Skip to content
/ terraform-testing Public

Testing AWS cloud Infrastructure-as-Code written in Terraform using Go and Localstack.

License

GPL-3.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

florianakos/terraform-testing

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
test
test
 
 
tf-module-s3-auth
tf-module-s3-auth
 
 
tf-module-s3-bucket
tf-module-s3-bucket
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

terraform-testing

A project that combines creation of a new terraform module and testing it via AWS and Localstack using Go's built-in test capabilities.

requirements

  • go
  • terraform
  • localstack
  • aws creds

The terraform module was written to take care of S3 and KMS permissions necessary for an IAM role to carry out it's intended functions. Motivation: at work I've recently run into an issue where too many policies were being attached to a single role, and so with this module it's possible to collect all necessary S3 and KMS permissions in a single policy which is then attached to the IAM Role (it's possible to grant granular RO/RW permissions to specific prefixes or objects in an S3 bucket).

Running the tests

There are 3 different ways of running the tests

manually via localstack

The terraform code which utilizes the TF module is already prepared to use the localstack endpoints in the provider configuration.

cd test/terraform/localstack
docker-compose up
terraform init
terraform apply
terraform destroy

If localstack gets stuck in docker-compose you can reset it via docker-compose down -v --rmi all --remove-orphans.

manually via aws

This assumes a local AWS profile personal-aws is already configured and is available to use for running this test.

cd test/terraform/aws
terraform init
terraform apply
terraform destroy

Furtheromre, this test assumes that a bucket is already available in the AWS account for storing the terraform state remogtely!

  backend "s3" {
    bucket = "terraform-testing-via-go"
    key = "test/s3-authz-test/terraform.tfstate"
    region = "eu-central-1"
    profile = "personal-aws"
  }

automated via Go

This option relies on the /test/terraform/aws but runs it automatically via the Go testing package.

cd test/go
 ▶ go test
TestTerraform 2020-07-12T17:57:21+02:00 logger.go:66: Running command terraform with args [init -upgrade=false]
TestTerraform 2020-07-12T17:57:21+02:00 logger.go:66: Initializing modules...
TestTerraform 2020-07-12T17:57:21+02:00 logger.go:66: - s3_authz in ../../../tf-module-s3-auth
TestTerraform 2020-07-12T17:57:21+02:00 logger.go:66: Initializing the backend...
TestTerraform 2020-07-12T17:57:23+02:00 logger.go:66: Successfully configured the backend "s3"! Terraform will automatically
TestTerraform 2020-07-12T17:57:29+02:00 logger.go:66: - s3_authz in ../../../tf-module-s3-auth
...
TestTerraform 2020-07-12T17:57:46+02:00 logger.go:66: Apply complete! Resources: 5 added, 0 changed, 0 destroyed.
...
TestTerraform 2020-07-12T17:58:04+02:00 logger.go:66: 
TestTerraform 2020-07-12T17:58:04+02:00 logger.go:66: Destroy complete! Resources: 5 destroyed.
PASS
ok      github.com/florianakos/terraform-testing/tests  43.191s

Conclusion

Testing via localstack is great as long as you are working with AWS and the targeted service is supported by localstack. It runs much much faster thanks to the fact that localhost is much closer to you than the cloud API endpoints.

Go is awesome! Terraform is awesome too! :)

About

Testing AWS cloud Infrastructure-as-Code written in Terraform using Go and Localstack.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages