Patrick de Ruiter
cfbe6cbdc4
Some checks failed
Code Quality & Security Scan / TFLint (push) Successful in 24s
Code Quality & Security Scan / Terraform Destroy (push) Has been skipped
Code Quality & Security Scan / Tfsec Security Scan (push) Successful in 29s
Code Quality & Security Scan / Checkov Security Scan (push) Successful in 44s
Code Quality & Security Scan / Terraform Tests (push) Failing after 35s
Code Quality & Security Scan / SonarQube Trigger (push) Has been skipped
Code Quality & Security Scan / Terraform Init (push) Has been skipped
Code Quality & Security Scan / Terraform Apply (push) Has been skipped
- Implemented 21 test cases across 3 test suites: * resource_groups.tftest.hcl (7 tests): Default behavior and validation * custom_configuration.tftest.hcl (6 tests): Custom configurations * variable_validation.tftest.hcl (8 tests): Input validation and edge cases - Updated CI/CD pipeline (.gitea/workflows/sonarqube.yaml): * Added terraform-test job with format check and test execution * Generates and uploads test reports (30-day retention) * Runs after security scanning, before deployment - Added comprehensive documentation: * TESTING.md: Complete testing guide with best practices * TEST_SUMMARY.md: Implementation summary and statistics * TESTING_QUICK_START.md: Quick reference for developers * TESTING_WORKFLOW.md: Visual workflow diagrams - Updated existing documentation: * README.md: Added testing section with examples * CLAUDE.md: Added test commands to workflow - Test coverage includes: * Resource creation and configuration validation * Tag category and tag management * Variable validation and defaults * Custom configurations and overrides * Edge cases and error handling * Output generation verification Tests use mock credentials for infrastructure-independent execution. Requires Terraform >= 1.6.0 for native testing framework.
17 KiB
17 KiB
Terraform Testing Workflow
Complete CI/CD Pipeline with Testing
┌─────────────────────────────────────────────────────────────────┐
│ Code Push / Pull Request │
└────────────────────────────┬────────────────────────────────────┘
│
▼
┌────────────────┐
│ TFLint │
│ (Code Style) │
└────────┬───────┘
│
▼
┌────────────────┐
│ Tfsec │
│ (Security) │
└────────┬───────┘
│
▼
┌────────────────┐
│ Checkov │
│ (Compliance) │
└────────┬───────┘
│
▼
┌────────────────────────────────────────┐
│ Terraform Test (NEW!) │
│ ┌──────────────────────────────────┐ │
│ │ 1. Format Check │ │
│ │ terraform fmt -check │ │
│ └──────────────────────────────────┘ │
│ ┌──────────────────────────────────┐ │
│ │ 2. Run All Test Suites │ │
│ │ - resource_groups.tftest │ │
│ │ - custom_configuration │ │
│ │ - variable_validation │ │
│ │ (21 test cases total) │ │
│ └──────────────────────────────────┘ │
│ ┌──────────────────────────────────┐ │
│ │ 3. Generate Test Report │ │
│ └──────────────────────────────────┘ │
│ ┌──────────────────────────────────┐ │
│ │ 4. Upload Artifacts │ │
│ │ (30-day retention) │ │
│ └──────────────────────────────────┘ │
└────────────────┬───────────────────────┘
│
▼
┌────────────────┐
│ SonarQube │
│ (Code Quality) │
└────────┬───────┘
│
▼
┌────────────────┐
│ Terraform Init │
└────────┬───────┘
│
▼
┌────────────────┐
│ Terraform Plan │
└────────┬───────┘
│
▼
┌───────────────────────────────┐
│ Master Branch Only │
│ ┌────────────────────┐ │
│ │ Terraform Apply │ │
│ │ (Production) │ │
│ └────────────────────┘ │
└───────────────────────────────┘
Test Execution Flow
┌──────────────────────────────────────────────────────────────────┐
│ Terraform Test Stage │
└──────────────────────────────────────────────────────────────────┘
Step 1: Format Check
┌─────────────────────────────────────┐
│ terraform fmt -check -recursive │
│ │
│ ✓ Validates code formatting │
│ ✗ Fails if files need formatting │
└─────────────────────────────────────┘
│
▼
Step 2: Execute Tests
┌─────────────────────────────────────────────────────────┐
│ terraform test -verbose │
│ │
│ Test Suite 1: resource_groups.tftest.hcl (7 tests) │
│ ├─ verify_default_resource_groups │
│ ├─ validate_shares_mapping │
│ ├─ verify_tag_categories │
│ ├─ verify_resource_group_tags │
│ ├─ verify_default_resource_pool_config │
│ ├─ verify_outputs │
│ └─ verify_resource_pool_names │
│ │
│ Test Suite 2: custom_configuration.tftest.hcl (6 tests)│
│ ├─ custom_resource_group_config │
│ ├─ low_priority_resource_group │
│ ├─ non_expandable_resource_group │
│ ├─ multiple_custom_resource_groups │
│ ├─ environment_specific_config │
│ └─ single_resource_group │
│ │
│ Test Suite 3: variable_validation.tftest.hcl (8 tests) │
│ ├─ valid_environment_values │
│ ├─ datacenter_variable │
│ ├─ cluster_name_variable │
│ ├─ resource_groups_structure │
│ ├─ optional_parameters_defaults │
│ ├─ shares_value_mapping │
│ ├─ empty_resource_groups │
│ └─ resource_limits_validation │
└─────────────────────────────────────────────────────────┘
│
▼
Step 3: Generate Report
┌─────────────────────────────────────┐
│ Create test-report.md │
│ - Execution timestamp │
│ - Test results summary │
└─────────────────────────────────────┘
│
▼
Step 4: Upload Artifacts
┌─────────────────────────────────────┐
│ Upload test-report.md │
│ Retention: 30 days │
└─────────────────────────────────────┘
Local Development Workflow
┌──────────────────────┐
│ Make Code Changes │
└──────────┬───────────┘
│
▼
┌──────────────────────┐
│ terraform fmt │
│ (Auto-format) │
└──────────┬───────────┘
│
▼
┌──────────────────────┐
│ terraform validate │
│ (Syntax check) │
└──────────┬───────────┘
│
▼
┌──────────────────────┐
│ terraform test │
│ (Run all tests) │
└──────────┬───────────┘
│
▼
┌─────────┐
│ Success?│
└────┬────┘
│
┌─────┴─────┐
│ │
Yes No
│ │
│ ▼
│ ┌──────────────┐
│ │ Fix Issues │
│ └──────┬───────┘
│ │
│ └──────┐
│ │
▼ ▼
┌────────────────────────┐
│ git commit & push │
└────────────────────────┘
Test Failure Handling
┌──────────────────────────────────────┐
│ Test Failure Detected │
└──────────────┬───────────────────────┘
│
▼
┌──────────────┐
│ Review Error │
│ Message │
└──────┬───────┘
│
▼
┌─────────────────────┐
│ What type of error? │
└─────────┬───────────┘
│
┌─────────┴─────────────┬──────────────┐
│ │ │
▼ ▼ ▼
┌──────────┐ ┌─────────────┐ ┌────────────┐
│Formatting│ │Test Logic │ │Code Bug │
│ Error │ │ Error │ │ │
└────┬─────┘ └──────┬──────┘ └─────┬──────┘
│ │ │
▼ ▼ ▼
┌──────────┐ ┌─────────────┐ ┌────────────┐
│terraform │ │Fix Test │ │Fix Code │
│ fmt │ │Assertions │ │Logic │
└────┬─────┘ └──────┬──────┘ └─────┬──────┘
│ │ │
└─────────────────────┴───────────────┘
│
▼
┌─────────────────┐
│ Re-run Tests │
└─────────────────┘
Quality Gates
Quality Gates
│
┌────────────────┼────────────────┐
│ │ │
▼ ▼ ▼
┌─────────┐ ┌──────────┐ ┌──────────┐
│ TFLint │ │ Tfsec │ │ Checkov │
│ ✓ │ │ ✓ │ │ ✓ │
└─────────┘ └──────────┘ └──────────┘
│
▼
┌────────────────┐
│ Terraform Test │ ◄─── NEW!
│ ✓ │
└────────┬───────┘
│
▼
┌────────────┐
│ SonarQube │
│ ✓ │
└──────┬─────┘
│
▼
┌────────────┐
│ Deploy │
│ Ready │
└────────────┘
Test Types Coverage
┌─────────────────────────────────────────────────────────────┐
│ Test Coverage Matrix │
├─────────────────────────────────────────────────────────────┤
│ │
│ Unit Tests (Terraform Test) │
│ ├─ Variable validation ✓ (8 tests) │
│ ├─ Resource creation ✓ (7 tests) │
│ ├─ Configuration logic ✓ (6 tests) │
│ └─ Output generation ✓ (4 assertions) │
│ │
│ Integration Tests │
│ ├─ Tag category creation ✓ │
│ ├─ Tag application ✓ │
│ └─ Resource dependencies ✓ │
│ │
│ Security Tests │
│ ├─ Tfsec security scan ✓ │
│ └─ Checkov compliance ✓ │
│ │
│ Code Quality Tests │
│ ├─ TFLint style check ✓ │
│ ├─ Format validation ✓ │
│ └─ SonarQube analysis ✓ │
│ │
└─────────────────────────────────────────────────────────────┘
Quick Reference Commands
Local Testing
# Complete test workflow
terraform fmt -recursive && \
terraform validate && \
terraform test -verbose
# Individual steps
terraform fmt -check # Check formatting
terraform validate # Validate syntax
terraform test # Run all tests
terraform test -verbose # Verbose output
CI/CD Monitoring
# Check workflow status
git push origin master # Triggers full pipeline
# View test results
# Check Actions tab in repository
# Download test-report.md artifact
Success Indicators
✅ All 21 tests passing ✅ No formatting issues ✅ No linting warnings ✅ No security vulnerabilities ✅ Code quality metrics met ✅ Deployment successful
Resources
- Full Documentation: TESTING.md
- Quick Start: TESTING_QUICK_START.md
- Summary: TEST_SUMMARY.md
- Main README: README.md