我正试图通过terraform进行AWS资源调配,并计划为terraform代码提供一个带有terratest单元测试用例的CICD管道。我的问题是,我的基础设施中有CloudFront,创建大约需要20分钟,删除大约需要同时进行。我不希望CI构建只需要运行单元测试用例大约45分钟。
我发现localstack是为了模拟AWS环境,但没有找到将terratest指向localstack资源的方法。这就是我尝试的
- 创建了一个localstack docker容器
- 将terraform配置为指向提供程序部分中添加的localstack端点url
- 应用了terraform配置并验证了在localstack中创建的bucket
- 编写一个简单的terratest测试用例来断言bucket是否存在
Terraform代码如下,
terraform {
backend "s3" {
bucket = "<bucket-name>"
key = "state/terraform.tfstate"
region = "us-east-1"
profile = "default"
}
}
provider "aws" {
region = "us-east-1"
s3_force_path_style = true
skip_metadata_api_check = true
endpoints {
s3 = "http://localhost:4572"
}
}
resource "aws_s3_bucket" "test_bucket" {
bucket = "test-bucket"
acl = "public-read-write"
cors_rule {
allowed_headers = ["*"]
allowed_methods = ["GET", "HEAD", "PUT"]
allowed_origins = ["*"]
expose_headers = ["ETag"]
}
region = "us-east-1"
}
output "name" {
value = "${aws_s3_bucket.test_bucket.bucket}"
}
output "region" {
value = "${aws_s3_bucket.test_bucket.region}"
}
当执行下面给出的terratest测试用例时,在localstack中创建了一个bucket。但我找不到任何可以将terratest AWS模块指向localstack端点的api或配置。AssertS3BucketExists默认情况下检查存储桶的AWS环境,断言失败。
Terratest代码如下。
package aws
import (
"fmt"
"testing"
"github.com/gruntwork-io/terratest/modules/aws"
"github.com/gruntwork-io/terratest/modules/terraform"
)
func TestWebServer(t *testing.T) {
terraformOptions := &terraform.Options{
// The path to where your Terraform code is located
TerraformDir: ".",
}
terraform.InitAndApply(t, terraformOptions)
name := terraform.Output(t, terraformOptions, "name")
region := terraform.Output(t, terraformOptions, "region")
aws.AssertS3BucketExists(t, region, name)
如有任何帮助,我们将不胜感激。
要在不修改库的情况下使用terratest实现对AWS的模拟,可以使用类似moto的独立服务器模式。由于在terratest中没有(明显的(更改端点的方法,因此可能需要修改本地DNS解析以将端点指向本地moto服务器。
使用terratest,无法将模拟AWS注入库本身,因为用于连接到AWS的接口没有公开。
有一个正在工作的PR将让Terratest验证Localstack中的资源。
你可以用replace指令更新你的go.mod文件来测试它。
module github.com/GITHUB_USERNAME/REPO_NAME
go 1.15
require (
github.com/gruntwork-io/terratest v0.30.0
github.com/stretchr/testify v1.6.1
)
replace github.com/gruntwork-io/terratest v0.30.0 => github.com/ffernandezcast/terratest v0.28.6-0.20200915124510-25813206bebc
然后使用以下变量更新Terratest测试,为aws包配置自定义端点。
var LocalEndpoints = map[string]string{
"apigateway": "http://localhost:4566",
"cloudformation": "http://localhost:4566",
"cloudwatch": "http://localhost:4566",
"dynamodb": "http://localhost:4566",
"es": "http://localhost:4566",
"firehose": "http://localhost:4566",
"iam": "http://localhost:4566",
"kinesis": "http://localhost:4566",
"lambda": "http://localhost:4566",
"route53": "http://localhost:4566",
"redshift": "http://localhost:4566",
"s3": "http://localhost:4566",
"secretsmanager": "http://localhost:4566",
"ses": "http://localhost:4566",
"sns": "http://localhost:4566",
"sqs": "http://localhost:4566",
"ssm": "http://localhost:4566",
"stepfunctions": "http://localhost:4566",
"sts": "http://localhost:4566",
}
aws.SetAwsEndpointsOverrides(LocalEndpoints)
然后,运行go test,Terratest现在将验证LocalStack中的资源。我在这里详细介绍了更多https://jq1.io/posts/go_mod_terratest_localstack/.
希望该PR能很快合并到Terratestmaster分支中。
~jq1