From 5c4d3202a78769a85ae500ec5d553a3cbc95d14d Mon Sep 17 00:00:00 2001
From: pimielowski
Date: Tue, 17 Jan 2023 12:54:59 +0100
Subject: [PATCH 1/6] Add ALB test coverage and refactor skeletor
---
.gitignore | 2 +-
go.mod | 7 ++
go.sum | 69 ++++++++++++-
modules/alb/main.tf | 12 +++
scripts/install.sh | 0
scripts/run.sh | 0
tests/README.md | 8 +-
tests/alb/main.tf | 102 ++++++++++++++++++++
tests/alb/main_test.go | 92 ++++++++++++++++++
tests/alb/outputs.tf | 7 ++
tests/alb/terraform_full.tfvars | 53 ++++++++++
tests/alb/terraform_minimum.tfvars | 31 ++++++
tests/alb/variables.tf | 63 ++++++++++++
tests/{vpc_read => alb}/versions.tf | 10 +-
tests/bootstrap/main_test.go | 11 ++-
tests/internal/helpers/helpers.go | 38 ++++++++
tests/internal/testskeleton/testskeleton.go | 50 +++++++++-
tests/panorama/main_test.go | 41 ++------
tests/panorama/outputs.tf | 2 +-
tests/subnet_set_mod/main_test.go | 19 +++-
tests/subnet_set_mod/versions.tf | 10 +-
tests/transit_gateway/main_test.go | 14 ++-
tests/vpc_plan/main_test.go | 2 +-
tests/vpc_plan/versions.tf | 10 +-
tests/vpc_read/main.tf | 97 -------------------
tests/vpc_read/main_test.go | 35 -------
26 files changed, 581 insertions(+), 204 deletions(-)
mode change 100755 => 100644 scripts/install.sh
mode change 100755 => 100644 scripts/run.sh
create mode 100644 tests/alb/main.tf
create mode 100644 tests/alb/main_test.go
create mode 100644 tests/alb/outputs.tf
create mode 100644 tests/alb/terraform_full.tfvars
create mode 100644 tests/alb/terraform_minimum.tfvars
create mode 100644 tests/alb/variables.tf
rename tests/{vpc_read => alb}/versions.tf (57%)
create mode 100644 tests/internal/helpers/helpers.go
delete mode 100644 tests/vpc_read/main.tf
delete mode 100644 tests/vpc_read/main_test.go
diff --git a/.gitignore b/.gitignore
index 93d141a6..a83e8a44 100644
--- a/.gitignore
+++ b/.gitignore
@@ -32,7 +32,7 @@
.terragrunt-cache
.vscode
.idea
-
+**/test_report.html
# Palo auth codes
authcodes
# Crash log files
diff --git a/go.mod b/go.mod
index bdf4f7e8..035957a7 100644
--- a/go.mod
+++ b/go.mod
@@ -3,9 +3,16 @@ module github.com/PaloAltoNetworks/terraform-aws-vmseries-modules
go 1.14
require (
+ github.com/apex/log v1.9.0
+ github.com/aws/aws-sdk-go-v2 v1.17.3
+ github.com/aws/aws-sdk-go-v2/config v1.18.8
+ github.com/aws/aws-sdk-go-v2/service/sts v1.18.0 // indirect
github.com/gruntwork-io/terratest v0.41.7
github.com/hashicorp/go-version v1.6.0 // indirect
github.com/hashicorp/terraform-json v0.14.0
+ github.com/inconshreveable/mousetrap v1.1.0 // indirect
+ github.com/spf13/cobra v1.6.1 // indirect
github.com/stretchr/testify v1.8.1
+ github.com/vakenbolt/go-test-report v0.9.3 // indirect
github.com/zclconf/go-cty v1.11.0 // indirect
)
diff --git a/go.sum b/go.sum
index c12627d3..f6c9c3b1 100644
--- a/go.sum
+++ b/go.sum
@@ -97,6 +97,11 @@ github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRF
github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/alexflint/go-filemutex v0.0.0-20171022225611-72bdc8eae2ae/go.mod h1:CgnQgUtFrFz9mxFNtED3jI5tLDjKlOM+oUF/sTk6ps0=
github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kdvxnR2qWY=
+github.com/apex/log v1.9.0 h1:FHtw/xuaM8AgmvDDTI9fiwoAL25Sq2cxojnZICUU8l0=
+github.com/apex/log v1.9.0/go.mod h1:m82fZlWIuiWzWP04XCTXmnX0xRkYYbCdYn8jbJeLBEA=
+github.com/apex/logs v1.0.0/go.mod h1:XzxuLZ5myVHDy9SAmYpamKKRNApGj54PfYLcFrXqDwo=
+github.com/aphistic/golf v0.0.0-20180712155816-02c07f170c5a/go.mod h1:3NqKYiepwy8kCu4PNA+aP7WUV72eXWJeP9/r3/K9aLE=
+github.com/aphistic/sweet v0.2.0/go.mod h1:fWDlIh/isSE9n6EPsRmC0det+whmX6dJid3stzu0Xys=
github.com/apparentlymart/go-dump v0.0.0-20180507223929-23540a00eaa3/go.mod h1:oL81AME2rN47vu18xqj1S1jPIPuN7afo62yKTNn3XMM=
github.com/apparentlymart/go-textseg v1.0.0 h1:rRmlIsPEEhUTIKQb7T++Nz/A5Q6C9IuX2wFoYVvnCs0=
github.com/apparentlymart/go-textseg v1.0.0/go.mod h1:z96Txxhf3xSFMPmb5X/1W05FF/Nj9VFpLOpjS5yuumk=
@@ -110,8 +115,34 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:l
github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU=
github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0=
github.com/aws/aws-sdk-go v1.15.78/go.mod h1:E3/ieXAlvM0XWO57iftYVDLLvQ824smPP3ATZkfNZeM=
+github.com/aws/aws-sdk-go v1.20.6/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/aws/aws-sdk-go v1.40.56 h1:FM2yjR0UUYFzDTMx+mH9Vyw1k1EUUxsAFzk+BjkzANA=
github.com/aws/aws-sdk-go v1.40.56/go.mod h1:585smgzpB/KqRA+K3y/NL/oYRqQvpNJYvLm+LY1U59Q=
+github.com/aws/aws-sdk-go-v2 v1.17.3 h1:shN7NlnVzvDUgPQ+1rLMSxY8OWRNDRYtiqe0p/PgrhY=
+github.com/aws/aws-sdk-go-v2 v1.17.3/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
+github.com/aws/aws-sdk-go-v2/config v1.18.8 h1:lDpy0WM8AHsywOnVrOHaSMfpaiV2igOw8D7svkFkXVA=
+github.com/aws/aws-sdk-go-v2/config v1.18.8/go.mod h1:5XCmmyutmzzgkpk/6NYTjeWb6lgo9N170m1j6pQkIBs=
+github.com/aws/aws-sdk-go-v2/credentials v1.13.8 h1:vTrwTvv5qAwjWIGhZDSBH/oQHuIQjGmD232k01FUh6A=
+github.com/aws/aws-sdk-go-v2/credentials v1.13.8/go.mod h1:lVa4OHbvgjVot4gmh1uouF1ubgexSCN92P6CJQpT0t8=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.21 h1:j9wi1kQ8b+e0FBVHxCqCGo4kxDU175hoDHcWAi0sauU=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.21/go.mod h1:ugwW57Z5Z48bpvUyZuaPy4Kv+vEfJWnIrky7RmkBvJg=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27 h1:I3cakv2Uy1vNmmhRQmFptYDxOvBnwCdNwyw63N0RaRU=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.27/go.mod h1:a1/UpzeyBBerajpnP5nGZa9mGzsBn5cOKxm6NWQsvoI=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21 h1:5NbbMrIzmUn/TXFqAle6mgrH5m9cOvMLRGL7pnG8tRE=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.21/go.mod h1:+Gxn8jYn5k9ebfHEqlhrMirFjSW0v0C9fI+KN5vk2kE=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.3.28 h1:KeTxcGdNnQudb46oOl4d90f2I33DF/c6q3RnZAmvQdQ=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.3.28/go.mod h1:yRZVr/iT0AqyHeep00SZ4YfBAKojXz08w3XMBscdi0c=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.21 h1:5C6XgTViSb0bunmU57b3CT+MhxULqHH2721FVA+/kDM=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.21/go.mod h1:lRToEJsn+DRA9lW4O9L9+/3hjTkUzlzyzHqn8MTds5k=
+github.com/aws/aws-sdk-go-v2/service/sso v1.12.0 h1:/2gzjhQowRLarkkBOGPXSRnb8sQ2RVsjdG1C/UliK/c=
+github.com/aws/aws-sdk-go-v2/service/sso v1.12.0/go.mod h1:wo/B7uUm/7zw/dWhBJ4FXuw1sySU5lyIhVg1Bu2yL9A=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.0 h1:Jfly6mRxk2ZOSlbCvZfKNS7TukSx1mIzhSsqZ/IGSZI=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.0/go.mod h1:TZSH7xLO7+phDtViY/KUp9WGCJMQkLJ/VpgkTFd5gh8=
+github.com/aws/aws-sdk-go-v2/service/sts v1.18.0 h1:kOO++CYo50RcTFISESluhWEi5Prhg+gaSs4whWabiZU=
+github.com/aws/aws-sdk-go-v2/service/sts v1.18.0/go.mod h1:+lGbb3+1ugwKrNTWcf2RT05Xmp543B06zDFTwiTLp7I=
+github.com/aws/smithy-go v1.13.5 h1:hgz0X/DX0dGqTYpGALqXJoRKRj5oQ7150i5FdTePzO8=
+github.com/aws/smithy-go v1.13.5/go.mod h1:Tg+OJXh4MB2R/uN61Ko2f6hTZwB/ZYGOtib8J3gBHzA=
+github.com/aybabtme/rgbterm v0.0.0-20170906152045-cc83f3b3ce59/go.mod h1:q/89r3U2H7sSsE2t6Kca0lfwTK8JdoNGS/yzM/4iH5I=
github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
@@ -120,6 +151,7 @@ github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d h1:xDfNPAt8lFiC1U
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d/go.mod h1:6QX/PXZ00z/TKoufEY6K/a0k6AhaJrQKdFe6OfVXsa4=
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
github.com/bitly/go-simplejson v0.5.0/go.mod h1:cXHtHw4XUPsvGaxgjIAn8PhEWG9NfngEKAMDJEczWVA=
+github.com/bketelsen/crypt v0.0.3-0.20200106085610-5cbc8cc4026c/go.mod h1:MKsuJmJgSg28kpZDP6UIiPt0e0Oz0kqKNGyRaWEPv84=
github.com/bketelsen/crypt v0.0.4/go.mod h1:aI6NrJ0pMGgvZKL1iVgXLnfIFJtfV+bKCoqOes/6LfM=
github.com/blang/semver v3.1.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/blang/semver v3.5.1+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
@@ -231,6 +263,7 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU
github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY=
github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk=
github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
+github.com/coreos/etcd v3.3.13+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
github.com/coreos/go-iptables v0.5.0/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU=
github.com/coreos/go-oidc v2.1.0+incompatible/go.mod h1:CgnwVTmzoESiwO9qyAFEMiHoZ1nMCKZlZ9V6mm3/LKc=
@@ -246,6 +279,7 @@ github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfc
github.com/coreos/pkg v0.0.0-20180928190104-399ea9e2e55f/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/cpuguy83/go-md2man/v2 v2.0.0/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
+github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/cyphar/filepath-securejoin v0.2.2/go.mod h1:FpkQEhXnPnOthhzymB7CGsFk2G9VLXONKD9G7QGMM+4=
@@ -492,16 +526,21 @@ github.com/imdario/mergo v0.3.8/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJ
github.com/imdario/mergo v0.3.10/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
github.com/imdario/mergo v0.3.11/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
+github.com/inconshreveable/mousetrap v1.0.1/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
+github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8=
+github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLfsEA9PFc4w1p2J65bw=
github.com/j-keck/arping v0.0.0-20160618110441-2cf9dc699c56/go.mod h1:ymszkNOg6tORTn+6F6j+Jc8TOr5osrynvN6ivFWZ2GA=
github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a h1:zPPuIq2jAWWPTrGt70eK/BSch+gFAGrNzecsoENgu2o=
github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a/go.mod h1:yL958EeXv8Ylng6IfnvG4oflryUi3vgA3xPs9hmII1s=
github.com/jmespath/go-jmespath v0.0.0-20160202185014-0b12d6b521d8/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.0.0-20160803190731-bd40a432e4c7/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
+github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg=
github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo=
github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8=
github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U=
github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
+github.com/jpillora/backoff v0.0.0-20180909062703-3050d21c67d7/go.mod h1:2iMrUgbbvHEiQClaW2NsSzMyGHqN+rDFqY705q49KG0=
github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
@@ -539,15 +578,19 @@ github.com/kylelemons/godebug v0.0.0-20170820004349-d65d576e9348/go.mod h1:B69LE
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
github.com/magiconair/properties v1.8.0/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
+github.com/magiconair/properties v1.8.1/go.mod h1:PppfXfuXeibc/6YijjN8zIbojt8czPbwD3XqdrwzmxQ=
github.com/magiconair/properties v1.8.5/go.mod h1:y3VJvCyxH9uVvJTWEGAELF3aiYNyPKd5NZ3oSwXrF60=
github.com/mailru/easyjson v0.0.0-20190614124828-94de47d64c63/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/mailru/easyjson v0.0.0-20190626092158-b2ccc519800e/go.mod h1:C1wdFJiN94OJF2b5HbByQZoLdCWB1Yqtg26g4irojpc=
github.com/mailru/easyjson v0.7.0/go.mod h1:KAzv3t3aY1NaHWoQz1+4F1ccyAH66Jk7yos7ldAVICs=
github.com/marstr/guid v1.1.0/go.mod h1:74gB1z2wpxxInTG6yaqA7KrtM0NZ+RbrcqDvYHefzho=
github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
+github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
+github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
github.com/mattn/go-colorable v0.1.4/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
+github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE=
github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
@@ -558,6 +601,7 @@ github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 h1:ofNAzWCcyTALn2
github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326/go.mod h1:9fxibJccNxU2cnpIKLRRFA7zX7qhkJIQWBb449FYHOo=
github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
github.com/matttproud/golang_protobuf_extensions v1.0.2-0.20181231171920-c182affec369/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
+github.com/mgutz/ansi v0.0.0-20170206155736-9520e82c474b/go.mod h1:01TrycV0kFyexm33Z7vhZRXopbI8J3TDReVlkTgMUxE=
github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
github.com/miekg/dns v1.1.31/go.mod h1:KNUDUusw/aVsxyTYZM1oqvCicbwhgbNgztCETuNZ7xM=
github.com/miekg/pkcs11 v1.0.3/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
@@ -609,6 +653,7 @@ github.com/onsi/ginkgo v1.11.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+
github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
github.com/onsi/gomega v0.0.0-20151007035656-2152b45fa28a/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
github.com/onsi/gomega v0.0.0-20170829124025-dcabb60a477c/go.mod h1:C1qb7wdrVGGVU+Z6iS04AVkA3Q65CEZX59MT0QO5uiA=
+github.com/onsi/gomega v1.5.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc=
@@ -641,6 +686,7 @@ github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
github.com/pkg/sftp v1.10.1/go.mod h1:lYOWFsE0bwd1+KfKJaKeuokY15vzFx25BLbzYYoAxZI=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -678,6 +724,7 @@ github.com/prometheus/procfs v0.2.0/go.mod h1:lV6e/gmhEcM9IjHGsFOCxxuZ+z1YqCvr4O
github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
github.com/prometheus/tsdb v0.7.1/go.mod h1:qhTCs0VvXwvX/y3TZrWD7rabWM+ijKTux40TwIPHuXU=
github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
+github.com/rogpeppe/fastuuid v1.1.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6LYCDYWNEvQ=
github.com/rogpeppe/go-charset v0.0.0-20180617210344-2471d30d28b4/go.mod h1:qgYeAmZ5ZIpBWTGllZSQnw97Dj+woV0toclVaRGI8pc=
github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
@@ -701,8 +748,11 @@ github.com/sirupsen/logrus v1.7.0/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic
github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic61uBYv0=
github.com/slack-go/slack v0.10.3/go.mod h1:hlGi5oXA+Gt+yWTPP0plCdRKmjsDxecdHxYQdlMQKOw=
github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
+github.com/smartystreets/assertions v1.0.0/go.mod h1:kHHU4qYBaI3q23Pp3VPrmWhuIUrLW/7eUrw0BU5VaoM=
+github.com/smartystreets/go-aws-auth v0.0.0-20180515143844-0c1422d1fdb9/go.mod h1:SnhjPscd9TpLiy1LpzGSKh3bXCfxxXuqd9xmQJy3slM=
github.com/smartystreets/goconvey v0.0.0-20190330032615-68dc04aab96a/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
+github.com/smartystreets/gunit v1.0.0/go.mod h1:qwPWnhz6pn0NnRBP++URONOVyNkPyr4SauJk4cUOwJs=
github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
@@ -713,7 +763,10 @@ github.com/spf13/cast v1.3.1/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkU
github.com/spf13/cobra v0.0.2-0.20171109065643-2da4a54c5cee/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
+github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo=
github.com/spf13/cobra v1.2.1/go.mod h1:ExllRjgxM/piMAM+3tAZvg8fsklGAf3tPfi+i8t68Nk=
+github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=
+github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY=
github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
github.com/spf13/jwalterweatherman v1.1.0/go.mod h1:aNWZUN0dPAAO/Ljvb5BEdw96iTZ0EXowPYD95IqWIGo=
github.com/spf13/pflag v0.0.0-20170130214245-9ff6c6923cff/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
@@ -721,8 +774,10 @@ github.com/spf13/pflag v1.0.1-0.20171106142849-4c012f6dcd95/go.mod h1:DYY7MBk1bd
github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.2/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
+github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
github.com/spf13/viper v1.4.0/go.mod h1:PTJ7Z/lr49W6bUbkmS1V3by4uWynFiR9p7+dSq/yZzE=
+github.com/spf13/viper v1.7.0/go.mod h1:8WkrPz2fc9jxqZNCJI/76HCieCp4Q8HaLFoCha5qpdg=
github.com/spf13/viper v1.8.1/go.mod h1:o0Pch8wJ9BVSWGQMbra6iw0oQ5oktSIBaujf1rJH9Ns=
github.com/stefanberger/go-pkcs11uri v0.0.0-20201008174630-78d3cae3a980/go.mod h1:AO3tvPzVZ/ayst6UlUKUv6rcPQInYe3IknH3jYhAKu8=
github.com/stretchr/objx v0.0.0-20180129172003-8a3f7159479f/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -737,7 +792,6 @@ github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UV
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
@@ -748,6 +802,13 @@ github.com/syndtr/gocapability v0.0.0-20170704070218-db04d3cc01c8/go.mod h1:hkRG
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww=
github.com/tchap/go-patricia v2.2.6+incompatible/go.mod h1:bmLyhP68RS6kStMGxByiQ23RP/odRBOTVjwp2cDyi6I=
+github.com/tj/assert v0.0.0-20171129193455-018094318fb0/go.mod h1:mZ9/Rh9oLWpLLDRpvE+3b7gP/C2YyLFYxNmcLnPTMe0=
+github.com/tj/assert v0.0.3 h1:Df/BlaZ20mq6kuai7f5z2TvPFiwC3xaWJSDQNiIS3Rk=
+github.com/tj/assert v0.0.3/go.mod h1:Ne6X72Q+TB1AteidzQncjw9PabbMp4PBMZ1k+vd1Pvk=
+github.com/tj/go-buffer v1.1.0/go.mod h1:iyiJpfFcR2B9sXu7KvjbT9fpM4mOelRSDTbntVj52Uc=
+github.com/tj/go-elastic v0.0.0-20171221160941-36157cbbebc2/go.mod h1:WjeM0Oo1eNAjXGDx2yma7uG2XoyRZTq1uv3M/o7imD0=
+github.com/tj/go-kinesis v0.0.0-20171128231115-08b17f58cb1b/go.mod h1:/yhzCV0xPfx6jb1bBgRFjl5lytqVqZXEaeqWP8lTEao=
+github.com/tj/go-spin v1.1.0/go.mod h1:Mg1mzmePZm4dva8Qz60H2lHwmJ2loum4VIrLgVnKwh4=
github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
github.com/tmccombs/hcl2json v0.3.3 h1:+DLNYqpWE0CsOQiEZu+OZm5ZBImake3wtITYxQ8uLFQ=
@@ -759,6 +820,8 @@ github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/
github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
+github.com/vakenbolt/go-test-report v0.9.3 h1:KPJIZJhr3CKdk82+6KD/LnLF89lvW8aklyRqOjlPJRQ=
+github.com/vakenbolt/go-test-report v0.9.3/go.mod h1:sSBCeKCZsuw8Ph983JpYkuEe4fWteYI3YdAtZr9FNds=
github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk=
github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE=
github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852/go.mod h1:twkDnbuQxJYemMlGd4JFIcuhgX83tXhKS2B/PRMpOho=
@@ -1248,6 +1311,7 @@ gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
gopkg.in/gemnasium/logrus-airbrake-hook.v2 v2.1.2/go.mod h1:Xk6kEKp8OKb+X14hQBKWaSkCsqBpgog8nAV2xsGOxlo=
gopkg.in/inf.v0 v0.9.1/go.mod h1:cWUDdTG/fYaXco+Dcufb5Vnc6Gp2YChqWtbxRZE0mXw=
+gopkg.in/ini.v1 v1.51.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/ini.v1 v1.62.0/go.mod h1:pNLf8WUiyNEtQjuu5G5vTm06TEv9tsIgeAvK8hOrP4k=
gopkg.in/natefinch/lumberjack.v2 v2.0.0/go.mod h1:l0ndWWf7gzL7RNwBG7wST/UCcT4T24xpD6X8LsfU/+k=
gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
@@ -1266,7 +1330,8 @@ gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b h1:h8qDotaEPuJATrMmW04NCwg7v22aHH28wwpauUhK9Oo=
+gopkg.in/yaml.v3 v3.0.0-20200605160147-a5ece683394c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
+gopkg.in/yaml.v3 v3.0.0-20200615113413-eeeca48fe776/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/modules/alb/main.tf b/modules/alb/main.tf
index 1598a622..bc2110dd 100644
--- a/modules/alb/main.tf
+++ b/modules/alb/main.tf
@@ -165,6 +165,18 @@ resource "aws_s3_bucket_policy" "this" {
}
# ######################## #
+## Add communication to ALB with ephemeral port
+
+resource "aws_security_group_rule" "alb_att" {
+
+ from_port = 0
+ protocol = "all"
+ source_security_group_id = var.security_groups[0]
+ security_group_id = var.security_groups[0]
+ to_port = 0
+ type = "ingress"
+}
+
# ## Application Load Balancer ##
resource "aws_lb" "this" {
name = var.lb_name
diff --git a/scripts/install.sh b/scripts/install.sh
old mode 100755
new mode 100644
diff --git a/scripts/run.sh b/scripts/run.sh
old mode 100755
new mode 100644
diff --git a/tests/README.md b/tests/README.md
index 871e7286..7e3ce99e 100644
--- a/tests/README.md
+++ b/tests/README.md
@@ -12,10 +12,16 @@ go get -u github.com/gruntwork-io/terratest
4. Execute test for module using commands e.g for ``bootstrap`` module:
```bash
cd tests/bootstrap
-go test -v -timeout 90m -count=1
+go test -v -timeout 30m -count=1
```
+Run all test:
+
+```bash
+go test -timeout 130m ./... -json | go-test-report
+```
Comments:
* Do not however run `go test -v .` or similar. Specifying a package (that extra dot) enables caching, which is incompatible with Terraform.
+* We use go-test-report to create html reports for tests, check https://github.com/vakenbolt/go-test-report for more information
* Cloud resources are destroyed automatically after the test, no cleanup is normally required.
* VScode users should keep `Go: Test On Save` at the default false value, and not set to true. This option is spelled `go.testOnSave` in settings.json.
diff --git a/tests/alb/main.tf b/tests/alb/main.tf
new file mode 100644
index 00000000..4168e7a7
--- /dev/null
+++ b/tests/alb/main.tf
@@ -0,0 +1,102 @@
+## VPC
+
+module "security_vpc" {
+ source = "../../modules/vpc"
+
+ name = "${var.name_prefix}-vpc"
+ cidr_block = var.security_vpc_cidr
+ security_groups = var.security_vpc_security_groups
+ create_internet_gateway = true
+ enable_dns_hostnames = true
+ enable_dns_support = true
+ instance_tenancy = "default"
+}
+
+module "security_subnet_sets" {
+ source = "../../modules/subnet_set"
+
+ for_each = toset(distinct([for _, v in var.security_vpc_subnets : v.set]))
+
+ name = each.key
+ vpc_id = module.security_vpc.id
+ has_secondary_cidrs = module.security_vpc.has_secondary_cidrs
+ cidrs = {for k, v in var.security_vpc_subnets : k => v if v.set == each.key}
+}
+
+locals {
+ security_vpc_routes = concat(
+ [for cidr in ["app_vm", "app_lb"] :
+ {
+ subnet_key = cidr
+ next_hop_set = module.security_vpc.igw_as_next_hop_set
+ to_cidr = "0.0.0.0/0"
+ }
+ ]
+ )
+}
+module "security_vpc_routes" {
+ for_each = { for route in local.security_vpc_routes : "${route.subnet_key}_${route.to_cidr}" => route }
+ source = "../../modules/vpc_route"
+
+ route_table_ids = module.security_subnet_sets[each.value.subnet_key].unique_route_table_ids
+ to_cidr = each.value.to_cidr
+ next_hop_set = each.value.next_hop_set
+}
+
+## ALB
+
+module "public_alb" {
+ source = "../../modules/alb"
+
+ lb_name = replace("${var.name_prefix}${var.application_lb_name}", "_","-")
+ subnets = {for k, v in module.security_subnet_sets["app_vm"].subnets : k => { id = v.id }}
+ vpc_id = module.security_vpc.id
+ security_groups = [module.security_vpc.security_group_ids["app_vm"]]
+ rules = var.application_lb_rules
+ targets = {for k, v in var.app_vms : k => aws_instance.app_vm[k].private_ip}
+
+ tags = var.global_tags
+}
+
+
+### app EC2 instance ###
+
+data "aws_ami" "this" {
+ most_recent = true # newest by time, not by version number
+
+ filter {
+ name = "name"
+ values = ["bitnami-nginx-1.21*-linux-debian-10-x86_64-hvm-ebs-nami"]
+ # The wildcard '*' causes re-creation of the whole EC2 instance when a new image appears.
+ }
+
+ owners = ["979382823631"] # bitnami = 979382823631
+}
+
+resource "tls_private_key" "random_ssh_key" {
+ algorithm = "RSA"
+ rsa_bits = 4096
+}
+
+resource "aws_key_pair" "random_ssh_key_pair" {
+ key_name = var.key_pair_name
+ public_key = tls_private_key.random_ssh_key.public_key_openssh
+}
+
+resource "aws_instance" "app_vm" {
+ for_each = var.app_vms
+
+ ami = data.aws_ami.this.id
+ instance_type = var.app_vm_type
+ key_name = aws_key_pair.random_ssh_key_pair.key_name
+ subnet_id = module.security_subnet_sets["app_vm"].subnets[each.value.az].id
+ vpc_security_group_ids = [module.security_vpc.security_group_ids["app_vm"]]
+ tags = merge({ Name = "${var.name_prefix}${each.key}" }, var.global_tags)
+ associate_public_ip_address = true
+
+}
+
+data "aws_network_interface" "bar" {
+ for_each = var.app_vms
+ id = aws_instance.app_vm[each.key].primary_network_interface_id
+}
\ No newline at end of file
diff --git a/tests/alb/main_test.go b/tests/alb/main_test.go
new file mode 100644
index 00000000..54327053
--- /dev/null
+++ b/tests/alb/main_test.go
@@ -0,0 +1,92 @@
+package main
+
+import (
+ "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/helpers"
+ "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/testskeleton"
+ "github.com/gruntwork-io/terratest/modules/logger"
+ "github.com/gruntwork-io/terratest/modules/terraform"
+ "log"
+ "testing"
+)
+
+func TestALBOutputAndConectivitiyWithFullTFVars(t *testing.T) {
+
+ // define variables for Terraform
+ namePrefix := "terratest-alb-"
+
+ // define options for Terraform
+ terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+ TerraformDir: ".",
+ VarFiles: []string{"terraform_full.tfvars"},
+ Vars: map[string]interface{}{
+ "name_prefix": namePrefix,
+ },
+ Logger: logger.Default,
+ Lock: true,
+ Upgrade: true,
+ SetVarsAfterVarFiles: true,
+ })
+
+ destroyFunc := func() {
+ terraform.Destroy(t, terraformOptions)
+ }
+ defer destroyFunc()
+ terraformOptions = testskeleton.InitAndApplyOnlyWithoutDelete(t, terraformOptions)
+
+ albName := terraform.Output(t, terraformOptions, "alb_name")
+ log.Printf("Alb_name = %s", albName)
+
+ assertList := []testskeleton.AssertExpression{
+ // check if the ALB is created with correct FQDN
+ {
+ OutputName: "alb_name",
+ Operation: "NotEmpty",
+ },
+ // check if the ALB is created with correct FQDN
+ {
+ OutputName: "alb_name",
+ Operation: "StartsWith",
+ ExpectedValue: namePrefix,
+ },
+ // check communication with app
+ {
+ Operation: "CheckFunctionWithValue",
+ Check: helpers.CheckHttpGetWebUiLoginPage,
+ TestedValue: "http://" + albName + "/",
+ },
+ }
+ testskeleton.AssertOutputs(t, terraformOptions, assertList)
+
+}
+
+func TestALBOutputWithMinimumTFVars(t *testing.T) {
+
+ // define variables for Terraform
+ namePrefix := "terratest-alb-"
+ // define options for Terraform
+ terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+ TerraformDir: ".",
+ VarFiles: []string{"terraform_minimum.tfvars"},
+ Vars: map[string]interface{}{
+ "name_prefix": namePrefix,
+ },
+ Logger: logger.Default,
+ Lock: true,
+ Upgrade: true,
+ SetVarsAfterVarFiles: true,
+ })
+ assertList := []testskeleton.AssertExpression{
+ // check if the ALB is created with correct FQDN
+ {
+ OutputName: "alb_name",
+ Operation: "NotEmpty",
+ },
+ // check if the ALB is created with correct FQDN
+ {
+ OutputName: "alb_name",
+ Operation: "StartsWith",
+ ExpectedValue: namePrefix,
+ },
+ }
+ testskeleton.DeployInfraCheckOutputs(t, terraformOptions, assertList)
+}
diff --git a/tests/alb/outputs.tf b/tests/alb/outputs.tf
new file mode 100644
index 00000000..c3c8c082
--- /dev/null
+++ b/tests/alb/outputs.tf
@@ -0,0 +1,7 @@
+output "alb_name" {
+ value = module.public_alb.lb_fqdn
+}
+
+output "vms_public_ips" {
+ value = [ for k, v in var.app_vms : aws_instance.app_vm[k].public_ip ]
+}
\ No newline at end of file
diff --git a/tests/alb/terraform_full.tfvars b/tests/alb/terraform_full.tfvars
new file mode 100644
index 00000000..6ed07af1
--- /dev/null
+++ b/tests/alb/terraform_full.tfvars
@@ -0,0 +1,53 @@
+global_tags = {
+ ManagedBy = "Terraform"
+ Application = "Palo Alto Networks VM-Series NGFW Automatic Tests"
+}
+region = "us-east-1"
+name_prefix = "test-vpc-route-"
+
+security_vpc_cidr = "10.100.0.0/16"
+security_vpc_subnets = {
+ "10.100.0.0/24" = { az = "us-east-1a", set = "app_vm" }
+ "10.100.2.0/24" = { az = "us-east-1b", set = "app_vm" }
+ "10.100.3.0/24" = { az = "us-east-1a", set = "app_lb" }
+ "10.100.4.0/24" = { az = "us-east-1b", set = "app_lb" }
+}
+security_vpc_security_groups = {
+ app_vm = {
+ name = "app_vm"
+ rules = {
+ all_outbound = {
+ description = "Permit ALL outbound"
+ type = "egress", from_port = "0", to_port = "0", protocol = "-1"
+ cidr_blocks = ["0.0.0.0/0"]
+ }
+ ssh = {
+ description = "Permit SSH inbound"
+ type = "ingress", from_port = "80", to_port = "80", protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ }
+ }
+ }
+}
+
+app_vms = {
+ "app_vm01" = { az = "us-east-1a" }
+ "app_vm02" = { az = "us-east-1b" }
+}
+
+application_lb_rules = {
+ "main-welcome-page" = {
+ protocol = "HTTP"
+ health_check_port = "80"
+ health_check_matcher = "200"
+ health_check_path = "/"
+ health_check_interval = 10
+ listener_rules = {
+ "1" = {
+ target_protocol = "HTTP"
+ target_port = 80
+ path_pattern = ["/"]
+ }
+ }
+ }
+}
\ No newline at end of file
diff --git a/tests/alb/terraform_minimum.tfvars b/tests/alb/terraform_minimum.tfvars
new file mode 100644
index 00000000..3c331f01
--- /dev/null
+++ b/tests/alb/terraform_minimum.tfvars
@@ -0,0 +1,31 @@
+global_tags = {
+ ManagedBy = "Terraform"
+ Application = "Palo Alto Networks VM-Series NGFW Automatic Tests"
+}
+region = "us-east-1"
+name_prefix = "test-vpc-route-"
+
+security_vpc_cidr = "10.100.0.0/16"
+security_vpc_subnets = {
+ "10.100.0.0/24" = { az = "us-east-1a", set = "app_vm" }
+ "10.100.2.0/24" = { az = "us-east-1b", set = "app_vm" }
+ "10.100.3.0/24" = { az = "us-east-1a", set = "app_lb" }
+ "10.100.4.0/24" = { az = "us-east-1b", set = "app_lb" }
+}
+security_vpc_security_groups = {
+ app_vm = {
+ name = "app_vm"
+ rules = {
+ all_outbound = {
+ description = "Permit ALL outbound"
+ type = "egress", from_port = "0", to_port = "0", protocol = "-1"
+ cidr_blocks = ["0.0.0.0/0"]
+ }
+ ssh = {
+ description = "Permit SSH inbound"
+ type = "ingress", from_port = "80", to_port = "80", protocol = "tcp"
+ cidr_blocks = ["0.0.0.0/0"]
+ }
+ }
+ }
+}
diff --git a/tests/alb/variables.tf b/tests/alb/variables.tf
new file mode 100644
index 00000000..1261c029
--- /dev/null
+++ b/tests/alb/variables.tf
@@ -0,0 +1,63 @@
+variable "global_tags" {}
+
+variable "region" {
+ description = "AWS region to use for the created resources."
+ type = string
+}
+
+variable "name_prefix" {
+ description = "Prefix used in resources created for tests"
+ type = string
+}
+
+variable "security_vpc_cidr" {
+ description = "CIDR for VPC"
+ type = string
+}
+
+variable "security_vpc_subnets" {
+ description = "Map of subnets in VPC"
+}
+
+variable "security_vpc_security_groups" {
+ description = "Map of security groups"
+}
+
+variable "application_lb_rules" {
+ description = "A map of rules for the Application Load Balancer. See [modules documentation](../../modules/alb/README.md) for details."
+ default = {}
+ type = any
+}
+
+variable "application_lb_name" {
+ description = "Name of the public Application Load Balancer placed in front of the Firewalls' public interfaces."
+ default = "public-alb"
+ type = string
+}
+
+variable "key_pair_name" {
+ default = "Terratest_key_pair"
+}
+
+variable "app_vms" {
+ description = <<-EOF
+ Definition of an example "app" application VMs. They are based on the latest version of Bitnami's NGINX image.
+ The structure of this map is similar to the one defining VM-Series, only one property is supported though: the Availability Zone the VM should be placed in.
+ Example:
+
+ ```
+ app_vms = {
+ "appvm01" = { az = "us-east-1b" }
+ "appvm02" = { az = "us-east-1a" }
+ }
+ ```
+ EOF
+ default = {}
+ type = map(any)
+}
+
+variable "app_vm_type" {
+ description = "EC2 type for \"app\" VMs."
+ default = "t2.micro"
+ type = string
+}
diff --git a/tests/vpc_read/versions.tf b/tests/alb/versions.tf
similarity index 57%
rename from tests/vpc_read/versions.tf
rename to tests/alb/versions.tf
index 6faae3cf..62ffe8f5 100644
--- a/tests/vpc_read/versions.tf
+++ b/tests/alb/versions.tf
@@ -1,13 +1,13 @@
terraform {
- required_version = ">= 0.13.7, < 2.0.0"
+ required_version = ">= 1.0.0, < 2.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "= 3.10"
+ version = "~> 4.25"
}
random = {
source = "hashicorp/random"
- version = "~> 3.3.2"
+ version = "~> 3.4.3"
}
}
}
@@ -15,7 +15,3 @@ terraform {
provider "aws" {
region = var.region
}
-
-variable "region" {
- default = "us-east-1"
-}
diff --git a/tests/bootstrap/main_test.go b/tests/bootstrap/main_test.go
index 46c077de..4ccac1b5 100644
--- a/tests/bootstrap/main_test.go
+++ b/tests/bootstrap/main_test.go
@@ -51,9 +51,10 @@ func TestOutputForModuleBootstrapWhileCreatingIamRoleForBootstrapModule(t *testi
// check access to S3 bucket with bootstrap files
{
- Operation: "CheckFunction",
- Check: CheckHttpGetS3BucketBootstrapFile,
- Message: "HTTP response code > 401 expected while accessing S3 bucket with bootstrap files",
+ Operation: "CheckFunctionWithOutput",
+ Check: CheckHttpGetS3BucketBootstrapFile,
+ OutputName: "bucket_domain_name",
+ Message: "HTTP response code > 401 expected while accessing S3 bucket with bootstrap files",
},
}
@@ -64,8 +65,8 @@ func TestOutputForModuleBootstrapWhileCreatingIamRoleForBootstrapModule(t *testi
// CheckBucketHttpGet checks whether the Bucket's HTTP response code is greater than 401 (expected forbidden access)
// It requires Internet connectivity to AWS S3.
// CheckHttpGetS3BucketBootstrapFile is compatible with the specification testskeleton.CheckFunction.
-func CheckHttpGetS3BucketBootstrapFile(t *testing.T, terraformOptions *terraform.Options) bool {
- resp, err := http.Get("https://" + terraform.Output(t, terraformOptions, "bucket_domain_name"))
+func CheckHttpGetS3BucketBootstrapFile(t *testing.T, outputValue string) bool {
+ resp, err := http.Get("https://" + outputValue)
if err != nil {
t.Errorf("Error S3 HTTP GET: %v\n", err)
return false
diff --git a/tests/internal/helpers/helpers.go b/tests/internal/helpers/helpers.go
new file mode 100644
index 00000000..7a7bf473
--- /dev/null
+++ b/tests/internal/helpers/helpers.go
@@ -0,0 +1,38 @@
+package helpers
+
+import (
+ "crypto/tls"
+ "net/http"
+ "testing"
+ "time"
+)
+
+func CheckHttpGetWebUiLoginPage(t *testing.T, outputValue string) bool {
+ // Do not verify insecure connection
+ http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
+
+ // Define how many retries and how often to do in order to check if Panorama web UI is healthy
+ sleepBetweenRetry := 15 * time.Second
+ numberOfRetries := 60
+ urlHealthy := false
+
+ // Check in the loop if Panorama web UI is healthy
+ for i := 1; i <= numberOfRetries && !urlHealthy; i++ {
+ // HTTP GET
+ time.Sleep(sleepBetweenRetry)
+ //TODO: Check if client can replace :15
+ //client := http.Client{
+ // Timeout: 15 * time.Second,
+ //}
+ resp, err := http.Get(outputValue)
+
+ // Display errors, if there were any, or HTTPS status code, if no errors
+ if err != nil {
+ t.Logf("Waiting for App (%d/%d)... error HTTP GET: %v\n", i, numberOfRetries, err)
+ } else {
+ t.Logf("APP HTTP GET status code: %v", resp.StatusCode)
+ urlHealthy = resp.StatusCode == 200
+ }
+ }
+ return urlHealthy
+}
diff --git a/tests/internal/testskeleton/testskeleton.go b/tests/internal/testskeleton/testskeleton.go
index f78017ae..dbb8ef2f 100644
--- a/tests/internal/testskeleton/testskeleton.go
+++ b/tests/internal/testskeleton/testskeleton.go
@@ -12,7 +12,7 @@ import (
// Sometimes there is a need to execute custom function to check something,
// so then in assert expression we need to provide function, which results is compared to true
-type CheckFunction func(t *testing.T, terraformOptions *terraform.Options) bool
+type CheckFunction func(t *testing.T, outputValue string) bool
// Structure used to assert each output value
// by comparing it to expected value using defined operation.
@@ -22,6 +22,7 @@ type AssertExpression struct {
ExpectedValue interface{}
Message string
Check CheckFunction
+ TestedValue string
}
// Function is responsible for deploy infrastructure,
@@ -52,6 +53,21 @@ func DeployInfraCheckOutputs(t *testing.T, terraformOptions *terraform.Options,
return terraformOptions
}
+func PlanInfraCheckOnly(t *testing.T, terraformOptions *terraform.Options) *terraform.Options {
+ if terraformOptions == nil {
+ terraformOptions = terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+ TerraformDir: ".",
+ Logger: logger.Default,
+ Lock: true,
+ Upgrade: true,
+ })
+ }
+
+ terraform.InitAndPlan(t, terraformOptions)
+
+ return terraformOptions
+}
+
// Function is comparing every provided output in expressions lists
// and checks value using expression defined in the list
func AssertOutputs(t *testing.T, terraformOptions *terraform.Options, assertList []AssertExpression) {
@@ -74,12 +90,18 @@ func AssertOutputs(t *testing.T, terraformOptions *terraform.Options, assertList
assert.True(t, strings.HasPrefix(outputValue,
fmt.Sprintf("%v", assertExpression.ExpectedValue)),
assertExpression.Message)
- case "CheckFunction":
- assert.True(t, assertExpression.Check(t, terraformOptions), assertExpression.Message)
+ case "CheckFunctionWithOutput":
+ outputValue := terraform.Output(t, terraformOptions, assertExpression.OutputName)
+ assert.True(t, assertExpression.Check(t, outputValue), assertExpression.Message)
+ case "CheckFunctionWithValue":
+ assert.True(t, assertExpression.Check(t, assertExpression.TestedValue), assertExpression.Message)
+ case "EqualToValue":
+ assert.Equal(t, assertExpression.TestedValue, assertExpression.ExpectedValue)
// other case needs to be added while working on tests for modules
// ... TODO ...
default:
- logger.Logf(t, "Unknown operation used in assert expressions list")
+ tLogger := logger.Logger{}
+ tLogger.Logf(t, "Unknown operation used in assert expressions list")
t.Fail()
}
}
@@ -112,6 +134,23 @@ func PlanInfraCheckErrors(t *testing.T, terraformOptions *terraform.Options,
return terraformOptions
}
+func InitAndApplyOnlyWithoutDelete(t *testing.T, terraformOptions *terraform.Options) *terraform.Options {
+ // If no Terraform options were provided, use default one
+ if terraformOptions == nil {
+ terraformOptions = terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+ TerraformDir: ".",
+ Logger: logger.Default,
+ Lock: true,
+ Upgrade: true,
+ })
+ }
+
+ // Terraform initalization and apply with auto-approve
+ terraform.InitAndApply(t, terraformOptions)
+
+ return terraformOptions
+}
+
// Function is comparing every provided error in expressions lists
// and checks value using expression defined in the list
func AssertErrors(t *testing.T, err error, assertList []AssertExpression) {
@@ -124,7 +163,8 @@ func AssertErrors(t *testing.T, err error, assertList []AssertExpression) {
// other case needs to be added while working on tests for modules
// ... TODO ...
default:
- logger.Logf(t, "Unknown operation used in assert expressions list")
+ tLogger := logger.Logger{}
+ tLogger.Logf(t, "Unknown operation used in assert expressions list")
t.Fail()
}
}
diff --git a/tests/panorama/main_test.go b/tests/panorama/main_test.go
index 18eb16ec..affdd146 100644
--- a/tests/panorama/main_test.go
+++ b/tests/panorama/main_test.go
@@ -1,14 +1,11 @@
package bootstrap
import (
- "crypto/tls"
- "net/http"
- "testing"
- "time"
-
+ "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/helpers"
"github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/testskeleton"
"github.com/gruntwork-io/terratest/modules/logger"
"github.com/gruntwork-io/terratest/modules/terraform"
+ "testing"
)
func TestOutputForModulePanoramaWithFullVariables(t *testing.T) {
@@ -34,9 +31,10 @@ func TestOutputForModulePanoramaWithFullVariables(t *testing.T) {
},
// check access to login page in web UI for Panorama
{
- Operation: "CheckFunction",
- Check: CheckHttpGetWebUiLoginPage,
- Message: "After bootstrapping, which takes few minutes, web UI for Panorama should be accessible",
+ Operation: "CheckFunctionWithOutput",
+ Check: helpers.CheckHttpGetWebUiLoginPage,
+ OutputName: "panorama_url",
+ Message: "After bootstrapping, which takes few minutes, web UI for Panorama should be accessible",
},
}
@@ -44,33 +42,6 @@ func TestOutputForModulePanoramaWithFullVariables(t *testing.T) {
testskeleton.DeployInfraCheckOutputs(t, terraformOptions, assertList)
}
-func CheckHttpGetWebUiLoginPage(t *testing.T, terraformOptions *terraform.Options) bool {
- // Do not verify insecure connection
- http.DefaultTransport.(*http.Transport).TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
-
- // Define how many retries and how often to do in order to check if Panorama web UI is healthy
- sleepBetweenRetry := 15 * time.Second
- numberOfRetries := 60
- panoramaHealthy := false
- panoramaUrl := terraform.Output(t, terraformOptions, "panorama_url")
-
- // Check in the loop if Panorama web UI is healthy
- for i := 1; i <= numberOfRetries && !panoramaHealthy; i++ {
- // HTTP GET for login page
- time.Sleep(sleepBetweenRetry)
- resp, err := http.Get(panoramaUrl + "/php/login.php")
-
- // Display errors, if there were any, or HTTPS status code, if no errors
- if err != nil {
- t.Logf("Waiting for Panorama (%d/%d)... error HTTP GET: %v\n", i, numberOfRetries, err)
- } else {
- t.Logf("Panorama Web UI HTTP GET status code: %v", resp.StatusCode)
- panoramaHealthy = resp.StatusCode == 200
- }
- }
- return panoramaHealthy
-}
-
func TestOutputForModulePanoramaWithMinimumVariables(t *testing.T) {
// define options for Terraform
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
diff --git a/tests/panorama/outputs.tf b/tests/panorama/outputs.tf
index dadb76b0..581019d4 100644
--- a/tests/panorama/outputs.tf
+++ b/tests/panorama/outputs.tf
@@ -1,6 +1,6 @@
output "panorama_url" {
description = "Panorama instance URL."
- value = "https://${module.panorama.mgmt_ip_public_address}"
+ value = "https://${module.panorama.mgmt_ip_public_address}/php/login.php"
}
output "panorama_private_ip" {
diff --git a/tests/subnet_set_mod/main_test.go b/tests/subnet_set_mod/main_test.go
index cd4deee2..02f90075 100644
--- a/tests/subnet_set_mod/main_test.go
+++ b/tests/subnet_set_mod/main_test.go
@@ -24,12 +24,23 @@
package subnet_set_mod
import (
+ "github.com/gruntwork-io/terratest/modules/terraform"
"testing"
-
- "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/generictt"
)
// TestMain tests the main.tf as well as other *.tf files residing in this directory.
-func TestMain(t *testing.T) {
- generictt.GenericTest(t, nil, nil)
+func TestSubnetSetModulePlanOnly(t *testing.T) {
+ // Construct the terraform options with default retryable errors to handle the most common retryable errors in
+ // terraform testing.
+ terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+ // The path to where our Terraform code is located
+ TerraformDir: ".",
+ })
+
+ // Schedule `terraform destroy` at the end of the test, to clean up the created resources.
+ defer terraform.Destroy(t, terraformOptions)
+
+ // This will run `terraform init` and `terraform plan` and fail the test if there are any errors.
+ // This specific test is not intended to execute `terraform apply` at all.
+ terraform.InitAndPlan(t, terraformOptions)
}
diff --git a/tests/subnet_set_mod/versions.tf b/tests/subnet_set_mod/versions.tf
index 6faae3cf..a9554d9e 100644
--- a/tests/subnet_set_mod/versions.tf
+++ b/tests/subnet_set_mod/versions.tf
@@ -1,13 +1,17 @@
terraform {
- required_version = ">= 0.13.7, < 2.0.0"
+ required_version = ">= 0.15.0, < 2.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "= 3.10"
+ version = "~> 4.25"
+ }
+ tls = {
+ source = "hashicorp/tls"
+ version = "~> 3.3.0"
}
random = {
source = "hashicorp/random"
- version = "~> 3.3.2"
+ version = "~> 3.4.3"
}
}
}
diff --git a/tests/transit_gateway/main_test.go b/tests/transit_gateway/main_test.go
index b52f3111..9090a8e3 100644
--- a/tests/transit_gateway/main_test.go
+++ b/tests/transit_gateway/main_test.go
@@ -10,11 +10,14 @@ import (
func TestOutputForModuleTransitGatewayFullVariables(t *testing.T) {
// define options for Terraform
+ tgwName := "tgw-"
+ regionName := "us-east-1"
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: ".",
VarFiles: []string{"terraform_full.tfvars"},
Vars: map[string]interface{}{
"name_prefix": "terratest_module_transit_gateway_",
+ "region": regionName,
},
Logger: logger.Default,
Lock: true,
@@ -25,10 +28,10 @@ func TestOutputForModuleTransitGatewayFullVariables(t *testing.T) {
// prepare list of items to check
assertList := []testskeleton.AssertExpression{
{OutputName: "tgw_id", Operation: "NotEmpty"},
- {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: "tgw-", Message: "TGW ARN should starts from tgw-"},
+ {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: tgwName, Message: "TGW ARN should starts from " + tgwName},
{OutputName: "tgw_arn", Operation: "NotEmpty"},
- {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:us-east-1", Message: "TGW ID should starts from arn:aws:ec2:us-east-1"},
+ {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:" + regionName, Message: "TGW ID should starts from arn:aws:ec2:" + regionName},
{OutputName: "tgw_route_tables", Operation: "NotEmpty", ExpectedValue: nil},
{OutputName: "tgw_route_tables", Operation: "ListLengthEqual", ExpectedValue: 2},
@@ -39,12 +42,15 @@ func TestOutputForModuleTransitGatewayFullVariables(t *testing.T) {
}
func TestOutputForModuleTransitGatewayMinimumVariables(t *testing.T) {
+ tgwName := "tgw-"
+ regionName := "us-east-1"
// define options for Terraform
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
TerraformDir: ".",
VarFiles: []string{"terraform_minimum.tfvars"},
Vars: map[string]interface{}{
"name_prefix": "terratest_module_transit_gateway_",
+ "region": regionName,
},
Logger: logger.Default,
Lock: true,
@@ -55,10 +61,10 @@ func TestOutputForModuleTransitGatewayMinimumVariables(t *testing.T) {
// prepare list of items to check
assertList := []testskeleton.AssertExpression{
{OutputName: "tgw_id", Operation: "NotEmpty"},
- {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: "tgw-", Message: "TGW ARN should starts from tgw-"},
+ {OutputName: "tgw_id", Operation: "StartsWith", ExpectedValue: tgwName, Message: "TGW ARN should starts from " + tgwName},
{OutputName: "tgw_arn", Operation: "NotEmpty"},
- {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:us-east-1", Message: "TGW ID should starts from arn:aws:ec2:us-east-1"},
+ {OutputName: "tgw_arn", Operation: "StartsWith", ExpectedValue: "arn:aws:ec2:" + regionName, Message: "TGW ID should starts from arn:aws:ec2:" + regionName},
{OutputName: "tgw_route_tables", Operation: "NotEmpty", ExpectedValue: nil},
{OutputName: "tgw_route_tables", Operation: "ListLengthEqual", ExpectedValue: 0},
diff --git a/tests/vpc_plan/main_test.go b/tests/vpc_plan/main_test.go
index 590952ba..e8d84c5f 100644
--- a/tests/vpc_plan/main_test.go
+++ b/tests/vpc_plan/main_test.go
@@ -6,7 +6,7 @@ import (
"github.com/gruntwork-io/terratest/modules/terraform"
)
-func TestMain(t *testing.T) {
+func TestVPCPlan(t *testing.T) {
// Construct the terraform options with default retryable errors to handle the most common retryable errors in
// terraform testing.
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
diff --git a/tests/vpc_plan/versions.tf b/tests/vpc_plan/versions.tf
index 6faae3cf..a9554d9e 100644
--- a/tests/vpc_plan/versions.tf
+++ b/tests/vpc_plan/versions.tf
@@ -1,13 +1,17 @@
terraform {
- required_version = ">= 0.13.7, < 2.0.0"
+ required_version = ">= 0.15.0, < 2.0.0"
required_providers {
aws = {
source = "hashicorp/aws"
- version = "= 3.10"
+ version = "~> 4.25"
+ }
+ tls = {
+ source = "hashicorp/tls"
+ version = "~> 3.3.0"
}
random = {
source = "hashicorp/random"
- version = "~> 3.3.2"
+ version = "~> 3.4.3"
}
}
}
diff --git a/tests/vpc_read/main.tf b/tests/vpc_read/main.tf
deleted file mode 100644
index f2be4c7d..00000000
--- a/tests/vpc_read/main.tf
+++ /dev/null
@@ -1,97 +0,0 @@
-# This Terraform code does not deploy a real-world cloud environment.
-# It is a temporary deployment intended solely to perform tests.
-# For a quick start see the file main_test.go, which executes the terratest library.
-#
-# Change this code in the same pull request that changes the code in `modules` directory.
-#
-# Core tests:
-# - Do various combinations of known inputs produce expected outputs?
-# - Can we discover a pre-existing vpc?
-#
-# Boilerplate tests:
-# - Can we call the module twice?
-
-variable "switchme" {} # unused but required by generictt
-
-# Random name allows parallel runs on the same cloud account.
-resource "random_pet" "this" {
- prefix = "test-vpc-read"
-}
-
-locals {
- vpc_name = random_pet.this.id
-}
-
-module "vpc" {
- source = "../../modules/vpc"
-
- name = local.vpc_name
- create_vpc = true
- create_internet_gateway = false
- create_vpn_gateway = true
- cidr_block = "10.0.0.0/16"
- secondary_cidr_blocks = ["10.4.0.0/16", "10.5.0.0/16", "10.6.0.0/16"]
-}
-
-### Reuse Existing Resources ###
-
-module "vpc_read" {
- source = "../../modules/vpc"
-
- create_vpc = false
- name = module.vpc.name
- create_internet_gateway = false
- use_internet_gateway = false
-}
-
-module "vpc_read_igw_create" {
- source = "../../modules/vpc"
-
- create_vpc = false
- name = module.vpc.name
- create_internet_gateway = true
- use_internet_gateway = false
-}
-
-module "vpc_read_igw_read" {
- source = "../../modules/vpc"
-
- create_vpc = false
- name = module.vpc_read_igw_create.name
- create_internet_gateway = false
- use_internet_gateway = true
-}
-
-### Test Results ###
-
-output "is_vpc_cidr_block_correct" {
- value = (module.vpc.vpc.cidr_block == "10.0.0.0/16")
-}
-
-output "is_vpc_name_correct" {
- value = (module.vpc.name == local.vpc_name)
-}
-
-output "is_vpc_read_cidr_block_correct" {
- value = (module.vpc_read.vpc.cidr_block == "10.0.0.0/16")
-}
-
-output "is_vpc_read_name_correct" {
- value = (module.vpc_read.name == local.vpc_name)
-}
-
-output "is_vpc_read_igw_create_cidr_block_correct" {
- value = (module.vpc_read_igw_create.vpc.cidr_block == "10.0.0.0/16")
-}
-
-output "is_vpc_read_igw_create_name_correct" {
- value = (module.vpc_read_igw_create.name == local.vpc_name)
-}
-
-output "is_vpc_read_igw_read_cidr_block_correct" {
- value = (module.vpc_read_igw_read.vpc.cidr_block == "10.0.0.0/16")
-}
-
-output "is_vpc_read_igw_read_name_correct" {
- value = (module.vpc_read_igw_read.name == local.vpc_name)
-}
diff --git a/tests/vpc_read/main_test.go b/tests/vpc_read/main_test.go
deleted file mode 100644
index 8b0260b3..00000000
--- a/tests/vpc_read/main_test.go
+++ /dev/null
@@ -1,35 +0,0 @@
-// Terratest-powered Go code and Terraform code used together to automate tests for `../../modules/vpc`.
-//
-// Quick start:
-//
-// 1. Install Go at the latest 1.* version: https://golang.org/
-//
-// 2. Install Terraform at the specific version that you'd like to test. Put it in your PATH.
-//
-// 3. Set AWS_REGION environment variable and also e.g. AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, or similar.
-//
-// 4. Make sure this code is checked out into your GOPATH, see: go env GOPATH
-//
-// 5. Run: go test -v
-//
-// Do not however run `go test -v .` or similar. Specifying a package (that extra dot) enables caching, which is
-// incompatible with Terraform.
-//
-// However to run all the tests in parallel: cd tests ; go test -count 1 ./...
-//
-// Cloud resources are destroyed automatically after the test, no cleanup is normally required.
-//
-// VScode users should keep `Go: Test On Save` at the default false value, and not set to true. This option is spelled
-// `go.testOnSave` in settings.json.
-package vpc_read
-
-import (
- "testing"
-
- "github.com/PaloAltoNetworks/terraform-aws-vmseries-modules/tests/internal/generictt"
-)
-
-// TestMain tests the main.tf as well as other *.tf files residing in this directory.
-func TestMain(t *testing.T) {
- generictt.GenericTest(t, nil, nil)
-}
From 2434c216395d949d8e73853813e6ed454d359b43 Mon Sep 17 00:00:00 2001
From: pimielowski
Date: Tue, 17 Jan 2023 13:28:20 +0100
Subject: [PATCH 2/6] fix endline
---
scripts/install.sh | 1 +
scripts/run.sh | 1 +
2 files changed, 2 insertions(+)
diff --git a/scripts/install.sh b/scripts/install.sh
index 91c82ae3..548ba258 100644
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -38,3 +38,4 @@ echo "Also, the newest release: $(curl -s https://api.github.com/repos/tfsec/tfs
echo "Also, the newest release: $(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")"
python3 -m pip install -r requirements.txt
+
diff --git a/scripts/run.sh b/scripts/run.sh
index b39e2998..a65188df 100644
--- a/scripts/run.sh
+++ b/scripts/run.sh
@@ -7,3 +7,4 @@ set -euo pipefail
pre-commit run --all-files terraform_fmt
pre-commit run --all-files terraform_docs
pre-commit run --all-files terraform_tflint
+
From 1af27950b8c9bfe451ac8fa601147b59d2cfe825 Mon Sep 17 00:00:00 2001
From: pimielowski
Date: Tue, 17 Jan 2023 13:28:54 +0100
Subject: [PATCH 3/6] fix endline
---
scripts/install.sh | 1 -
scripts/run.sh | 1 -
2 files changed, 2 deletions(-)
diff --git a/scripts/install.sh b/scripts/install.sh
index 548ba258..91c82ae3 100644
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -38,4 +38,3 @@ echo "Also, the newest release: $(curl -s https://api.github.com/repos/tfsec/tfs
echo "Also, the newest release: $(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")"
python3 -m pip install -r requirements.txt
-
diff --git a/scripts/run.sh b/scripts/run.sh
index a65188df..b39e2998 100644
--- a/scripts/run.sh
+++ b/scripts/run.sh
@@ -7,4 +7,3 @@ set -euo pipefail
pre-commit run --all-files terraform_fmt
pre-commit run --all-files terraform_docs
pre-commit run --all-files terraform_tflint
-
From b8fa55d90d7ad184fcf7a321d1444b713ebedd88 Mon Sep 17 00:00:00 2001
From: pimielowski
Date: Tue, 17 Jan 2023 13:30:38 +0100
Subject: [PATCH 4/6] fix endline
---
scripts/install.sh | 1 +
scripts/run.sh | 5 +++--
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/scripts/install.sh b/scripts/install.sh
index 91c82ae3..548ba258 100644
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -38,3 +38,4 @@ echo "Also, the newest release: $(curl -s https://api.github.com/repos/tfsec/tfs
echo "Also, the newest release: $(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")"
python3 -m pip install -r requirements.txt
+
diff --git a/scripts/run.sh b/scripts/run.sh
index b39e2998..694c2539 100644
--- a/scripts/run.sh
+++ b/scripts/run.sh
@@ -4,6 +4,7 @@
set -euo pipefail
-pre-commit run --all-files terraform_fmt
-pre-commit run --all-files terraform_docs
+pre-commit run --all-files terraform_fmt
+pre-commit run --all-files terraform_docs
pre-commit run --all-files terraform_tflint
+
From 32892bb048cd415d656277d940700b381e45051b Mon Sep 17 00:00:00 2001
From: Sebastian Czech
Date: Tue, 17 Jan 2023 13:47:24 +0100
Subject: [PATCH 5/6] Restore scripts/install.sh and scripts/run.sh
---
scripts/install.sh | 1 -
scripts/run.sh | 5 ++---
2 files changed, 2 insertions(+), 4 deletions(-)
diff --git a/scripts/install.sh b/scripts/install.sh
index 548ba258..91c82ae3 100644
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -38,4 +38,3 @@ echo "Also, the newest release: $(curl -s https://api.github.com/repos/tfsec/tfs
echo "Also, the newest release: $(curl -s https://api.github.com/repos/terraform-linters/tflint/releases/latest | grep -o -E "https://.+?_linux_amd64.zip")"
python3 -m pip install -r requirements.txt
-
diff --git a/scripts/run.sh b/scripts/run.sh
index 694c2539..b39e2998 100644
--- a/scripts/run.sh
+++ b/scripts/run.sh
@@ -4,7 +4,6 @@
set -euo pipefail
-pre-commit run --all-files terraform_fmt
-pre-commit run --all-files terraform_docs
+pre-commit run --all-files terraform_fmt
+pre-commit run --all-files terraform_docs
pre-commit run --all-files terraform_tflint
-
From 4bccf4bd64c3195152b079548908eaca22bfcc95 Mon Sep 17 00:00:00 2001
From: Sebastian Czech
Date: Tue, 17 Jan 2023 13:48:57 +0100
Subject: [PATCH 6/6] Small format changes in ALB
---
modules/alb/README.md | 1 +
modules/alb/main.tf | 10 +++++-----
tests/alb/main.tf | 8 ++++----
tests/alb/outputs.tf | 2 +-
tests/alb/variables.tf | 4 ++--
5 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/modules/alb/README.md b/modules/alb/README.md
index f5b9609b..52e8a116 100644
--- a/modules/alb/README.md
+++ b/modules/alb/README.md
@@ -101,6 +101,7 @@ No modules.
| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket_acl.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl) | resource |
| [aws_s3_bucket_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
+| [aws_security_group_rule.alb_att](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/security_group_rule) | resource |
| [aws_elb_service_account.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/elb_service_account) | data source |
| [aws_iam_policy_document.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document) | data source |
| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/s3_bucket) | data source |
diff --git a/modules/alb/main.tf b/modules/alb/main.tf
index bc2110dd..44a16601 100644
--- a/modules/alb/main.tf
+++ b/modules/alb/main.tf
@@ -169,12 +169,12 @@ resource "aws_s3_bucket_policy" "this" {
resource "aws_security_group_rule" "alb_att" {
- from_port = 0
- protocol = "all"
+ from_port = 0
+ protocol = "all"
source_security_group_id = var.security_groups[0]
- security_group_id = var.security_groups[0]
- to_port = 0
- type = "ingress"
+ security_group_id = var.security_groups[0]
+ to_port = 0
+ type = "ingress"
}
# ## Application Load Balancer ##
diff --git a/tests/alb/main.tf b/tests/alb/main.tf
index 4168e7a7..82174113 100644
--- a/tests/alb/main.tf
+++ b/tests/alb/main.tf
@@ -20,7 +20,7 @@ module "security_subnet_sets" {
name = each.key
vpc_id = module.security_vpc.id
has_secondary_cidrs = module.security_vpc.has_secondary_cidrs
- cidrs = {for k, v in var.security_vpc_subnets : k => v if v.set == each.key}
+ cidrs = { for k, v in var.security_vpc_subnets : k => v if v.set == each.key }
}
locals {
@@ -48,12 +48,12 @@ module "security_vpc_routes" {
module "public_alb" {
source = "../../modules/alb"
- lb_name = replace("${var.name_prefix}${var.application_lb_name}", "_","-")
- subnets = {for k, v in module.security_subnet_sets["app_vm"].subnets : k => { id = v.id }}
+ lb_name = replace("${var.name_prefix}${var.application_lb_name}", "_", "-")
+ subnets = { for k, v in module.security_subnet_sets["app_vm"].subnets : k => { id = v.id } }
vpc_id = module.security_vpc.id
security_groups = [module.security_vpc.security_group_ids["app_vm"]]
rules = var.application_lb_rules
- targets = {for k, v in var.app_vms : k => aws_instance.app_vm[k].private_ip}
+ targets = { for k, v in var.app_vms : k => aws_instance.app_vm[k].private_ip }
tags = var.global_tags
}
diff --git a/tests/alb/outputs.tf b/tests/alb/outputs.tf
index c3c8c082..17f04f8b 100644
--- a/tests/alb/outputs.tf
+++ b/tests/alb/outputs.tf
@@ -3,5 +3,5 @@ output "alb_name" {
}
output "vms_public_ips" {
- value = [ for k, v in var.app_vms : aws_instance.app_vm[k].public_ip ]
+ value = [for k, v in var.app_vms : aws_instance.app_vm[k].public_ip]
}
\ No newline at end of file
diff --git a/tests/alb/variables.tf b/tests/alb/variables.tf
index 1261c029..3ceb2d2c 100644
--- a/tests/alb/variables.tf
+++ b/tests/alb/variables.tf
@@ -25,7 +25,7 @@ variable "security_vpc_security_groups" {
variable "application_lb_rules" {
description = "A map of rules for the Application Load Balancer. See [modules documentation](../../modules/alb/README.md) for details."
- default = {}
+ default = {}
type = any
}
@@ -52,7 +52,7 @@ variable "app_vms" {
}
```
EOF
- default = {}
+ default = {}
type = map(any)
}