test: add terratest infrastructure and module integration tests#117
Merged
test: add terratest infrastructure and module integration tests#117
Conversation
…modules **Added:** - Introduced `.github/workflows/terratest.yaml` workflow to run module-level Terratest integration tests for `terraform-aws-net` and `terraform-aws-instance-factory` - Added `.github/workflows/semgrep.yaml` for automated security analysis on pull requests, merges, and scheduled runs - Added module-specific `go.mod` and `go.sum` for Terratest dependencies to both `terraform-aws-instance-factory/test` and `terraform-aws-net/test` - Implemented complete Go test suite for `terraform-aws-instance-factory`: - Extensive helpers for AWS resource setup, teardown, validation, and cleanup - Automated tests for instance, ASG, and storage configurations - Robust cleanup logic for EC2, IAM, VPC, network, and security resources - Types and validation logic for structured test configurations - Implemented Go test suite for `terraform-aws-net` with validation for VPC, subnets, NAT, route tables, and VPC endpoints - Added `.hooks/terratest.sh` helper script for running module Terratests locally - New pre-commit hooks for Go module test formatting, vetting, and build checks - Security comments and guidance for `meta-labeler.yaml` referencing recent GitHub Actions security CVEs **Changed:** - Updated `.github/workflows/goreleaser.yaml` to only trigger on tags matching semantic version patterns (`vX.Y.Z`) - Enhanced caching and environment variable handling in `.github/workflows/syntax-check.yaml` for better reliability - Improved variable passing for dependency installation, collection builds, and pip requirements in syntax check workflow - Expanded pre-commit config to run `gofmt`, `go vet`, and build checks on all module test directories
dreadnode-renovate-bot
Bot
added
area/github
**Removed:** - Eliminated setting of `aws-access-key-id`, `aws-secret-access-key`, and `aws-session-token` from OIDC role steps, as these secrets are not required when using OIDC authentication in the terratest GitHub Actions workflow
**Changed:** - Added `environment: terratest` to terratest jobs to specify deployment environment in the GitHub Actions workflow, supporting environment-specific controls and visibility for the `net` and `instance-factory` test jobs
**Changed:** - Updated `returntocorp/semgrep` container image to v1.160.0 in the Semgrep workflow for improved security and features - Changed concurrency `cancel-in-progress` logic to only apply on pull requests in the Semgrep workflow to prevent cancellation on other event types - Added SARIF upload step using `github/codeql-action/upload-sarif` for security integration with GitHub in the Semgrep workflow - Updated `aws-actions/configure-aws-credentials` action to v6.1.0 in the Terratest workflow for both jobs to leverage the latest improvements and fixes
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Key Changes:
Added:
modules/terraform-aws-instance-factory/testandmodules/terraform-aws-net/testto cover EC2, ASG, storage, and networkingscenarios with AWS SDK v2 and Terratest.
handling, and output validation.
ASGs, subnets, security groups, IAM roles/profiles, etc.).
go.mod,go.sum) for test dependencies.gofmt,go vet, andgo buildon all module testdirectories to enforce code quality.
.github/workflows/terratest.yamlto run Terratest on PRs, pushes,schedules, and merge groups.
control and AWS OIDC credentials.
Changed:
precision.
vX.Y.Ztags, reducing noise.unsafe usage.