From 19920246656bde821dd6e4622648864c8db60ee1 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Thu, 18 Sep 2025 10:48:36 +0100 Subject: [PATCH 1/2] fix(deps): update DA dependencies + example / tests cleanup --- README.md | 2 +- examples/{complete => advanced}/README.md | 6 +- examples/{complete => advanced}/main.tf | 15 +- examples/{complete => advanced}/outputs.tf | 0 examples/{complete => advanced}/provider.tf | 0 examples/{complete => advanced}/variables.tf | 17 - examples/{complete => advanced}/version.tf | 0 examples/fscloud/README.md | 3 +- examples/fscloud/main.tf | 43 +-- ibm_catalog.json | 8 +- tests/other_test.go | 31 +- tests/pr_test.go | 376 ++----------------- 12 files changed, 83 insertions(+), 418 deletions(-) rename examples/{complete => advanced}/README.md (75%) rename examples/{complete => advanced}/main.tf (89%) rename examples/{complete => advanced}/outputs.tf (100%) rename examples/{complete => advanced}/provider.tf (100%) rename examples/{complete => advanced}/variables.tf (72%) rename examples/{complete => advanced}/version.tf (100%) diff --git a/README.md b/README.md index 66e5c38f..277046e4 100644 --- a/README.md +++ b/README.md @@ -15,8 +15,8 @@ This module is used to create an IBM Cloud Event Notifications instance to filte * [Submodules](./modules) * [fscloud](./modules/fscloud) * [Examples](./examples) + * [Advanced example with BYOK encryption and CBR rules](./examples/advanced) * [Basic example](./examples/basic) - * [Complete example with BYOK encryption and CBR rules](./examples/complete) * [Financial Services Cloud profile example](./examples/fscloud) * [Contributing](#contributing) diff --git a/examples/complete/README.md b/examples/advanced/README.md similarity index 75% rename from examples/complete/README.md rename to examples/advanced/README.md index a61439c1..e1beced7 100644 --- a/examples/complete/README.md +++ b/examples/advanced/README.md @@ -1,10 +1,10 @@ -# Complete example with BYOK encryption and CBR rules +# Advanced example with BYOK encryption and CBR rules An end-to-end example that creates the following infrastructure: - A resource group, if one is not passed in. - A Key Protect instance with a root key. - An Event Notifications instance with bring-your-own-key encryption. -- An IBM Cloud Object Storage service instance and bucket to collect events that fail delivery. -- A Virtual Private Cloud (VPC). - Service credentials for the Event Notifications instance. +- An IBM Cloud Object Storage service instance and bucket to collect events that fail delivery. +- An Event Notifications webhook destination, topic and subscription. diff --git a/examples/complete/main.tf b/examples/advanced/main.tf similarity index 89% rename from examples/complete/main.tf rename to examples/advanced/main.tf index d6136bcf..c8706d33 100644 --- a/examples/complete/main.tf +++ b/examples/advanced/main.tf @@ -70,8 +70,19 @@ module "event_notification" { tags = var.resource_tags access_tags = var.access_tags service_endpoints = "public" - service_credential_names = var.service_credential_names - region = var.region + service_credential_names = { + "en_manager" : "Manager", + "en_writer" : "Writer", + "en_reader" : "Reader", + "en_channel_editor" : "Channel Editor", + "en_device_manager" : "Device Manager", + "en_event_source_manager" : "Event Source Manager", + "en_event_notifications_publisher" : "Event Notification Publisher", + "en_status_reporter" : "Status Reporter", + "en_email_sender" : "Email Sender", + "en_custom_email_status_reporter" : "Custom Email Status Reporter", + } + region = var.region # COS Related cos_integration_enabled = true cos_bucket_name = module.cos.bucket_name diff --git a/examples/complete/outputs.tf b/examples/advanced/outputs.tf similarity index 100% rename from examples/complete/outputs.tf rename to examples/advanced/outputs.tf diff --git a/examples/complete/provider.tf b/examples/advanced/provider.tf similarity index 100% rename from examples/complete/provider.tf rename to examples/advanced/provider.tf diff --git a/examples/complete/variables.tf b/examples/advanced/variables.tf similarity index 72% rename from examples/complete/variables.tf rename to examples/advanced/variables.tf index 134f94fb..cafd221d 100644 --- a/examples/complete/variables.tf +++ b/examples/advanced/variables.tf @@ -44,20 +44,3 @@ variable "region" { description = "IBM Cloud region where event notification will be created, supported regions are: us-south (Dallas), eu-gb (London), eu-de (Frankfurt), au-syd (Sydney), eu-es (Madrid)" default = "us-south" } - -variable "service_credential_names" { - description = "Map of name, role for service credentials that you want to create for the event notification" - type = map(string) - default = { - "en_manager" : "Manager", - "en_writer" : "Writer", - "en_reader" : "Reader", - "en_channel_editor" : "Channel Editor", - "en_device_manager" : "Device Manager", - "en_event_source_manager" : "Event Source Manager", - "en_event_notifications_publisher" : "Event Notification Publisher", - "en_status_reporter" : "Status Reporter", - "en_email_sender" : "Email Sender", - "en_custom_email_status_reporter" : "Custom Email Status Reporter", - } -} diff --git a/examples/complete/version.tf b/examples/advanced/version.tf similarity index 100% rename from examples/complete/version.tf rename to examples/advanced/version.tf diff --git a/examples/fscloud/README.md b/examples/fscloud/README.md index ad369515..8ba64913 100644 --- a/examples/fscloud/README.md +++ b/examples/fscloud/README.md @@ -7,8 +7,7 @@ The example uses the IBM Cloud Terraform provider to create the following infras - A resource group, if one is not passed in. - An IAM authorization between all Event Notification instances in the given resource group and the KMS instance that is passed in. - An Event Notification instance that is encrypted with the KMS root key that is passed in. -- A sample virtual private cloud (VPC). -- A context-based restriction (CBR) rule to only allow Event Notification to be accessible from VPC and Schematics. +- A context-based restriction (CBR) rule to only allow Event Notification to be accessible Schematics. :exclamation: **Important:** In this example, only the Event Notification instance complies with the IBM Cloud Framework for Financial Services. Other parts of the infrastructure do not necessarily comply. diff --git a/examples/fscloud/main.tf b/examples/fscloud/main.tf index 802d54ea..e87cd2ff 100644 --- a/examples/fscloud/main.tf +++ b/examples/fscloud/main.tf @@ -18,38 +18,9 @@ data "ibm_iam_account_settings" "iam_account_settings" { } ############################################################################## -# VPC -############################################################################## -resource "ibm_is_vpc" "example_vpc" { - name = "${var.prefix}-vpc" - resource_group = module.resource_group.resource_group_id - tags = var.resource_tags -} - -resource "ibm_is_subnet" "testacc_subnet" { - name = "${var.prefix}-subnet" - vpc = ibm_is_vpc.example_vpc.id - zone = "${var.region}-1" - total_ipv4_address_count = 256 - resource_group = module.resource_group.resource_group_id -} - -############################################################################## -# Create CBR Zone +# Create CBR Zone for Schematics ############################################################################## -module "cbr_vpc_zone" { - source = "terraform-ibm-modules/cbr/ibm//modules/cbr-zone-module" - version = "1.33.2" - name = "${var.prefix}-VPC-network-zone" - zone_description = "CBR Network zone representing VPC" - account_id = data.ibm_iam_account_settings.iam_account_settings.account_id - addresses = [{ - type = "vpc", - value = ibm_is_vpc.example_vpc.crn - }] -} - module "cbr_zone_schematics" { source = "terraform-ibm-modules/cbr/ibm//modules/cbr-zone-module" version = "1.33.2" @@ -132,20 +103,10 @@ module "event_notification" { cos_endpoint = "https://${module.cos.buckets[local.bucket_name].s3_endpoint_direct}" cbr_rules = [ { - description = "${var.prefix}-event notification access from vpc and schematics" + description = "${var.prefix}-event notification access from schematics" enforcement_mode = "enabled" account_id = data.ibm_iam_account_settings.iam_account_settings.account_id rule_contexts = [{ - attributes = [ - { - name = "endpointType", - value = "private" - }, - { - name = "networkZoneId" - value = module.cbr_vpc_zone.zone_id - }] - }, { attributes = [ { name = "endpointType", diff --git a/ibm_catalog.json b/ibm_catalog.json index 0e709e78..f36c2993 100644 --- a/ibm_catalog.json +++ b/ibm_catalog.json @@ -696,7 +696,7 @@ ], "optional": true, "on_by_default": false, - "version": "v3.0.7" + "version": "v3.0.23" }, { "name": "deploy-arch-ibm-cloud-monitoring", @@ -729,7 +729,7 @@ ], "optional": true, "on_by_default": true, - "version": "v1.6.4" + "version": "v1.7.2" }, { "name": "deploy-arch-ibm-kms", @@ -765,7 +765,7 @@ ], "optional": true, "on_by_default": true, - "version": "v5.1.19" + "version": "v5.1.27" }, { "name": "deploy-arch-ibm-cos", @@ -797,7 +797,7 @@ ], "optional": true, "on_by_default": true, - "version": "v10.2.1" + "version": "v10.2.21" } ], "dependency_version_2": true, diff --git a/tests/other_test.go b/tests/other_test.go index ee69e5f4..44b075d6 100644 --- a/tests/other_test.go +++ b/tests/other_test.go @@ -2,17 +2,44 @@ package test import ( + "math/rand" "testing" "github.com/stretchr/testify/assert" + "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper" ) -const basicExampleDir = "examples/basic" +func setupExampleOptions(t *testing.T, prefix string, dir string) *testhelper.TestOptions { + + options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{ + Testing: t, + TerraformDir: dir, + Prefix: prefix, + /* + Comment out the 'ResourceGroup' input to force this tests to create a unique resource group. This is because + there is a restriction with the Event Notification service, which allows only one Lite plan instance per resource group. + */ + // ResourceGroup: resourceGroup, + Region: validRegions[rand.Intn(len(validRegions))], + }) + + return options +} func TestRunBasicExample(t *testing.T) { t.Parallel() - options := setupOptions(t, "en-basic", basicExampleDir) + options := setupExampleOptions(t, "en-basic", basicExampleDir) + + output, err := options.RunTestConsistency() + assert.Nil(t, err, "This should not have errored") + assert.NotNil(t, output, "Expected some output") +} + +func TestRunAdvancedExample(t *testing.T) { + t.Parallel() + + options := setupExampleOptions(t, "en-adv", advancedExampleDir) output, err := options.RunTestConsistency() assert.Nil(t, err, "This should not have errored") diff --git a/tests/pr_test.go b/tests/pr_test.go index 1cb37eff..1aca3e42 100644 --- a/tests/pr_test.go +++ b/tests/pr_test.go @@ -9,32 +9,26 @@ import ( "log" "math/rand" "os" - "strings" "testing" - "github.com/gruntwork-io/terratest/modules/files" - "github.com/gruntwork-io/terratest/modules/logger" - "github.com/gruntwork-io/terratest/modules/random" - "github.com/gruntwork-io/terratest/modules/terraform" - "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/common" - "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper" "github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testschematic" ) -const completeExampleDir = "examples/complete" +/* +Global variables +*/ +const advancedExampleDir = "examples/advanced" +const basicExampleDir = "examples/basic" const fsExampleDir = "examples/fscloud" const secEnforcedDir = "solutions/security-enforced" const fullyConfigurableDADir = "solutions/fully-configurable" - -// Use existing group for tests +const terraformVersion = "terraform_v1.10" // This should match the version in the ibm_catalog.json const resourceGroup = "geretain-test-event-notifications" - const yamlLocation = "../common-dev-assets/common-go-assets/common-permanent-resources.yaml" -// Current supported EN region var validRegions = []string{ "us-south", "eu-de", @@ -42,7 +36,6 @@ var validRegions = []string{ "eu-gb", "au-syd", } - var permanentResources map[string]interface{} // TestMain will be run before any parallel tests, used to read data from yaml for use with tests @@ -57,75 +50,34 @@ func TestMain(m *testing.M) { os.Exit(m.Run()) } -func setupOptions(t *testing.T, prefix string, dir string) *testhelper.TestOptions { - - options := testhelper.TestOptionsDefaultWithVars(&testhelper.TestOptions{ - Testing: t, - TerraformDir: dir, - Prefix: prefix, - /* - Comment out the 'ResourceGroup' input to force this tests to create a unique resource group. This is because - there is a restriction with the Event Notification service, which allows only one Lite plan instance per resource group. - */ - // ResourceGroup: resourceGroup, - Region: validRegions[rand.Intn(len(validRegions))], - }) - - return options -} - -func TestBasicFullyConfigurableInSchematics(t *testing.T) { +func TestFSCloudInSchematics(t *testing.T) { t.Parallel() var region = validRegions[rand.Intn(len(validRegions))] options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ Testing: t, - Prefix: "en-basic", + Prefix: "en-fs", TarIncludePatterns: []string{ "*.tf", - fullyConfigurableDADir + "/*.tf", + fsExampleDir + "/*.tf", + "modules/fscloud/*.tf", }, ResourceGroup: resourceGroup, - TemplateFolder: fullyConfigurableDADir, + TemplateFolder: fsExampleDir, Tags: []string{"test-schematic"}, DeleteWorkspaceOnFail: false, WaitJobCompleteMinutes: 60, + TerraformVersion: terraformVersion, }) options.TerraformVars = []testschematic.TestSchematicTerraformVar{ {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, - {Name: "prefix", Value: options.Prefix, DataType: "string"}, {Name: "region", Value: region, DataType: "string"}, - } - - err := options.RunSchematicTest() - assert.Nil(t, err, "This should not have errored") -} - -func TestCompleteExampleInSchematics(t *testing.T) { - t.Parallel() - - var region = validRegions[rand.Intn(len(validRegions))] - - options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ - Testing: t, - Prefix: "en-complete", - TarIncludePatterns: []string{ - "*.tf", - completeExampleDir + "/*.tf", - }, - ResourceGroup: resourceGroup, - TemplateFolder: completeExampleDir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 60, - }) - - options.TerraformVars = []testschematic.TestSchematicTerraformVar{ - {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, {Name: "prefix", Value: options.Prefix, DataType: "string"}, - {Name: "region", Value: region, DataType: "string"}, + {Name: "existing_kms_instance_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"}, + {Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_private_endpoint"], DataType: "string"}, + {Name: "root_key_crn", Value: permanentResources["hpcs_south_root_key_crn"], DataType: "string"}, {Name: "access_tags", Value: permanentResources["accessTags"], DataType: "list"}, } @@ -150,6 +102,7 @@ func TestSecurityEnforcedDAInSchematics(t *testing.T) { Tags: []string{"test-schematic"}, DeleteWorkspaceOnFail: false, WaitJobCompleteMinutes: 60, + TerraformVersion: terraformVersion, }) serviceCredentialSecrets := []map[string]interface{}{ @@ -200,145 +153,33 @@ func TestSecurityEnforcedDAInSchematics(t *testing.T) { assert.Nil(t, err, "This should not have errored") } -func TestFullyConfigurableDAInSchematics(t *testing.T) { - t.Parallel() - - var region = validRegions[rand.Intn(len(validRegions))] - - options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ - Testing: t, - Prefix: "en-da", - TarIncludePatterns: []string{ - "*.tf", - fullyConfigurableDADir + "/*.tf", - }, - TemplateFolder: fullyConfigurableDADir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 60, - }) - - serviceCredentialSecrets := []map[string]interface{}{ - { - "secret_group_name": fmt.Sprintf("%s-secret-group", options.Prefix), - "service_credentials": []map[string]string{ - { - "secret_name": fmt.Sprintf("%s-cred-reader", options.Prefix), - "service_credentials_source_service_role_crn": "crn:v1:bluemix:public:iam::::serviceRole:Reader", - }, - { - "secret_name": fmt.Sprintf("%s-cred-writer", options.Prefix), - "service_credentials_source_service_role_crn": "crn:v1:bluemix:public:iam::::serviceRole:Writer", - }, - { - "secret_name": fmt.Sprintf("%s-cred-editor", options.Prefix), - "service_credentials_source_service_role_crn": "crn:v1:bluemix:public:iam::::role:Editor", - }, - }, - }, - } - - serviceCredentialNames := map[string]string{ - "admin": "Manager", - "user1": "Writer", - "user2": "Reader", - } - - serviceCredentialNamesJSON, err := json.Marshal(serviceCredentialNames) - if err != nil { - log.Fatalf("Error converting to JSON: %s", err) - } - - options.TerraformVars = []testschematic.TestSchematicTerraformVar{ - {Name: "prefix", Value: options.Prefix, DataType: "string"}, - {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, - {Name: "region", Value: region, DataType: "string"}, - {Name: "existing_resource_group_name", Value: permanentResources["general_test_storage_cos_instance_resource_group"], DataType: "string"}, - - {Name: "kms_encryption_enabled", Value: true, DataType: "bool"}, - {Name: "existing_kms_instance_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"}, - {Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_private_endpoint"], DataType: "string"}, - - {Name: "enable_collecting_failed_events", Value: true, DataType: "bool"}, - {Name: "existing_cos_instance_crn", Value: permanentResources["general_test_storage_cos_instance_crn"], DataType: "string"}, - {Name: "cos_bucket_region", Value: "us-south", DataType: "string"}, - - {Name: "existing_secrets_manager_instance_crn", Value: permanentResources["secretsManagerCRN"], DataType: "string"}, - {Name: "service_credential_secrets", Value: serviceCredentialSecrets, DataType: "list(object)"}, - {Name: "service_credential_names", Value: string(serviceCredentialNamesJSON), DataType: "map(string)"}, - } - - err = options.RunSchematicTest() - assert.Nil(t, err, "This should not have errored") -} - -func TestFSCloudInSchematics(t *testing.T) { - t.Parallel() - - var region = validRegions[rand.Intn(len(validRegions))] - - options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ - Testing: t, - Prefix: "en-fs", - TarIncludePatterns: []string{ - "*.tf", - fsExampleDir + "/*.tf", - "modules/fscloud/*.tf", - }, - ResourceGroup: resourceGroup, - TemplateFolder: fsExampleDir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 60, - }) - - options.TerraformVars = []testschematic.TestSchematicTerraformVar{ - {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, - {Name: "region", Value: region, DataType: "string"}, - {Name: "prefix", Value: options.Prefix, DataType: "string"}, - {Name: "existing_kms_instance_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"}, - {Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_private_endpoint"], DataType: "string"}, - {Name: "root_key_crn", Value: permanentResources["hpcs_south_root_key_crn"], DataType: "string"}, - {Name: "access_tags", Value: permanentResources["accessTags"], DataType: "list"}, - } - - err := options.RunSchematicTest() - assert.Nil(t, err, "This should not have errored") -} - func TestRunSecurityEnforcedUpgradeDASolution(t *testing.T) { t.Parallel() - prefix := "ensecupg" - var region = validRegions[rand.Intn(len(validRegions))] - - // Verify ibmcloud_api_key variable is set - checkVariable := "TF_VAR_ibmcloud_api_key" - val, present := os.LookupEnv(checkVariable) - require.True(t, present, checkVariable+" environment variable not set") - require.NotEqual(t, "", val, checkVariable+" environment variable is empty") - // ------------------------------------------------------------------------------------ // Deploy EN DA passing in existing RG, KMS and COS instances // ------------------------------------------------------------------------------------ options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ Testing: t, - Prefix: prefix, + Prefix: "ensecupg", TarIncludePatterns: []string{ "*.tf", fullyConfigurableDADir + "/*.tf", secEnforcedDir + "/*.tf", }, - TemplateFolder: secEnforcedDir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 60, + TemplateFolder: secEnforcedDir, + Tags: []string{"test-schematic"}, + DeleteWorkspaceOnFail: false, + WaitJobCompleteMinutes: 60, + Region: validRegions[rand.Intn(len(validRegions))], + CheckApplyResultForUpgrade: true, + TerraformVersion: terraformVersion, }) options.TerraformVars = []testschematic.TestSchematicTerraformVar{ {Name: "prefix", Value: options.Prefix, DataType: "string"}, {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, {Name: "existing_resource_group_name", Value: permanentResources["general_test_storage_cos_instance_resource_group"], DataType: "string"}, - {Name: "region", Value: region, DataType: "string"}, + {Name: "region", Value: options.Region, DataType: "string"}, {Name: "existing_kms_instance_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"}, {Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_public_endpoint"], DataType: "string"}, {Name: "existing_cos_instance_crn", Value: permanentResources["general_test_storage_cos_instance_crn"], DataType: "string"}, @@ -349,148 +190,13 @@ func TestRunSecurityEnforcedUpgradeDASolution(t *testing.T) { } } -func TestRunExistingResourcesInstances(t *testing.T) { - t.Parallel() - - // ------------------------------------------------------------------------------------ - // Provision existing resources first - // ------------------------------------------------------------------------------------ - - prefix := fmt.Sprintf("en-existing-%s", strings.ToLower(random.UniqueId())) - realTerraformDir := ".." - tempTerraformDir, _ := files.CopyTerraformFolderToTemp(realTerraformDir, fmt.Sprintf(prefix+"-%s", strings.ToLower(random.UniqueId()))) - existingRes := realTerraformDir + "/tests/existing-resources" - - // Verify ibmcloud_api_key variable is set - checkVariable := "TF_VAR_ibmcloud_api_key" - val, present := os.LookupEnv(checkVariable) - require.True(t, present, checkVariable+" environment variable not set") - require.NotEqual(t, "", val, checkVariable+" environment variable is empty") - logger.Log(t, "Tempdir: ", tempTerraformDir) - existingTerraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{ - TerraformDir: existingRes, - Vars: map[string]interface{}{ - "prefix": prefix, - "region": validRegions[rand.Intn(len(validRegions))], - }, - // Set Upgrade to true to ensure latest version of providers and modules are used by terratest. - // This is the same as setting the -upgrade=true flag with terraform. - Upgrade: true, - }) - terraform.WorkspaceSelectOrNew(t, existingTerraformOptions, prefix) - _, existErr := terraform.InitAndApplyE(t, existingTerraformOptions) - if existErr != nil { - assert.True(t, existErr == nil, "Init and Apply of temp existing resource failed") - } else { - - var region = validRegions[rand.Intn(len(validRegions))] - - // ------------------------------------------------------------------------------------ - // Deploy EN DA passing in existing RG and EN - // ------------------------------------------------------------------------------------ - - options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ - Testing: t, - Prefix: "enexres", - TarIncludePatterns: []string{ - "*.tf", - fullyConfigurableDADir + "/*.tf", - }, - TemplateFolder: fullyConfigurableDADir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 60, - }) - options.TerraformVars = []testschematic.TestSchematicTerraformVar{ - {Name: "prefix", Value: options.Prefix, DataType: "string"}, - {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, - {Name: "region", Value: region, DataType: "string"}, - {Name: "existing_resource_group_name", Value: permanentResources["general_test_storage_cos_instance_resource_group"], DataType: "string"}, - {Name: "existing_event_notifications_instance_crn", Value: terraform.Output(t, existingTerraformOptions, "event_notification_instance_crn"), DataType: "string"}, - } - err := options.RunSchematicTest() - assert.NoError(t, err, "TestRunExistingResourcesInstances using existing RG and EN Failed") - - // ------------------------------------------------------------------------------------ - // Deploy EN DA passing in existing RG, COS instance, Cloud Monitoring instance and KMS key - // ------------------------------------------------------------------------------------ - - options2 := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ - Testing: t, - Prefix: "enexres2", - TarIncludePatterns: []string{ - "*.tf", - fullyConfigurableDADir + "/*.tf", - }, - TemplateFolder: fullyConfigurableDADir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 60, - }) - options2.TerraformVars = []testschematic.TestSchematicTerraformVar{ - {Name: "prefix", Value: options.Prefix, DataType: "string"}, - {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, - {Name: "region", Value: region, DataType: "string"}, - {Name: "existing_resource_group_name", Value: permanentResources["general_test_storage_cos_instance_resource_group"], DataType: "string"}, - {Name: "kms_encryption_enabled", Value: true, DataType: "bool"}, - {Name: "existing_kms_root_key_crn", Value: terraform.Output(t, existingTerraformOptions, "key_crn"), DataType: "string"}, - {Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_private_endpoint"], DataType: "string"}, - {Name: "enable_collecting_failed_events", Value: true, DataType: "bool"}, - {Name: "existing_cos_instance_crn", Value: terraform.Output(t, existingTerraformOptions, "cos_crn"), DataType: "string"}, - {Name: "existing_monitoring_crn", Value: terraform.Output(t, existingTerraformOptions, "cloud_monitoring_crn"), DataType: "string"}, - } - err2 := options2.RunSchematicTest() - assert.NoError(t, err2, "TestRunExistingResourcesInstances using existing RG, COS instance, and KMS key Failed") - - // ------------------------------------------------------------------------------------ - // Deploy EN DA passing in existing RG, COS instance and KMS instance - // ------------------------------------------------------------------------------------ - options3 := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{ - Testing: t, - Prefix: "enexsres3", - TarIncludePatterns: []string{ - "*.tf", - fullyConfigurableDADir + "/*.tf", - }, - TemplateFolder: fullyConfigurableDADir, - Tags: []string{"test-schematic"}, - DeleteWorkspaceOnFail: false, - WaitJobCompleteMinutes: 60, - }) - options3.TerraformVars = []testschematic.TestSchematicTerraformVar{ - {Name: "prefix", Value: options3.Prefix, DataType: "string"}, - {Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true}, - {Name: "region", Value: region, DataType: "string"}, - {Name: "existing_resource_group_name", Value: permanentResources["general_test_storage_cos_instance_resource_group"], DataType: "string"}, - {Name: "existing_kms_instance_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"}, - {Name: "kms_encryption_enabled", Value: true, DataType: "bool"}, - {Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_private_endpoint"], DataType: "string"}, - {Name: "enable_collecting_failed_events", Value: true, DataType: "bool"}, - {Name: "existing_cos_instance_crn", Value: terraform.Output(t, existingTerraformOptions, "cos_crn"), DataType: "string"}, - {Name: "cos_bucket_name", Value: terraform.Output(t, existingTerraformOptions, "bucket_name"), DataType: "string"}, - } - err3 := options3.RunSchematicTest() - assert.NoError(t, err3, "TestRunExistingResourcesInstances using existing RG, COS instance and KMS instance Failed") - } - // Check if "DO_NOT_DESTROY_ON_FAILURE" is set - envVal, _ := os.LookupEnv("DO_NOT_DESTROY_ON_FAILURE") - // Destroy the temporary existing resources if required - if t.Failed() && strings.ToLower(envVal) == "true" { - fmt.Println("Terratest failed. Debug the test and delete resources manually.") - } else { - logger.Log(t, "START: Destroy (existing resources)") - terraform.Destroy(t, existingTerraformOptions) - terraform.WorkspaceDelete(t, existingTerraformOptions, prefix) - logger.Log(t, "END: Destroy (existing resources)") - } -} - -func TestENDefaultConfiguration(t *testing.T) { +// Test deployment with all "on-by-default" dependant DAs +func TestAddonDefaultConfiguration(t *testing.T) { t.Parallel() options := testaddons.TestAddonsOptionsDefault(&testaddons.TestAddonOptions{ Testing: t, - Prefix: "endeft", + Prefix: "en-addon", ResourceGroup: resourceGroup, QuietMode: true, // Suppress logs except on failure }) @@ -500,33 +206,11 @@ func TestENDefaultConfiguration(t *testing.T) { "deploy-arch-ibm-event-notifications", "fully-configurable", map[string]interface{}{ - "prefix": options.Prefix, - "region": validRegions[rand.Intn(len(validRegions))], - "enable_platform_metrics": "false", // Disable platform metrics for addon tests + "prefix": options.Prefix, + "region": validRegions[rand.Intn(len(validRegions))], }, ) err := options.RunAddonTest() require.NoError(t, err) } - -// TestDependencyPermutations runs dependency permutations for the Event Notifications and all its dependencies -func TestDependencyPermutations(t *testing.T) { - - options := testaddons.TestAddonsOptionsDefault(&testaddons.TestAddonOptions{ - Testing: t, - Prefix: "en-perm", - AddonConfig: cloudinfo.AddonConfig{ - OfferingName: "deploy-arch-ibm-event-notifications", - OfferingFlavor: "fully-configurable", - Inputs: map[string]interface{}{ - "prefix": "en-perm", - "region": validRegions[rand.Intn(len(validRegions))], - "existing_resource_group_name": resourceGroup, - }, - }, - }) - - err := options.RunAddonPermutationTest() - assert.NoError(t, err, "Dependency permutation test should not fail") -} From c13aeea86d933c8f8f725cee40c75c4a55bbfd17 Mon Sep 17 00:00:00 2001 From: ocofaigh Date: Thu, 18 Sep 2025 16:27:25 +0100 Subject: [PATCH 2/2] bump git submodule --- common-dev-assets | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/common-dev-assets b/common-dev-assets index 9abb2581..325cfd0d 160000 --- a/common-dev-assets +++ b/common-dev-assets @@ -1 +1 @@ -Subproject commit 9abb2581610844f40aeb4f8a8b7f24e5a127d45b +Subproject commit 325cfd0d91902e08079644092bbf298c4872f388