/versions.tf (57%) create mode 100644 tests/internal/helpers/helpers.go delete mode 100644 tests/vpc_read/main.tf delete mode 100644 tests/vpc_read/main_test.go diff --git a/.gitignore b/.gitignore index 93d141a6..a83e8a44 100644 --- a/.gitignore +++ b/.gitignore @@ -32,7 +32,7 @@ .terragrunt-cache .vscode .idea - +**/test_report.html # Palo auth codes authcodes # Crash log files diff --git a/go.mod b/go.mod index bdf4f7e8..035957a7 100644 --- a/go.mod +++ b/go.mod @@ -3,9 +3,16 @@ module github.com/PaloAltoNetworks/terraform-aws-vmseries-modules go 1.14 require ( + github.com/apex/log v1.9.0 + github.com/aws/aws-sdk-go-v2 v1.17.3 + github.com/aws/aws-sdk-go-v2/config v1.18.8 + github.com/aws/aws-sdk-go-v2/service/sts v1.18.0 // indirect github.com/gruntwork-io/terratest v0.41.7 github.com/hashicorp/go-version v1.6.0 // indirect github.com/hashicorp/terraform-json v0.14.0 + github.com/inconshreveable/mousetrap v1.1.0 // indirect + github.com/spf13/cobra v1.6.1 // indirect github.com/stretchr/testify v1.8.1 + github.com/vakenbolt/go-test-report v0.9.3 // indirect github.com/zclconf/go-cty v1.11.0 // indirect ) diff --git a/go.sum b/go.sum index c12627d3..f6c9c3b1 100644 --- a/go.sum +++ b/go.sum @@ -97,6 +97,11 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0= github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY= +github.com/apex/log v1.9.0 h1:FHtw/xuaM8AgmvDDTI9fiwoAL25Sq2cxojnZICUU8l0= +github.com/apex/log v1.9.0/go.mod h1:m82fZlWIuiWzWP04XCTXmnX0xRkYYbCdYn8jbJeLBEA= +github.com/apex/logs v1.0.0/go.mod h1:XzxuLZ5myVHDy9SAmYpamKKRNApGj54PfYLcFrXqDwo= +github.com/aphistic/golf v0.0.0-20180712155816-02c07f170c5a/go.mod h1:3NqKYiepwy8kCu4PNA+aP7WUV72eXWJeP9/r3/K9aLE= +github.com/aphistic/sweet v0.2.0/go.mod h1:fWDlIh/isSE9n6EPsRmC0det+whmX6dJid3stzu0Xys= github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM= github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0= github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk= @@ -110,8 +115,34 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:l github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM= +github.com/aws/aws-sdk-go v1.20.6/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.40.56 h1:FM2yjR0UUYFzDTMx+mH9Vyw1k1EUUxsAFzk+BjkzANA= github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q= +github.com/aws/aws-sdk-go-v2 v1.17.3 h1:shN7NlnVzvDUgPQ+1rLMSxY8OWRNDRYtiqe0p/PgrhY= +github.com/aws/aws-sdk-go-v2 v1.17.3/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw= +github.com/aws/aws-sdk-go-v2/config v1.18.8 h1:lDpy0WM8AHsywOnVrOHaSMfpaiV2igOw8D7svkFkXVA= +github.com/aws/aws-sdk-go-v2/config v1.18.8/go.mod h1:5XCmmyutmzzgkpk/6NYTjeWb6lgo9N170m1j6pQkIBs= +github.com/aws/aws-sdk-go-v2/credentials v1.13.8 h1:vTrwTvv5qAwjWIGhZDSBH/oQHuIQjGmD232k01FUh6A= +github.com/aws/aws-sdk-go-v2/credentials v1.13.8/go.mod h1:lVa4OHbvgjVot4gmh1uouF1ubgexSCN92P6CJQpT0t8= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.21 h1:j9wi1kQ8b+e0FBVHxCqCGo4kxDU175hoDHcWAi0sauU= +github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.21/go.mod h1:ugwW57Z5Z48bpvUyZuaPy4Kv+vEfJWnIrky7RmkBvJg= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27 h1:I3cakv2Uy1vNmmhRQmFptYDxOvBnwCdNwyw63N0RaRU= +github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27/go.mod h1:a1/UpzeyBBerajpnP5nGZa9mGzsBn5cOKxm6NWQsvoI= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21 h1:5NbbMrIzmUn/TXFqAle6mgrH5m9cOvMLRGL7pnG8tRE= +github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21/go.mod h1:+Gxn8jYn5k9ebfHEqlhrMirFjSW0v0C9fI+KN5vk2kE= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.28 h1:KeTxcGdNnQudb46oOl4d90f2I33DF/c6q3RnZAmvQdQ= +github.com/aws/aws-sdk-go-v2/internal/ini v1.3.28/go.mod h1:yRZVr/iT0AqyHeep00SZ4YfBAKojXz08w3XMBscdi0c= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.21 h1:5C6XgTViSb0bunmU57b3CT+MhxULqHH2721FVA+/kDM= +github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.21/go.mod h1:lRToEJsn+DRA9lW4O9L9+/3hjTkUzlzyzHqn8MTds5k= +github.com/aws/aws-sdk-go-v2/service/sso v1.12.0 h1:/2gzjhQowRLarkkBOGPXSRnb8sQ2RVsjdG1C/UliK/c= +github.com/aws/aws-sdk-go-v2/service/sso v1.12.0/go.mod h1:wo/B7uUm/7zw/dWhBJ4FXuw1sySU5lyIhVg1Bu2yL9A= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.0 h1:Jfly6mRxk2ZOSlbCvZfKNS7TukSx1mIzhSsqZ/IGSZI= +github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.0/go.mod h1:TZSH7xLO7+phDtViY/KUp9WGCJMQkLJ/VpgkTFd5gh8= +github.com/aws/aws-sdk-go-v2/service/sts v1.18.0 h1:kOO++CYo50RcTFISESluhWEi5Prhg+gaSs4whWabiZU= +github.com/aws/aws-sdk-go-v2/service/sts v1.18.0/go.mod h1:+lGbb3+1ugwKrNTWcf2RT05Xmp543B06zDFTwiTLp7I= +github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8= +github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA= +github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59/go.mod h1:q/89r3U2H7sSsE2t6Kca0lfwTK8JdoNGS/yzM/4iH5I= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -120,6 +151,7 @@ github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1U github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4= github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs= github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA= +github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84= github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM= github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk= @@ -231,6 +263,7 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= +github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc= @@ -246,6 +279,7 @@ github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfc github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA= github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4= @@ -492,16 +526,21 @@ github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJ github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA= github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8= +github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= +github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= +github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw= github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o= github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s= github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= +github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k= github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo= +github.com/jpillora/backoff v0.0.0-20180909062703-3050d21c67d7/go.mod h1:2iMrUgbbvHEiQClaW2NsSzMyGHqN+rDFqY705q49KG0= github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU= github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4= @@ -539,15 +578,19 @@ github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LE github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc= github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw= github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= +github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ= github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60= github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc= github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs= github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho= github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU= +github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ= +github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE= github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4= +github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU= @@ -558,6 +601,7 @@ github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2 github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo= github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0= github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4= +github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE= github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg= github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM= github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs= @@ -609,6 +653,7 @@ github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+ github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk= github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA= +github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY= github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= @@ -641,6 +686,7 @@ github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= +github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= @@ -678,6 +724,7 @@ github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU= github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg= +github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ= github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc= github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= @@ -701,8 +748,11 @@ github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0= github.com/slack-go/slack v0.10.3/go.mod h1:hlGi5oXA+Gt+yWTPP0plCdRKmjsDxecdHxYQdlMQKOw= github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc= +github.com/smartystreets/assertions v1.0.0/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM= +github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h1:SnhjPscd9TpLiy1LpzGSKh3bXCfxxXuqd9xmQJy3slM= github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA= +github.com/smartystreets/gunit v1.0.0/go.mod h1:qwPWnhz6pn0NnRBP++URONOVyNkPyr4SauJk4cUOwJs= github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM= github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA= github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ= @@ -713,7 +763,10 @@ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ= github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE= +github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo= github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk= +github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA= +github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY= github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo= github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo= github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= @@ -721,8 +774,10 @@ github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bd github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= +github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE= +github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg= github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns= github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8= github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= @@ -737,7 +792,6 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= @@ -748,6 +802,13 @@ github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I= +github.com/tj/assert v0.0.0-20171129193455-018094318fb0/go.mod h1:mZ9/Rh9oLWpLLDRpvE+3b7gP/C2YyLFYxNmcLnPTMe0= +github.com/tj/assert v0.0.3 h1:Df/BlaZ20mq6kuai7f5z2TvPFiwC3xaWJSDQNiIS3Rk= +github.com/tj/assert v0.0.3/go.mod h1:Ne6X72Q+TB1AteidzQncjw9PabbMp4PBMZ1k+vd1Pvk= +github.com/tj/go-buffer v1.1.0/go.mod h1:iyiJpfFcR2B9sXu7KvjbT9fpM4mOelRSDTbntVj52Uc= +github.com/tj/go-elastic v0.0.0-20171221160941-36157cbbebc2/go.mod h1:WjeM0Oo1eNAjXGDx2yma7uG2XoyRZTq1uv3M/o7imD0= +github.com/tj/go-kinesis v0.0.0-20171128231115-08b17f58cb1b/go.mod h1:/yhzCV0xPfx6jb1bBgRFjl5lytqVqZXEaeqWP8lTEao= +github.com/tj/go-spin v1.1.0/go.mod h1:Mg1mzmePZm4dva8Qz60H2lHwmJ2loum4VIrLgVnKwh4= github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U= github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ= @@ -759,6 +820,8 @@ github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/vakenbolt/go-test-report v0.9.3 h1:KPJIZJhr3CKdk82+6KD/LnLF89lvW8aklyRqOjlPJRQ= +github.com/vakenbolt/go-test-report v0.9.3/go.mod h1:sSBCeKCZsuw8Ph983JpYkuEe4fWteYI3YdAtZr9FNds= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho= @@ -1248,6 +1311,7 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo= gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw= +gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k= gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k= gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo= @@ -1266,7 +1330,8 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo= +gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= +gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/modules/alb/main.tf b/modules/alb/main.tf index 1598a622..bc2110dd 100644 --- a/modules/alb/main.tf +++ b/modules/alb/main.tf @@ -165,6 +165,18 @@ resource "aws_s3_bucket_policy" "this" { } # ######################## # +## Add communication to ALB with ephemeral port + +resource "aws_security_group_rule" "alb_att" { + + from_port = 0 + protocol = "all" + source_security_group_id = var.security_groups[0] + security_group_id = var.security_groups[0] + to_port = 0 + type = "ingress" +} + # ## Application Load Balancer ## resource "aws_lb" "this" { name = var.lb_name diff --git a/scripts/install.sh b/scripts/install.sh old mode 100755 new mode 100644 diff --git a/scripts/run.sh b/scripts/run.sh old mode 100755 new mode 100644 diff --git a/tests/README.md b/tests/README.md index 871e7286..7e3ce99e 100644 --- a/tests/README.md +++ b/tests/README.md @@ -12,10 +12,16 @@ go get -u github.com/gruntwork-io/terratest 4. Execute test for module using commands e.g for ``bootstrap`` module: ```bash cd tests/bootstrap -go test -v -timeout 90m -count=1 +go test -v -timeout 30m -count=1 ``` +Run all test: + +```bash +go test -timeout 130m ./... -json | go-test-report +``` Comments: * Do not however run `go test -v .` or similar. Specifying a package (that extra dot) enables caching, which is incompatible with Terraform. +* We use go-test-report to create html reports for tests, check https://github.com/vakenbolt/go-test-report for more information * Cloud resources are destroyed automatically after the test, no cleanup is normally required. * VScode users should keep `Go: Test On Save` at the default false value, and not set to true. This option is spelled `go.testOnSave` in settings.json. diff --git a/tests/alb/main.tf b/tests/alb/main.tf new file mode 100644 index 00000000..4168e7a7 --- /dev/null +++ b/tests/alb/main.tf @@ -0,0 +1,102 @@ +## VPC + +module "security_vpc" { + source = "../../modules/vpc" + + name = "${var.name_prefix}-vpc" + cidr_block = var.security_vpc_cidr + security_groups = var.security_vpc_security_groups + create_internet_gateway = true + enable_dns_hostnames = true + enable_dns_support = true + instance_tenancy = "default" +} + +module "security_subnet_sets" { + source = "../../modules/subnet_set" + + for_each = toset(distinct([for _, v in var.security_vpc_subnets : v.set])) + + name = each.key + vpc_id = module.security_vpc.id + has_secondary_cidrs = module.security_vpc.has_secondary_cidrs + cidrs = {for k, v in var.security_vpc_subnets : k => v if v.set == each.key} +} + +locals { + security_vpc_routes = concat( + [for cidr in ["app_vm", "app_lb"] : + { + subnet_key = cidr + next_hop_set = module.security_vpc.igw_as_next_hop_set + to_cidr = "0.0.0.0/0" + } + ] + ) +} +module "security_vpc_routes" { + for_each = { for route in local.security_vpc_routes : "${route.subnet_key}_${route.to_cidr}" => route } + source = "../../modules/vpc_route" + + route_table_ids = module.security_subnet_sets[each.value.subnet_key].unique_route_table_ids + to_cidr = each.value.to_cidr + next_hop_set = each.value.next_hop_set +} + +## ALB + +module "public_alb" { + source = "../../modules/alb" + + lb_name = replace("${var.name_prefix}${var.application_lb_name}", "_","-") + subnets = {for k, v in module.security_subnet_sets["app_vm"].subnets : k => { id = v.id }} + vpc_id = module.security_vpc.id + security_groups = [module.security_vpc.security_group_ids["app_vm"]] + rules = var.application_lb_rules + targets = {for k, v in var.app_vms : k => aws_instance.app_vm[k].private_ip} + + tags = var.global_tags +} + + +### app EC2 instance ### + +data "aws_ami" "this" { + most_recent = true # newest by time, not by version number + + filter { + name = "name" + values = ["bitnami-nginx-1.21*-linux-debian-10-x86_64-hvm-ebs-nami"] + # The wildcard '*' causes re-creation of the whole EC2 instance when a new image appears. + } + + owners = ["979382823631"] # bitnami = 979382823631 +} + +resource "tls_private_key" "random_ssh_key" { + algorithm = "RSA" + rsa_bits = 4096 +} + +resource "aws_key_pair" "random_ssh_key_pair" { + key_name = var.key_pair_name + public_key = tls_private_key.random_ssh_key.public_key_openssh +} + +resource "aws_instance" "app_vm" { + for_each = var.app_vms + + ami = data.aws_ami.this.id + instance_type = var.app_vm_type + key_name = aws_key_pair.random_ssh_key_pair.key_name + subnet_id = module.security_subnet_sets["app_vm"].subnets[each.value.az].id + vpc_security_group_ids = [module.security_vpc.security_group_ids["app_vm"]] + tags = merge({ Name = "${var.name_prefix}${each.key}" }, var.global_tags) + associate_public_ip_address = true + +} + +data "aws_network_interface" "bar" { + for_each = var.app_vms + id = aws_instance.app_vm[each.key].primary_network_interface_id +} \ No newline at end of file diff --git a/tests/alb/main_test.go b/tests/alb/main_test.go new file mode 100644 index 00000000..54327053 --- /dev/null +++ b/tests/alb/main_test.go @@ -0,0 +1,92 @@ +package main + +import ( + "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/helpers" + "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/testskeleton" + "github.com/gruntwork-io/terratest/modules/logger" + "github.com/gruntwork-io/terratest/modules/terraform" + "log" + "testing" +) + +func TestALBOutputAndConectivitiyWithFullTFVars(t *testing.T) { + + // define variables for Terraform + namePrefix := "terratest-alb-" + + // define options for Terraform + terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ + TerraformDir: ".", + VarFiles: []string{"terraform_full.tfvars"}, + Vars: map[string]interface{}{ + "name_prefix": namePrefix, + }, + Logger: logger.Default, + Lock: true, + Upgrade: true, + SetVarsAfterVarFiles: true, + }) + + destroyFunc := func() { + terraform.Destroy(t, terraformOptions) + } + defer destroyFunc() + terraformOptions = testskeleton.InitAndApplyOnlyWithoutDelete(t, terraformOptions) + + albName := terraform.Output(t, terraformOptions, "alb_name") + log.Printf("Alb_name = %s", albName) + + assertList := []testskeleton.AssertExpression{ + // check if the ALB is created with correct FQDN + { + OutputName: "alb_name", + Operation: "NotEmpty", + }, + // check if the ALB is created with correct FQDN + { + OutputName: "alb_name", + Operation: "StartsWith", + ExpectedValue: namePrefix, + }, + // check communication with app + { + Operation: "CheckFunctionWithValue", + Check: helpers.CheckHttpGetWebUiLoginPage, + TestedValue: "http://" + albName + "/", + }, + } + testskeleton.AssertOutputs(t, terraformOptions, assertList) + +} + +func TestALBOutputWithMinimumTFVars(t *testing.T) { + + // define variables for Terraform + namePrefix := "terratest-alb-" + // define options for Terraform + terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ + TerraformDir: ".", + VarFiles: []string{"terraform_minimum.tfvars"}, + Vars: map[string]interface{}{ + "name_prefix": namePrefix, + }, + Logger: logger.Default, + Lock: true, + Upgrade: true, + SetVarsAfterVarFiles: true, + }) + assertList := []testskeleton.AssertExpression{ + // check if the ALB is created with correct FQDN + { + OutputName: "alb_name", + Operation: "NotEmpty", + }, + // check if the ALB is created with correct FQDN + { + OutputName: "alb_name", + Operation: "StartsWith", + ExpectedValue: namePrefix, + }, + } + testskeleton.DeployInfraCheckOutputs(t, terraformOptions, assertList) +} diff --git a/tests/alb/outputs.tf b/tests/alb/outputs.tf new file mode 100644 index 00000000..c3c8c082 --- /dev/null +++ b/tests/alb/outputs.tf @@ -0,0 +1,7 @@ +output "alb_name" { + value = module.public_alb.lb_fqdn +} + +output "vms_public_ips" { + value = [ for k, v in var.app_vms : aws_instance.app_vm[k].public_ip ] +} \ No newline at end of file diff --git a/tests/alb/terraform_full.tfvars b/tests/alb/terraform_full.tfvars new file mode 100644 index 00000000..6ed07af1 --- /dev/null +++ b/tests/alb/terraform_full.tfvars @@ -0,0 +1,53 @@ +global_tags = { + ManagedBy = "Terraform" + Application = "Palo Alto Networks VM-Series NGFW Automatic Tests" +} +region = "us-east-1" +name_prefix = "test-vpc-route-" + +security_vpc_cidr = "10.100.0.0/16" +security_vpc_subnets = { + "10.100.0.0/24" = { az = "us-east-1a", set = "app_vm" } + "10.100.2.0/24" = { az = "us-east-1b", set = "app_vm" } + "10.100.3.0/24" = { az = "us-east-1a", set = "app_lb" } + "10.100.4.0/24" = { az = "us-east-1b", set = "app_lb" } +} +security_vpc_security_groups = { + app_vm = { + name = "app_vm" + rules = { + all_outbound = { + description = "Permit ALL outbound" + type = "egress", from_port = "0", to_port = "0", protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + ssh = { + description = "Permit SSH inbound" + type = "ingress", from_port = "80", to_port = "80", protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + } + } +} + +app_vms = { + "app_vm01" = { az = "us-east-1a" } + "app_vm02" = { az = "us-east-1b" } +} + +application_lb_rules = { + "main-welcome-page" = { + protocol = "HTTP" + health_check_port = "80" + health_check_matcher = "200" + health_check_path = "/" + health_check_interval = 10 + listener_rules = { + "1" = { + target_protocol = "HTTP" + target_port = 80 + path_pattern = ["/"] + } + } + } +} \ No newline at end of file diff --git a/tests/alb/terraform_minimum.tfvars b/tests/alb/terraform_minimum.tfvars new file mode 100644 index 00000000..3c331f01 --- /dev/null +++ b/tests/alb/terraform_minimum.tfvars @@ -0,0 +1,31 @@ +global_tags = { + ManagedBy = "Terraform" + Application = "Palo Alto Networks VM-Series NGFW Automatic Tests" +} +region = "us-east-1" +name_prefix = "test-vpc-route-" + +security_vpc_cidr = "10.100.0.0/16" +security_vpc_subnets = { + "10.100.0.0/24" = { az = "us-east-1a", set = "app_vm" } + "10.100.2.0/24" = { az = "us-east-1b", set = "app_vm" } + "10.100.3.0/24" = { az = "us-east-1a", set = "app_lb" } + "10.100.4.0/24" = { az = "us-east-1b", set = "app_lb" } +} +security_vpc_security_groups = { + app_vm = { + name = "app_vm" + rules = { + all_outbound = { + description = "Permit ALL outbound" + type = "egress", from_port = "0", to_port = "0", protocol = "-1" + cidr_blocks = ["0.0.0.0/0"] + } + ssh = { + description = "Permit SSH inbound" + type = "ingress", from_port = "80", to_port = "80", protocol = "tcp" + cidr_blocks = ["0.0.0.0/0"] + } + } + } +} diff --git a/tests/alb/variables.tf b/tests/alb/variables.tf new file mode 100644 index 00000000..1261c029 --- /dev/null +++ b/tests/alb/variables.tf @@ -0,0 +1,63 @@ +variable "global_tags" {} + +variable "region" { + description = "AWS region to use for the created resources." + type = string +} + +variable "name_prefix" { + description = "Prefix used in resources created for tests" + type = string +} + +variable "security_vpc_cidr" { + description = "CIDR for VPC" + type = string +} + +variable "security_vpc_subnets" { + description = "Map of subnets in VPC" +} + +variable "security_vpc_security_groups" { + description = "Map of security groups" +} + +variable "application_lb_rules" { + description = "A map of rules for the Application Load Balancer. See [modules documentation](../../modules/alb/README.md) for details." + default = {} + type = any +} + +variable "application_lb_name" { + description = "Name of the public Application Load Balancer placed in front of the Firewalls' public interfaces." + default = "public-alb" + type = string +} + +variable "key_pair_name" { + default = "Terratest_key_pair" +} + +variable "app_vms" { + description = <<-EOF + Definition of an example "app" application VMs. They are based on the latest version of Bitnami's NGINX image. + The structure of this map is similar to the one defining VM-Series, only one property is supported though: the Availability Zone the VM should be placed in. + Example: + + ``` + app_vms = { + "appvm01" = { az = "us-east-1b" } + "appvm02" = { az = "us-east-1a" } + } + ``` + EOF + default = {} + type = map(any) +} + +variable "app_vm_type" { + description = "EC2 type for \"app\" VMs." + default = "t2.micro" + type = string +} diff --git a/tests/vpc_read/versions.tf b/tests/alb/versions.tf similarity index 57% rename from tests/vpc_read/versions.tf rename to tests/alb/versions.tf index 6faae3cf..62ffe8f5 100644 --- a/tests/vpc_read/versions.tf +++ b/tests/alb/versions.tf @@ -1,13 +1,13 @@ terraform { - required_version = ">= 0.13.7, < 2.0.0" + required_version = ">= 1.0.0, < 2.0.0" required_providers { aws = { source = "hashicorp/aws" - version = "= 3.10" + version = "~> 4.25" } random = { source = "hashicorp/random" - version = "~> 3.3.2" + version = "~> 3.4.3" } } } @@ -15,7 +15,3 @@ terraform { provider "aws" { region = var.region } - -variable "region" { - default = "us-east-1" -} diff --git a/tests/bootstrap/main_test.go b/tests/bootstrap/main_test.go index 46c077de..4ccac1b5 100644 --- a/tests/bootstrap/main_test.go +++ b/tests/bootstrap/main_test.go @@ -51,9 +51,10 @@ func TestOutputForModuleBootstrapWhileCreatingIamRoleForBootstrapModule(t *testi // check access to S3 bucket with bootstrap files { - Operation: "CheckFunction", - Check: CheckHttpGetS3BucketBootstrapFile, - Message: "HTTP response code > 401 expected while accessing S3 bucket with bootstrap files", + Operation: "CheckFunctionWithOutput", + Check: CheckHttpGetS3BucketBootstrapFile, + OutputName: "bucket_domain_name", + Message: "HTTP response code > 401 expected while accessing S3 bucket with bootstrap files", }, } @@ -64,8 +65,8 @@ func TestOutputForModuleBootstrapWhileCreatingIamRoleForBootstrapModule(t *testi // CheckBucketHttpGet checks whether the Bucket's HTTP response code is greater than 401 (expected forbidden access) // It requires Internet connectivity to AWS S3. // CheckHttpGetS3BucketBootstrapFile is compatible with the specification testskeleton.CheckFunction. -func CheckHttpGetS3BucketBootstrapFile(t *testing.T, terraformOptions *terraform.Options) bool { - resp, err := http.Get("https://" + terraform.Output(t, terraformOptions, "bucket_domain_name")) +func CheckHttpGetS3BucketBootstrapFile(t *testing.T, outputValue string) bool { + resp, err := http.Get("https://" + outputValue) if err != nil { t.Errorf("Error S3 HTTP GET: %v\n", err) return false diff --git a/tests/internal/helpers/helpers.go b/tests/internal/helpers/helpers.go new file mode 100644 index 00000000..7a7bf473 --- /dev/null +++ b/tests/internal/helpers/helpers.go @@ -0,0 +1,38 @@ +package helpers + +import ( + "crypto/tls" + "net/http" + "testing" + "time" +) + +func CheckHttpGetWebUiLoginPage(t *testing.T, outputValue string) bool { + // Do not verify insecure connection + http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} + + // Define how many retries and how often to do in order to check if Panorama web UI is healthy + sleepBetweenRetry := 15 * time.Second + numberOfRetries := 60 + urlHealthy := false + + // Check in the loop if Panorama web UI is healthy + for i := 1; i <= numberOfRetries && !urlHealthy; i++ { + // HTTP GET + time.Sleep(sleepBetweenRetry) + //TODO: Check if client can replace :15 + //client := http.Client{ + // Timeout: 15 * time.Second, + //} + resp, err := http.Get(outputValue) + + // Display errors, if there were any, or HTTPS status code, if no errors + if err != nil { + t.Logf("Waiting for App (%d/%d)... error HTTP GET: %v\n", i, numberOfRetries, err) + } else { + t.Logf("APP HTTP GET status code: %v", resp.StatusCode) + urlHealthy = resp.StatusCode == 200 + } + } + return urlHealthy +} diff --git a/tests/internal/testskeleton/testskeleton.go b/tests/internal/testskeleton/testskeleton.go index f78017ae..dbb8ef2f 100644 --- a/tests/internal/testskeleton/testskeleton.go +++ b/tests/internal/testskeleton/testskeleton.go @@ -12,7 +12,7 @@ import ( // Sometimes there is a need to execute custom function to check something, // so then in assert expression we need to provide function, which results is compared to true -type CheckFunction func(t *testing.T, terraformOptions *terraform.Options) bool +type CheckFunction func(t *testing.T, outputValue string) bool // Structure used to assert each output value // by comparing it to expected value using defined operation. @@ -22,6 +22,7 @@ type AssertExpression struct { ExpectedValue interface{} Message string Check CheckFunction + TestedValue string } // Function is responsible for deploy infrastructure, @@ -52,6 +53,21 @@ func DeployInfraCheckOutputs(t *testing.T, terraformOptions *terraform.Options, return terraformOptions } +func PlanInfraCheckOnly(t *testing.T, terraformOptions *terraform.Options) *terraform.Options { + if terraformOptions == nil { + terraformOptions = terraform.WithDefaultRetryableErrors(t, &terraform.Options{ + TerraformDir: ".", + Logger: logger.Default, + Lock: true, + Upgrade: true, + }) + } + + terraform.InitAndPlan(t, terraformOptions) + + return terraformOptions +} + // Function is comparing every provided output in expressions lists // and checks value using expression defined in the list func AssertOutputs(t *testing.T, terraformOptions *terraform.Options, assertList []AssertExpression) { @@ -74,12 +90,18 @@ func AssertOutputs(t *testing.T, terraformOptions *terraform.Options, assertList assert.True(t, strings.HasPrefix(outputValue, fmt.Sprintf("%v", assertExpression.ExpectedValue)), assertExpression.Message) - case "CheckFunction": - assert.True(t, assertExpression.Check(t, terraformOptions), assertExpression.Message) + case "CheckFunctionWithOutput": + outputValue := terraform.Output(t, terraformOptions, assertExpression.OutputName) + assert.True(t, assertExpression.Check(t, outputValue), assertExpression.Message) + case "CheckFunctionWithValue": + assert.True(t, assertExpression.Check(t, assertExpression.TestedValue), assertExpression.Message) + case "EqualToValue": + assert.Equal(t, assertExpression.TestedValue, assertExpression.ExpectedValue) // other case needs to be added while working on tests for modules // ... TODO ... default: - logger.Logf(t, "Unknown operation used in assert expressions list") + tLogger := logger.Logger{} + tLogger.Logf(t, "Unknown operation used in assert expressions list") t.Fail() } } @@ -112,6 +134,23 @@ func PlanInfraCheckErrors(t *testing.T, terraformOptions *terraform.Options, return terraformOptions } +func InitAndApplyOnlyWithoutDelete(t *testing.T, terraformOptions *terraform.Options) *terraform.Options { + // If no Terraform options were provided, use default one + if terraformOptions == nil { + terraformOptions = terraform.WithDefaultRetryableErrors(t, &terraform.Options{ + TerraformDir: ".", + Logger: logger.Default, + Lock: true, + Upgrade: true, + }) + } + + // Terraform initalization and apply with auto-approve + terraform.InitAndApply(t, terraformOptions) + + return terraformOptions +} + // Function is comparing every provided error in expressions lists // and checks value using expression defined in the list func AssertErrors(t *testing.T, err error, assertList []AssertExpression) { @@ -124,7 +163,8 @@ func AssertErrors(t *testing.T, err error, assertList []AssertExpression) { // other case needs to be added while working on tests for modules // ... TODO ... default: - logger.Logf(t, "Unknown operation used in assert expressions list") + tLogger := logger.Logger{} + tLogger.Logf(t, "Unknown operation used in assert expressions list") t.Fail() } } diff --git a/tests/panorama/main_test.go b/tests/panorama/main_test.go index 18eb16ec..affdd146 100644 --- a/tests/panorama/main_test.go +++ b/tests/panorama/main_test.go @@ -1,14 +1,11 @@ package bootstrap import ( - "crypto/tls" - "net/http" - "testing" - "time" - + "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/helpers" "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/testskeleton" "github.com/gruntwork-io/terratest/modules/logger" "github.com/gruntwork-io/terratest/modules/terraform" + "testing" ) func TestOutputForModulePanoramaWithFullVariables(t *testing.T) { @@ -34,9 +31,10 @@ func TestOutputForModulePanoramaWithFullVariables(t *testing.T) { }, // check access to login page in web UI for Panorama { - Operation: "CheckFunction", - Check: CheckHttpGetWebUiLoginPage, - Message: "After bootstrapping, which takes few minutes, web UI for Panorama should be accessible", + Operation: "CheckFunctionWithOutput", + Check: helpers.CheckHttpGetWebUiLoginPage, + OutputName: "panorama_url", + Message: "After bootstrapping, which takes few minutes, web UI for Panorama should be accessible", }, } @@ -44,33 +42,6 @@ func TestOutputForModulePanoramaWithFullVariables(t *testing.T) { testskeleton.DeployInfraCheckOutputs(t, terraformOptions, assertList) } -func CheckHttpGetWebUiLoginPage(t *testing.T, terraformOptions *terraform.Options) bool { - // Do not verify insecure connection - http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true} - - // Define how many retries and how often to do in order to check if Panorama web UI is healthy - sleepBetweenRetry := 15 * time.Second - numberOfRetries := 60 - panoramaHealthy := false - panoramaUrl := terraform.Output(t, terraformOptions, "panorama_url") - - // Check in the loop if Panorama web UI is healthy - for i := 1; i <= numberOfRetries && !panoramaHealthy; i++ { - // HTTP GET for login page - time.Sleep(sleepBetweenRetry) - resp, err := http.Get(panoramaUrl + "/php/login.php") - - // Display errors, if there were any, or HTTPS status code, if no errors - if err != nil { - t.Logf("Waiting for Panorama (%d/%d)... error HTTP GET: %v\n", i, numberOfRetries, err) - } else { - t.Logf("Panorama Web UI HTTP GET status code: %v", resp.StatusCode) - panoramaHealthy = resp.StatusCode == 200 - } - } - return panoramaHealthy -} - func TestOutputForModulePanoramaWithMinimumVariables(t *testing.T) { // define options for Terraform terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ diff --git a/tests/panorama/outputs.tf b/tests/panorama/outputs.tf index dadb76b0..581019d4 100644 --- a/tests/panorama/outputs.tf +++ b/tests/panorama/outputs.tf @@ -1,6 +1,6 @@ output "panorama_url" { description = "Panorama instance URL." - value = "https://${module.panorama.mgmt_ip_public_address}" + value = "https://${module.panorama.mgmt_ip_public_address}/php/login.php" } output "panorama_private_ip" { diff --git a/tests/subnet_set_mod/main_test.go b/tests/subnet_set_mod/main_test.go index cd4deee2..02f90075 100644 --- a/tests/subnet_set_mod/main_test.go +++ b/tests/subnet_set_mod/main_test.go @@ -24,12 +24,23 @@ package subnet_set_mod import ( + "github.com/gruntwork-io/terratest/modules/terraform" "testing" - - "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/generictt" ) // TestMain tests the main.tf as well as other *.tf files residing in this directory. -func TestMain(t *testing.T) { - generictt.GenericTest(t, nil, nil) +func TestSubnetSetModulePlanOnly(t *testing.T) { + // Construct the terraform options with default retryable errors to handle the most common retryable errors in + // terraform testing. + terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ + // The path to where our Terraform code is located + TerraformDir: ".", + }) + + // Schedule `terraform destroy` at the end of the test, to clean up the created resources. + defer terraform.Destroy(t, terraformOptions) + + // This will run `terraform init` and `terraform plan` and fail the test if there are any errors. + // This specific test is not intended to execute `terraform apply` at all. + terraform.InitAndPlan(t, terraformOptions) } diff --git a/tests/subnet_set_mod/versions.tf b/tests/subnet_set_mod/versions.tf index 6faae3cf..a9554d9e 100644 --- a/tests/subnet_set_mod/versions.tf +++ b/tests/subnet_set_mod/versions.tf @@ -1,13 +1,17 @@ terraform { - required_version = ">= 0.13.7, < 2.0.0" + required_version = ">= 0.15.0, < 2.0.0" required_providers { aws = { source = "hashicorp/aws" - version = "= 3.10" + version = "~> 4.25" + } + tls = { + source = "hashicorp/tls" + version = "~> 3.3.0" } random = { source = "hashicorp/random" - version = "~> 3.3.2" + version = "~> 3.4.3" } } } diff --git a/tests/transit_gateway/main_test.go b/tests/transit_gateway/main_test.go index b52f3111..9090a8e3 100644 --- a/tests/transit_gateway/main_test.go +++ b/tests/transit_gateway/main_test.go @@ -10,11 +10,14 @@ import ( func TestOutputForModuleTransitGatewayFullVariables(t *testing.T) { // define options for Terraform + tgwName := "tgw-" + regionName := "us-east-1" terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ TerraformDir: ".", VarFiles: []string{"terraform_full.tfvars"}, Vars: map[string]interface{}{ "name_prefix": "terratest_module_transit_gateway_", + "region": regionName, }, Logger: logger.Default, Lock: true, @@ -25,10 +28,10 @@ func TestOutputForModuleTransitGatewayFullVariables(t *testing.T) { // prepare list of items to check assertList := []testskeleton.AssertExpression{ {OutputName: "tgw_id", Operation: "NotEmpty"}, - {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: "tgw-", Message: "TGW ARN should starts from tgw-"}, + {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: tgwName, Message: "TGW ARN should starts from " + tgwName}, {OutputName: "tgw_arn", Operation: "NotEmpty"}, - {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:us-east-1", Message: "TGW ID should starts from arn:aws:ec2:us-east-1"}, + {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:" + regionName, Message: "TGW ID should starts from arn:aws:ec2:" + regionName}, {OutputName: "tgw_route_tables", Operation: "NotEmpty", ExpectedValue: nil}, {OutputName: "tgw_route_tables", Operation: "ListLengthEqual", ExpectedValue: 2}, @@ -39,12 +42,15 @@ func TestOutputForModuleTransitGatewayFullVariables(t *testing.T) { } func TestOutputForModuleTransitGatewayMinimumVariables(t *testing.T) { + tgwName := "tgw-" + regionName := "us-east-1" // define options for Terraform terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ TerraformDir: ".", VarFiles: []string{"terraform_minimum.tfvars"}, Vars: map[string]interface{}{ "name_prefix": "terratest_module_transit_gateway_", + "region": regionName, }, Logger: logger.Default, Lock: true, @@ -55,10 +61,10 @@ func TestOutputForModuleTransitGatewayMinimumVariables(t *testing.T) { // prepare list of items to check assertList := []testskeleton.AssertExpression{ {OutputName: "tgw_id", Operation: "NotEmpty"}, - {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: "tgw-", Message: "TGW ARN should starts from tgw-"}, + {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: tgwName, Message: "TGW ARN should starts from " + tgwName}, {OutputName: "tgw_arn", Operation: "NotEmpty"}, - {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:us-east-1", Message: "TGW ID should starts from arn:aws:ec2:us-east-1"}, + {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:" + regionName, Message: "TGW ID should starts from arn:aws:ec2:" + regionName}, {OutputName: "tgw_route_tables", Operation: "NotEmpty", ExpectedValue: nil}, {OutputName: "tgw_route_tables", Operation: "ListLengthEqual", ExpectedValue: 0}, diff --git a/tests/vpc_plan/main_test.go b/tests/vpc_plan/main_test.go index 590952ba..e8d84c5f 100644 --- a/tests/vpc_plan/main_test.go +++ b/tests/vpc_plan/main_test.go @@ -6,7 +6,7 @@ import ( "github.com/gruntwork-io/terratest/modules/terraform" ) -func TestMain(t *testing.T) { +func TestVPCPlan(t *testing.T) { // Construct the terraform options with default retryable errors to handle the most common retryable errors in // terraform testing. terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ diff --git a/tests/vpc_plan/versions.tf b/tests/vpc_plan/versions.tf index 6faae3cf..a9554d9e 100644 --- a/tests/vpc_plan/versions.tf +++ b/tests/vpc_plan/versions.tf @@ -1,13 +1,17 @@ terraform { - required_version = ">= 0.13.7, < 2.0.0" + required_version = ">= 0.15.0, < 2.0.0" required_providers { aws = { source = "hashicorp/aws" - version = "= 3.10" + version = "~> 4.25" + } + tls = { + source = "hashicorp/tls" + version = "~> 3.3.0" } random = { source = "hashicorp/random" - version = "~> 3.3.2" + version = "~> 3.4.3" } } } diff --git a/tests/vpc_read/main.tf b/tests/vpc_read/main.tf deleted file mode 100644 index f2be4c7d..00000000 --- a/tests/vpc_read/main.tf +++ /dev/null @@ -1,97 +0,0 @@ -# This Terraform code does not deploy a real-world cloud environment. -# It is a temporary deployment intended solely to perform tests. -# For a quick start see the file main_test.go, which executes the terratest library. -# -# Change this code in the same pull request that changes the code in `modules` directory. -# -# Core tests: -# - Do various combinations of known inputs produce expected outputs? -# - Can we discover a pre-existing vpc? -# -# Boilerplate tests: -# - Can we call the module twice? - -variable "switchme" {} # unused but required by generictt - -# Random name allows parallel runs on the same cloud account. -resource "random_pet" "this" { - prefix = "test-vpc-read" -} - -locals { - vpc_name = random_pet.this.id -} - -module "vpc" { - source = "../../modules/vpc" - - name = local.vpc_name - create_vpc = true - create_internet_gateway = false - create_vpn_gateway = true - cidr_block = "10.0.0.0/16" - secondary_cidr_blocks = ["10.4.0.0/16", "10.5.0.0/16", "10.6.0.0/16"] -} - -### Reuse Existing Resources ### - -module "vpc_read" { - source = "../../modules/vpc" - - create_vpc = false - name = module.vpc.name - create_internet_gateway = false - use_internet_gateway = false -} - -module "vpc_read_igw_create" { - source = "../../modules/vpc" - - create_vpc = false - name = module.vpc.name - create_internet_gateway = true - use_internet_gateway = false -} - -module "vpc_read_igw_read" { - source = "../../modules/vpc" - - create_vpc = false - name = module.vpc_read_igw_create.name - create_internet_gateway = false - use_internet_gateway = true -} - -### Test Results ### - -output "is_vpc_cidr_block_correct" { - value = (module.vpc.vpc.cidr_block == "10.0.0.0/16") -} - -output "is_vpc_name_correct" { - value = (module.vpc.name == local.vpc_name) -} - -output "is_vpc_read_cidr_block_correct" { - value = (module.vpc_read.vpc.cidr_block == "10.0.0.0/16") -} - -output "is_vpc_read_name_correct" { - value = (module.vpc_read.name == local.vpc_name) -} - -output "is_vpc_read_igw_create_cidr_block_correct" { - value = (module.vpc_read_igw_create.vpc.cidr_block == "10.0.0.0/16") -} - -output "is_vpc_read_igw_create_name_correct" { - value = (module.vpc_read_igw_create.name == local.vpc_name) -} - -output "is_vpc_read_igw_read_cidr_block_correct" { - value = (module.vpc_read_igw_read.vpc.cidr_block == "10.0.0.0/16") -} - -output "is_vpc_read_igw_read_name_correct" { - value = (module.vpc_read_igw_read.name == local.vpc_name) -} diff --git a/tests/vpc_read/main_test.go b/tests/vpc_read/main_test.go deleted file mode 100644 index 8b0260b3..00000000 --- a/tests/vpc_read/main_test.go +++ /dev/null @@ -1,35 +0,0 @@ -// Terratest-powered Go code and Terraform code used together to automate tests for `../../modules/vpc`. -// -// Quick start: -// -// 1. Install Go at the latest 1.* version: https://golang.org/ -// -// 2. Install Terraform at the specific version that you'd like to test. Put it in your PATH. -// -// 3. Set AWS_REGION environment variable and also e.g. AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, or similar. -// -// 4. Make sure this code is checked out into your GOPATH, see: go env GOPATH -// -// 5. Run: go test -v -// -// Do not however run `go test -v .` or similar. Specifying a package (that extra dot) enables caching, which is -// incompatible with Terraform. -// -// However to run all the tests in parallel: cd tests ; go test -count 1 ./... -// -// Cloud resources are destroyed automatically after the test, no cleanup is normally required. -// -// VScode users should keep `Go: Test On Save` at the default false value, and not set to true. This option is spelled -// `go.testOnSave` in settings.json. -package vpc_read - -import ( - "testing" - - "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/generictt" -) - -// TestMain tests the main.tf as well as other *.tf files residing in this directory. -func TestMain(t *testing.T) { - generictt.GenericTest(t, nil, nil) -}