diff --git a/.gitignore b/.gitignore index ae45930..dd3d772 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,6 @@ .DS_Store .terraform tfplan +modules/db/main.tf +tests/.terraform.tfstate.lock.info +tests/terraform.tfstate.backup diff --git a/modules/db/main.tf b/modules/db/main.tf index ee1c958..25d0d11 100644 --- a/modules/db/main.tf +++ b/modules/db/main.tf @@ -1,3 +1,4 @@ + module "db_accessor_security_group" { source = "terraform-aws-modules/security-group/aws" @@ -5,6 +6,7 @@ module "db_accessor_security_group" { description = "For resources that need access to DB" vpc_id = var.vpc_id + egress_with_source_security_group_id = [ { rule = "postgresql-tcp" @@ -20,6 +22,8 @@ module "db_security_group" { description = "For DB resources" vpc_id = var.vpc_id + tags = var.tags + ingress_with_source_security_group_id = [ { rule = "postgresql-tcp" @@ -62,4 +66,5 @@ module "db" { backup_retention_period = 7 deletion_protection = var.deletion_protection + tags = var.tags } diff --git a/modules/db/variables.tf b/modules/db/variables.tf index 06862ac..aec0170 100644 --- a/modules/db/variables.tf +++ b/modules/db/variables.tf @@ -41,3 +41,9 @@ variable "deletion_protection" { type = bool nullable = false } + +variable "tags" { + description = "Tags to apply to resources" + type = map(string) + default = {} +} diff --git a/modules/quilt/locals.tf b/modules/quilt/locals.tf new file mode 100644 index 0000000..a530331 --- /dev/null +++ b/modules/quilt/locals.tf @@ -0,0 +1,13 @@ +locals { + # Common tags to be applied to all resources + common_tags = { + "quilt:stack-name" = var.name + # Stack ID will be added after stack creation for resources that depend on the stack + } + + # Tags that include the stack ID, for resources created after the CloudFormation stack + stack_dependent_tags = { + "quilt:stack-name" = var.name + "quilt:stack-id" = aws_cloudformation_stack.stack.id + } +} diff --git a/modules/quilt/main.tf b/modules/quilt/main.tf index e420d85..d4056da 100644 --- a/modules/quilt/main.tf +++ b/modules/quilt/main.tf @@ -70,6 +70,8 @@ resource "aws_s3_bucket" "cft_bucket" { # Nothing valuable in this bucket, so make the cleanup easier. force_destroy = true + + tags = local.common_tags } resource "aws_s3_bucket_versioning" "cft_bucket_versioning" { @@ -89,6 +91,8 @@ resource "aws_s3_object" "cft" { resource "aws_cloudformation_stack" "stack" { name = var.name template_url = local.template_url + + tags = local.common_tags depends_on = [ aws_s3_object.cft, /* Prevent races between module.vpc and module.quilt resources. For example: diff --git a/modules/quilt/outputs.tf b/modules/quilt/outputs.tf index 2384d23..aba491f 100644 --- a/modules/quilt/outputs.tf +++ b/modules/quilt/outputs.tf @@ -19,3 +19,18 @@ output "stack" { description = "CloudFormation outputs" value = aws_cloudformation_stack.stack } + +output "common_tags" { + description = "Common tags applied to resources" + value = local.common_tags +} + +output "stack_dependent_tags" { + description = "Tags that include the stack ID" + value = local.stack_dependent_tags +} + +output "stack_id" { + description = "CloudFormation stack ID" + value = aws_cloudformation_stack.stack.id +} diff --git a/modules/quilt/variables.tf b/modules/quilt/variables.tf index 8243e4f..10b3e8c 100644 --- a/modules/quilt/variables.tf +++ b/modules/quilt/variables.tf @@ -59,7 +59,7 @@ variable "db_network_type" { variable "db_deletion_protection" { type = bool nullable = false - default = true + default = false description = "Set to true for production environments to prevent accidental deletion of stack database." } diff --git a/modules/search/main.tf b/modules/search/main.tf index 75b672f..f1557f6 100644 --- a/modules/search/main.tf +++ b/modules/search/main.tf @@ -1,3 +1,4 @@ + module "search_accessor_security_group" { source = "terraform-aws-modules/security-group/aws" @@ -5,6 +6,7 @@ module "search_accessor_security_group" { description = "For resources that need access to search cluster" vpc_id = var.vpc_id + egress_with_source_security_group_id = [ { rule = "https-443-tcp" @@ -20,6 +22,8 @@ module "search_security_group" { description = "For search cluster resources" vpc_id = var.vpc_id + tags = var.tags + ingress_with_source_security_group_id = [ { rule = "https-443-tcp" @@ -32,6 +36,8 @@ resource "aws_elasticsearch_domain" "search" { domain_name = var.domain_name elasticsearch_version = "6.8" + tags = var.tags + cluster_config { instance_count = var.instance_count instance_type = var.instance_type diff --git a/modules/search/variables.tf b/modules/search/variables.tf index 8034378..87ce799 100644 --- a/modules/search/variables.tf +++ b/modules/search/variables.tf @@ -71,3 +71,9 @@ variable "volume_type" { type = string nullable = false } + +variable "tags" { + description = "Tags to apply to resources" + type = map(string) + default = {} +} diff --git a/modules/vpc/main.tf b/modules/vpc/main.tf index b7f08fd..91fed4e 100644 --- a/modules/vpc/main.tf +++ b/modules/vpc/main.tf @@ -45,6 +45,11 @@ module "vpc" { cidr = var.cidr azs = local.azs + + # Enable force destroy for testing + manage_default_security_group = true + default_security_group_ingress = [] + default_security_group_egress = [] # 1/2 of address space for each AZ # within AZ: # 1/2 for private diff --git a/tests/.terraform.lock.hcl b/tests/.terraform.lock.hcl new file mode 100644 index 0000000..cdc088b --- /dev/null +++ b/tests/.terraform.lock.hcl @@ -0,0 +1,45 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.95.0" + constraints = ">= 3.29.0, >= 4.65.0, ~> 5.0, >= 5.79.0, >= 5.83.0" + hashes = [ + "h1:PUug/LLWa4GM08rXqnmCVUXj8ibCTvQxgvawhat3bMo=", + "zh:20aac8c95edd444e659f235d19fa6af9b259c5a70fce19d400539ee88687e7d4", + "zh:29c55846fadd19dde0c5108f74d507c296d6c37cabdd466a96d3721a7c261743", + "zh:325fa5cb42d58c9203c279450863c49e534672f7101c067af465f9d7f4be3be5", + "zh:4f18c643584f7ba554399c0db3dd1c81629dfc2508a8777890f9f3b80b5213b7", + "zh:561e38e9cc6f0be5470c187ea8d51047c4133d9cb74cc1c364a9ebe41f40a06b", + "zh:6ec2cceed96ca5e47591ef11686614c663b05e112a814d24246a2739066577b6", + "zh:710a227c02b8a50f75a82a7f063d2416e85783e02ed91bb22cc12e7a8e11a3cf", + "zh:97a2f5e9bf4cf9a38274eddb7967e1cb4e5b04960c7da3603d9b1c15e18b8626", + "zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425", + "zh:bf6bfb01fff8226d86c1b219d67cd96f37bb9312b17d00340e6ff00dda2dbe82", + "zh:cba74d606149cbaaa8dfb69f369f2496b851643a879adc24b11515fcece42b66", + "zh:d5a2c36739cab677a48f4856958c96be6f018ff0da50d233ca93a3a21aaceca1", + "zh:df5d1466144852fe5da4af0628db6f02b5186c59f683e5085705d9b90cacfbc0", + "zh:f82d96b45983b3c73b78dced9e344512b7a9adb06e8c1e3e4f422605efbb756d", + "zh:fb523f787077270059a8f3ab52c0fc56257c0b3a06f0219be247c8b15ff0ca2a", + ] +} + +provider "registry.terraform.io/hashicorp/random" { + version = "3.7.2" + constraints = ">= 3.1.0" + hashes = [ + "h1:KG4NuIBl1mRWU0KD/BGfCi1YN/j3F7H4YgeeM7iSdNs=", + "zh:14829603a32e4bc4d05062f059e545a91e27ff033756b48afbae6b3c835f508f", + "zh:1527fb07d9fea400d70e9e6eb4a2b918d5060d604749b6f1c361518e7da546dc", + "zh:1e86bcd7ebec85ba336b423ba1db046aeaa3c0e5f921039b3f1a6fc2f978feab", + "zh:24536dec8bde66753f4b4030b8f3ef43c196d69cccbea1c382d01b222478c7a3", + "zh:29f1786486759fad9b0ce4fdfbbfece9343ad47cd50119045075e05afe49d212", + "zh:4d701e978c2dd8604ba1ce962b047607701e65c078cb22e97171513e9e57491f", + "zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3", + "zh:7b8434212eef0f8c83f5a90c6d76feaf850f6502b61b53c329e85b3b281cba34", + "zh:ac8a23c212258b7976e1621275e3af7099e7e4a3d4478cf8d5d2a27f3bc3e967", + "zh:b516ca74431f3df4c6cf90ddcdb4042c626e026317a33c53f0b445a3d93b720d", + "zh:dc76e4326aec2490c1600d6871a95e78f9050f9ce427c71707ea412a2f2f1a62", + "zh:eac7b63e86c749c7d48f527671c7aee5b4e26c10be6ad7232d6860167f99dbb0", + ] +} diff --git a/tests/README.md b/tests/README.md new file mode 100644 index 0000000..258add5 --- /dev/null +++ b/tests/README.md @@ -0,0 +1,72 @@ +# Quilt Stack Tag Tests + +These tests verify that the Quilt module correctly sets tags on AWS resources. + +## Prerequisites + +1. AWS credentials configured with appropriate permissions +2. Terraform >= 1.5.0 installed +3. AWS provider ~> 5.0 + +## Finding the Test Stack + +When running with `terraform apply`, the test stack will be created in your AWS account with: +- CloudFormation stack name: "test-stack" +- All resources will be tagged with "quilt:stack-name = test-stack" + +You can find the stack: +1. In the AWS CloudFormation console under the stack name "test-stack" +2. By searching for resources with the tag "quilt:stack-name = test-stack" +3. Using AWS CLI: `aws cloudformation describe-stacks --stack-name test-stack` + +## Running the Tests + +From any directory: + +```bash +# First initialize the test environment +terraform -chdir=tests init + +# Then plan to verify the configuration +terraform -chdir=tests plan + +# Finally check the test outputs +terraform -chdir=tests output +``` + +The test will: +1. Show the planned creation of a test stack with minimal configuration +2. Display the planned common_tags containing just the stack name +3. Display the planned stack_dependent_tags containing both stack name and stack ID +4. Show the planned test result outputs as boolean values + +### Test Outputs + +The test is successful if both outputs are `true`: + +``` +test_common_tags = true +test_stack_dependent_tags = true +``` + +You can check the outputs with: +```bash +terraform -chdir=tests output +``` + +If any output is `false`, the test has failed, indicating the tags are not set correctly. + +### Cleanup + +If you ran apply, clean up with: + +```bash +cd tests && terraform destroy +``` + +Note: No cleanup needed if you only ran plan! + +## Test Files + +- `test_tags.tf`: Main test configuration +- `test.yml`: Minimal CloudFormation template for testing diff --git a/tests/terraform.tfstate b/tests/terraform.tfstate new file mode 100644 index 0000000..58d2f5b --- /dev/null +++ b/tests/terraform.tfstate @@ -0,0 +1,555 @@ +{ + "version": 4, + "terraform_version": "1.5.7", + "serial": 121, + "lineage": "75bcca89-5908-83ac-242d-e07d23acebcc", + "outputs": {}, + "resources": [ + { + "module": "module.test_stack.module.db.module.db.module.db_instance", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.db.module.db.module.db_instance", + "mode": "managed", + "type": "aws_iam_role", + "name": "enhanced_monitoring", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.db.module.db.module.db_option_group", + "mode": "managed", + "type": "aws_db_option_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.db.module.db.module.db_parameter_group", + "mode": "managed", + "type": "aws_db_parameter_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.db.module.db_accessor_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.db.module.db_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.db.module.db_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "this_name_prefix", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-west-2:712023778557:security-group/sg-020314c863db902e1", + "description": "For DB resources", + "egress": [], + "id": "sg-020314c863db902e1", + "ingress": [ + { + "cidr_blocks": [], + "description": "Ingress Rule", + "from_port": 5432, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-00e79652941b1f470" + ], + "self": false, + "to_port": 5432 + } + ], + "name": "test-stack-db-2025042300262363030000000b", + "name_prefix": "test-stack-db-", + "owner_id": "712023778557", + "revoke_rules_on_delete": false, + "tags": { + "Name": "test-stack-db" + }, + "tags_all": { + "Name": "test-stack-db" + }, + "timeouts": { + "create": "10m", + "delete": "15m" + }, + "vpc_id": "vpc-08a6cfe215aa111d2" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6OTAwMDAwMDAwMDAwfSwic2NoZW1hX3ZlcnNpb24iOiIxIn0=", + "dependencies": [ + "module.test_stack.module.vpc.module.vpc.aws_vpc.this" + ], + "create_before_destroy": true + } + ] + }, + { + "module": "module.test_stack.module.search.module.search_accessor_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.search.module.search_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc", + "mode": "data", + "type": "aws_availability_zones", + "name": "available", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "schema_version": 0, + "attributes": { + "all_availability_zones": null, + "exclude_names": null, + "exclude_zone_ids": null, + "filter": null, + "group_names": [ + "us-west-2-zg-1" + ], + "id": "us-west-2", + "names": [ + "us-west-2a", + "us-west-2b", + "us-west-2c", + "us-west-2d" + ], + "state": "available", + "timeouts": null, + "zone_ids": [ + "usw2-az2", + "usw2-az1", + "usw2-az3", + "usw2-az4" + ] + }, + "sensitive_attributes": [] + } + ] + }, + { + "module": "module.test_stack.module.vpc.module.api_gateway_security_group", + "mode": "managed", + "type": "aws_security_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_cloudwatch_log_group", + "name": "flow_log", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_customer_gateway", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_db_subnet_group", + "name": "database", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_default_vpc", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_elasticache_subnet_group", + "name": "elasticache", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_flow_log", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_iam_role", + "name": "vpc_flow_log_cloudwatch", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_network_acl", + "name": "database", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_network_acl", + "name": "elasticache", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_network_acl", + "name": "intra", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_network_acl", + "name": "outpost", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_network_acl", + "name": "private", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_network_acl", + "name": "public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_network_acl", + "name": "redshift", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_redshift_subnet_group", + "name": "redshift", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route", + "name": "database_internet_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route", + "name": "database_ipv6_egress", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route", + "name": "database_nat_gateway", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route_table", + "name": "database", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route_table", + "name": "elasticache", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route_table", + "name": "redshift", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route_table_association", + "name": "database", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route_table_association", + "name": "elasticache", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route_table_association", + "name": "redshift", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_route_table_association", + "name": "redshift_public", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_subnet", + "name": "database", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_subnet", + "name": "elasticache", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_subnet", + "name": "intra", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-west-2:712023778557:subnet/subnet-0b2f3f527ac76bc61", + "assign_ipv6_address_on_creation": true, + "availability_zone": "us-west-2a", + "availability_zone_id": "usw2-az2", + "cidr_block": "10.0.96.0/20", + "customer_owned_ipv4_pool": "", + "enable_dns64": false, + "enable_lni_at_device_index": 0, + "enable_resource_name_dns_a_record_on_launch": false, + "enable_resource_name_dns_aaaa_record_on_launch": true, + "id": "subnet-0b2f3f527ac76bc61", + "ipv6_cidr_block": "2600:1f14:34ee:ca04::/64", + "ipv6_cidr_block_association_id": "subnet-cidr-assoc-04e11fc3a54f7c5c7", + "ipv6_native": false, + "map_customer_owned_ip_on_launch": false, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "712023778557", + "private_dns_hostname_type_on_launch": "ip-name", + "tags": { + "Name": "test-stack-intra-us-west-2a" + }, + "tags_all": { + "Name": "test-stack-intra-us-west-2a" + }, + "timeouts": null, + "vpc_id": "vpc-08a6cfe215aa111d2" + }, + "sensitive_attributes": [], + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.test_stack.module.vpc.data.aws_availability_zones.available", + "module.test_stack.module.vpc.module.vpc.aws_vpc.this", + "module.test_stack.module.vpc.module.vpc.aws_vpc_ipv4_cidr_block_association.this" + ] + } + ] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_subnet", + "name": "outpost", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_subnet", + "name": "redshift", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_vpc", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:us-west-2:712023778557:vpc/vpc-08a6cfe215aa111d2", + "assign_generated_ipv6_cidr_block": true, + "cidr_block": "10.0.0.0/16", + "default_network_acl_id": "acl-03e9a45c813025712", + "default_route_table_id": "rtb-0dca290699431a6a1", + "default_security_group_id": "sg-0c866a5d608a24b01", + "dhcp_options_id": "dopt-0715c47f", + "enable_dns_hostnames": true, + "enable_dns_support": true, + "enable_network_address_usage_metrics": false, + "id": "vpc-08a6cfe215aa111d2", + "instance_tenancy": "default", + "ipv4_ipam_pool_id": null, + "ipv4_netmask_length": null, + "ipv6_association_id": "vpc-cidr-assoc-04bc0ae96d481afd0", + "ipv6_cidr_block": "2600:1f14:34ee:ca00::/56", + "ipv6_cidr_block_network_border_group": "us-west-2", + "ipv6_ipam_pool_id": "", + "ipv6_netmask_length": 0, + "main_route_table_id": "rtb-0dca290699431a6a1", + "owner_id": "712023778557", + "tags": { + "Name": "test-stack" + }, + "tags_all": { + "Name": "test-stack" + } + }, + "sensitive_attributes": [], + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "create_before_destroy": true + } + ] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_vpc_block_public_access_exclusion", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_vpc_dhcp_options", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_vpc_ipv4_cidr_block_association", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_vpn_gateway", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc", + "mode": "managed", + "type": "aws_vpn_gateway_attachment", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + }, + { + "module": "module.test_stack.module.vpc.module.vpc_endpoints", + "mode": "managed", + "type": "aws_security_group", + "name": "this", + "provider": "provider[\"registry.terraform.io/hashicorp/aws\"]", + "instances": [] + } + ], + "check_results": [ + { + "object_kind": "output", + "config_addr": "module.test_stack.module.vpc.output.configuration_error", + "status": "unknown", + "objects": null + } + ] +} diff --git a/tests/test.yml b/tests/test.yml new file mode 100644 index 0000000..acb88f4 --- /dev/null +++ b/tests/test.yml @@ -0,0 +1,3 @@ +AWSTemplateFormatVersion: "2010-09-09" +Description: "Test template" +Resources: {} diff --git a/tests/test_tags.tf b/tests/test_tags.tf new file mode 100644 index 0000000..7952e79 --- /dev/null +++ b/tests/test_tags.tf @@ -0,0 +1,76 @@ +terraform { + required_version = ">= 1.5.0" + + required_providers { + aws = { + source = "hashicorp/aws" + version = "~> 5.0" + } + } +} + +provider "aws" { + region = "us-west-2" # or your preferred region +} + +# Use minimal test configuration to avoid long-running resource creation +module "test_stack" { + source = "../modules/quilt" + + name = "test-stack" + cidr = "10.0.0.0/16" + internal = false + create_new_vpc = true + template_file = "${path.module}/test.yml" + + # Enable force destroy for testing + on_failure = "DELETE" + + # Minimize resource sizes and enable cleanup + db_instance_class = "db.t3.micro" + db_multi_az = false + db_deletion_protection = false + + search_instance_count = 1 + search_instance_type = "t3.small.elasticsearch" + search_dedicated_master_enabled = false + search_zone_awareness_enabled = false + search_volume_size = 10 + + parameters = { + AdminEmail = "test@example.com" + } + + # Add shorter timeouts + create_timeout = "20m" + update_timeout = "20m" + delete_timeout = "20m" +} + +locals { + test_tags = { + test_common_tags = ( + module.test_stack.common_tags == { + "quilt:stack-name" = "test-stack" + } + ) + + test_stack_dependent_tags = ( + module.test_stack.stack_dependent_tags == { + "quilt:stack-name" = "test-stack" + "quilt:stack-id" = module.test_stack.stack_id + } + ) + } +} + +output "test_common_tags" { + value = local.test_tags.test_common_tags + description = "Test result for common tags" +} + +output "test_stack_dependent_tags" { + value = local.test_tags.test_stack_dependent_tags + description = "Test result for stack dependent tags" + sensitive = false +}