diff --git a/.gitignore b/.gitignore index 99ff2c3..36f582f 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ +# .terragrunt-cache directories +**/.terragrunt-cache/* + # .terraform directories **/.terraform/* diff --git a/aws/aws_gitlab_terragrunt.hcl b/aws/aws_gitlab_terragrunt.hcl index dea8663..0aabdd1 100644 --- a/aws/aws_gitlab_terragrunt.hcl +++ b/aws/aws_gitlab_terragrunt.hcl @@ -28,7 +28,7 @@ terraform { required_providers { aws = { source = "hashicorp/aws" - version = "${format("~> %s", local.versions.aws_provider_version)}" + version = "${format("~> %s.0", local.versions.aws_provider_version)}" } } } diff --git a/aws/gitlab/env.yaml b/aws/gitlab/env.yaml index 9984ba2..6222fdd 100644 --- a/aws/gitlab/env.yaml +++ b/aws/gitlab/env.yaml @@ -7,8 +7,8 @@ labels: team: devops dependencies: - demo_vpc_dependency_path: "reg-primary/vpcs/custom" - demo_vpc_mock_outputs: + custom_vpc_dependency_path: "reg-primary/vpcs/custom" + custom_vpc_mock_outputs: azs: - "us-east-2a" - "us-east-2b" @@ -44,3 +44,14 @@ dependencies: vpc_enable_dns_support: true vpc_id: "vpc-0d8148e657a7787f1" vpc_main_route_table_id: "rtb-0ade48517f021bfde" + + gitlab_keypair_dependency_path: "reg-primary/keypairs/gitlab" + gitlab_keypair_mock_outputs: + key_pair_id: "key-0576e69c4b8faacc2" + key_pair_name: "kped-demo-gitlab" + + gitlab_sg_dependency_path: "reg-primary/sgs/gitlab" + gitlab_sg_mock_outputs: + security_group_id: "sg-03d25a67" + security_group_name: "kped-demo-gitlab" + security_group_vpc_id: "vpc-0d8148e657a7787f1" diff --git a/aws/gitlab/global/.gitkeep b/aws/gitlab/global/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/aws/gitlab/reg-primary/instances/gitlab/inputs.yaml b/aws/gitlab/reg-primary/instances/gitlab/inputs.yaml new file mode 100644 index 0000000..31e1791 --- /dev/null +++ b/aws/gitlab/reg-primary/instances/gitlab/inputs.yaml @@ -0,0 +1,6 @@ +--- +ami: "ami-0b8b44ec9a8f90422" +labels: {} +monitoring: false +name: "gitlab" +type: "c7i.large" diff --git a/aws/gitlab/reg-primary/instances/gitlab/remotestate.tf b/aws/gitlab/reg-primary/instances/gitlab/remotestate.tf new file mode 100644 index 0000000..8ef6cc1 --- /dev/null +++ b/aws/gitlab/reg-primary/instances/gitlab/remotestate.tf @@ -0,0 +1,4 @@ +terraform { + # Intentionally unconfigured. Managed by Terragrunt. + backend "s3" {} +} diff --git a/aws/gitlab/reg-primary/instances/gitlab/terragrunt.hcl b/aws/gitlab/reg-primary/instances/gitlab/terragrunt.hcl new file mode 100644 index 0000000..c403c1d --- /dev/null +++ b/aws/gitlab/reg-primary/instances/gitlab/terragrunt.hcl @@ -0,0 +1,55 @@ +# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the +# working directory, into a temporary folder, and execute your Terraform commands in that folder. + +# Include all settings from the root terragrunt.hcl file +include { + path = find_in_parent_folders("aws_gitlab_terragrunt.hcl") +} + +# Resources should not be destroyed without careful consideration of effects +prevent_destroy = false + +locals { + env = yamldecode(file(find_in_parent_folders("env.yaml"))) + inputs = yamldecode(file("inputs.yaml")) + platform = fileexists(find_in_parent_folders("local.aws.yaml")) ? yamldecode(file(find_in_parent_folders("local.aws.yaml"))) : yamldecode(file(find_in_parent_folders("aws.yaml"))) + region = yamldecode(file(find_in_parent_folders("region.yaml"))) + versions = yamldecode(file(find_in_parent_folders("versions.yaml"))) +} + +dependency "custom_vpc" { + config_path = find_in_parent_folders(local.env.dependencies.custom_vpc_dependency_path) + mock_outputs = local.env.dependencies.custom_vpc_mock_outputs + + mock_outputs_allowed_terraform_commands = ["init", "plan", "validate"] +} + +dependency "gitlab_keypair" { + config_path = find_in_parent_folders(local.env.dependencies.gitlab_keypair_dependency_path) + mock_outputs = local.env.dependencies.gitlab_keypair_mock_outputs + + mock_outputs_allowed_terraform_commands = ["init", "plan", "validate"] +} + +dependency "gitlab_sg" { + config_path = find_in_parent_folders(local.env.dependencies.gitlab_sg_dependency_path) + mock_outputs = local.env.dependencies.gitlab_sg_mock_outputs + + mock_outputs_allowed_terraform_commands = ["init", "plan", "validate"] +} + +terraform { + source = "git::git@github.com:terraform-aws-modules/terraform-aws-ec2-instance?ref=${local.versions.aws_module_ec2}" +} + +inputs = { + ami = local.inputs.ami + name = format("%s-%s-%s", local.platform.prefix, local.env.environment, local.inputs.name) + zone = format("%s%s", local.region.location, local.region.zone_preference) + instance_type = local.inputs.type + key_name = dependency.gitlab_keypair.outputs.key_pair_name + monitoring = local.inputs.monitoring + subnet_id = dependency.custom_vpc.outputs.public_subnets[0] + tags = merge(local.env.labels, local.inputs.labels) + vpc_security_group_ids = tolist([dependency.gitlab_sg.outputs.security_group_id]) +} diff --git a/aws/gitlab/reg-primary/keypairs/gitlab/inputs.yaml b/aws/gitlab/reg-primary/keypairs/gitlab/inputs.yaml new file mode 100644 index 0000000..52fd8c6 --- /dev/null +++ b/aws/gitlab/reg-primary/keypairs/gitlab/inputs.yaml @@ -0,0 +1,5 @@ +--- +labels: {} +name: "gitlab" +pubkey_str: "" +pubkey_file: "~/.ssh/id_rsa.pub" diff --git a/aws/gitlab/reg-primary/keypairs/gitlab/remotestate.tf b/aws/gitlab/reg-primary/keypairs/gitlab/remotestate.tf new file mode 100644 index 0000000..8ef6cc1 --- /dev/null +++ b/aws/gitlab/reg-primary/keypairs/gitlab/remotestate.tf @@ -0,0 +1,4 @@ +terraform { + # Intentionally unconfigured. Managed by Terragrunt. + backend "s3" {} +} diff --git a/aws/gitlab/reg-primary/keypairs/gitlab/terragrunt.hcl b/aws/gitlab/reg-primary/keypairs/gitlab/terragrunt.hcl new file mode 100644 index 0000000..e54960d --- /dev/null +++ b/aws/gitlab/reg-primary/keypairs/gitlab/terragrunt.hcl @@ -0,0 +1,27 @@ +# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the +# working directory, into a temporary folder, and execute your Terraform commands in that folder. + +# Include all settings from the root terragrunt.hcl file +include { + path = find_in_parent_folders("aws_gitlab_terragrunt.hcl") +} + +# Resources should not be destroyed without careful consideration of effects +prevent_destroy = false + +locals { + env = yamldecode(file(find_in_parent_folders("env.yaml"))) + inputs = yamldecode(file("inputs.yaml")) + platform = fileexists(find_in_parent_folders("local.aws.yaml")) ? yamldecode(file(find_in_parent_folders("local.aws.yaml"))) : yamldecode(file(find_in_parent_folders("aws.yaml"))) + versions = yamldecode(file(find_in_parent_folders("versions.yaml"))) +} + +terraform { + source = "git::git@github.com:terraform-aws-modules/terraform-aws-key-pair?ref=${local.versions.aws_module_keypair}" +} + +inputs = { + key_name = format("%s-%s-%s", local.platform.prefix, local.env.environment, local.inputs.name) + public_key = coalesce(local.inputs.pubkey_str, file(local.inputs.pubkey_file)) + tags = merge(local.env.labels, local.inputs.labels) +} diff --git a/aws/gitlab/reg-primary/sgs/gitlab/inputs.yaml b/aws/gitlab/reg-primary/sgs/gitlab/inputs.yaml new file mode 100644 index 0000000..838fc03 --- /dev/null +++ b/aws/gitlab/reg-primary/sgs/gitlab/inputs.yaml @@ -0,0 +1,9 @@ +--- +description: "Security group for network access to GitLab instance from the Internet" +ingress_cidr_blocks: + - "0.0.0.0/0" +ingress_rules: + - "https-8443-tcp" + - "ssh-tcp" +labels: {} +name: "gitlab" diff --git a/aws/gitlab/reg-primary/sgs/gitlab/remotestate.tf b/aws/gitlab/reg-primary/sgs/gitlab/remotestate.tf new file mode 100644 index 0000000..8ef6cc1 --- /dev/null +++ b/aws/gitlab/reg-primary/sgs/gitlab/remotestate.tf @@ -0,0 +1,4 @@ +terraform { + # Intentionally unconfigured. Managed by Terragrunt. + backend "s3" {} +} diff --git a/aws/gitlab/reg-primary/sgs/gitlab/terragrunt.hcl b/aws/gitlab/reg-primary/sgs/gitlab/terragrunt.hcl new file mode 100644 index 0000000..9ca3b2e --- /dev/null +++ b/aws/gitlab/reg-primary/sgs/gitlab/terragrunt.hcl @@ -0,0 +1,38 @@ +# Terragrunt will copy the Terraform configurations specified by the source parameter, along with any files in the +# working directory, into a temporary folder, and execute your Terraform commands in that folder. + +# Include all settings from the root terragrunt.hcl file +include { + path = find_in_parent_folders("aws_gitlab_terragrunt.hcl") +} + +# Resources should not be destroyed without careful consideration of effects +prevent_destroy = false + +locals { + env = yamldecode(file(find_in_parent_folders("env.yaml"))) + inputs = yamldecode(file("inputs.yaml")) + platform = fileexists(find_in_parent_folders("local.aws.yaml")) ? yamldecode(file(find_in_parent_folders("local.aws.yaml"))) : yamldecode(file(find_in_parent_folders("aws.yaml"))) + region = yamldecode(file(find_in_parent_folders("region.yaml"))) + versions = yamldecode(file(find_in_parent_folders("versions.yaml"))) +} + +dependency "custom_vpc" { + config_path = find_in_parent_folders(local.env.dependencies.custom_vpc_dependency_path) + mock_outputs = local.env.dependencies.custom_vpc_mock_outputs + + mock_outputs_allowed_terraform_commands = ["init", "plan", "validate"] +} + +terraform { + source = "git::git@github.com:terraform-aws-modules/terraform-aws-security-group?ref=${local.versions.aws_module_sg}" +} + +inputs = { + description = local.inputs.description + ingress_cidr_blocks = local.inputs.ingress_cidr_blocks + ingress_rules = local.inputs.ingress_rules + name = format("%s-%s-%s", local.platform.prefix, local.env.environment, local.inputs.name) + tags = merge(local.env.labels, local.inputs.labels) + vpc_id = dependency.custom_vpc.outputs.vpc_id +} diff --git a/aws/gitlab/reg-primary/vpcs/custom/inputs.yaml b/aws/gitlab/reg-primary/vpcs/custom/inputs.yaml index 7af0f2f..3df0097 100644 --- a/aws/gitlab/reg-primary/vpcs/custom/inputs.yaml +++ b/aws/gitlab/reg-primary/vpcs/custom/inputs.yaml @@ -5,6 +5,7 @@ dns: support: true internet: deploy_gateway: true +labels: {} name: "custom" nat: deploy_gateways: true diff --git a/aws/gitlab/reg-primary/vpcs/custom/terragrunt.hcl b/aws/gitlab/reg-primary/vpcs/custom/terragrunt.hcl index ac21b74..4a5a68d 100644 --- a/aws/gitlab/reg-primary/vpcs/custom/terragrunt.hcl +++ b/aws/gitlab/reg-primary/vpcs/custom/terragrunt.hcl @@ -56,5 +56,5 @@ inputs = { enable_vpn_gateway = local.inputs.vpn.deploy_gateway vpn_gateway_az = format("%s%s", local.region.location, local.region.zone_preference) - tags = local.env.labels + tags = merge(local.env.labels, local.inputs.labels) } diff --git a/aws/gitlab/scripts/configure.sh b/aws/gitlab/scripts/configure.sh index c0da243..f2598a9 100755 --- a/aws/gitlab/scripts/configure.sh +++ b/aws/gitlab/scripts/configure.sh @@ -82,3 +82,6 @@ sed -i -e "s:ZONE:a:g" reg-primary/region.yaml sed -i -e "s:REGION:${SREGION}:g" reg-secondary/region.yaml sed -i -e "s:ZONE:a:g" reg-secondary/region.yaml sed -i -e "s:TEAM:${TEAM}:g" env.yaml + +aws configure set default.region ${PREGION} +aws configure set default.output json diff --git a/aws/gitlab/templates/env.tpl b/aws/gitlab/templates/env.tpl index 4ff8545..6ae6d29 100644 --- a/aws/gitlab/templates/env.tpl +++ b/aws/gitlab/templates/env.tpl @@ -7,8 +7,8 @@ labels: team: TEAM dependencies: - demo_vpc_dependency_path: "reg-primary/vpcs/custom" - demo_vpc_mock_outputs: + custom_vpc_dependency_path: "reg-primary/vpcs/custom" + custom_vpc_mock_outputs: azs: - "PREGIONa" - "PREGIONb" @@ -44,3 +44,14 @@ dependencies: vpc_enable_dns_support: true vpc_id: "vpc-0d8148e657a7787f1" vpc_main_route_table_id: "rtb-0ade48517f021bfde" + + gitlab_keypair_dependency_path: "reg-primary/keypairs/gitlab" + gitlab_keypair_mock_outputs: + key_pair_id: "key-0576e69c4b8faacc2" + key_pair_name: "PREFIX-ENVIRONMENT-gitlab" + + gitlab_sg_dependency_path: "reg-primary/sgs/gitlab" + gitlab_sg_mock_outputs: + security_group_id: "sg-03d25a67" + security_group_name: "PREFIX-ENVIRONMENT-gitlab" + security_group_vpc_id: "vpc-0d8148e657a7787f1" diff --git a/aws/gitlab/test/aws_gitlab_test.go b/aws/gitlab/test/aws_gitlab_test.go index 6614ec8..81d17b0 100644 --- a/aws/gitlab/test/aws_gitlab_test.go +++ b/aws/gitlab/test/aws_gitlab_test.go @@ -41,25 +41,28 @@ func TestTerragruntDeployment(t *testing.T) { // Check for standard global configuration files if !fileExists(terraformDeploymentOptions.TerraformDir + "/env.yaml") { - t.Fail() + t.Error("Configuration check FAILED. Environment configuration file not found!") } if !fileExists(terraformDeploymentOptions.TerraformDir + "/../local.aws.yaml") { if !fileExists(terraformDeploymentOptions.TerraformDir + "/../aws.yaml") { - t.Fail() + t.Error("Configuration check FAILED. Platform configuration file not found!") } } if !fileExists(terraformDeploymentOptions.TerraformDir + "/reg-primary/region.yaml") { - t.Fail() + t.Error("Configuration check FAILED. Primary region configuration file not found!") } if !fileExists(terraformDeploymentOptions.TerraformDir + "/reg-secondary/region.yaml") { - t.Fail() + t.Error("Configuration check FAILED. Secondary region configuration file not found!") } if !fileExists(terraformDeploymentOptions.TerraformDir + "/versions.yaml") { - t.Fail() + t.Error("Configuration check FAILED. Versions configuration file not found!") } // Define modules moddirs["0-customVPC"] = "../reg-primary/vpcs/custom" + moddirs["1-gitlabSG"] = "../reg-primary/sgs/gitlab" + moddirs["1-gitlabKeyPair"] = "../reg-primary/keypairs/gitlab" + moddirs["2-gitlabInstance"] = "../reg-primary/instances/gitlab" // Maps are unsorted, so sort the keys to process the modules in order modkeys := make([]string, 0, len(moddirs)) @@ -81,87 +84,88 @@ func TestTerragruntDeployment(t *testing.T) { // Check for standard files if !fileExists(terraformOptions.TerraformDir + "/inputs.yaml") { - t.Fail() + t.Errorf("Module configuration check FAILED. Inputs file not found in %s", terraformOptions.TerraformDir) } if !fileExists(terraformOptions.TerraformDir + "/remotestate.tf") { - t.Fail() + t.Errorf("Module configuration check FAILED. Remote state file not found in %s", terraformOptions.TerraformDir) } if !fileExists(terraformOptions.TerraformDir + "/terragrunt.hcl") { - t.Fail() + t.Errorf("Module configuration check FAILED. Terragrunt configuration file not found in %s", terraformOptions.TerraformDir) } } // Read and store the env.yaml yfile, err = os.ReadFile(terraformDeploymentOptions.TerraformDir + "/env.yaml") if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not read environment configuration file!") } env := make(map[string]interface{}) err = yaml.Unmarshal(yfile, &env) if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not parse environment configuration file!") } // Read and store the aws.yaml if fileExists(terraformDeploymentOptions.TerraformDir + "/../local.aws.yaml") { yfile, err = os.ReadFile(terraformDeploymentOptions.TerraformDir + "/../local.aws.yaml") if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not read platform configuration file!") } } else { yfile, err = os.ReadFile(terraformDeploymentOptions.TerraformDir + "/../aws.yaml") if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not read platform configuration file!") } } platform := make(map[string]interface{}) err = yaml.Unmarshal(yfile, &platform) if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not parse platform configuration file!") } // Read and store the reg-primary/region.yaml yfile, err = os.ReadFile(terraformDeploymentOptions.TerraformDir + "/reg-primary/region.yaml") if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not read primary region configuration file!") } pregion := make(map[string]interface{}) err = yaml.Unmarshal(yfile, &pregion) if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not parse primary region configuration file!") } // Read and store the reg-secondary/region.yaml yfile, err = os.ReadFile(terraformDeploymentOptions.TerraformDir + "/reg-secondary/region.yaml") if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not read secondary region configuration file!") } sregion := make(map[string]interface{}) err = yaml.Unmarshal(yfile, &sregion) if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not parse secondary region configuration file!") } // Read and store the versions.yaml yfile, err = os.ReadFile(terraformDeploymentOptions.TerraformDir + "/versions.yaml") if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not read versions configuration file!") } versions := make(map[string]interface{}) err = yaml.Unmarshal(yfile, &versions) if err != nil { - t.Fail() + t.Error("Configuration check FAILED. Could not parse versions configuration file!") } // Clean up after ourselves if flag is set if *destroy { defer terraform.TgDestroyAll(t, terraformDeploymentOptions) } + // Deploy the composition terraform.TgApplyAll(t, terraformDeploymentOptions) @@ -175,35 +179,49 @@ func TestTerragruntDeployment(t *testing.T) { // Read the provider output and verify configured version providers := terraform.RunTerraformCommand(t, terraformOptions, terraform.FormatArgs(terraformOptions, "providers")...) - assert.Contains(t, providers, "provider[registry.terraform.io/hashicorp/aws] ~> "+versions["aws_provider_version"].(string)) + if assert.Contains(t, providers, "provider[registry.terraform.io/hashicorp/aws] ~> "+versions["aws_provider_version"].(string)) { + t.Logf("AWS provider version check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("AWS provider version check FAILED for module in %s, expected %s", terraformOptions.TerraformDir, + "provider[registry.terraform.io/hashicorp/aws] ~> "+versions["aws_provider_version"].(string)) + } // Read the inputs.yaml yfile, err := os.ReadFile(terraformOptions.TerraformDir + "/inputs.yaml") if err != nil { - t.Fail() + t.Errorf("Module configuration check FAILED for module in %s. Could not read inputs.yaml file!", terraformOptions.TerraformDir) } inputs := make(map[string]interface{}) err = yaml.Unmarshal(yfile, &inputs) if err != nil { - t.Fail() + t.Errorf("Module configuration check FAILED for module in %s. Could not parse inputs.yaml file!", terraformOptions.TerraformDir) } // Read the terragrunt.hcl hclfile, err := os.ReadFile(terraformOptions.TerraformDir + "/terragrunt.hcl") if err != nil { - t.Fail() + t.Errorf("Module configuration check FAILED for module in %s. Could not read terragrunt.hcl file!", terraformOptions.TerraformDir) } hclstring := string(hclfile) // Make sure the path referes to the correct parent hcl file - assert.Contains(t, hclstring, "path = find_in_parent_folders(\"aws_gitlab_terragrunt.hcl\")") + if assert.Contains(t, hclstring, "path = find_in_parent_folders(\"aws_gitlab_terragrunt.hcl\")") { + t.Logf("Parent terragrunt file check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Parent terragrunt file check FAILED for module in %s, expected %s", terraformOptions.TerraformDir, + "path = find_in_parent_folders(\"aws_gitlab_terragrunt.hcl\").") + } // Collect the outputs outputs := terraform.OutputAll(t, terraformOptions) - assert.NotEmpty(t, outputs) + if assert.NotEmpty(t, outputs) { + t.Logf("Terragrunt outputs check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Terragrunt outputs check FAILED for module in %s, expected outputs not to be empty.", terraformOptions.TerraformDir) + } // Add module-specific tests below // Remember that we're in a loop, so group tests by module name (modules range keys) @@ -222,34 +240,114 @@ func TestTerragruntDeployment(t *testing.T) { // Module-specific tests switch module { - // Example folder module + // Custom VPC module case "0-customVPC": // Make sure that prevent_destroy is set to false - assert.Contains(t, hclstring, "prevent_destroy = false") - t.Logf("Prevent destroy check PASSED. Expected contains 'prevent_destroy = false' to be true, got %v", assert.Contains(t, hclstring, "prevent_destroy = false")) + if assert.Contains(t, hclstring, "prevent_destroy = false") { + t.Logf("Prevent destroy check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Prevent destroy check FAILED for module in %s, expected prevent_destroy to be set to false in terragrunt.hcl.", terraformOptions.TerraformDir) + } // Make sure the resource name contains the prefix, environment and name - assert.Contains(t, outputs["name"], platform["prefix"].(string)) - assert.Contains(t, outputs["name"], env["environment"].(string)) - assert.Contains(t, outputs["name"], inputs["name"].(string)) + if (assert.Contains(t, outputs["name"], platform["prefix"].(string))) && + (assert.Contains(t, outputs["name"], env["environment"].(string))) && + (assert.Contains(t, outputs["name"], inputs["name"].(string))) { + t.Logf("Resource name check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Resource name check FAILED for module in %s, expected name to contain configured prefix, environment and name elements.", terraformOptions.TerraformDir) + } // Make sure there is an Internet gateway deployed - assert.NotEmpty(t, outputs["igw_id"]) + if assert.NotEmpty(t, outputs["igw_id"]) { + t.Logf("Internet gateway check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Internet gateway check FAILED for module in %s, expected Internet gateway to be deployed.", terraformOptions.TerraformDir) + } // Make sure DNS is enabled - assert.True(t, outputs["vpc_enable_dns_support"].(bool)) + if assert.True(t, outputs["vpc_enable_dns_support"].(bool)) { + t.Logf("DNS check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("DNS check FAILED for module in %s, expected DNS to be enabled.", terraformOptions.TerraformDir) + } // Make sure the correct CIDR block is configured - assert.Equal(t, inputs["cidr"].(string), outputs["vpc_cidr_block"].(string)) + if assert.Equal(t, inputs["cidr"].(string), outputs["vpc_cidr_block"].(string)) { + t.Logf("CIDR block check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("CIDR block check FAILED for module in %s, expected configured CIDR block to be %s.", terraformOptions.TerraformDir, inputs["cidr"].(string)) + } // Make sure the resources are deployed to the appropriate zones for _, z := range inputs["zones"].([]interface{}) { - assert.Contains(t, outputs["azs"], pregion["location"].(string)+z.(string)) + if assert.Contains(t, outputs["azs"], pregion["location"].(string)+z.(string)) { + t.Logf("Zone deployment check for zone %s PASSED for module in %s", pregion["location"].(string)+z.(string), terraformOptions.TerraformDir) + } else { + t.Errorf("Zone deployment check FAILED for module in %s, expected deployment to zone %s.", terraformOptions.TerraformDir, pregion["location"].(string)+z.(string)) + } } // Make sure there is one NAT gateway per zone - assert.Equal(t, len(outputs["azs"].([]interface{})), len(outputs["natgw_ids"].([]interface{}))) + if assert.Equal(t, len(outputs["azs"].([]interface{})), len(outputs["natgw_ids"].([]interface{}))) { + t.Logf("NAT gateway check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("NAT gateway check FAILED for module in %s, expected one NAT gateway per zone.", terraformOptions.TerraformDir) + } + // GitLab Security Group module + case "1-gitlabSG": + // Make sure that prevent_destroy is set to false + if assert.Contains(t, hclstring, "prevent_destroy = false") { + t.Logf("Prevent destroy check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Prevent destroy check FAILED for module in %s, expected prevent_destroy to be set to false in terragrunt.hcl.", terraformOptions.TerraformDir) + } + + // Make sure the resource name contains the prefix, environment and name + if (assert.Contains(t, outputs["security_group_name"], platform["prefix"].(string))) && + (assert.Contains(t, outputs["security_group_name"], env["environment"].(string))) && + (assert.Contains(t, outputs["security_group_name"], inputs["name"].(string))) { + t.Logf("Resource name check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Resource name check FAILED for module in %s, expected name to contain configured prefix, environment and name elements.", terraformOptions.TerraformDir) + } + + // GitLab Key Pair module + case "1-gitlabKeyPair": + // Make sure that prevent_destroy is set to false + if assert.Contains(t, hclstring, "prevent_destroy = false") { + t.Logf("Prevent destroy check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Prevent destroy check FAILED for module in %s, expected prevent_destroy to be set to false in terragrunt.hcl.", terraformOptions.TerraformDir) + } + + // Make sure the resource name contains the prefix, environment and name + if (assert.Contains(t, outputs["key_pair_name"], platform["prefix"].(string))) && + (assert.Contains(t, outputs["key_pair_name"], env["environment"].(string))) && + (assert.Contains(t, outputs["key_pair_name"], inputs["name"].(string))) { + t.Logf("Resource name check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Resource name check FAILED for module in %s, expected name to contain configured prefix, environment and name elements.", terraformOptions.TerraformDir) + } + + // GitLab Security Group module + case "2-gitlabInstance": + // Make sure that prevent_destroy is set to false + if assert.Contains(t, hclstring, "prevent_destroy = false") { + t.Logf("Prevent destroy check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Prevent destroy check FAILED for module in %s, expected prevent_destroy to be set to false in terragrunt.hcl.", terraformOptions.TerraformDir) + } + + // Make sure the resource name contains the prefix, environment and name + if (assert.Contains(t, outputs["tags_all"].(map[string]interface{})["Name"], platform["prefix"].(string))) && + (assert.Contains(t, outputs["tags_all"].(map[string]interface{})["Name"], env["environment"].(string))) && + (assert.Contains(t, outputs["tags_all"].(map[string]interface{})["Name"], inputs["name"].(string))) { + t.Logf("Resource name check PASSED for module in %s", terraformOptions.TerraformDir) + } else { + t.Errorf("Resource name check FAILED for module in %s, expected name to contain configured prefix, environment and name elements.", terraformOptions.TerraformDir) + } } } } diff --git a/aws/gitlab/versions.yaml b/aws/gitlab/versions.yaml index 45cf1e1..5ff13ea 100644 --- a/aws/gitlab/versions.yaml +++ b/aws/gitlab/versions.yaml @@ -1,5 +1,5 @@ --- -aws_provider_version: "5.44.0" +aws_provider_version: "5.44" golang_runtime_version: "1.21" terraform_binary_version: "1.7" @@ -8,4 +8,7 @@ terraform_install_version: "1.7.4" terragrunt_binary_version: "0.55" terragrunt_install_version: "0.55.16" +aws_module_ec2: "v5.6.1" +aws_module_keypair: "v2.0.3" +aws_module_sg: "v5.1.2" aws_module_vpc: "v5.7.1"