kitchen-terraform 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 125efdc0ccfadc12dbc06c1f2d19f94337b7e514
-  data.tar.gz: f63a2992bfcdb73ecf9a60b0d68752b6d1dcc543
+  metadata.gz: fab118f04f2357e74aea7dc6cd9a3d41ce176e86
+  data.tar.gz: 1184130c5eb929bb545689877cb6b4d86896be7c
 SHA512:
-  metadata.gz: 680b4c300b78faeb2992aa52b7d915dfa5ec573c77f2fa57e6dbc8d3c44f80ef831d17ee30a377ec4c870246936971e7c6192753c3a472b3bfdf5f6d3c3bf0b0
-  data.tar.gz: ade3ff2a56a9ba6febb281de8257006462680d16540c156804128c8b842b669d9cbf772f057f5bd8cb37334f743aede63ed45f292ed937150cfd7b69dda45ce4
+  metadata.gz: 2920103244e6bed6c7679692d86a21770f16cad1f6bf8346ef1db3f8f5afc78eba46105c0a7b444cedc227cce550dff0bba56c32f86dbdae23da647dfa1cbe79
+  data.tar.gz: e4656ec4baaf076ba378ff90db2c6972c5e25ed3de91024f72bd826c0257aac91a47c8438db1e223f68a64af19759c49ae22bacbb202153fdbb3944bac9409d9

data.tar.gz.sig

@@ -1,3 +1 @@
-<z� nZCZ������-0�~�>a*﹈�e8o�	v櫘M���h�1�=DԬ��'��X��ø�z�Iu��ZҪ�廂1K{Cˉ�y0�����M@9�W�P:�Z��8s��+6�w�4���{E�u�YrX�75ؓ
-I����I����N,��'�]�=��
-��&�l�4��u���?3���:�#��z��J��^�Ӄ�w�& @���9�?Ȏ���z'�PLAdR�c�8?��<�}�-j�p�v�s8
+����B]@J�Fn(D��队g���2e�,��[�����A��������7�ԯ�/W�'��`��Ѭ���~06'��o�n���prL��ۨX��U\yC�2� ("x֝?���ɭ�o����p�ת~��ă�(�Fu�"%Š5�w�8�0�	UKT���c(��

data/README.md

@@ -13,7 +13,7 @@ kitchen-terraform is a set of [Test Kitchen] plugins for testing
 
 - [Bundler] **(~> 1.12)**
 
-- [Terraform] **(~> 0.6)**
+- [Terraform] **(>= 0.6, < 0.8)**
 
 [Ruby]: https://www.ruby-lang.org/en/index.html
 
@@ -36,18 +36,10 @@ source 'https://rubygems.org'
 gem 'kitchen-terraform', '~> 0.1'
 ```
 
-Before running `bundle`, the author's public key must be added as a
-trusted certificate:
+Then, use Bundler to install the gems:
 
 ```sh
-gem cert --add <(curl --location --silent \
-https://raw.githubusercontent.com/newcontext/kitchen-terraform/master/certs/ncs-alane-public_cert.pem)
-```
-
-Then, install the bundle and verify all of the gems:
-
-```sh
-bundle install --trust-policy LowSecurity
+bundle install
 ```
 
 [Ruby Gem]: http://guides.rubygems.org/what-is-a-gem/index.html
@@ -62,6 +54,8 @@ Terraform configuration.
 
 [Test Kitchen configuration]: https://docs.chef.io/config_yml_kitchen.html
 
+Refer to [Getting Started Readme](examples/getting_started/README.md) for a detailed walkthrough of setting up and using kitchen-terraform.
+
 Refer to the [examples directory] for a detailed example project.
 
 [examples directory]: examples/
@@ -70,19 +64,22 @@ Refer to the [examples directory] for a detailed example project.
 
 ### Driver
 
-The [driver] is responsible for ensuring compatibility with Terraform and
-destroying existing [Terraform state].
+The [driver] is a wrapper around the [Terraform command-line interface].
+It is responsible for enforcing Terraform version support and works with
+the provisioner to manage the [Terraform state].
 
 [driver]: lib/kitchen/driver/terraform.rb
 
+[Terraform command-line interface]: https://www.terraform.io/docs/commands/index.html
+
 [Terraform state]: https://www.terraform.io/docs/state/index.html
 
 #### Actions
 
 ##### kitchen create
 
-The driver validates the installed version of
-Terraform against the version supported by kitchen-terraform.
+The driver ensures that the parent directories of the plan and state
+files exist.
 
 ##### kitchen destroy
 
@@ -106,7 +103,10 @@ driver:
 
 ### Provisioner
 
-The [provisioner] is responsible for creating Terraform state.
+The [provisioner] is the bridge between Terraform and Test Kitchen. It
+is responsible for managing the Test Kitchen configuration options related to
+the Terraform configuration and works with the driver to manage the
+Terraform state.
 
 [provisioner]: lib/kitchen/provisioner/terraform.rb
 
@@ -114,8 +114,8 @@ The [provisioner] is responsible for creating Terraform state.
 
 ##### kitchen converge
 
-The provisioner applies a constructive Terraform plan to the
-Terraform state based on the provided Terraform configuration.
+The provisioner uses the driver to apply a constructive Terraform plan
+to the Terraform state based on the provided Terraform configuration.
 
 #### Configuration
 
@@ -235,19 +235,22 @@ The default `variables` collection is empty.
 
 ### Verifier
 
-The [verifier] is responsible for verifying the behaviour of any server
-instances in the Terraform state.
+The [verifier] is a wrapper around [InSpec]. It is responsible for
+verifying the behaviour of any server instances in the Terraform state.
 
 [verifier]: lib/kitchen/verifier/terraform.rb
 
+[InSpec]: http://inspec.io
+
 #### Actions
 
 ##### kitchen verify
 
-The verifier verifies the configured server instances in the Terraform
-state using [Inspec profiles].
+The verifier verifies the test suite's configured groups of server
+instances in the Terraform state using an [InSpec profiles] located in
+`<Test Kitchen working directory>/test/integration/<suite name>`.
 
-[Inspec profiles]: https://github.com/chef/inspec/blob/master/docs/profiles.rst
+[InSpec profiles]: http://inspec.io/docs/reference/profiles
 
 #### Configuration
 
@@ -259,20 +262,20 @@ configuration defined by that plugin with the exception of the `port` and
 
 ##### groups
 
-A collection of group mappings containing [Inspec control] and
+A collection of group mappings containing [InSpec control] and
 connection options for the different server instance groups in the
 Terraform configuration.
 
-[Inspec control]: https://github.com/chef/inspec/blob/master/docs/dsl_inspec.rst
+[InSpec control]: http://inspec.io/docs/reference/dsl_inspec/
 
 Each group consists of:
 
 - a name to use for logging purposes
 
-- a mapping of Inspec attribute names to Terraform output variable
-  names to define for the suite's Inspec profile
+- a mapping of InSpec attribute names to Terraform output variable
+  names to define for the suite's InSpec profile
 
-- a collection of controls to include from the suite's Inspec profile
+- a collection of controls to include from the suite's InSpec profile
 
 - a hostnames output variable name to use for extracting hostnames from
   the Terraform state; the output value is assumed to be in CSV format

data/lib/kitchen/driver/terraform.rb

@@ -14,31 +14,47 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+require 'fileutils'
 require 'kitchen'
+require 'terraform/client'
 require 'terraform/configurable'
-require 'terraform/version'
 
 module Kitchen
   module Driver
     # Terraform state lifecycle activities manager
     class Terraform < Base
+      include ::Terraform::Client
+
       include ::Terraform::Configurable
 
       kitchen_driver_api_version 2
 
-      plugin_version ::Terraform::VERSION
-
       no_parallel_for
 
       def create(_state = nil)
-        provisioner.validate_version
+        %i(plan state)
+          .each { |option| FileUtils.mkdir_p File.dirname provisioner[option] }
       end
 
       def destroy(_state = nil)
-        provisioner.validate_configuration_files
-        provisioner.download_modules
-        provisioner.plan_destructive_execution
-        provisioner.apply_execution_plan
+        return if !File.exist?(provisioner[:state]) || current_state.empty?
+
+        create
+        validate_configuration_files
+        download_modules
+        plan_execution destroy: true
+        apply_execution_plan
+      end
+
+      def verify_dependencies
+        case version
+        when /v0\.7/
+        when /v0\.6/
+          log_deprecation aspect: 'v0.6', remediation: 'Update to v0.7',
+                          version: '1.0'
+        else
+          raise Kitchen::UserError, 'Only Terraform v0.7 and v0.6 are supported'
+        end
       end
     end
   end

data/lib/kitchen/provisioner/terraform.rb

@@ -15,166 +15,42 @@
 # limitations under the License.
 
 require 'kitchen'
-require 'terraform/apply_command'
+require 'terraform/apply_timeout_config'
+require 'terraform/color_config'
 require 'terraform/configurable'
-require 'terraform/get_command'
-require 'terraform/group'
-require 'terraform/output_command'
-require 'terraform/plan_command'
-require 'terraform/validate_command'
-require 'terraform/version'
-require 'terraform/version_command'
+require 'terraform/directory_config'
+require 'terraform/plan_config'
+require 'terraform/state_config'
+require 'terraform/variable_files_config'
+require 'terraform/variables_config'
 
 module Kitchen
   module Provisioner
     # Terraform configuration applier
     class Terraform < Base
-      SUPPORTED_VERSION = /v0.6/
+      include ::Terraform::ApplyTimeoutConfig
 
-      include ::Terraform::Configurable
-
-      kitchen_provisioner_api_version 2
-
-      plugin_version ::Terraform::VERSION
-
-      required_config :apply_timeout do |_, value, provisioner|
-        provisioner.coerce_apply_timeout value: value
-      end
-
-      default_config :apply_timeout, 600
+      include ::Terraform::ColorConfig
 
-      default_config :color, true
-
-      required_config :color do |_, value, provisioner|
-        provisioner.coerce_color value: value
-      end
-
-      default_config(:directory) { |provisioner| provisioner[:kitchen_root] }
-
-      expand_path_for :directory
-
-      default_config :plan do |provisioner|
-        provisioner.instance_pathname filename: 'terraform.tfplan'
-      end
-
-      expand_path_for :plan
-
-      default_config :state do |provisioner|
-        provisioner.instance_pathname filename: 'terraform.tfstate'
-      end
-
-      expand_path_for :state
+      include ::Terraform::Configurable
 
-      required_config :variable_files do |_, value, provisioner|
-        provisioner.coerce_variable_files value: value
-      end
+      include ::Terraform::DirectoryConfig
 
-      default_config :variable_files, []
+      include ::Terraform::PlanConfig
 
-      expand_path_for :variable_files
+      include ::Terraform::StateConfig
 
-      required_config :variables do |_, value, provisioner|
-        provisioner.coerce_variables value: value
-      end
+      include ::Terraform::VariableFilesConfig
 
-      default_config :variables, {}
+      include ::Terraform::VariablesConfig
 
-      def apply_execution_plan
-        ::Terraform::ApplyCommand.execute \
-          logger: logger, state: config[:state], target: config[:plan],
-          color: config[:color], timeout: config[:apply_timeout]
-      end
+      kitchen_provisioner_api_version 2
 
       def call(_state = nil)
-        validate_configuration_files
-        download_modules
-        plan_constructive_execution
-        apply_execution_plan
-      end
-
-      def coerce_apply_timeout(value:)
-        config[:apply_timeout] = Integer value
-      rescue ArgumentError, TypeError
-        config_error attribute: 'apply_timeout', expected: 'an integer'
-      end
-
-      def coerce_color(value:)
-        raise TypeError unless [TrueClass, FalseClass].include?(value.class)
-        config[:color] = value
-      rescue TypeError
-        config_error attribute: 'color', expected: 'a boolean'
-      end
-
-      def coerce_variable_files(value:)
-        config[:variable_files] = Array value
-      end
-
-      def coerce_variables(value:)
-        config[:variables] =
-          if value.is_a?(Array) || value.is_a?(String)
-            deprecated_variables_format value: value
-          else
-            Hash value
-          end
-      rescue ArgumentError, TypeError
-        config_error attribute: 'variables',
-                     expected: 'a mapping of Terraform variable assignments'
-      end
-
-      def download_modules
-        ::Terraform::GetCommand.execute logger: logger,
-                                        target: config[:directory]
-      end
-
-      def each_list_output(name:, &block)
-        output(name: name).split(',').each(&block)
-      end
-
-      def instance_pathname(filename:)
-        File.join config[:kitchen_root], '.kitchen', 'kitchen-terraform',
-                  instance.name, filename
-      end
-
-      def output(name:)
-        ::Terraform::OutputCommand
-          .execute logger: logger, state: config[:state], target: name, &:chomp
-      end
-
-      def plan_constructive_execution
-        ::Terraform::PlanCommand
-          .execute destroy: false, logger: logger, out: config[:plan],
-                   state: config[:state], target: config[:directory],
-                   variables: config[:variables], color: config[:color],
-                   variable_files: config[:variable_files]
-      end
-
-      def plan_destructive_execution
-        ::Terraform::PlanCommand
-          .execute destroy: true, logger: logger, out: config[:plan],
-                   state: config[:state], target: config[:directory],
-                   variables: config[:variables], color: config[:color],
-                   variable_files: config[:variable_files]
-      end
-
-      def validate_configuration_files
-        ::Terraform::ValidateCommand.execute logger: logger,
-                                             target: config[:directory]
-      end
-
-      def validate_version
-        ::Terraform::VersionCommand.execute logger: logger do |output|
-          raise UserError,
-                "Terraform version must match #{SUPPORTED_VERSION}" unless
-                  SUPPORTED_VERSION.match output
-        end
-      end
-
-      private
-
-      def deprecated_variables_format(value:)
-        config_deprecated attribute: 'variables',
-                          expected: 'a mapping rather than a list or string'
-        Hash[Array(value).map { |string| string.split '=' }]
+        driver.validate_configuration_files
+        driver.download_modules
+        driver.plan_execution destroy: false
+        driver.apply_execution_plan
       end
     end
   end

data/lib/kitchen/verifier/terraform.rb

@@ -14,10 +14,9 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-require 'kitchen'
 require 'kitchen/verifier/inspec'
 require 'terraform/configurable'
-require 'terraform/version'
+require 'terraform/groups_config'
 
 module Kitchen
   module Verifier
@@ -26,38 +25,52 @@ module Kitchen
     class Terraform < Inspec
       include ::Terraform::Configurable
 
+      include ::Terraform::GroupsConfig
+
       kitchen_verifier_api_version 2
 
-      plugin_version ::Terraform::VERSION
+      def add_targets(runner:)
+        collect_tests.each { |test| runner.add_target test }
+      end
 
-      required_config :groups do |_, value, verifier|
-        verifier.coerce_groups value: value
+      def call(state)
+        self.inspec_runner_options = runner_options transport, state
+        config[:groups].each { |group| group.evaluate verifier: self }
       end
 
-      default_config :groups, []
+      def execute
+        ::Terraform::InspecRunner.new(inspec_runner_options)
+                                 .tap do |inspec_runner|
+                                   inspec_runner.evaluate verifier: self
+                                 end
+      end
 
-      def call(state)
-        config[:groups].each do |group|
-          group.verify_each_host options: runner_options(transport, state)
-        end
+      def merge(options:)
+        inspec_runner_options.merge! options
       end
 
-      def coerce_groups(value:)
-        config[:groups] = Array(value).map do |raw_group|
-          ::Terraform::Group.new value: raw_group, verifier: self
+      def resolve_attributes(group:)
+        group.each_attribute do |key, output_name|
+          group.store_attribute key: key,
+                                value: driver.output_value(name: output_name)
         end
-      rescue UserError
-        config_error attribute: 'groups',
-                     expected: 'a collection of group mappings'
       end
 
-      def evaluate(exit_code:)
+      def resolve_hostnames(group:, &block)
+        driver.output_value list: true, name: group.hostnames, &block
+      end
+
+      def verify(exit_code:)
         raise InstanceFailure, "Inspec Runner returns #{exit_code}" unless
           exit_code.zero?
       end
 
-      def populate(runner:)
-        collect_tests.each { |test| runner.add target: test }
+      private
+
+      attr_accessor :inspec_runner_options
+
+      def load_needed_dependencies!
+        require 'terraform/inspec_runner'
       end
     end
   end