def test_resource_name_matches_regex(self):
validator = t.Validator(os.path.join(self.path, "fixtures/resource_name"))
validator.resources('aws_foo').name_should_match_regex('^[a-z0-9_]*$')
expected_error = self.error_list_format("[aws_instance.TEST_RESOURCE] name should match regex '^[a-z0-9_]*$'")
with self.assertRaisesRegexp(AssertionError,expected_error):
validator.resources('aws_instance').name_should_match_regex('^[a-z0-9_]*$')
def test_list_should_not_contain(self):
validator = t.Validator(os.path.join(self.path, "fixtures/list_variable"))
validator.resources("datadog_monitor").property("tags").list_should_not_contain(['foo:baz'])
validator.resources("datadog_monitor").property("tags").list_should_not_contain('foo:baz')
expected_error = self.error_list_format("[datadog_monitor.bar.tags] '['baz:biz', 'foo:bar']' should not contain '['foo:bar']'.")
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources("datadog_monitor").property("tags").list_should_not_contain('foo:bar')
def test_nested_multiple_variable_substitutions(self):
validator = t.Validator(os.path.join(self.path, "fixtures/multiple_variables"))
validator.enable_variable_expansion()
validator.resources('aws_instance').property('value_block').property('value').should_equal(21)
expected_error = self.error_list_format("[aws_instance.foo.value_block.value] should be '12'. Is: '21'")
with self.assertRaisesRegexp(AssertionError,expected_error):
validator.resources('aws_instance').property('value_block').property('value').should_equal(12)
def setUp(self):
# tfrules.sh provides the directory of the terraform files as argument
terraform_directory = sys.argv[1]
# Tell the module where to find your terraform configuration folder
self.path = terraform_directory
self.v = terraform_validate.Validator(self.path)
def setUp(self):
"""Tell the module where to find your terraform
configuration folder
"""
self.path = os.path.join(os.path.dirname(os.path.realpath(__file__)),
"../../")
self.v = terraform_validate.Validator(self.path)
def test_variable_has_default_value(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/default_variable"))
expected_error = self.error_list_format(
"Variable 'bar' should have a default value")
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.variable('bar').default_value_exists()
def test_boolean_equal(self):
validator = t.Validator(os.path.join(self.path, "fixtures/boolean_compare"))
values = [True, "true", "True"]
for i in range(1,5):
for value in values:
validator.resources("aws_db_instance").property("storage_encrypted{0}".format(i)).should_equal(value)
def init_terraform_files(step):
if len(sys.argv) <= 2:
raise Exception(
"Usage: radish <feature directory> <terraform files directory>")
tf_dir = os.path.join(os.path.abspath(sys.argv[2]))
step.context.validator = terraform_validate.Validator(tf_dir)
def test_parsing_variable_with_unimplemented_interpolation_function(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/unimplemented_interpolation"))
validator.enable_variable_expansion()
self.assertRaises(
t.TerraformUnimplementedInterpolationException,
validator.resources('aws_instance').property('value').should_equal,
'abc')
def test_resource_property_invalid_json(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/invalid_json"))
expected_error = self.error_list_format(
"[aws_s3_bucket.invalidjson.policy] is not valid json")
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_s3_bucket').property(
'policy').should_contain_valid_json()
def test_variable_default_value_matches_regex(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/default_variable"))
expected_error = self.error_list_format(
"Variable 'bizz' should have a default value that matches regex '^123'. Is: abc"
)
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.variable('bizz').default_value_matches_regex('^123')
def setUp(self):
# Tell the module where to find your terraform configuration folder
self.path = os.path.join(
os.path.dirname(
# os.path.realpath(__file__)), settings.TERRAFORM_LOCATION)
os.path.realpath(__file__)),
self.TERRAFORM_LOCATION)
self.v = terraform_validate.Validator(self.path)
def test_properties_on_nonexistant_resource_type(self):
required_properties = ['value', 'value2']
validator = t.Validator(
os.path.join(self.path, "fixtures/missing_variable"))
validator.assert_nested_resource_has_properties(
'aws_rds_instance', 'nested_resource', required_properties)
validator.resources('aws_rds_instance').property(
'nested_resource').should_have_properties(required_properties)
def test_with_nested_property(self):
validator = t.Validator(os.path.join(self.path, "fixtures/with_property"))
expected_error = self.error_list_format("[aws_s3_bucket.tagged_bucket.policy] is not valid json")
tagged_buckets = validator.resources("aws_s3_bucket").with_property("tags", ".*'CustomTag':.*'CustomValue'.*")
with self.assertRaisesRegexp(AssertionError, expected_error):
tagged_buckets.property("policy").should_contain_valid_json()
def test_with_property(self):
validator = t.Validator(os.path.join(self.path, "fixtures/with_property"))
expected_error = self.error_list_format("[aws_s3_bucket.private_bucket.policy] is not valid json")
private_buckets = validator.resources("aws_s3_bucket").with_property("acl", "private")
with self.assertRaisesRegexp(AssertionError, expected_error):
private_buckets.property("policy").should_contain_valid_json()
def test_resource_property_value_matches_regex(self):
validator = t.Validator(os.path.join(self.path, "fixtures/resource"))
validator.resources('aws_instance').property('value').should_match_regex('[0-9]')
expected_error = self.error_list_format([
"[aws_instance.bar.value] should match regex '[a-z]'",
"[aws_instance.foo.value] should match regex '[a-z]'"
])
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').property('value').should_match_regex('[a-z]')
def test_nested_resource_type_list(self):
validator = t.Validator(os.path.join(self.path, "fixtures/nested_resource"))
validator.resources(['aws_instance', 'aws_elb']).property('tags').property('value').should_equal(1)
expected_error = self.error_list_format([
"[aws_elb.foo.tags.value] should be '2'. Is: '1'",
"[aws_instance.foo.tags.value] should be '2'. Is: '1'"
])
with self.assertRaisesRegexp(AssertionError,expected_error):
validator.resources(['aws_instance', 'aws_elb']).property('tags').property('value').should_equal(2)
def test_resource_not_equals(self):
validator = t.Validator(os.path.join(self.path, "fixtures/resource"))
validator.resources('aws_instance').property('value').should_not_equal(0)
expected_error = self.error_list_format([
"[aws_instance.bar.value] should not be '1'. Is: '1'",
"[aws_instance.foo.value] should not be '1'. Is: '1'"
])
with self.assertRaisesRegexp(AssertionError,expected_error):
validator.resources('aws_instance').property('value').should_not_equal(1)
def test_lowercase_formatting_in_variable_substitution(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/lower_format_variable"))
validator.enable_variable_expansion()
validator.resources('aws_instance').property('value').should_equal(
'abc')
validator.resources('aws_instance2').property('value').should_equal(
'abcDEF')
def test_variable_substitution(self):
validator = t.Validator(os.path.join(self.path, "fixtures/variable_substitution"))
validator.enable_variable_expansion()
validator.resources('aws_instance').property('value').should_equal(1)
expected_error = self.error_list_format("[aws_instance.foo.value] should be '2'. Is: '1'")
with self.assertRaisesRegexp(AssertionError,expected_error):
validator.resources('aws_instance').property('value').should_equal(2)
validator.disable_variable_expansion()
validator.resources('aws_instance').property('value').should_equal('${var.test_variable}')
def test_nested_resource(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/nested_resource"))
validator.resources('aws_instance').property(
'nested_resource').property('value').should_equal(1)
expected_error = self.error_list_format(
"[aws_instance.foo.nested_resource.value] should be '2'. Is: '1'")
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').property(
'nested_resource').property('value').should_equal(2)
def test_searching_for_property_value_using_regex(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/regex_variables"))
validator.resources('aws_instance').find_property(
'^CPM_Service_[A-Za-z]+$').should_equal(1)
expected_error = self.error_list_format(
"[aws_instance.foo.CPM_Service_wibble] should be '2'. Is: '1'")
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').find_property(
'^CPM_Service_[A-Za-z]+$').should_equal(2)
def test_searching_for_property_on_nonexistant_nested_resource(self):
validator = t.Validator(os.path.join(self.path, "fixtures/resource"))
validator.error_if_property_missing()
expected_error = self.error_list_format([
"[aws_instance.bar] should have property: 'tags'",
"[aws_instance.foo] should have property: 'tags'"
])
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').property('tags').property(
'tagname').should_equal(1)
def test_missing_variable_substitution(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/missing_variable"))
validator.enable_variable_expansion()
expected_error = self.error_list_format(
"There is no Terraform variable 'missing'")
with self.assertRaisesRegexp(t.TerraformVariableException,
expected_error):
validator.resources('aws_instance').property('value').should_equal(
1)
def getValidatorGenerator(self, path, errorIfPropertyMissing=False):
preprocessor = t.PreProcessor(self.jsonOutput)
preprocessor.process(os.path.join(self.path, path))
validator = t.Validator()
validator.preprocessor = preprocessor
validator.isRuleOverridden = False
validator.overrides = []
if errorIfPropertyMissing:
validator.error_if_property_missing()
return validator.get_terraform_files(False)
def test_nested_resource_excluded_properties_with_list_input(self):
excluded_properties = ['value', 'value2']
non_excluded_properties = ['value3','value4']
validator = t.Validator(os.path.join(self.path, "fixtures/nested_resource"))
validator.resources('aws_instance').property('nested_resource').should_not_have_properties(non_excluded_properties)
expected_error = self.error_list_format([
"[aws_instance.foo.nested_resource] should not have property: 'value'",
"[aws_instance.foo.nested_resource] should not have property: 'value2'"
])
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').property('nested_resource').should_not_have_properties(excluded_properties)
def test_resource_excluded_properties_with_string_input(self):
excluded_property = 'value'
non_excluded_property = 'value3'
validator = t.Validator(os.path.join(self.path, "fixtures/resource"))
validator.resources('aws_instance').should_not_have_properties(non_excluded_property)
expected_error = self.error_list_format([
"[aws_instance.bar] should not have property: 'value'",
"[aws_instance.foo] should not have property: 'value'"
])
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').should_not_have_properties(excluded_property)
def test_nested_resource_required_properties_with_string_input(self):
required_property = 'value'
validator = t.Validator(os.path.join(self.path, "fixtures/nested_resource"))
validator.resources('aws_instance').property('nested_resource').should_have_properties(required_property)
required_property = 'def456'
expected_error = self.error_list_format([
"[aws_instance.foo.nested_resource] should have property: 'def456'"
])
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').property('nested_resource').should_have_properties(
required_property)
def test_resource_required_properties_with_list_input(self):
required_properties = ['value', 'value2']
validator = t.Validator(os.path.join(self.path, "fixtures/resource"))
validator.resources('aws_instance').should_have_properties(required_properties)
required_properties = ['value', 'value2', 'abc123','def456']
expected_error = self.error_list_format([
"[aws_instance.bar] should have property: 'abc123'",
"[aws_instance.bar] should have property: 'def456'",
"[aws_instance.foo] should have property: 'abc123'",
"[aws_instance.foo] should have property: 'def456'"
])
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.resources('aws_instance').should_have_properties(required_properties)
def test_variable_default_value_equals(self):
validator = t.Validator(
os.path.join(self.path, "fixtures/default_variable"))
validator.assert_variable_default_value_equals('foo', 1)
self.assertRaises(AssertionError,
validator.assert_variable_default_value_equals,
'foo', 2)
validator.assert_variable_default_value_equals('bar', None)
expected_error = self.error_list_format(
"Variable 'bar' should have a default value of 2. Is: None")
with self.assertRaisesRegexp(AssertionError, expected_error):
validator.variable('bar').default_value_equals(2)
validator.variable('bar').default_value_equals(None)
