use terraform + inspec for integration testing

2024-11-10 07:04:15 +00:00 · 2017-01-16 16:14:24 +01:00 · 2017-01-16 16:14:24 +01:00 · a55b341b32
commit a55b341b32
parent 1c5a8902ae
5 changed files with 57 additions and 3 deletions
--- a/README.md
+++ b/README.md
@ -85,11 +85,28 @@ end
 ...


- ## Kudos
+## Tests

- This project was inspired by [inspec-aws](https://github.com/arothian/inspec-aws) from [arothian](https://github.com/arothian).
+To run the integration tests, please make sure all required environment variables like `AWS_ACCESS_KEY_ID`
+, `AWS_SECRET_ACCESS_KEY` and `AWS_DEFAULT_REGION` are set properly. We use terraform to create the AWS setup and InSpec to verify the all aspects. Integration tests can be executed via:

- ## License
+```
+bundle exec rake test:integration
+```
+
+Right now, instances are not destroyed automatically. Please use
+
+```
+bundle exec rake test:cleanup
+```
+
+to remove the setup created by terraform.
+
+## Kudos
+
+This project was inspired by [inspec-aws](https://github.com/arothian/inspec-aws) from [arothian](https://github.com/arothian).
+
+## License

 |  |  |
 | ------ | --- |
--- a/17
+++ b/17
@ -23,4 +23,21 @@ namespace :test do
    dir = File.join(File.dirname(__FILE__))
    sh("bundle exec inspec check #{dir}")
  end
+
+  task :integration do
+    integration_dir = "test/integration"
+
+    puts "----> Build"
+    sh("cd #{integration_dir}/build/ && terraform plan")
+    sh("cd #{integration_dir}/build/ && terraform apply")
+
+    puts "----> Verify"
+    sh("bundle exec inspec exec #{integration_dir}/verify")
+  end
+
+  task :cleanup do
+    integration_dir = "test/integration"
+    puts "----> Destroy"
+    sh("cd #{integration_dir}/build/ && terraform destroy -force")
+  end
 end
--- a/test/integration/build/aws.tf
+++ b/test/integration/build/aws.tf
@ -0,0 +1,11 @@
+provider "aws" {}
+
+resource "aws_instance" "example" {
+  ami           = "ami-0d729a60"
+  instance_type = "t2.micro"
+
+  tags {
+    Name = "Example"
+    X-Project = "inspec"
+  }
+}
--- a/test/integration/verify/controls/aws.rb
+++ b/test/integration/verify/controls/aws.rb
@ -0,0 +1,5 @@
+describe aws_ec2(name: 'Example') do
+  it { should be_running }
+  its('image_id') { should eq 'ami-0d729a60' }
+  its('instance_type') { should eq 't2.micro' }
+end
--- a/test/integration/verify/inspec.yml
+++ b/test/integration/verify/inspec.yml
@ -0,0 +1,4 @@
+name: inspec-aws-integration-tests
+depends:
+  - name: aws
+    path: ../../../