Examples for Test-Driven Development (TDD) of infrastructure.
Each directory has its own README and Makefile documenting how to run the tests and build the infrastructure associated with the example.
tf-aws-ec2: A TDD example created for 2019 O'Reilly Velocitytf-aws-s3: A TDD example created for this blog posttf-azure-network: A TDD example create for the Perth Hashicorp User Group
Refer to the Makefile in each directory for how to build the tests.
Generally, you can write your own testing framework with any language, focusing on testing the state or definition of infrastructure. For unit or contract (state) testing, tests will involve checking JSON or YAML configuration. Most infrastructure as code frameworks will already have acceptance tests to ensure the infrastructure resources are created properly.
Below are frameworks that check for configuration that might lead to upstream problems (not caught by Terraform plan). For example, database username must be 16 characters.
The tools below are mostly presented as policy as code frameworks but can be used for unit or contract (state) testing infrastructure.
Thanks to @petems for discovering these!
These are frameworks that create the infrastructure, execute a set of tests, and (optionally) destroys the infrastructure.
Some of these frameworks include built-in policies for various providers, others must be extended.
- liamg/tfsec
- accurics/terrascan
- bridgecrew/checkov
- Terraform Sentinel (not OSS)
- fugue/regula: policies you can run via Open Policy Agent
- Forseti Terraform-Validator (not OSS)
Use with caution. Mocks aren't always updated with latest API or configuration.
- localstack for AWS
- GCP Emulator: emulates specific services on GCP. Mostly for application-related use.