kitchen-terraform 0.1.0

data/spec/lib/kitchen/provisioner/terraform_spec.rb

@@ -0,0 +1,106 @@
+# frozen_string_literal: true
+
+# Copyright 2016 New Context Services, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'kitchen/provisioner/terraform'
+require 'terraform/error'
+require 'support/terraform/client_holder_context'
+require 'support/terraform/client_holder_examples'
+require 'support/terraform/versions_are_set_examples'
+
+RSpec.describe Kitchen::Provisioner::Terraform do
+  let(:described_instance) { described_class.new kitchen_root: kitchen_root }
+
+  let(:kitchen_root) { '<kitchen_root>' }
+
+  it_behaves_like Terraform::ClientHolder
+
+  it_behaves_like 'versions are set'
+
+  describe '#call(_state = nil)' do
+    include_context '#client'
+
+    let(:call_method) { described_instance.call }
+
+    context 'when the configuration can be applied' do
+      before do
+        allow(client).to receive(:validate_configuration_files).with no_args
+
+        allow(client).to receive(:download_modules).with no_args
+
+        allow(client).to receive(:plan_execution).with no_args
+
+        allow(client).to receive(:apply_execution_plan).with no_args
+      end
+
+      after { call_method }
+
+      subject { client }
+
+      it 'validates the configuration files' do
+        is_expected.to receive(:validate_configuration_files).with no_args
+      end
+
+      it 'downloads the modules' do
+        is_expected.to receive(:download_modules).with no_args
+      end
+
+      it 'plans the execution' do
+        is_expected.to receive(:plan_execution).with no_args
+      end
+
+      it 'applies the execution plan' do
+        is_expected.to receive(:apply_execution_plan).with no_args
+      end
+    end
+
+    context 'when the configuration can not be applied due to failed command' do
+      before do
+        allow(client).to receive(:validate_configuration_files)
+          .and_raise Terraform::Error
+      end
+
+      subject { proc { call_method } }
+
+      it('raises an error') { is_expected.to raise_error Kitchen::ActionFailed }
+    end
+  end
+
+  describe '#directory' do
+    subject { described_instance.directory.to_s }
+
+    it 'defaults to the Test Kitchen root directory' do
+      is_expected.to eq kitchen_root
+    end
+  end
+
+  describe '#kitchen_root' do
+    subject { described_instance.kitchen_root.to_s }
+
+    it('is the Test Kitchen root directory') { is_expected.to eq kitchen_root }
+  end
+
+  describe '#variable_files' do
+    subject { described_instance.variable_files }
+
+    it('defaults to empty array') { is_expected.to eq [] }
+  end
+
+  describe '#variables' do
+    subject { described_instance.variables }
+
+    it('defaults to empty array') { is_expected.to eq [] }
+  end
+end

data/spec/lib/kitchen/verifier/terraform_spec.rb

@@ -0,0 +1,302 @@
+# frozen_string_literal: true
+
+# Copyright 2016 New Context Services, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'inspec'
+require 'kitchen/verifier/terraform'
+require 'support/terraform/client_holder_context'
+require 'support/terraform/client_holder_examples'
+require 'support/terraform/versions_are_set_examples'
+
+RSpec.describe Kitchen::Verifier::Terraform do
+  let(:config) { { kitchen_root: '<kitchen_root>' } }
+
+  let(:described_instance) { described_class.new config }
+
+  let(:state) { {} }
+
+  shared_context '#instance' do
+    let(:instance) { instance_double Kitchen::Instance }
+
+    let(:logger) { instance_double Kitchen::Logger }
+
+    let(:transport) { Kitchen::Transport::Ssh.new }
+
+    let(:transport_config) { {} }
+
+    before do
+      described_instance.finalize_config! instance
+
+      allow(instance).to receive(:logger).with(no_args).and_return logger
+
+      allow(instance).to receive(:transport).with(no_args).and_return transport
+
+      allow(logger).to receive :info
+
+      allow(transport).to receive(:config).with(no_args)
+        .and_return Kitchen::LazyHash
+        .new(transport_config, instance_double(Object))
+
+      allow(transport).to receive(:diagnose).with(no_args)
+        .and_return transport_config
+
+      allow(transport).to receive(:name).with(no_args)
+        .and_return instance_double Object
+    end
+  end
+
+  it_behaves_like Terraform::ClientHolder
+
+  it_behaves_like 'versions are set'
+
+  describe '#attributes(group:)' do
+    subject { described_instance.attributes group: {} }
+
+    it('defaults to an empty hash') { is_expected.to eq({}) }
+  end
+
+  describe '#call(state)' do
+    include_context '#client'
+
+    let(:call_method) { described_instance.call state }
+
+    let(:config) { { groups: [group] } }
+
+    let(:group) { { hostnames: hostnames } }
+
+    let(:hostnames) { instance_double Object }
+
+    context 'when the hostnames list output can be extracted' do
+      let(:output) { instance_double Object }
+
+      before do
+        allow(client).to receive(:extract_list_output).with(name: hostnames)
+          .and_yield output
+      end
+
+      after { call_method }
+
+      subject { described_instance }
+
+      it 'verifies the hosts of each group' do
+        is_expected.to receive(:verify).with group: group, hostnames: output,
+                                             state: state
+      end
+    end
+
+    context 'when the hostnames list output can not be extracted' do
+      before do
+        allow(client).to receive(:extract_list_output).with(name: hostnames)
+          .and_raise Terraform::Error
+      end
+
+      subject { proc { call_method } }
+
+      it('raises an error') { is_expected.to raise_error Kitchen::ActionFailed }
+    end
+  end
+
+  describe '#controls(group:)' do
+    subject { described_instance.controls group: {} }
+
+    it('defaults to an empty array') { is_expected.to eq [] }
+  end
+
+  describe '#evaluate(exit_code:)' do
+    subject { proc { described_instance.evaluate exit_code: exit_code } }
+
+    context 'when the exit code is 0' do
+      let(:exit_code) { 0 }
+
+      it('does not raise an error') { is_expected.to_not raise_error }
+    end
+
+    context 'when the exit code is not 0' do
+      let(:exit_code) { 1 }
+
+      it('raises an error') { is_expected.to raise_error RuntimeError }
+    end
+  end
+
+  describe '#groups' do
+    subject { described_instance.groups }
+
+    it('defaults to an empty array') { is_expected.to eq [] }
+  end
+
+  describe '#initialize_runner(group:, hostname:, state:)' do
+    let(:group) { instance_double Object }
+
+    let(:hostname) { instance_double Object }
+
+    let(:inspec_runner) { instance_double Terraform::InspecRunner }
+
+    let :inspec_runner_class do
+      class_double(Terraform::InspecRunner).as_stubbed_const
+    end
+
+    let(:name) { instance_double Object }
+
+    let(:options) { instance_double Object }
+
+    let(:state) { instance_double Object }
+
+    let(:value) { instance_double Object }
+
+    before do
+      allow(described_instance).to receive(:runner_options_for_terraform)
+        .with(group: group, hostname: hostname, state: state).and_return options
+
+      allow(inspec_runner_class).to receive(:new).with(options)
+        .and_yield inspec_runner
+
+      allow(described_instance).to receive(:resolve_attributes)
+        .with(group: group).and_yield name, value
+
+      allow(inspec_runner).to receive(:define_attribute).with name: name,
+                                                              value: value
+
+      allow(described_instance).to receive(:collect_tests).and_return []
+
+      allow(inspec_runner).to receive(:add).with targets: kind_of(Array)
+    end
+
+    subject do
+      lambda do |block|
+        described_instance.initialize_runner group: group, hostname: hostname,
+                                             state: state, &block
+      end
+    end
+
+    it 'yields an InspecRunner for the group host' do
+      is_expected.to yield_with_args inspec_runner
+    end
+  end
+
+  describe '#port(group:)' do
+    include_context '#instance'
+
+    let(:group) { {} }
+
+    let(:port) { instance_double Object }
+
+    let(:transport_config) { { port: port } }
+
+    subject { described_instance.port group: group }
+
+    it 'defaults to the transport port configuration' do
+      is_expected.to be port
+    end
+  end
+
+  describe '#resolve_attributes(group:)' do
+    include_context '#client'
+
+    let(:method_name) { instance_double Object }
+
+    let(:output) { instance_double Object }
+
+    let(:variable_name) { instance_double Object }
+
+    before do
+      allow(client).to receive(:extract_output).with(name: variable_name)
+        .and_yield output
+    end
+
+    subject do
+      lambda do |block|
+        described_instance.resolve_attributes group:
+          { attributes: { method_name => variable_name } }, &block
+      end
+    end
+
+    it 'extracts an output value for each attribute pair in the group' do
+      is_expected.to yield_with_args method_name, output
+    end
+  end
+
+  describe '#runner_options_for_terraform(group:, hostname:, state:)' do
+    include_context '#instance'
+
+    let(:controls) { instance_double Object }
+
+    let(:group) { { controls: controls, port: port, username: username } }
+
+    let(:hostname) { instance_double Object }
+
+    let(:port) { instance_double Object }
+
+    let(:username) { instance_double Object }
+
+    before do
+      allow(described_instance).to receive(:runner_options)
+        .with(transport, state).and_return({})
+    end
+
+    subject do
+      described_instance.runner_options_for_terraform group: group,
+                                                      hostname: hostname,
+                                                      state: state
+    end
+
+    it 'adds the group controls, host, port and user to the runner options' do
+      is_expected.to include controls: controls, host: hostname, port: port,
+                             user: username
+    end
+  end
+
+  describe '#username(group:)' do
+    include_context '#instance'
+
+    let(:transport_config) { { username: username } }
+
+    let(:username) { instance_double Object }
+
+    before do
+      allow(transport_config).to receive(:fetch).with(:username)
+        .and_return username
+    end
+
+    subject { described_instance.username group: {} }
+
+    it('defaults to the transport username') { is_expected.to be username }
+  end
+
+  describe '#verify(group:, hostnames:, state:)' do
+    let(:group) { { name: instance_double(Object) } }
+
+    let(:hostname) { instance_double Object }
+
+    let(:runner) { instance_double Terraform::InspecRunner }
+
+    before do
+      allow(described_instance).to receive(:initialize_runner)
+        .with(group: group, hostname: hostname, state: state).and_yield runner
+
+      allow(runner).to receive(:verify_run).with verifier: described_instance
+    end
+
+    after do
+      described_instance.verify group: group, hostnames: [hostname],
+                                state: state
+    end
+
+    subject { runner }
+
+    it 'verifies the Inspec run' do
+      is_expected.to receive(:verify_run).with verifier: described_instance
+    end
+  end
+end

data/spec/lib/terraform/apply_command_spec.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+# Copyright 2016 New Context Services, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'terraform/apply_command'
+require 'support/terraform/command_examples'
+
+RSpec.describe Terraform::ApplyCommand do
+  it_behaves_like Terraform::Command do
+    let(:command_options) { "-input=false -state=#{state}" }
+
+    let(:described_instance) { described_class.new state: state, plan: target }
+
+    let(:name) { 'apply' }
+
+    let(:state) { '<state_pathname>' }
+
+    let(:target) { '<plan_pathname>' }
+  end
+end

data/spec/lib/terraform/client_spec.rb

@@ -0,0 +1,211 @@
+# frozen_string_literal: true
+
+# Copyright 2016 New Context Services, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'kitchen/provisioner/terraform'
+require 'terraform/client'
+require 'terraform/command'
+
+RSpec.describe Terraform::Client do
+  let(:described_instance) { described_class.new instance: instance }
+
+  let(:instance) { instance_double Kitchen::Instance }
+
+  let :instance_directory do
+    "#{kitchen_root}/.kitchen/kitchen-terraform/#{instance_name}"
+  end
+
+  let(:instance_name) { '<instance_name>' }
+
+  let(:kitchen_root) { '<kitchen_root>' }
+
+  let :provisioner do
+    Kitchen::Provisioner::Terraform.new kitchen_root: kitchen_root
+  end
+
+  before do
+    allow(instance).to receive(:name).with(no_args).and_return instance_name
+
+    allow(instance).to receive(:provisioner).with(no_args)
+      .and_return provisioner
+  end
+
+  describe '#apply_execution_plan' do
+    after { described_instance.apply_execution_plan }
+
+    subject { described_instance }
+
+    it 'applies the plan to the state' do
+      is_expected.to receive(:run)
+        .with command_class: Terraform::ApplyCommand,
+              state: described_instance.state_pathname,
+              plan: described_instance.plan_pathname
+    end
+  end
+
+  describe '#download_modules' do
+    after { described_instance.download_modules }
+
+    subject { described_instance }
+
+    it 'downloads the modules required in the directory' do
+      is_expected.to receive(:run).with command_class: Terraform::GetCommand,
+                                        dir: described_instance.directory
+    end
+  end
+
+  describe '#extract_list_output(name:)' do
+    let(:name) { instance_double Object }
+
+    let(:output) { 'foo,bar' }
+
+    before do
+      allow(described_instance).to receive(:extract_output).with(name: name)
+        .and_yield output
+    end
+
+    subject do
+      ->(block) { described_instance.extract_list_output name: name, &block }
+    end
+
+    it 'splits and yields the extracted comma seperated output' do
+      is_expected.to yield_with_args %w(foo bar)
+    end
+  end
+
+  describe '#extract_output(name:)' do
+    let(:name) { instance_double Object }
+
+    let(:output) { "foo\n" }
+
+    before do
+      allow(described_instance).to receive(:run).with(
+        command_class: Terraform::OutputCommand,
+        state: described_instance.state_pathname, name: name
+      ).and_yield output
+    end
+
+    subject do
+      ->(block) { described_instance.extract_output name: name, &block }
+    end
+
+    it 'chomps and yields the extracted output from the state' do
+      is_expected.to yield_with_args 'foo'
+    end
+  end
+
+  describe '#fetch_version' do
+    let(:output) { instance_double Object }
+
+    before do
+      allow(described_instance).to receive(:run)
+        .with(command_class: Terraform::VersionCommand).and_yield output
+    end
+
+    subject { ->(block) { described_instance.fetch_version(&block) } }
+
+    it 'yields the Terraform version' do
+      is_expected.to yield_with_args output
+    end
+  end
+
+  describe '#instance_directory' do
+    subject { described_instance.instance_directory.to_s }
+
+    it { is_expected.to eq instance_directory }
+  end
+
+  describe '#plan_destructive_execution' do
+    after { described_instance.plan_destructive_execution }
+
+    subject { described_instance }
+
+    it 'plans a destructive execution against the state' do
+      is_expected.to receive(:run)
+        .with command_class: Terraform::PlanCommand, destroy: true,
+              out: described_instance.plan_pathname,
+              state: described_instance.state_pathname,
+              var: described_instance.variables,
+              var_file: described_instance.variable_files,
+              dir: described_instance.directory
+    end
+  end
+
+  describe '#plan_execution' do
+    after { described_instance.plan_execution }
+
+    subject { described_instance }
+
+    it 'plans an execution against the state' do
+      is_expected.to receive(:run)
+        .with command_class: Terraform::PlanCommand, destroy: false,
+              out: described_instance.plan_pathname,
+              state: described_instance.state_pathname,
+              var: described_instance.variables,
+              var_file: described_instance.variable_files,
+              dir: described_instance.directory
+    end
+  end
+
+  describe '#plan_pathname' do
+    subject { described_instance.plan_pathname.to_s }
+
+    it { is_expected.to eq "#{instance_directory}/terraform.tfplan" }
+  end
+
+  describe '#run(command_class:, **parameters)' do
+    let(:command) { instance_double Terraform::Command }
+
+    let(:command_class) { Class.new.include Terraform::Command }
+
+    let(:output) { instance_double Object }
+
+    let(:parameters) { { foo: 'bar' } }
+
+    before do
+      allow(command_class).to receive(:new).with(**parameters)
+        .and_yield command
+
+      allow(command).to receive(:execute).with(no_args).and_yield output
+    end
+
+    subject do
+      lambda do |block|
+        described_instance.run command_class: command_class, **parameters,
+                               &block
+      end
+    end
+
+    it('yields the command output') { is_expected.to yield_with_args output }
+  end
+
+  describe '#state_pathname' do
+    subject { described_instance.state_pathname.to_s }
+
+    it { is_expected.to eq "#{instance_directory}/terraform.tfstate" }
+  end
+
+  describe '#validate_configuration_files' do
+    after { described_instance.validate_configuration_files }
+
+    subject { described_instance }
+
+    it 'validates the configuration files in the directory' do
+      is_expected.to receive(:run)
+        .with command_class: Terraform::ValidateCommand,
+              dir: described_instance.directory
+    end
+  end
+end