Merge pull request #54 from aws-ia/ephemeral_project-updates

Updates from project type

.config/functional_tests/post-entrypoint-helpers.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+## NOTE: this script runs at the end of functional test
+## Use this to load any configurations after the functional test 
+## TIPS: avoid modifying the .project_automation/functional_test/entrypoint.sh
+## migrate any customization you did on entrypoint.sh to this helper script
+echo "Executing Post-Entrypoint Helpers"

.config/functional_tests/pre-entrypoint-helpers.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+## NOTE: this script runs at the start of functional test
+## use this to load any configuration before the functional test 
+## TIPS: avoid modifying the .project_automation/functional_test/entrypoint.sh
+## migrate any customization you did on entrypoint.sh to this helper script
+echo "Executing Pre-Entrypoint Helpers"

.config/static_tests/post-entrypoint-helpers.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+## NOTE: this script runs at the end of static test
+## Use this to load any configurations after the static test 
+## TIPS: avoid modifying the .project_automation/static_test/entrypoint.sh
+## migrate any customization you did on entrypoint.sh to this helper script
+echo "Executing Post-Entrypoint Helpers"

.config/static_tests/pre-entrypoint-helpers.sh

@@ -0,0 +1,6 @@
+#!/bin/bash
+## NOTE: this script runs at the start of static test
+## use this to load any configuration before the static test 
+## TIPS: avoid modifying the .project_automation/static_test/entrypoint.sh
+## migrate any customization you did on entrypoint.sh to this helper script
+echo "Executing Pre-Entrypoint Helpers"

.copier-answers.yml

@@ -1,6 +1,6 @@
 # This file is auto-generated, changes will be overwritten
-_commit: v0.1.1
-_src_path: /task/801a218c-3018-11ee-b039-c6976c811b32/projecttype
+_commit: v0.1.4
+_src_path: /task/9dede46c-f6d1-11ee-a0ce-9aed9c550ca7/projecttype
 starting_version: v0.0.0
 version_file: VERSION
 

.project_automation/functional_tests/Dockerfile

@@ -1,14 +1,5 @@
 FROM public.ecr.aws/codebuild/amazonlinux2-x86_64-standard:4.0
-ENV TERRAFORM_VERSION=1.4.2
-ENV GO_VERSION=1.20.2
+ENV TERRAFORM_VERSION=1.7.4
 RUN cd /tmp && \
     wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
-    unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin && chmod 755 /usr/local/bin/terraform
-
-RUN curl -s https://raw.githubusercontent.com/aquasecurity/tfsec/master/scripts/install_linux.sh | bash
-
-RUN cd /tmp && \
-    wget https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz && \
-    tar -C /usr/local/bin -xzf go${GO_VERSION}.linux-amd64.tar.gz && chmod 755 /usr/local/bin/go
-
-RUN pip3 install checkov
+    unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin && chmod 755 /usr/local/bin/terraform

.project_automation/functional_tests/entrypoint.sh

@@ -1,30 +1,50 @@
-#!/bin/bash -e
+#!/bin/bash
+
+## WARNING: DO NOT modify the content of entrypoint.sh
+# Use ./config/functional_tests/pre-entrypoint-helpers.sh or ./config/functional_tests/post-entrypoint-helpers.sh 
+# to load any customizations or additional configurations
 
 ## NOTE: paths may differ when running in a managed task. To ensure behavior is consistent between
 # managed and local tasks always use these variables for the project and project type path
 PROJECT_PATH=${BASE_PATH}/project
 PROJECT_TYPE_PATH=${BASE_PATH}/projecttype
 
-echo "Starting Functional Tests"
-
-cd ${PROJECT_PATH}
+#********** helper functions *************
+pre_entrypoint() {
+    if [ -f ${PROJECT_PATH}/.config/functional_tests/pre-entrypoint-helpers.sh ]; then
+        echo "Pre-entrypoint helper found"
+        source ${PROJECT_PATH}/.config/functional_tests/pre-entrypoint-helpers.sh
+        echo "Pre-entrypoint helper loaded"
+    else
+        echo "Pre-entrypoint helper not found - skipped"
+    fi
+}
+post_entrypoint() {
+    if [ -f ${PROJECT_PATH}/.config/functional_tests/post-entrypoint-helpers.sh ]; then
+        echo "Post-entrypoint helper found"
+        source ${PROJECT_PATH}/.config/functional_tests/post-entrypoint-helpers.sh        
+        echo "Post-entrypoint helper loaded"
+    else
+        echo "Post-entrypoint helper not found - skipped"
+    fi
+}
 
-export AWS_DEFAULT_REGION=eu-west-1
+#********** Pre-entrypoint helper *************
+pre_entrypoint
 
-#********** Checkov Analysis *************
-echo "Running Checkov Analysis"
-terraform init
-terraform plan -out tf.plan
-terraform show -json tf.plan  > tf.json 
-checkov --config-file ${PROJECT_PATH}/.config/.checkov.yml
+#********** Functional Test *************
+/bin/bash ${PROJECT_PATH}/.project_automation/functional_tests/functional_tests.sh
+if [ $? -eq 0 ]
+then
+    echo "Functional test completed"
+    EXIT_CODE=0
+else
+    echo "Functional test failed"
+    EXIT_CODE=1
+fi
 
-#********** Terratest execution **********
-echo "Running Terratest"
-cd test
-rm -f go.mod
-go mod init github.com/aws-ia/terraform-project-ephemeral
-go mod tidy
-go install github.com/gruntwork-io/terratest/modules/terraform
-go test -timeout 45m
+#********** Post-entrypoint helper *************
+post_entrypoint
 
-echo "End of Functional Tests"
+#********** Exit Code *************
+exit $EXIT_CODE

.project_automation/functional_tests/functional_tests.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+## NOTE: paths may differ when running in a managed task. To ensure behavior is consistent between
+# managed and local tasks always use these variables for the project and project type path
+PROJECT_PATH=${BASE_PATH}/project
+PROJECT_TYPE_PATH=${BASE_PATH}/projecttype
+
+echo "Starting Functional Tests"
+cd ${PROJECT_PATH}
+
+#********** Terraform Test **********
+
+# Look up the mandatory test file
+MANDATORY_TEST_PATH="./tests/01_mandatory.tftest.hcl"
+if test -f ${MANDATORY_TEST_PATH}; then
+    echo "File ${MANDATORY_TEST_PATH} is found, resuming test"
+    # Run Terraform test
+    terraform init
+    terraform test
+else
+    echo "File ${MANDATORY_TEST_PATH} not found. You must include at least one test run in file ${MANDATORY_TEST_PATH}"
+    (exit 1)
+fi 
+
+if [ $? -eq 0 ]; then
+    echo "Terraform Test Successfull"
+else
+    echo "Terraform Test Failed"
+    exit 1
+fi
+
+echo "End of Functional Tests"

.project_automation/static_tests/Dockerfile

@@ -1,5 +1,5 @@
 FROM public.ecr.aws/codebuild/amazonlinux2-x86_64-standard:4.0
-ENV TERRAFORM_VERSION=1.4.2
+ENV TERRAFORM_VERSION=1.7.4
 RUN cd /tmp && \
     wget https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && \
     unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin && chmod 755 /usr/local/bin/terraform
@@ -20,6 +20,8 @@ RUN wget -O /tmp/tflint-ruleset-aws.zip https://github.com/terraform-linters/tfl
 
 RUN curl -s https://raw.githubusercontent.com/aquasecurity/tfsec/master/scripts/install_linux.sh | bash
 
+RUN pip3 install checkov
+
 RUN gem install mdl
 
 ENV TERRAFORM_DOCS_VERSION=v0.16.0

.project_automation/static_tests/entrypoint.sh

@@ -1,63 +1,50 @@
-#!/bin/bash -e
+#!/bin/bash
+
+## WARNING: DO NOT modify the content of entrypoint.sh
+# Use ./config/static_tests/pre-entrypoint-helpers.sh or ./config/static_tests/post-entrypoint-helpers.sh 
+# to load any customizations or additional configurations
 
 ## NOTE: paths may differ when running in a managed task. To ensure behavior is consistent between
 # managed and local tasks always use these variables for the project and project type path
 PROJECT_PATH=${BASE_PATH}/project
 PROJECT_TYPE_PATH=${BASE_PATH}/projecttype
 
-echo "Starting Static Tests"
+#********** helper functions *************
+pre_entrypoint() {
+    if [ -f ${PROJECT_PATH}/.config/static_tests/pre-entrypoint-helpers.sh ]; then
+        echo "Pre-entrypoint helper found"
+        source ${PROJECT_PATH}/.config/static_tests/pre-entrypoint-helpers.sh
+        echo "Pre-entrypoint helper loaded"
+    else
+        echo "Pre-entrypoint helper not found - skipped"
+    fi
+}
+post_entrypoint() {
+    if [ -f ${PROJECT_PATH}/.config/static_tests/post-entrypoint-helpers.sh ]; then
+        echo "Post-entrypoint helper found"
+        source ${PROJECT_PATH}/.config/static_tests/post-entrypoint-helpers.sh        
+        echo "Post-entrypoint helper loaded"
+    else
+        echo "Post-entrypoint helper not found - skipped"
+    fi
+}
 
-cd ${PROJECT_PATH}
-terraform init
-terraform validate
+#********** Pre-entrypoint helper *************
+pre_entrypoint
 
-#********** tflint ********************
-echo 'Starting tflint'
-tflint --init --config ${PROJECT_PATH}/.config/.tflint.hcl
-MYLINT=$(tflint --force --config ${PROJECT_PATH}/.config/.tflint.hcl)
-if [ -z "$MYLINT" ]
-then
-    echo "Success - tflint found no linting issues!"
-else
-    echo "Failure - tflint found linting issues!"
-    echo "$MYLINT"
-    exit 1
-fi
-#********** tfsec *********************
-echo 'Starting tfsec'
-MYTFSEC=$(tfsec . --config-file ${PROJECT_PATH}/.config/.tfsec.yml || true)
-if [[ $MYTFSEC == *"No problems detected!"* ]];
+#********** Static Test *************
+/bin/bash ${PROJECT_PATH}/.project_automation/static_tests/static_tests.sh
+if [ $? -eq 0 ]
 then
-    echo "Success - tfsec found no security issues!"
-    echo "$MYTFSEC"
+    echo "Static test completed"
+    EXIT_CODE=0
 else
-    echo "Failure - tfsec found security issues!"
-    echo "$MYTFSEC"
-    exit 1
+    echo "Static test failed"
+    EXIT_CODE=1
 fi
 
-#********** Markdown Lint **************
-echo 'Starting markdown lint'
-MYMDL=$(mdl --config ${PROJECT_PATH}/.config/.mdlrc .header.md examples/*/.header.md || true)
-if [ -z "$MYMDL" ]
-then
-    echo "Success - markdown lint found no linting issues!"
-else
-    echo "Failure - markdown lint found linting issues!"
-    echo "$MYMDL"
-    exit 1
-fi
-#********** Terraform Docs *************
-echo 'Starting terraform-docs'
-TDOCS="$(terraform-docs --config ${PROJECT_PATH}/.config/.terraform-docs.yaml --lockfile=false ./)"
-git add -N README.md
-GDIFF="$(git diff --compact-summary)"
-if [ -z "$GDIFF" ]
-then
-    echo "Success - Terraform Docs creation verified!"
-else
-    echo "Failure - Terraform Docs creation failed, ensure you have precommit installed and running before submitting the Pull Request"
-    exit 1
-fi
-#***************************************
-echo "End of Static Tests"
+#********** Post-entrypoint helper *************
+post_entrypoint
+
+#********** Exit Code *************
+exit $EXIT_CODE

.project_automation/static_tests/static_tests.sh

@@ -0,0 +1,86 @@
+#!/bin/bash
+
+## NOTE: paths may differ when running in a managed task. To ensure behavior is consistent between
+# managed and local tasks always use these variables for the project and project type path
+PROJECT_PATH=${BASE_PATH}/project
+PROJECT_TYPE_PATH=${BASE_PATH}/projecttype
+
+echo "Starting Static Tests"
+
+#********** Terraform Validate *************
+cd ${PROJECT_PATH}
+terraform init
+terraform validate
+if [ $? -eq 0 ]
+then
+    echo "Success - Terraform validate"
+else
+    echo "Failure - Terraform validate"
+    exit 1
+fi
+
+#********** tflint ********************
+echo 'Starting tflint'
+tflint --init --config ${PROJECT_PATH}/.config/.tflint.hcl
+MYLINT=$(tflint --force --config ${PROJECT_PATH}/.config/.tflint.hcl)
+if [ -z "$MYLINT" ]
+then
+    echo "Success - tflint found no linting issues!"
+else
+    echo "Failure - tflint found linting issues!"
+    echo "$MYLINT"
+    exit 1
+fi
+
+#********** tfsec *********************
+echo 'Starting tfsec'
+MYTFSEC=$(tfsec . --config-file ${PROJECT_PATH}/.config/.tfsec.yml --custom-check-dir ${PROJECT_PATH}/.config/.tfsec)
+if [[ $MYTFSEC == *"No problems detected!"* ]];
+then
+    echo "Success - tfsec found no security issues!"
+    echo "$MYTFSEC"
+else
+    echo "Failure - tfsec found security issues!"
+    echo "$MYTFSEC"
+    exit 1
+fi
+
+#********** Checkov Analysis *************
+echo "Running Checkov Analysis"
+checkov --config-file ${PROJECT_PATH}/.config/.checkov.yml
+if [ $? -eq 0 ]
+then
+    echo "Success - Checkov found no issues!"
+else
+    echo "Failure - Checkov found issues!"
+    exit 1
+fi
+
+#********** Markdown Lint **************
+echo 'Starting markdown lint'
+MYMDL=$(mdl --config ${PROJECT_PATH}/.config/.mdlrc .header.md examples/*/.header.md)
+if [ -z "$MYMDL" ]
+then
+    echo "Success - markdown lint found no linting issues!"
+else
+    echo "Failure - markdown lint found linting issues!"
+    echo "$MYMDL"
+    exit 1
+fi
+
+#********** Terraform Docs *************
+echo 'Starting terraform-docs'
+TDOCS="$(terraform-docs --config ${PROJECT_PATH}/.config/.terraform-docs.yaml --lockfile=false ./)"
+git add -N README.md
+GDIFF="$(git diff --compact-summary)"
+if [ -z "$GDIFF" ]
+then
+    echo "Success - Terraform Docs creation verified!"
+else
+    echo "Failure - Terraform Docs creation failed, ensure you have precommit installed and running before submitting the Pull Request. TIPS: false error may occur if you have unstaged files in your repo"
+    echo "$GDIFF"
+    exit 1
+fi
+
+#***************************************
+echo "End of Static Tests"

tests/01_mandatory.tftest.hcl

@@ -0,0 +1,18 @@
+## NOTE: This is the minimum mandatory test
+# run at least one test using the ./examples directory as your module source
+# create additional *.tftest.hcl for your own unit / integration tests
+# use tests/*.auto.tfvars to add non-default variables
+
+run "mandatory_plan_basic" {
+  command = plan
+  module {
+    source = "./examples/service"
+  }
+}
+
+run "mandatory_apply_basic" {
+  command = apply
+  module {
+    source = "./examples/service"
+  }
+}