diff --git a/.gitignore b/.gitignore index d973433..2a48968 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,6 @@ vendor/ # Tests directory .test-data/ + +# Workaround for go test +main.go diff --git a/README.md b/README.md index 8de5907..57fbb31 100644 --- a/README.md +++ b/README.md @@ -39,7 +39,7 @@ Usage ----- ### Examples -Sample configuration is located in [examples](examples/) directory. There are not many of them right now, but I'll add more soon. +Sample configuration is located in [examples](examples/) directory. ### Single Region Peering **Notice**: You need to declare both providers even with single region peering. @@ -58,7 +58,6 @@ module "vpc_single_region_peering" { peer_vpc_id = "vpc-11111111" cross_region_peering = false auto_accept_peering = true - create_peering = true tags = { Name = "my-peering-connection" @@ -82,7 +81,6 @@ module "vpc_single_region_peering" { peer_vpc_id = "vpc-11111111" cross_region_peering = false auto_accept_peering = true - create_peering = 0 peering_id = "pcx-00000000" } @@ -104,7 +102,6 @@ module "vpc_cross_region_peering" { peer_vpc_id = "vpc-11111111" cross_region_peering = true auto_accept_peering = true - create_peering = true tags = { Name = "my-peering-connection" @@ -125,9 +122,11 @@ providers = { peer_account_id = "AAABBBCCC1111" // An ID of the peer AWS account ``` -Examples --------- -Complete example is shown above +Testing +---- + +This module is tested with [Terratest](https://github.com/gruntwork-io/terratest) +You can find existing tests in the [test/](test/) directory. Authors ------- diff --git a/examples/single-account-single-region-with-options/README.md b/examples/single-account-single-region-with-options/README.md new file mode 100644 index 0000000..df77828 --- /dev/null +++ b/examples/single-account-single-region-with-options/README.md @@ -0,0 +1,30 @@ +# Single Account Single Region Peering Connection with Peering Options + +Configuration in this directory creates a peering connection between VPCs in a single region within the same AWS account. It also creates connection options: + +* Cross-VPC DNS resolution option +* Allow classic link access between VPCs + +## Usage + +Modify the variables to suite your purposes. Then run: + +```bash +terraform init +terraform plan +terraform apply +``` + +## Testing + +This configuration is tested with [Terratest](https://github.com/gruntwork-io/terratest). + +You can find tests in [`test/`](../../test) directory. + +### Testing notes + +I'm unable to properly test VPC peering options because I need to create public subnets (which contain AWS Internet Gateway) and some resources in Classic. These costs money and I don't want to add it to thr CI. Therefore, tests for this module inplementation simply test that module is able to run and peering is created. + +## Note + +Running the resources in AWS may cost money! Make sure to clean up afterwards. You can use `terraform destroy` to delete the resources spawned by this example. diff --git a/examples/single-account-single-region-with-options/main.tf b/examples/single-account-single-region-with-options/main.tf new file mode 100644 index 0000000..16d5374 --- /dev/null +++ b/examples/single-account-single-region-with-options/main.tf @@ -0,0 +1,31 @@ +// Single Account single region example +// Additional options are created +module "single_account_single_region_options" { + source = "../../" + + providers = { + aws.this = "aws" + aws.peer = "aws" + } + + this_vpc_id = "${var.this_vpc_id}" + peer_vpc_id = "${var.peer_vpc_id}" + + create_peering = true + auto_accept_peering = true + + // Peering options for requester + this_dns_resolution = true + this_link_to_peer_classic = true + this_link_to_local_classic = true + + // Peering options for accepter + peer_dns_resolution = true + peer_link_to_peer_classic = true + peer_link_to_local_classic = true + + tags = { + Name = "tf-single-account-single-region-with-options" + Environment = "Test" + } +} diff --git a/examples/single-account-single-region-with-options/outputs.tf b/examples/single-account-single-region-with-options/outputs.tf new file mode 100644 index 0000000..a4495b7 --- /dev/null +++ b/examples/single-account-single-region-with-options/outputs.tf @@ -0,0 +1,12 @@ +// Required for tests +output "vpc_peering_accept_status" { + value = "${module.single_account_single_region_options.vpc_peering_accept_status}" +} + +output "accepter_options" { + value = "${module.single_account_single_region_options.accepter_options}" +} + +output "requester_options" { + value = "${module.single_account_single_region_options.requester_options}" +} diff --git a/examples/single-account-single-region-with-options/provider.tf b/examples/single-account-single-region-with-options/provider.tf new file mode 100644 index 0000000..c125940 --- /dev/null +++ b/examples/single-account-single-region-with-options/provider.tf @@ -0,0 +1,3 @@ +provider "aws" { + region = "us-east-1" +} diff --git a/examples/single-account-single-region-with-options/variables.tf b/examples/single-account-single-region-with-options/variables.tf new file mode 100644 index 0000000..8a4ffb2 --- /dev/null +++ b/examples/single-account-single-region-with-options/variables.tf @@ -0,0 +1,5 @@ +// Variables are required to pass them via Terratest +// on fixtures creation +variable "this_vpc_id" {} + +variable "peer_vpc_id" {} diff --git a/examples/single-account-single-region/README.md b/examples/single-account-single-region/README.md index 474027a..7aa5b02 100644 --- a/examples/single-account-single-region/README.md +++ b/examples/single-account-single-region/README.md @@ -1,10 +1,10 @@ -# Simple Peering +# Single Account Single Region VPC Peering -Configuration in this directory creates a simple peering connection between VPCs in a single region within the same AWS account. +This is a basic configuration example, which creates a peering connection between VPCs in a single region within the same AWS account. ## Usage -To run this example you need to execute +Change the variables to fit your purposes and run: ```bash terraform init @@ -12,9 +12,12 @@ terraform plan terraform apply ``` +## Testing + +This configuration is tested with [Terratest](https://github.com/gruntwork-io/terratest). + +You can find tests in [`test/`](../../test) directory. + ## Note Running the resources in AWS may cost money! Make sure to clean up afterwards. You can use `terraform destroy` to delete the resources spawned by this example. - -## TODO: -* Create VPCs and route tables using this example. For now you can use for example [this module](https://github.com/terraform-aws-modules/terraform-aws-vpc/) to seyup prerequisites. diff --git a/test/fixtures/single-account-single-region-with-options/main.tf b/test/fixtures/single-account-single-region-with-options/main.tf new file mode 100644 index 0000000..f0a6d56 --- /dev/null +++ b/test/fixtures/single-account-single-region-with-options/main.tf @@ -0,0 +1,71 @@ +// Fixtures +// VPCs +resource "aws_vpc" "this" { + cidr_block = "172.20.0.0/16" + enable_classiclink = true + enable_dns_support = true + enable_dns_hostnames = true + + tags = { + Name = "this_vpc_options" + Environment = "Test" + } +} + +resource "aws_vpc" "peer" { + cidr_block = "172.21.0.0/16" + enable_classiclink = true + enable_dns_support = true + enable_dns_hostnames = true + + tags = { + Name = "peer_vpc_options" + Environment = "Test" + } +} + +// Route Tables +resource "aws_route_table" "this" { + count = "${length(var.this_subnets)}" + vpc_id = "${aws_vpc.this.id}" + + tags = { + Name = "This VPC RT" + Environment = "Test" + } +} + +resource "aws_route_table" "peer" { + count = "${length(var.peer_subnets)}" + vpc_id = "${aws_vpc.peer.id}" + + tags = { + Name = "Peer VPC RT" + Environment = "Test" + } +} + +// Subnets +resource "aws_subnet" "this" { + count = "${length(var.this_subnets)}" + vpc_id = "${aws_vpc.this.id}" + cidr_block = "${var.this_subnets[count.index]}" + availability_zone = "${element(var.azs, count.index)}" + + tags = { + Name = "This VPC Subnet" + Environment = "Test" + } +} + +resource "aws_subnet" "peer" { + count = "${length(var.peer_subnets)}" + vpc_id = "${aws_vpc.peer.id}" + cidr_block = "${var.peer_subnets[count.index]}" + availability_zone = "${element(var.azs, count.index)}" + + tags = { + Name = "This VPC Subnet" + Environment = "Test" + } +} diff --git a/test/fixtures/single-account-single-region-with-options/outputs.tf b/test/fixtures/single-account-single-region-with-options/outputs.tf new file mode 100644 index 0000000..7d16ef4 --- /dev/null +++ b/test/fixtures/single-account-single-region-with-options/outputs.tf @@ -0,0 +1,7 @@ +output "this_vpc_id" { + value = "${aws_vpc.this.id}" +} + +output "peer_vpc_id" { + value = "${aws_vpc.peer.id}" +} diff --git a/test/fixtures/single-account-single-region-with-options/provider.tf b/test/fixtures/single-account-single-region-with-options/provider.tf new file mode 100644 index 0000000..c125940 --- /dev/null +++ b/test/fixtures/single-account-single-region-with-options/provider.tf @@ -0,0 +1,3 @@ +provider "aws" { + region = "us-east-1" +} diff --git a/test/fixtures/single-account-single-region-with-options/terraform.tfvars b/test/fixtures/single-account-single-region-with-options/terraform.tfvars new file mode 100644 index 0000000..7e50785 --- /dev/null +++ b/test/fixtures/single-account-single-region-with-options/terraform.tfvars @@ -0,0 +1 @@ +azs = ["us-east-1a", "us-east-1b", "us-east-1c"] diff --git a/test/fixtures/single-account-single-region-with-options/variables.tf b/test/fixtures/single-account-single-region-with-options/variables.tf new file mode 100644 index 0000000..c514e9a --- /dev/null +++ b/test/fixtures/single-account-single-region-with-options/variables.tf @@ -0,0 +1,17 @@ +// Variables +variable "this_subnets" { + description = "Subnet list for _this_ VPC" + type = "list" + default = ["172.20.0.0/24", "172.20.1.0/24", "172.20.2.0/24"] +} + +variable "peer_subnets" { + description = "Subnet list for _peer_ VPC" + type = "list" + default = ["172.21.0.0/24", "172.21.1.0/24", "172.21.2.0/24"] +} + +variable "azs" { + description = "Availability Zones" + type = "list" +} diff --git a/test/fixtures/single-account-single-region/fixtures.tf b/test/fixtures/single-account-single-region/main.tf similarity index 75% rename from test/fixtures/single-account-single-region/fixtures.tf rename to test/fixtures/single-account-single-region/main.tf index 270a143..817e1c8 100644 --- a/test/fixtures/single-account-single-region/fixtures.tf +++ b/test/fixtures/single-account-single-region/main.tf @@ -1,22 +1,4 @@ // Fixtures -// Variables -variable "this_subnets" { - description = "Subnet list for _this_ VPC" - type = "list" - default = ["172.20.0.0/24", "172.20.1.0/24", "172.20.2.0/24"] -} - -variable "peer_subnets" { - description = "Subnet list for _peer_ VPC" - type = "list" - default = ["172.21.0.0/24", "172.21.1.0/24", "172.21.2.0/24"] -} - -variable "azs" { - description = "Availability Zones" - type = "list" -} - // VPCs resource "aws_vpc" "this" { cidr_block = "172.20.0.0/16" diff --git a/test/fixtures/single-account-single-region/variables.tf b/test/fixtures/single-account-single-region/variables.tf new file mode 100644 index 0000000..c514e9a --- /dev/null +++ b/test/fixtures/single-account-single-region/variables.tf @@ -0,0 +1,17 @@ +// Variables +variable "this_subnets" { + description = "Subnet list for _this_ VPC" + type = "list" + default = ["172.20.0.0/24", "172.20.1.0/24", "172.20.2.0/24"] +} + +variable "peer_subnets" { + description = "Subnet list for _peer_ VPC" + type = "list" + default = ["172.21.0.0/24", "172.21.1.0/24", "172.21.2.0/24"] +} + +variable "azs" { + description = "Availability Zones" + type = "list" +} diff --git a/test/single_account_single_region_test.go b/test/single_account_single_region_test.go index cbd01c9..4a7320b 100644 --- a/test/single_account_single_region_test.go +++ b/test/single_account_single_region_test.go @@ -8,47 +8,57 @@ import ( ) func TestSingleAccountSingleRegion(t *testing.T) { - // TF files folders - fixturesDir := "./fixtures/single-account-single-region" - moduleDir := "../examples/single-account-single-region" + testCases := []struct { + Name string + fixturesDir string + moduleDir string + }{ + {"SingleAccountSingleRegion", "./fixtures/single-account-single-region", "../examples/single-account-single-region"}, + {"SingleAccountSingleRegionWithOptions", "./fixtures/single-account-single-region-with-options", "../examples/single-account-single-region-with-options"}, + } - // Assertions - expectedPeeringStatus := "active" + for _, tc := range testCases { + t.Run(tc.Name, func(t *testing.T) { + // Assertions + expectedPeeringStatus := "active" - // Terraform Options for fixtures - fixturesTerraformOptions := &terraform.Options{ - TerraformDir: fixturesDir, - } + // Terraform Options for fixtures + fixturesTerraformOptions := &terraform.Options{ + TerraformDir: tc.fixturesDir, + } - // Remove the fixtures resources in the end of the test - defer terraform.Destroy(t, fixturesTerraformOptions) + // Remove the fixtures resources in the end of the test + defer terraform.Destroy(t, fixturesTerraformOptions) - // Install Prerequisites - terraform.InitAndApply(t, fixturesTerraformOptions) + // Install Prerequisites + terraform.InitAndApply(t, fixturesTerraformOptions) - // Get the outputs from fixtures - thisVpcID := terraform.Output(t, fixturesTerraformOptions, "this_vpc_id") - peerVpcID := terraform.Output(t, fixturesTerraformOptions, "peer_vpc_id") + // Get the outputs from fixtures + thisVpcID := terraform.Output(t, fixturesTerraformOptions, "this_vpc_id") + peerVpcID := terraform.Output(t, fixturesTerraformOptions, "peer_vpc_id") - // Terraform Options for module - moduleTerraformOptions := &terraform.Options{ - TerraformDir: moduleDir, - // Variables from the fixtures - Vars: map[string]interface{}{ - "this_vpc_id": thisVpcID, - "peer_vpc_id": peerVpcID, - }, - } + // Terraform Options for module + moduleTerraformOptions := &terraform.Options{ + TerraformDir: tc.moduleDir, + // Variables from the fixtures + Vars: map[string]interface{}{ + "this_vpc_id": thisVpcID, + "peer_vpc_id": peerVpcID, + }, + } - // Remove the module resources in the end of the test - defer terraform.Destroy(t, moduleTerraformOptions) + // Remove the module resources in the end of the test + defer terraform.Destroy(t, moduleTerraformOptions) - // Create module resources - terraform.InitAndApply(t, moduleTerraformOptions) + // Create module resources + terraform.InitAndApply(t, moduleTerraformOptions) - // Retrieve information with `terraform output` - actualPeeringStatus := terraform.Output(t, moduleTerraformOptions, "vpc_peering_accept_status") + // Retrieve information with `terraform output` + actualPeeringStatus := terraform.Output(t, moduleTerraformOptions, "vpc_peering_accept_status") - // Verify results - assert.Equal(t, expectedPeeringStatus, actualPeeringStatus) + // Verify results + assert.Equal(t, expectedPeeringStatus, actualPeeringStatus) + + }) + } }