Maintainers
: @Ryan.WillettBackups
: @Tyler.Deknecht
This is a GO package that you can import into your Terraform tests (Terratest) that makes it extremely easy to validate your code by abstracting away all of the assert statements. All you have to do is pass in the values that you want to validate for the resource you are deploying. For example, if you were deploying an AWS S3 bucket you could pass in the name of the bucket, arn, bucket policy, etc. and it will validate that it is correctly built in AWS! This allows you to build with confidence and test your Terraform before deploying it to be consumed.
- Terraform
- Go
import (
"github.com/StateFarmIns/terratest-helpers/tests"
)
tests.ValidateBucketEncryption(t, svc, "my-bucket-name", "AES256", verboseOutput)
Terraform is a highly adopted IaC language and every language needs a testing framework. Terratest is that framework, but the benefit of the terratest-helpers is that when you deploy resources to AWS/GCP/AZURE they are built based on the inputs you pass to the terraform. This allows the terratest-helpers to take in the same inputs and validate that the resources are built correctly in the cloud provider by making api calls to validate. The reason this is possible is because when people deploy resources to a cloud provider they specify the configuration they want. It is not custom code like a JUnit is. This allows the developers to not focus on writing all of the api calls to verify the resources built correctly in the cloud provider. They just specify what resource they are building and the terratest-helper function will do all of the validation for them.
If you cannot find a helper for your specific case, you can write your own.
Every helper does three things. First, it queries AWS for the data it needs. Second, the helper handles any errors that might have been generated by the call to AWS. Third, it makes assertions about the input it was given and the data it received from AWS.
Here is a helper.
func ValidateBucketTagging(t *testing.T, svc *s3.S3, bucketName string, tagValues []string, verboseOutput bool) {
// Step 1: Query AWS
getBucketTaggingInput := &s3.GetBucketTaggingInput{
Bucket: aws.String(bucketName),
}
result, err1 := svc.GetBucketTagging(getBucketTaggingInput)
// Step 2: Handle Errors
if err1 != nil {
if aerr, ok := err1.(awserr.Error); ok {
switch aerr.Code() {
case kms.ErrCodeNotFoundException:
fmt.Println(kms.ErrCodeNotFoundException, aerr.Error())
default:
fmt.Println(aerr.Error())
}
} else {
fmt.Println(err1.Error())
}
t.Logf("Failing test.")
t.Fail()
return
}
if verboseOutput {
fmt.Println(result.String())
}
// Step 3: Make assertions
for i := 0; i < len(tagValues); i++ {
assert.Contains(t, result.String(), tagValues[i])
if verboseOutput {
fmt.Println(tagValues[i])
}
}
}