113 lines
4.0 KiB
Go
113 lines
4.0 KiB
Go
package test
|
|
|
|
import (
|
|
"fmt"
|
|
"os"
|
|
"testing"
|
|
|
|
a "github.com/aws/aws-sdk-go/aws"
|
|
"github.com/aws/aws-sdk-go/service/ec2"
|
|
aws "github.com/gruntwork-io/terratest/modules/aws"
|
|
"github.com/gruntwork-io/terratest/modules/random"
|
|
"github.com/gruntwork-io/terratest/modules/terraform"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func teardown(t *testing.T, directory string) {
|
|
err := os.RemoveAll(fmt.Sprintf("../examples/%s/.terraform", directory))
|
|
require.NoError(t, err)
|
|
}
|
|
|
|
func setup(t *testing.T, directory string, region string, terraformVars map[string]interface{}) *terraform.Options {
|
|
|
|
retryableTerraformErrors := map[string]string{
|
|
// The reason is unknown, but eventually these succeed after a few retries.
|
|
".*unable to verify signature.*": "Failed due to transient network error.",
|
|
".*unable to verify checksum.*": "Failed due to transient network error.",
|
|
".*no provider exists with the given name.*": "Failed due to transient network error.",
|
|
".*registry service is unreachable.*": "Failed due to transient network error.",
|
|
".*connection reset by peer.*": "Failed due to transient network error.",
|
|
".*TLS handshake timeout.*": "Failed due to transient network error.",
|
|
}
|
|
|
|
terraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
|
|
TerraformDir: fmt.Sprintf("../examples/%s", directory),
|
|
// Variables to pass to our Terraform code using -var options
|
|
Vars: terraformVars,
|
|
// Environment variables to set when running Terraform
|
|
EnvVars: map[string]string{
|
|
"AWS_DEFAULT_REGION": region,
|
|
},
|
|
RetryableTerraformErrors: retryableTerraformErrors,
|
|
})
|
|
return terraformOptions
|
|
}
|
|
|
|
func setupKeyPair(t *testing.T, directory string, region string, owner string) *aws.Ec2Keypair {
|
|
// Create an EC2 KeyPair that we can find in the module
|
|
uniqueID := random.UniqueId()
|
|
keyPairName := fmt.Sprintf("terraform-aws-access-test-%s-%s", directory, uniqueID)
|
|
keyPair := aws.CreateAndImportEC2KeyPair(t, region, keyPairName)
|
|
// tag the key pair
|
|
client, err1 := aws.NewEc2ClientE(t, region)
|
|
require.NoError(t, err1)
|
|
input := &ec2.DescribeKeyPairsInput{
|
|
KeyNames: []*string{a.String(keyPairName)},
|
|
}
|
|
result, err2 := client.DescribeKeyPairs(input)
|
|
require.NoError(t, err2)
|
|
aws.AddTagsToResource(t, region, *result.KeyPairs[0].KeyPairId, map[string]string{"Name": keyPairName, "Owner": owner})
|
|
return keyPair
|
|
}
|
|
|
|
func teardownKeyPair(t *testing.T, keyPair *aws.Ec2Keypair) {
|
|
aws.DeleteEC2KeyPair(t, keyPair)
|
|
}
|
|
|
|
func setupSecurityGroup(t *testing.T, directory string, region string, owner string) (string, string) {
|
|
// Create an EC2 Security Group that we can find in the module
|
|
uniqueID := random.UniqueId()
|
|
name := fmt.Sprintf("terraform-aws-access-test-%s-%s", directory, uniqueID)
|
|
// assume we are attaching to a default VPC
|
|
vpc := aws.GetDefaultVpc(t, region)
|
|
|
|
client, err1 := aws.NewEc2ClientE(t, region)
|
|
require.NoError(t, err1)
|
|
securityGroupInput := &ec2.CreateSecurityGroupInput{
|
|
Description: a.String(name),
|
|
GroupName: a.String(name),
|
|
VpcId: a.String(vpc.Id),
|
|
}
|
|
securityGroup, err2 := client.CreateSecurityGroup(securityGroupInput)
|
|
require.NoError(t, err2)
|
|
aws.AddTagsToResource(t, region, *securityGroup.GroupId, map[string]string{"Name": name, "Owner": owner})
|
|
securityGroupRuleInput := &ec2.AuthorizeSecurityGroupEgressInput{
|
|
GroupId: securityGroup.GroupId,
|
|
IpPermissions: []*ec2.IpPermission{
|
|
{
|
|
FromPort: a.Int64(80),
|
|
IpProtocol: a.String("tcp"),
|
|
IpRanges: []*ec2.IpRange{
|
|
{
|
|
CidrIp: a.String("10.0.0.0/16"),
|
|
},
|
|
},
|
|
ToPort: a.Int64(80),
|
|
},
|
|
},
|
|
}
|
|
_, err3 := client.AuthorizeSecurityGroupEgress(securityGroupRuleInput)
|
|
require.NoError(t, err3)
|
|
return *securityGroup.GroupId, name
|
|
}
|
|
|
|
func teardownSecurityGroup(t *testing.T, region string, securityGroupId string) {
|
|
client, err1 := aws.NewEc2ClientE(t, region)
|
|
require.NoError(t, err1)
|
|
input := &ec2.DeleteSecurityGroupInput{
|
|
GroupId: a.String(securityGroupId),
|
|
}
|
|
_, err2 := client.DeleteSecurityGroup(input)
|
|
require.NoError(t, err2)
|
|
}
|