1

I'm trying to use kitchen-terraform to verify a terraform module I'm building. This particular module is a small piece in a larger infrastructure. It depends on some pieces of the network being available and will then be used later to spin up additional servers and whatnot.

I'm curious if there's a way with kitchen-terraform to create some pieces of infrastructure before the module under test runs and to also add in some extra pieces that aren't part of the module proper.

In this particular case, the module is creating a new VPC with some peering connections with an existing VPC, security groups, and subnets. I want to verify that the peering connections were established correctly as well as spin up some ec2 instances to verify the status of the network.

Does anyone have examples of doing something like this?

dustyburwell
  • 5,755
  • 2
  • 27
  • 34

1 Answers1

4

I'm curious if there's a way with kitchen-terraform to create some pieces of infrastructure before the module under test runs and to also add in some extra pieces that aren't part of the module proper.

You can do all of this. Your .kitchen.yml will specify where the terraform code exists to execute here: 

provisioner:
  name: terraform
  directory: path/to/terraform/code
  variable_files:
   - path/to/terraform/variables.tfvars

More to the point, create a main.tf in a test location that builds all the infrastructure you want, including the modules. The order of execution will be controlled by the dependencies of the resources themselves.

Assuming you are testing in the same repo as your module, maybe arrange something like this:

├── .kitchen.yml
├── Gemfile
├── Gemfile.lock
├── README.md
├── terraform
│   ├── my_module
│       ├── main.tf
│       └── variables.tf
├── test
    ├── main.tf
    └── terraform.tfvars

The actual .kitchen.yml will include this:

provisioner:
  name: terraform
  directory: test
  variable_files:
   - test/variables.tfvars
  variables:
    access_key: <%= ENV['AWS_ACCESS_KEY_ID'] %>
    secret_key: <%= ENV['AWS_SECRET_ACCESS_KEY'] %>

And your test/main.tf will instantiate the module along with any other code under test.

provider "aws" {
  access_key = "${var.access_key}"
  secret_key = "${var.secret_key}"
  region = "${var.region}"
}

...

module "my_module" {
  name = "foo"
  source = "../terraform/my_module"
...
}

resource "aws_instance" "test_instance_1" {
...
}
erk
  • 461
  • 2
  • 9
  • I am using Terraform v1.0.1, Kitchen 3.0.0, kitchen-terraform 6.0. To pass in tfvar files, `variable_files`/`variables` must under `driver`, not `provisioner`. – ronald8192 Jul 14 '21 at 07:27