Skip to content

Commit f0a4bb7

Browse files
author
janvt
authored
Merge pull request #17 from geekcell/fix/moar-assert
fix: seperate tests, add more assertions
2 parents ee655e5 + 5b0407b commit f0a4bb7

File tree

3 files changed

+418
-122
lines changed

3 files changed

+418
-122
lines changed

tests/advanced.tftest.hcl

+340
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,340 @@
1+
run "setup" {
2+
module {
3+
source = "./tests/network"
4+
}
5+
}
6+
7+
run "advanced_security_group_with_rules" {
8+
variables {
9+
name = "basic-security-group-2"
10+
description = "This is a test security group."
11+
12+
vpc_id = run.setup.vpc_id
13+
ingress_rules = [
14+
# Different To/From ports
15+
{
16+
from_port = 3306
17+
to_port = 54321
18+
protocol = "tcp"
19+
cidr_blocks = ["10.0.0.0/8"]
20+
},
21+
22+
# Allow other SG instead of CIDR
23+
{
24+
port = 3306
25+
protocol = "udp"
26+
source_security_group_id = run.setup.security_group_id
27+
},
28+
29+
# Using self
30+
{
31+
port = 3306
32+
protocol = "udp"
33+
self = true
34+
},
35+
36+
# Using prefix list
37+
{
38+
port = 443
39+
protocol = "tcp"
40+
prefix_list_ids = [run.setup.prefix_list_id]
41+
}
42+
]
43+
44+
egress_rules = [
45+
# Different To/From ports
46+
{
47+
from_port = 3306
48+
to_port = 54321
49+
protocol = "tcp"
50+
cidr_blocks = ["10.0.0.0/8"]
51+
},
52+
53+
# Allow other SG instead of CIDR
54+
{
55+
port = 3306
56+
protocol = "udp"
57+
source_security_group_id = run.setup.security_group_id
58+
},
59+
60+
# Using self
61+
{
62+
port = 3306
63+
protocol = "udp"
64+
self = true
65+
},
66+
67+
# Using prefix list
68+
{
69+
port = 443
70+
protocol = "tcp"
71+
prefix_list_ids = [run.setup.prefix_list_id]
72+
}
73+
]
74+
}
75+
76+
assert {
77+
condition = length(output.security_group_id) >= 0
78+
error_message = "Expected security group to be created."
79+
}
80+
81+
### Ingress rules checks
82+
assert {
83+
condition = length(aws_security_group_rule.main_ingress) == 4
84+
error_message = "Expected security group to have 5 ingress rules."
85+
}
86+
87+
### Assert different from / to ports
88+
assert {
89+
condition = aws_security_group_rule.main_ingress[0].protocol == "tcp"
90+
error_message = "Expected standard protocol to be tcp."
91+
}
92+
93+
assert {
94+
condition = length(aws_security_group_rule.main_ingress[0].cidr_blocks) == 1
95+
error_message = "Expected one cidr block."
96+
}
97+
98+
assert {
99+
condition = aws_security_group_rule.main_ingress[0].cidr_blocks[0] == "10.0.0.0/8"
100+
error_message = "Incorrect cidr block entry."
101+
}
102+
103+
assert {
104+
condition = aws_security_group_rule.main_ingress[0].from_port == 3306
105+
error_message = "Incorrect from port."
106+
}
107+
108+
assert {
109+
condition = aws_security_group_rule.main_ingress[0].to_port == 54321
110+
error_message = "Incorrect to port."
111+
}
112+
113+
### Assert SG instead of CIDR
114+
assert {
115+
condition = aws_security_group_rule.main_ingress[1].protocol == "udp"
116+
error_message = "Incorrect protocol."
117+
}
118+
119+
assert {
120+
condition = aws_security_group_rule.main_ingress[1].cidr_blocks == null
121+
error_message = "Expected no cidr blocks."
122+
}
123+
124+
assert {
125+
condition = aws_security_group_rule.main_ingress[1].source_security_group_id == run.setup.security_group_id
126+
error_message = "Expected security group."
127+
}
128+
129+
assert {
130+
condition = aws_security_group_rule.main_ingress[1].from_port == 3306
131+
error_message = "Incorrect from port."
132+
}
133+
134+
assert {
135+
condition = aws_security_group_rule.main_ingress[1].to_port == 3306
136+
error_message = "Incorrect to port."
137+
}
138+
139+
### Assert self
140+
assert {
141+
condition = aws_security_group_rule.main_ingress[2].protocol == "udp"
142+
error_message = "Incorrect protocol."
143+
}
144+
145+
assert {
146+
condition = aws_security_group_rule.main_ingress[2].cidr_blocks == null
147+
error_message = "Expected no cidr blocks."
148+
}
149+
150+
assert {
151+
condition = aws_security_group_rule.main_ingress[2].source_security_group_id == null
152+
error_message = "Expected no source security group."
153+
}
154+
155+
assert {
156+
condition = aws_security_group_rule.main_ingress[2].self == true
157+
error_message = "Expected self to be true."
158+
}
159+
160+
assert {
161+
condition = aws_security_group_rule.main_ingress[2].from_port == 3306
162+
error_message = "Incorrect from port."
163+
}
164+
165+
assert {
166+
condition = aws_security_group_rule.main_ingress[2].to_port == 3306
167+
error_message = "Incorrect to port."
168+
}
169+
170+
### Assert prefix list
171+
assert {
172+
condition = aws_security_group_rule.main_ingress[3].protocol == "tcp"
173+
error_message = "Incorrect protocol."
174+
}
175+
176+
assert {
177+
condition = aws_security_group_rule.main_ingress[3].cidr_blocks == null
178+
error_message = "Expected no cidr blocks."
179+
}
180+
181+
assert {
182+
condition = aws_security_group_rule.main_ingress[3].source_security_group_id == null
183+
error_message = "Expected no source security group."
184+
}
185+
186+
assert {
187+
condition = aws_security_group_rule.main_ingress[3].self == false
188+
error_message = "Expected self to be false."
189+
}
190+
191+
assert {
192+
condition = length(aws_security_group_rule.main_ingress[3].prefix_list_ids) == 1
193+
error_message = "Incorrect prefix list ids."
194+
}
195+
196+
assert {
197+
condition = aws_security_group_rule.main_ingress[3].prefix_list_ids[0] == run.setup.prefix_list_id
198+
error_message = "Incorrect prefix list ids entry."
199+
}
200+
201+
assert {
202+
condition = aws_security_group_rule.main_ingress[3].from_port == 443
203+
error_message = "Incorrect from port."
204+
}
205+
206+
assert {
207+
condition = aws_security_group_rule.main_ingress[3].to_port == 443
208+
error_message = "Incorrect to port."
209+
}
210+
211+
### Egress rules checks
212+
assert {
213+
condition = length(aws_security_group_rule.main_egress) == 4
214+
error_message = "Expected security group to have 5 egress rules."
215+
}
216+
217+
### Assert different from / to ports
218+
assert {
219+
condition = aws_security_group_rule.main_egress[0].protocol == "tcp"
220+
error_message = "Expected standard protocol to be tcp."
221+
}
222+
223+
assert {
224+
condition = length(aws_security_group_rule.main_egress[0].cidr_blocks) == 1
225+
error_message = "Expected one cidr block."
226+
}
227+
228+
assert {
229+
condition = aws_security_group_rule.main_egress[0].cidr_blocks[0] == "10.0.0.0/8"
230+
error_message = "Incorrect cidr block entry."
231+
}
232+
233+
assert {
234+
condition = aws_security_group_rule.main_egress[0].from_port == 3306
235+
error_message = "Incorrect from port."
236+
}
237+
238+
assert {
239+
condition = aws_security_group_rule.main_egress[0].to_port == 54321
240+
error_message = "Incorrect to port."
241+
}
242+
243+
### Assert SG instead of CIDR
244+
assert {
245+
condition = aws_security_group_rule.main_egress[1].protocol == "udp"
246+
error_message = "Incorrect protocol."
247+
}
248+
249+
assert {
250+
condition = aws_security_group_rule.main_egress[1].cidr_blocks == null
251+
error_message = "Expected no cidr blocks."
252+
}
253+
254+
assert {
255+
condition = aws_security_group_rule.main_egress[1].source_security_group_id == run.setup.security_group_id
256+
error_message = "Expected security group."
257+
}
258+
259+
assert {
260+
condition = aws_security_group_rule.main_egress[1].from_port == 3306
261+
error_message = "Incorrect from port."
262+
}
263+
264+
assert {
265+
condition = aws_security_group_rule.main_egress[1].to_port == 3306
266+
error_message = "Incorrect to port."
267+
}
268+
269+
### Assert self
270+
assert {
271+
condition = aws_security_group_rule.main_egress[2].protocol == "udp"
272+
error_message = "Incorrect protocol."
273+
}
274+
275+
assert {
276+
condition = aws_security_group_rule.main_egress[2].cidr_blocks == null
277+
error_message = "Expected no cidr blocks."
278+
}
279+
280+
assert {
281+
condition = aws_security_group_rule.main_egress[2].source_security_group_id == null
282+
error_message = "Expected no source security group."
283+
}
284+
285+
assert {
286+
condition = aws_security_group_rule.main_egress[2].self == true
287+
error_message = "Expected self to be true."
288+
}
289+
290+
assert {
291+
condition = aws_security_group_rule.main_egress[2].from_port == 3306
292+
error_message = "Incorrect from port."
293+
}
294+
295+
assert {
296+
condition = aws_security_group_rule.main_egress[2].to_port == 3306
297+
error_message = "Incorrect to port."
298+
}
299+
300+
### Assert prefix list
301+
assert {
302+
condition = aws_security_group_rule.main_egress[3].protocol == "tcp"
303+
error_message = "Incorrect protocol."
304+
}
305+
306+
assert {
307+
condition = aws_security_group_rule.main_egress[3].cidr_blocks == null
308+
error_message = "Expected no cidr blocks."
309+
}
310+
311+
assert {
312+
condition = aws_security_group_rule.main_egress[3].source_security_group_id == null
313+
error_message = "Expected no source security group."
314+
}
315+
316+
assert {
317+
condition = aws_security_group_rule.main_egress[3].self == false
318+
error_message = "Expected self to be false."
319+
}
320+
321+
assert {
322+
condition = length(aws_security_group_rule.main_egress[3].prefix_list_ids) == 1
323+
error_message = "Incorrect prefix list ids."
324+
}
325+
326+
assert {
327+
condition = aws_security_group_rule.main_egress[3].prefix_list_ids[0] == run.setup.prefix_list_id
328+
error_message = "Incorrect prefix list ids entry."
329+
}
330+
331+
assert {
332+
condition = aws_security_group_rule.main_egress[3].from_port == 443
333+
error_message = "Incorrect from port."
334+
}
335+
336+
assert {
337+
condition = aws_security_group_rule.main_egress[3].to_port == 443
338+
error_message = "Incorrect to port."
339+
}
340+
}

0 commit comments

Comments
 (0)