chore(tests): add an end to end test that uses real terraform plan output

.devcontainer/devcontainer.json

@@ -0,0 +1,30 @@
+{
+	"name": "infra-diff",
+	"image": "mcr.microsoft.com/devcontainers/typescript-node:22",
+	"features": {
+		"ghcr.io/devcontainers/features/docker-outside-of-docker:1": {},
+		"ghcr.io/devcontainers-contrib/features/terraform-asdf:2": {
+			"version": "1.13.4"
+		}
+	},
+	"customizations": {
+		"vscode": {
+			"extensions": [
+				"dbaeumer.vscode-eslint",
+				"esbenp.prettier-vscode",
+				"biomejs.biome",
+				"hashicorp.terraform"
+			],
+			"settings": {
+				"editor.formatOnSave": true,
+				"editor.defaultFormatter": "biomejs.biome"
+			}
+		}
+	},
+	"postCreateCommand": "npm install",
+	"forwardPorts": [50000],
+	"mounts": [
+		"source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind"
+	],
+	"remoteUser": "node"
+}

.github/dependabot.yml

@@ -25,3 +25,10 @@ updates:
     schedule:
       interval: "weekly"
     open-pull-requests-limit: 5
+
+  # Monitor Terraform
+  - package-ecosystem: "terraform"
+    directory: "/e2e/terraform"
+    schedule:
+      interval: "weekly"
+    open-pull-requests-limit: 5

.github/workflows/ci.yml

@@ -40,9 +40,23 @@ jobs:
       - run: npm test
       - run: npm run test:e2e:file-reading
 
+  test-terraform-integration:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0
+        with:
+          node-version-file: ".nvmrc"
+      - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2
+        with:
+          terraform_version: 1.13.4
+      - run: npm ci
+      - name: Run Terraform integration tests
+        run: npm run test:e2e:terraform
+
   validate-action:
     runs-on: ubuntu-latest
-    needs: [lint, test]
+    needs: [lint, test, test-terraform-integration]
     steps:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0

.terraform-version

@@ -0,0 +1 @@
+1.13.4

docker-compose.yml

@@ -0,0 +1,15 @@
+---
+version: '3.8'
+
+services:
+  moto:
+    image: motoserver/moto:5.0.0
+    container_name: infra-diff-moto-test
+    ports:
+      - "50000:5000"
+    healthcheck:
+      test: ["CMD", "curl", "-f", "http://localhost:5000"]
+      interval: 5s
+      timeout: 3s
+      retries: 10
+      start_period: 10s

e2e/terraform-integration.test.ts

@@ -0,0 +1,140 @@
+import { execSync } from "node:child_process";
+import { existsSync, rmSync, unlinkSync } from "node:fs";
+import * as path from "node:path";
+import { GenericContainer, type StartedTestContainer } from "testcontainers";
+import { afterAll, beforeAll, describe, expect, it } from "vitest";
+import { ParsePlanUseCase } from "../src/domain/usecases/ParsePlanUseCase";
+import { ReadPlanFileUseCase } from "../src/domain/usecases/ReadPlanFileUseCase";
+import { FilesystemAdapter } from "../src/infrastructure/adapters/FilesystemAdapter";
+
+describe("E2E: Terraform Integration with moto", () => {
+	const terraformDir = path.join(process.cwd(), "e2e", "terraform");
+	const planFile = path.join(terraformDir, "plan.bin");
+	const planJsonFile = path.join(terraformDir, "plan.json");
+	let motoContainer: StartedTestContainer;
+	let motoPort: number;
+
+	beforeAll(async () => {
+		// Start moto server using testcontainers
+		console.log("Starting moto server...");
+		try {
+			motoPort = 50000;
+			motoContainer = await new GenericContainer("motoserver/moto:5.0.0")
+				.withExposedPorts({ container: 5000, host: motoPort })
+				.withStartupTimeout(120000)
+				.start();
+
+			console.log(`Moto server is ready on port ${motoPort}`);
+
+			// Initialize Terraform
+			console.log("Initializing Terraform...");
+			execSync("terraform init", { cwd: terraformDir, stdio: "pipe" });
+
+			// Generate plan
+			console.log("Generating Terraform plan...");
+			execSync(`terraform plan -out=${planFile}`, {
+				cwd: terraformDir,
+				stdio: "pipe",
+			});
+
+			// Convert plan to JSON
+			console.log("Converting plan to JSON...");
+			execSync(`terraform show -json ${planFile} > ${planJsonFile}`, {
+				cwd: terraformDir,
+				stdio: "pipe",
+				shell: "/bin/bash",
+			});
+		} catch (error) {
+			console.error("Setup failed:", error);
+			throw error;
+		}
+	}, 120000); // 2 minute timeout for setup
+
+	afterAll(async () => {
+		// Cleanup
+		console.log("Cleaning up...");
+
+		// Remove plan files
+		try {
+			if (existsSync(planFile)) {
+				unlinkSync(planFile);
+			}
+			if (existsSync(planJsonFile)) {
+				unlinkSync(planJsonFile);
+			}
+		} catch (error) {
+			console.error("Failed to cleanup plan files:", error);
+		}
+
+		// Remove .terraform directory
+		try {
+			const terraformStateDir = path.join(terraformDir, ".terraform");
+			if (existsSync(terraformStateDir)) {
+				rmSync(terraformStateDir, { recursive: true, force: true });
+			}
+		} catch (error) {
+			console.error("Failed to cleanup .terraform directory:", error);
+		}
+
+		// Remove lock file
+		try {
+			const lockFile = path.join(terraformDir, ".terraform.lock.hcl");
+			if (existsSync(lockFile)) {
+				unlinkSync(lockFile);
+			}
+		} catch (error) {
+			console.error("Failed to cleanup lock file:", error);
+		}
+
+		// Stop and remove moto container
+		try {
+			if (motoContainer) {
+				await motoContainer.stop();
+				console.log("Moto container stopped");
+			}
+		} catch (error) {
+			console.error("Failed to stop moto container:", error);
+		}
+	}, 60000); // 1 minute timeout for cleanup
+
+	it("should parse real Terraform plan output", async () => {
+		// Verify plan JSON file was created
+		expect(existsSync(planJsonFile)).toBe(true);
+
+		// Read the plan file
+		const fileReader = new FilesystemAdapter();
+		const readUseCase = new ReadPlanFileUseCase(fileReader);
+		const readResult = await readUseCase.execute(planJsonFile);
+
+		expect(readResult.path).toBe(planJsonFile);
+		expect(readResult.content).toBeTruthy();
+		expect(readResult.content.length).toBeGreaterThan(0);
+
+		// Parse the plan
+		const parseUseCase = new ParsePlanUseCase();
+		const plan = await parseUseCase.parse(readResult.content);
+
+		// Verify plan structure
+		expect(plan).toBeDefined();
+		expect(plan.formatVersion).toBeTruthy();
+		expect(plan.terraformVersion).toBeTruthy();
+		expect(plan.resourceChanges).toBeDefined();
+		expect(Array.isArray(plan.resourceChanges)).toBe(true);
+
+		// Verify we have the expected SQS queue resource change
+		expect(plan.resourceChanges.length).toBeGreaterThan(0);
+
+		const sqsQueue = plan.resourceChanges.find(
+			(rc) => rc.type === "aws_sqs_queue" && rc.name === "queue",
+		);
+
+		expect(sqsQueue).toBeDefined();
+		expect(sqsQueue?.address).toBe("aws_sqs_queue.queue");
+		expect(sqsQueue?.actions).toContain("create");
+
+		// Verify the queue has expected configuration
+		expect(sqsQueue?.after).toBeDefined();
+		expect(sqsQueue?.after?.name).toBe("test-queue");
+		expect(sqsQueue?.after?.tags).toBeDefined();
+	});
+});

e2e/terraform/backend.tf

@@ -0,0 +1,3 @@
+terraform {
+  backend "local" {}
+}

e2e/terraform/provider.tf

@@ -0,0 +1,12 @@
+provider "aws" {
+  region                      = "us-east-1"
+  skip_credentials_validation = true
+  skip_metadata_api_check     = true
+  skip_requesting_account_id  = true
+
+  endpoints {
+    sts = "http://localhost:50000"
+    s3  = "http://localhost:50000"
+    sqs = "http://localhost:50000"
+  }
+}

e2e/terraform/sqs.tf

@@ -0,0 +1,7 @@
+resource "aws_sqs_queue" "queue" {
+  name = "test-queue"
+  tags = {
+    github = "https://github.com/zpratt/infra-diff.git"
+    random = 1234
+  }
+}

features/end-to-end-with-terraform.md

@@ -0,0 +1,16 @@
+# End to End with Terraform
+
+Goal: Demonstrate how Infra Diff can be used in an end-to-end workflow with Terraform and moto to provide a fake of the AWS API. The goal is to produce a real binary terraform plan, convert it to json, and then run infra-diff against that json plan.
+
+## Context
+
+In this workflow, we will use Terraform to create a simple infrastructure setup on AWS. We will use moto to mock the AWS API, allowing us to generate a binary terraform plan without needing access to a real AWS account. This plan will then be converted to JSON format and analyzed using Infra Diff to identify any potential changes or issues. The test itself should be implemented in typescript, using the infra-diff library to run the analysis programmatically, treating the production code as if it is a complete black box. We should run moto in a docker container to ensure a clean and isolated environment for the test. Everything that is created should be runnable locally with a single command and should also be included in our CI pipeline to ensure consistent results across different environments. I've added example terraform fixtures in the e2e/terraform directory to get started. Ensure you examine the e2e/terraform/provider.tf file to see how to configure terraform to point at the moto server.
+
+## Requirements
+
+- Ensure the pipeline uses setup-terraform action to install terraform
+- Ensure we're testing with the latest version of terraform
+- Use moto server in a docker container to mock AWS API
+- When running locally, create a devcontainer environment that we can use to run the tests with a specific version of node and terraform.
+- Write the test in typescript using infra-diff library to analyze the terraform plan json output.
+- Ensure the entire setup can be run with a single command both locally and in CI.