1.1.0

.devbots/lock-issue.yml

@@ -0,0 +1,6 @@
+enabled: true
+comment: >
+  This issue's conversation is now
+  locked. If you want to continue
+  this discussion please open a
+  [new issue](https://github.com/eerkunt/terraform-compliance/issues/new/choose).

CHANGELOG.md

@@ -1,78 +1,108 @@
 # CHANGELOG
 
-## 1.0.58 (2019-12-06)
+## 1.1.0 (2020-02-01)
+
+* New step: [Then it must have "something" referenced](https://terraform-compliance.com/pages/bdd-references/then.html#then-it-must-have-something-referenced). [#195](https://github.com/eerkunt/terraform-compliance/issues/195))
+* New step: [Then I flatten all values found](https://terraform-compliance.com/pages/bdd-references/then.html#then-i-flatten-all-values-found). [#193](https://github.com/eerkunt/terraform-compliance/issues/193))
+* New step: [Then its {key} must/must not be {value}](https://terraform-compliance.com/pages/bdd-references/then.html#its-key-condition-be-value).
+
+* Security group revamp, which also addresses the problem defined in [docs](https://terraform-compliance.com/pages/bdd-references/then.html#then--it-must-condition-have-proto-protocol-and-port-port-for-cidr) [#181](https://github.com/eerkunt/terraform-compliance/issues/181))
+    * Security Group related code is rewritten, it is more flexible and extendable right now.
+    * Security Group related tests now also have `must` condition where you may want to enforce if some subset of rules are defined in Security Groups.
+    * Fixed a problem where `must only` and `must not` was not working properly when Security Groups have multiple rules attached. ([#181](https://github.com/eerkunt/terraform-compliance/issues/181))
+* Now you can enforce rules for `output` variables. [#185](https://github.com/eerkunt/terraform-compliance/issues/185))
+
+* New parameter: `-S/--silent` where test execution output will be suppressed. ([docs](https://terraform-compliance.com/pages/usage/#-S--silent))
+* New parameter: `-n/--no-failure` where exit code will always be `0`/successful even there is a failure. ([docs](https://terraform-compliance.com/pages/usage/#-n--no-failure)) [#191](https://github.com/eerkunt/terraform-compliance/issues/191)
+* New parameter: `-q/--quit-early` where the scenario executions will stop on the first failure. ([docs](https://terraform-compliance.com/pages/usage/#-q--quit-early)) [#170](https://github.com/eerkunt/terraform-compliance/issues/170)
+* **CHANGE OF DEFAULT BEHAVIOUR** : `terraform-complinace` __will not__ STOP any test execution by default. 
+* New emoticons and a bit of cosmetic make-up is done. All emoticons will be disabled on non-interactive shells (CI/CD pipelines) or if `--no-ansi` is explicitly used.
+
+* Fixed `-h` which was not reporting all parameter properly
+* Fixed a problem where `it contains` step was converting list of properties to dict of properties which was causing a problem. ([#194](https://github.com/eerkunt/terraform-compliance/issues/194))
+* Fixed a problem where module outputs referencing a resource were not used on resource mounting. ([#190](https://github.com/eerkunt/terraform-compliance/issues/190))
+* Fixed a problem where resources using `for_each` might cause some problems if `for_each` key includes `.` within. ([#197](https://github.com/eerkunt/terraform-compliance/issues/197))
+* Fixed by overriding/monkey patching a method within [radish-bdd](https://github.com/radish-bdd/radish/issues/392) which enabled many other features.
+
+### 1.0.60 (2019-12-28)
+* Fixed a problem where some Windows Operating Systems could not find terraform executable. 
+
+### 1.0.59 (2019-12-17)
+* Fixed a problem where "resource" and "data" definitions existing for the same resource type in the same module causing some problems on all "GIVEN" steps. 
+
+### 1.0.58 (2019-12-06)
 * Enhanced `count` step where it was only applicable for resource properties, now it also works right after a `GIVEN` step. ([#187](https://github.com/eerkunt/terraform-compliance/issues/187)) 
 
-## 1.0.57 (2019-11-15)
+### 1.0.57 (2019-11-15)
 * Fixed a problem about encoding where `terraform-compliance` crashes on HCL files with UTF-8 content. ([#183](https://github.com/eerkunt/terraform-compliance/issues/183)) 
 
-## 1.0.56 (2019-11-12)
+### 1.0.56 (2019-11-12)
 * Removed `SKIPPED` lines if `dotter` formatter is used. (`--formatter dotter`) ([#180](https://github.com/eerkunt/terraform-compliance/issues/180)) 
 
-## 1.0.55 (2019-11-05)
+### 1.0.55 (2019-11-05)
 * Fixed a problem where filtering steps were failing on properly performing if the data is a list of dict of lists. E.g. `aws_iam_policy` with multiple heredoc policy statements. ([#177](https://github.com/eerkunt/terraform-compliance/issues/177))
 * Added integration tests into the build pipeline for allowing end-to-end tests. 
 
-## 1.0.54 (2019-10-30)
+### 1.0.54 (2019-10-30)
 * Fixed a problem on providers discovery where some providers have alias, some doesn't. ([#173](https://github.com/eerkunt/terraform-compliance/issues/173))
 
-## 1.0.53 (2019-10-30)
+### 1.0.53 (2019-10-30)
 * Fixed a problem where resource names were reported wrong in some failures. ([#171](https://github.com/eerkunt/terraform-compliance/issues/171))
 * Fixed a problem where in some cases `teraform-compliance` where giving `AttributeError: 'NoneType' object has no attribute 'get'` exception. ([#172](https://github.com/eerkunt/terraform-compliance/issues/172))
 * Supporting multiple provider or providers aliases. ([#173](https://github.com/eerkunt/terraform-compliance/issues/173))
 * Filtering steps are now performing case insensitive matching.
 * Improved error messaged on steps doing math operations.
 
-## 1.0.52 (2019-10-29)
+### 1.0.52 (2019-10-29)
 * Fixed a problem where resource mounting were causing a issues on `resources that support tags`. ([#168](https://github.com/eerkunt/terraform-compliance/issues/168))
 
-## 1.0.51 (2019-09-17)
+### 1.0.51 (2019-09-17)
 * Fixed a problem where multiple resources were reported even some not failed. ([#153](https://github.com/eerkunt/terraform-compliance/issues/153))
 
-## 1.0.50 (2019-09-16)
+### 1.0.50 (2019-09-16)
 * Fixed a recursion problem occurred due to pointer assignment in resource mounting. ([#156](https://github.com/eerkunt/terraform-compliance/issues/156))
 * Added a capability where some of the resource & property information was not shown in some tests. ([#153](https://github.com/eerkunt/terraform-compliance/issues/153))
 * Added a capability where we can define ALL resources in GIVEN directive. ([#157](https://github.com/eerkunt/terraform-compliance/issues/157))
 * Fixed a problem where `must` in a step does not trigger a failure for `provider`s. ([#158](https://github.com/eerkunt/terraform-compliance/issues/158))
 
-## 1.0.49 (2019-09-08)
+### 1.0.49 (2019-09-08)
 * Fixed a problem where resource mounting (via references) is done in both ways (A->B, B->A). This was causing a problem on `aws_instance` resource having an `iam_role` attached on it. ([#156](https://github.com/eerkunt/terraform-compliance/pull/156))
 
-## 1.0.48 (2019-08-29)
+### 1.0.48 (2019-08-29)
 * Fixed a problem where some resources can not be detected (or removed resources were still detected) due to plan changes. ([#152](https://github.com/eerkunt/terraform-compliance/pull/152))
 
-## 1.0.47 (2019-08-27)
+### 1.0.47 (2019-08-27)
 * This release includes several optimisations on CI/CD pipeline and the general build structure of the project.
 * Using new version of Colorful dependency.
 
-## 1.0.46 (2019-08-22)
+### 1.0.46 (2019-08-22)
 * Fixed a problem where `gitphyton` was causing problems about installing `gitdb` python dependency.
 
-## 1.0.45 (2019-08-20)
+### 1.0.45 (2019-08-20)
 * Fixed intermittent `ImportError: cannot import name '__VERSION__' from 'radish'` problem.
 
-## 1.0.44 (2019-08-16)
+### 1.0.44 (2019-08-16)
 * Fixed a problem where using "" or '' was causing a problem on property definitions within the steps.
 
-## 1.0.43 (2019-08-12)
+### 1.0.43 (2019-08-12)
 * Fixed a problem where some of the filtering values were failing due to some characters.
 
-## 1.0.42 (2019-08-10)
+### 1.0.42 (2019-08-10)
 * Fixed a problem on CI/CD pipeline
 
-## 1.0.41 (2019-08-10)
+### 1.0.41 (2019-08-10)
 * Fixed a problem on CI/CD pipeline
 
-## 1.0.40 (2019-08-10)
+### 1.0.40 (2019-08-10)
 * Fixed a problem on CI/CD pipeline
 
-## 1.0.39 (2019-08-09)
+### 1.0.39 (2019-08-09)
 * Fix installing from source ([[#143](https://github.com/eerkunt/terraform-compliance/issues/143))
 
-## 1.0.38 (2019-08-09)
+### 1.0.38 (2019-08-09)
 * Support for `its value {condition} contain {value}`
 
-## 1.0.37 (2019-08-09)
+### 1.0.37 (2019-08-09)
 * Support for `equal` operator in `I expect the result is {operator} than/to {number}`
 * Support for `its value {condition} be {value}`
 

docs/pages/bdd-references/then.md

@@ -94,7 +94,7 @@ This step is only valid for `aws_security_group` and `aws_security_group_rule` r
 >
 > ▪
 [Then](#){: .p-1 .text-red-200} 
-it must 
+it  
 [condition](#){: .p-1 .text-green-200 .fw-700} 
 have 
 [proto](#){: .p-1 .text-blue-100 .fw-700} 
@@ -105,11 +105,20 @@ for
 >
 | key | Description | Examples |
 |:---:|:----------|:-|
-| [condition](#){: .p-1 .text-green-200 .fw-700} | defines the conditional search. | Can only be `only`, `not` |
+| [condition](#){: .p-1 .text-green-200 .fw-700} | defines the conditional search. | Can only be `must`, `must not`, `must only` |
 | [proto](#){: .p-1 .text-blue-100 .fw-700} | defines the network transport protocol | Can only be `tcp` or `udp` |
 | [port](#){: .p-1 .text-purple-000 .fw-700}  | defines the network port or port range. | `80` `443` `8080-8090` |
 | [cidr](#){: .p-1 .text-yellow-300 .fw-700} | defines the network ip cidr | `0.0.0.0/0` `192.168.0.0/24` `8.8.8.8/32` |
 
+This step will execute tests that is applicable for both per rule and per security group, depending on the 
+[condition](#){: .p-1 .text-green-200 .fw-700} ;
+
+* **must**: The port(s) given must be a subset of the configured ports in related Security Group.
+* **must not**: The port(s) given must not exist in ANY rule of the Security Group.
+* **must only**: The port(s) given must be exactly same like the ones defined in Security Group.
+
+Please not that `must not` condition is executed per every Security Group Rule, while `must not` and `must only` is 
+executed for ALL rules exist in a Security Group.
 
 ------------------------
 ### [When](#){: .p-1 .text-red-200} its [property](#){: .p-1 .text-green-200 .fw-700} has not [something](#){: .p-1 .text-blue-100 .fw-700}
@@ -301,3 +310,75 @@ it should fail
 [Then](#){: .p-1 .text-red-200} 
 it must fail
 >
+
+------------------------
+### [Then](#){: .p-1 .text-red-200} it must have [address](#){: .p-1 .text-green-200 .fw-700} referenced
+`terraform-compliance` mounts resources into each other if they are referenced. E.g. an `aws_security_group_rule` onto
+`aws_security_grouup`. Some use cases may require to find these references, mount points about which entity is mounted 
+on top of which entity. This step can be used in these situations.
+
+> __Possible sentences :__
+>
+> ▪
+[Then](#){: .p-1 .text-red-200} 
+its must have
+[address](#){: .p-1 .text-green-200 .fw-700} 
+referenced
+>
+
+| key | Description | Examples |
+|:---:|:----------|:-|
+| [address](#){: .p-1 .text-green-200 .fw-700} | resource address within terraform | `aws_security_group.my_group` |
+
+------------------------
+### [Then](#){: .p-1 .text-red-200} its [key](#){: .p-1 .text-green-200 .fw-700} [condition](#){: .p-1 .text-blue-100 .fw-700} be [value](#){: .p-1 .text-blue-100 .fw-700} 
+This is an optimised way of reading and matching a data without drilling down once more by using `it contains` steps.
+This step will match `key` = `value` or `key` != `value` depending on the `condition`
+
+> __Possible sentences :__
+>
+> ▪
+[Then](#){: .p-1 .text-red-200} 
+its
+[key](#){: .p-1 .text-green-200 .fw-700}
+[condition](#){: .p-1 .text-blue-100 .fw-700}
+be
+[value](#){: .p-1 .text-blue-100 .fw-700} 
+>
+> ▪
+[Then](#){: .p-1 .text-red-200} 
+its
+[key](#){: .p-1 .text-green-200 .fw-700}
+property
+[condition](#){: .p-1 .text-blue-100 .fw-700}
+be
+[value](#){: .p-1 .text-blue-100 .fw-700} 
+>
+> ▪
+[Then](#){: .p-1 .text-red-200} 
+its
+[key](#){: .p-1 .text-green-200 .fw-700}
+key
+[condition](#){: .p-1 .text-blue-100 .fw-700}
+be
+[value](#){: .p-1 .text-blue-100 .fw-700} 
+>
+
+| key | Description | Examples |
+|:---:|:----------|:-|
+| [key](#){: .p-1 .text-green-200 .fw-700} | The key name of the property | `encryption`, `private`, `name`, `id` |
+| [condition](#){: .p-1 .text-blue-100 .fw-700} | Defines if the match will be `=` or `!=` | Only `must` and `must not` |
+| [value](#){: .p-1 .text-blue-100 .fw-700} | The value of the property | `true`, `closed`, `my_bucket` |
+
+------------------------
+### [Then](#){: .p-1 .text-red-200} I flatten all values found
+This will apply a `union/combine/merge` function for the values that has been found for the resources from the previous
+steps. A valid use case could be checking a value that exists in a list of values that has been combined into one. For 
+example, checking a specific `name` that has been created by a `for_each` of resource iteration.
+
+> __Possible sentences :__
+>
+> ▪
+[Then](#){: .p-1 .text-red-200} 
+I flatten all values found
+>

docs/pages/bdd-references/when.md

@@ -185,4 +185,3 @@ the value
 | key | Description | Examples |
 |:---:|:----------|:-|
 | [action](#){: .p-1 .text-green-200 .fw-700} | mathematical operation | currently only supports for `count` |
-

docs/pages/usage/additional_parameters.md

@@ -13,7 +13,6 @@ full parameter list you can use `radish --help` in order to get a full list.
 
 Some of the useful parameters can be listed as ;
 
-* `--early-exit`: Exits the tests when upon failure instead of completing all tests
-* `--no-ansi`: No coloured output, which is useful for some pipelines that doesn't support ANSI Colour Codes.
-* `--wip`: In case you are trying to test a `terraform-compliance` test that passes when it fails.
+* `--no-ansi`: This will enforce color and emoji compatibility for the terminal. 
+* `--wip`: This will enable `terraform-compliance` to expect a failure. If the test pass, then exit code will be `1`, otherwise `0`.
 

docs/pages/usage/index.md

@@ -134,3 +134,41 @@ files that has been created. In these cases you can just provide the same versio
 If you are using a [Docker](/pages/installation/docker) version of `terraform-compliance`, `terraform` binary is already
 packaged within the Docker Image. In case, you may need to use another version of `terraform` binary, you can still use 
 `-t` to point the local version.
+
+### -q / --quit-early
+{: .d-inline-block }
+OPTIONAL
+{: .label .label-yellow}
+
+{: .d-inline-block }
+1.1.+
+{: .label .label-blue}
+
+This option will disable default behaviour of `terraform-compliance` where the execution
+of the `Scenario` and `Step` (not `Feature`) will exit immediately upon first failure.
+
+### -n / --no-failures
+{: .d-inline-block }
+OPTIONAL
+{: .label .label-yellow}
+
+{: .d-inline-block }
+1.1.+
+{: .label .label-blue}
+
+This option will enforce to have `0` exit code independent of the test results. It is
+different than passing `--wip` since, that parameter only returns `0` if the test fails. This
+option will make `terarform-compliance` to report all errors, but always return `0`
+exit code.
+
+### -S / --silent
+{: .d-inline-block }
+OPTIONAL
+{: .label .label-yellow}
+
+{: .d-inline-block }
+1.1.+
+{: .label .label-blue}
+
+This option will surpress the output of `Feature`, `Scenario` and `Steps`. Only the
+summary and the Failure messages will be shown - if applicable.

requirements.txt

@@ -5,4 +5,5 @@ netaddr==0.7.19
 colorful==0.5.4
 filetype==1.0.5
 junit-xml==1.8
-lxml==4.5.0
+emoji==0.5.4
+lxml==4.5.0

terraform_compliance/__init__.py

@@ -1,2 +1,2 @@
 __app_name__ = 'terraform-compliance'
-__version__ = '{{VERSION}}' or '\btest-version'
+__version__ = '{{VERSION}}' if not '{{VERSION}}'.startswith('{') else '0.0.0'

terraform_compliance/common/defaults.py

@@ -0,0 +1,51 @@
+import sys
+import os
+import colorful
+from emoji import emojize
+
+
+class Defaults(object):
+
+    address_pointer = 'terraform-compliance.mounted_resources.addresses'
+
+    def __init__(self):
+        self.interactive_mode = self.detect_term()
+
+        if '--no-ansi' in sys.argv or not sys.stdout.isatty():
+            self.skip_colour = \
+            self.warning_colour = \
+            self.failure_colour = \
+            self.info_colour = \
+            self.yellow = \
+            self.red = \
+            self.green = \
+            self.blue = \
+                self.no_coloured_output
+
+            self.info_icon = '*'
+            self.warning_icon = '!'
+            self.tada = ''
+            self.icon = '>'
+
+        else:
+            self.skip_colour = colorful.bold_purple
+            self.failure_colour = colorful.bold_red
+            self.warning_colour = colorful.bold_yellow
+            self.info_colour = colorful.bold_blue
+            self.yellow = colorful.yellow
+            self.red = colorful.red
+            self.green = colorful.green
+            self.blue = colorful.blue
+
+            self.info_icon = emojize(':bulb:', use_aliases=True)
+            self.warning_icon = emojize(':exclamation:', use_aliases=True)
+            self.tada = emojize(':tada:', use_aliases=True)
+            self.icon = emojize(':triangular_flag_on_post:', use_aliases=True)
+
+    @staticmethod
+    def no_coloured_output(param):
+        return param
+
+    @staticmethod
+    def detect_term():
+        return False if colorful.terminal.detect_color_support(env=os.environ) == 0 else True