Skip to content

Commit 4cf4bd6

Browse files
rberlindrberlind
authored
Merge pull request hashicorp#122 from hashicorp/add-0.12-mocks
Add 0.12 test cases and mocks
2 parents fcd65d3 + bbccc95 commit 4cf4bd6

File tree

150 files changed

+12519
-235
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

150 files changed

+12519
-235
lines changed

governance/second-generation/README.md

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,11 @@ Also be sure to temporarily set the attributes you are testing to be computed in
4444
### Policies that Use the tfconfig or tfstate Imports
4545
Most of the second-generation policies and functions currently use the `tfplan` import. However, the cloud-agnostic policy [prevent-remote-exec-provisioners-on-null-resources](./cloud-agnostic/prevent-remote-exec-provisioners-on-null-resources.sentinel) policy uses the `tfconfig` import while the Azure policy [restrict-publishers-of-current-vms](./azure/restrict-publishers-of-current-vms.sentinel) policy uses the `tfstate` import.
4646

47-
New policies that use the tfconfig import will require the addition of mock-tfconfig-pass.sentinel and mock-tfconfig-fail.sentinel files that mock the configuration of relevant resources. Policies that use the tfstate import will require the addition of mock-tfstate-pass.sentinel and mock-tfstate-fail.sentinel files that mock the state of relevant resources. The pass.json and fail.json files would have to be modified to refer to these additional mock files. You can look at the test cases of the two policies mentioned to see how these files should be configured.
47+
New policies that use the tfconfig import will require the addition of pass-0.11.json, pass-0.12.json, fail-0.11.json, fail-0.12.json, mock-tfconfig-pass-0.11.sentinel, mock-tfconfig-pass-0.12.sentinel, mock-tfconfig-fail-0.11.sentinel and mock-tfconfig-fail0.12.sentinel files that mock the configuration of relevant resources.
48+
49+
Policies that use the tfstate import will require the addition of pass-0.11.json, pass-0.12.json, fail-0.11.json, fail-0.12.json, mock-tfstate-pass-0.11.sentinel, mock-tfstate-pass-0.12.sentinel, mock-tfstate-fail-0.11.sentinel and mock-tfstate-fail0.12.sentinel files that mock the state of relevant resources.
50+
51+
You can look at the test cases of the two policies mentioned to see how these files should be configured. Note that unlike the `tfplan` and `tfstate` imports, the `tfconfig` import does not have a `terraform_version` key; however, you should still generate 0.11 and 0.12 test cases and mocks since the mocks generated from Terraform 0.12 plans will differ from those generated from 0.11 plans.
4852

4953
## Terraform Support
50-
These policies have been fully tested with Terraform 0.11.14. Only limited testing has been done with Terraform 0.12.
54+
Most of these policies have been tested with Terraform 0.11.13 or 0.11.14 and 0.12.3.

governance/second-generation/aws/test/enforce-mandatory-tags/fail.json renamed to governance/second-generation/aws/test/enforce-mandatory-tags/fail-0.11.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"mock": {
3-
"tfplan": "mock-tfplan-fail.sentinel"
3+
"tfplan": "mock-tfplan-fail-0.11.sentinel"
44
},
55
"test": {
66
"main": false

governance/second-generation/aws/test/require-private-acl-and-kms-for-s3-buckets/fail-kms.json renamed to governance/second-generation/aws/test/enforce-mandatory-tags/fail-0.12.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
{
22
"mock": {
3-
"tfplan": "mock-tfplan-fail-kms.sentinel"
3+
"tfplan": "mock-tfplan-fail-0.12.sentinel"
44
},
55
"test": {
66
"main": false

governance/second-generation/aws/test/enforce-mandatory-tags/mock-tfplan-fail.sentinel renamed to governance/second-generation/aws/test/enforce-mandatory-tags/mock-tfplan-fail-0.11.sentinel

File renamed without changes.

governance/second-generation/aws/test/enforce-mandatory-tags/mock-tfplan-fail-0.12.sentinel

Lines changed: 297 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,297 @@
1+
import "strings"
2+
import "types"
3+
4+
_modules = {
5+
"root": {
6+
"data": {},
7+
"path": [],
8+
"resources": {
9+
"aws_instance": {
10+
"ubuntu": {
11+
0: {
12+
"applied": {
13+
"ami": "ami-2e1ef954",
14+
"associate_public_ip_address": true,
15+
"availability_zone": "us-east-1b",
16+
"credit_specification": [],
17+
"disable_api_termination": null,
18+
"ebs_optimized": null,
19+
"get_password_data": false,
20+
"iam_instance_profile": null,
21+
"instance_initiated_shutdown_behavior": null,
22+
"instance_type": "m5.large",
23+
"key_name": "roger-vault",
24+
"monitoring": null,
25+
"source_dest_check": true,
26+
"tags": {
27+
"Name": "roger-ec2-demo",
28+
"owner": "[email protected]",
29+
},
30+
"timeouts": null,
31+
"user_data": null,
32+
"user_data_base64": null,
33+
},
34+
"diff": {
35+
"ami": {
36+
"computed": false,
37+
"new": "ami-2e1ef954",
38+
"old": "",
39+
},
40+
"arn": {
41+
"computed": true,
42+
"new": "",
43+
"old": "",
44+
},
45+
"associate_public_ip_address": {
46+
"computed": false,
47+
"new": "true",
48+
"old": "",
49+
},
50+
"availability_zone": {
51+
"computed": false,
52+
"new": "us-east-1b",
53+
"old": "",
54+
},
55+
"cpu_core_count": {
56+
"computed": true,
57+
"new": "",
58+
"old": "",
59+
},
60+
"cpu_threads_per_core": {
61+
"computed": true,
62+
"new": "",
63+
"old": "",
64+
},
65+
"credit_specification.#": {
66+
"computed": false,
67+
"new": "0",
68+
"old": "",
69+
},
70+
"disable_api_termination": {
71+
"computed": false,
72+
"new": "",
73+
"old": "",
74+
},
75+
"ebs_block_device.#": {
76+
"computed": true,
77+
"new": "",
78+
"old": "",
79+
},
80+
"ebs_optimized": {
81+
"computed": false,
82+
"new": "",
83+
"old": "",
84+
},
85+
"ephemeral_block_device.#": {
86+
"computed": true,
87+
"new": "",
88+
"old": "",
89+
},
90+
"get_password_data": {
91+
"computed": false,
92+
"new": "false",
93+
"old": "",
94+
},
95+
"host_id": {
96+
"computed": true,
97+
"new": "",
98+
"old": "",
99+
},
100+
"iam_instance_profile": {
101+
"computed": false,
102+
"new": "",
103+
"old": "",
104+
},
105+
"id": {
106+
"computed": true,
107+
"new": "",
108+
"old": "",
109+
},
110+
"instance_initiated_shutdown_behavior": {
111+
"computed": false,
112+
"new": "",
113+
"old": "",
114+
},
115+
"instance_state": {
116+
"computed": true,
117+
"new": "",
118+
"old": "",
119+
},
120+
"instance_type": {
121+
"computed": false,
122+
"new": "m5.large",
123+
"old": "",
124+
},
125+
"ipv6_address_count": {
126+
"computed": true,
127+
"new": "",
128+
"old": "",
129+
},
130+
"ipv6_addresses.#": {
131+
"computed": true,
132+
"new": "",
133+
"old": "",
134+
},
135+
"key_name": {
136+
"computed": false,
137+
"new": "roger-vault",
138+
"old": "",
139+
},
140+
"monitoring": {
141+
"computed": false,
142+
"new": "",
143+
"old": "",
144+
},
145+
"network_interface.#": {
146+
"computed": true,
147+
"new": "",
148+
"old": "",
149+
},
150+
"network_interface_id": {
151+
"computed": true,
152+
"new": "",
153+
"old": "",
154+
},
155+
"password_data": {
156+
"computed": true,
157+
"new": "",
158+
"old": "",
159+
},
160+
"placement_group": {
161+
"computed": true,
162+
"new": "",
163+
"old": "",
164+
},
165+
"primary_network_interface_id": {
166+
"computed": true,
167+
"new": "",
168+
"old": "",
169+
},
170+
"private_dns": {
171+
"computed": true,
172+
"new": "",
173+
"old": "",
174+
},
175+
"private_ip": {
176+
"computed": true,
177+
"new": "",
178+
"old": "",
179+
},
180+
"public_dns": {
181+
"computed": true,
182+
"new": "",
183+
"old": "",
184+
},
185+
"public_ip": {
186+
"computed": true,
187+
"new": "",
188+
"old": "",
189+
},
190+
"root_block_device.#": {
191+
"computed": true,
192+
"new": "",
193+
"old": "",
194+
},
195+
"security_groups.#": {
196+
"computed": true,
197+
"new": "",
198+
"old": "",
199+
},
200+
"source_dest_check": {
201+
"computed": false,
202+
"new": "true",
203+
"old": "",
204+
},
205+
"subnet_id": {
206+
"computed": true,
207+
"new": "",
208+
"old": "",
209+
},
210+
"tags.%": {
211+
"computed": false,
212+
"new": "2",
213+
"old": "",
214+
},
215+
"tags.Name": {
216+
"computed": false,
217+
"new": "roger-ec2-demo",
218+
"old": "",
219+
},
220+
"tags.owner": {
221+
"computed": false,
222+
"new": "[email protected]",
223+
"old": "",
224+
},
225+
"tenancy": {
226+
"computed": true,
227+
"new": "",
228+
"old": "",
229+
},
230+
"timeouts": {
231+
"computed": false,
232+
"new": "",
233+
"old": "",
234+
},
235+
"user_data": {
236+
"computed": false,
237+
"new": "",
238+
"old": "",
239+
},
240+
"user_data_base64": {
241+
"computed": false,
242+
"new": "",
243+
"old": "",
244+
},
245+
"volume_tags.%": {
246+
"computed": true,
247+
"new": "",
248+
"old": "",
249+
},
250+
"vpc_security_group_ids.#": {
251+
"computed": true,
252+
"new": "",
253+
"old": "",
254+
},
255+
},
256+
},
257+
},
258+
},
259+
},
260+
},
261+
}
262+
263+
module_paths = [
264+
[],
265+
]
266+
267+
terraform_version = "0.12.3"
268+
269+
variables = {
270+
"ami_id": "ami-2e1ef954",
271+
"aws_region": "us-east-1",
272+
"instance_type": "m5.large",
273+
"key_name": "roger-vault",
274+
"name": "roger-ec2-demo",
275+
}
276+
277+
module = func(path) {
278+
if types.type_of(path) is not "list" {
279+
error("expected list, got", types.type_of(path))
280+
}
281+
282+
if length(path) < 1 {
283+
return _modules.root
284+
}
285+
286+
addr = []
287+
for path as p {
288+
append(addr, "module")
289+
append(addr, p)
290+
}
291+
292+
return _modules[strings.join(addr, ".")]
293+
}
294+
295+
data = _modules.root.data
296+
path = _modules.root.path
297+
resources = _modules.root.resources

governance/second-generation/aws/test/enforce-mandatory-tags/mock-tfplan-pass.sentinel renamed to governance/second-generation/aws/test/enforce-mandatory-tags/mock-tfplan-pass-0.11.sentinel

File renamed without changes.

0 commit comments

Comments
 (0)