test: implement new test structure for disabled, minimum and complete…

… tests
mineiros-io · Nov 8, 2021 · 985e154 · 985e154
1 parent b0b52ea
commit 985e154
Show file tree

Hide file tree

Showing 13 changed files with 1,231 additions and 357 deletions.
diff --git a/go.mod b/go.mod
@@ -1,5 +1,29 @@
-module github.com/mineiros/terraform-aws-cognito-user-pool
+module github.com/mineiros-io/terraform-aws-cognito-user-pool
 
-go 1.14
+go 1.17
 
-require github.com/gruntwork-io/terratest v0.30.0
+require (
+	github.com/gruntwork-io/terratest v0.38.2
+	github.com/stretchr/testify v1.7.0
+)
+
+require (
+	github.com/agext/levenshtein v1.2.3 // indirect
+	github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect
+	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/hashicorp/errwrap v1.0.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.0 // indirect
+	github.com/hashicorp/hcl/v2 v2.9.1 // indirect
+	github.com/hashicorp/terraform-json v0.12.0 // indirect
+	github.com/jinzhu/copier v0.0.0-20190924061706-b57f9002281a // indirect
+	github.com/mattn/go-zglob v0.0.2-0.20190814121620-e3c945676326 // indirect
+	github.com/mitchellh/go-wordwrap v1.0.1 // indirect
+	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/tmccombs/hcl2json v0.3.3 // indirect
+	github.com/zclconf/go-cty v1.8.1 // indirect
+	golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a // indirect
+	golang.org/x/net v0.0.0-20210614182718-04defd469f4e // indirect
+	golang.org/x/sys v0.0.0-20210603125802-9665404d3644 // indirect
+	golang.org/x/text v0.3.6 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
+)
diff --git a/go.sum b/go.sum
diff --git a/test/README.md b/test/README.md
@@ -12,7 +12,7 @@ of the modules that ship with this repository.
 ## Introduction
 
 We are using [Terratest] for automated tests that are located in the
-[`test/` directory][Testdirectory]. Terratest deploys _real_ infrastructure
+[`test/` directory][testdirectory]. Terratest deploys _real_ infrastructure
 (e.g., servers) in a _real_ environment (e.g., AWS).
 
 The basic usage pattern for writing automated tests with Terratest is to:
@@ -58,25 +58,27 @@ Alternatively, you can also run the tests without Docker.
 3. Set your AWS credentials as environment variables: `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`
 4. Install go dependencies: `go mod download`
 5. Run all tests: `go test -v -count 1 -timeout 45m -parallel 128 ./test/...`
+   or use the convenient `make test/unit-tests` Makefile target.
 6. Run a specific test: `go test -count 1 -v -timeout 45m -parallel 128 test/example_test.go`
 
 <!-- References -->
 
 <!-- markdown-link-check-disable -->
-[Makefile]: https://github.com/mineiros-io/terraform-aws-cognito-user-pool/blob/master/Makefile
-[Testdirectory]: https://github.com/mineiros-io/terraform-aws-cognito-user-pool/tree/master/test
+
+[makefile]: https://github.com/mineiros-io/terraform-aws-cognito-user-pool/blob/main/Makefile
+[testdirectory]: https://github.com/mineiros-io/terraform-aws-cognito-user-pool/tree/main/test
+
 <!-- markdown-link-check-enable -->
 
 [homepage]: https://mineiros.io/?ref=terraform-aws-cognito-user-pool
-[Terratest]: https://github.com/gruntwork-io/terratest
+[terratest]: https://github.com/gruntwork-io/terratest
 [package testing]: https://golang.org/pkg/testing/
-[Docker]: https://docs.docker.com/get-started/
-[Go]: https://golang.org/
-[Terraform]: https://www.terraform.io/downloads.html
+[docker]: https://docs.docker.com/get-started/
+[go]: https://golang.org/
+[terraform]: https://www.terraform.io/downloads.html
 [badge-license]: https://img.shields.io/badge/license-Apache%202.0-brightgreen.svg
 [badge-terraform]: https://img.shields.io/badge/terraform-1.x%20|%200.15%20|%200.14%20|%200.13%20|%200.12.20+-623CE4.svg?logo=terraform
 [badge-slack]: https://img.shields.io/badge/[email protected]?logo=slack
-
 [releases-terraform]: https://github.com/hashicorp/terraform/releases
 [apache20]: https://opensource.org/licenses/Apache-2.0
-[slack]: https://join.slack.com/t/mineiros-community/shared_invite/zt-ehidestg-aLGoIENLVs6tvwJ11w9WGg
+[slack]: https://mineiros.io/slack
diff --git a/test/terraform_aws_cognito_user_pool_test.go b/test/terraform_aws_cognito_user_pool_test.go
diff --git a/test/unit-complete/main.tf b/test/unit-complete/main.tf
@@ -0,0 +1,161 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# COMPLETE FEATURES UNIT TEST
+# This module tests a complete set of most/all non-exclusive features
+# The purpose is to activate everything the module offers, but trying to keep execution time and costs minimal.
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+variable "aws_region" {
+  description = "(Optional) The AWS region in which all resources will be created."
+  type        = string
+  default     = "us-east-1"
+}
+
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 3.50"
+    }
+  }
+}
+
+provider "aws" {
+  region = var.aws_region
+}
+
+# DO NOT RENAME MODULE NAME
+module "test" {
+  source = "../.."
+
+  module_enabled = true
+
+  # add all required arguments
+  name = "example-cognito-user-pool"
+
+  # add all optional arguments that create additional resources
+  clients = [
+    {
+      name                 = "android-mobile-client"
+      read_attributes      = ["email", "email_verified", "preferred_username"]
+      allowed_oauth_scopes = ["email", "openid"]
+      allowed_oauth_flows  = ["implicit"]
+      callback_urls        = ["https://mineiros.io/callback", "https://mineiros.io/anothercallback"]
+      default_redirect_uri = "https://mineiros.io/callback"
+      generate_secret      = true
+    }
+  ]
+
+  # add most/all other optional arguments
+
+  enable_username_case_sensitivity = false
+  advanced_security_mode           = "ENFORCED"
+
+  alias_attributes = [
+    "email",
+    "phone_number",
+    "preferred_username",
+  ]
+
+  auto_verified_attributes = [
+    "email"
+  ]
+
+  account_recovery_mechanisms = [
+    {
+      name     = "verified_email"
+      priority = 1
+    },
+    {
+      name     = "verified_phone_number"
+      priority = 2
+    }
+  ]
+
+  # If invited by an admin
+  invite_email_subject = "You've been invited to Mineiros.io"
+  invite_email_message = "Hi {username}, your temporary password is '{####}'."
+  invite_sms_message   = "Hi {username}, your temporary password is '{####}'."
+
+  # domain                = "mineiros-dev"
+  default_email_option  = "CONFIRM_WITH_LINK"
+  email_subject_by_link = "Your Verification Link"
+  email_message_by_link = "Please click the link below to verify your email address. {##Verify Email##}."
+  sms_message           = "Your verification code is {####}."
+
+  challenge_required_on_new_device = true
+  user_device_tracking             = "USER_OPT_IN"
+
+  # These paramters can be used to configure SES for emails
+  # email_sending_account  = "DEVELOPER"
+  # email_reply_to_address = "[email protected]"
+  # email_from_address     = "[email protected]"
+  # email_source_arn       = "arn:aws:ses:us-east-1:999999999999:identity"
+
+  # Require MFA
+  mfa_configuration        = "ON"
+  allow_software_mfa_token = true
+
+  password_minimum_length    = 40
+  password_require_lowercase = true
+  password_require_numbers   = true
+  password_require_uppercase = true
+  password_require_symbols   = true
+
+  temporary_password_validity_days = 3
+
+  schema_attributes = [
+    {
+      name       = "gender", # overwrites the default attribute 'gender'
+      type       = "String"
+      required   = true
+      min_length = 1
+      max_length = 2048
+    },
+    {
+      name                     = "alternative_name"
+      type                     = "String"
+      developer_only_attribute = false,
+      mutable                  = true,
+      required                 = false,
+      min_length               = 0,
+      max_length               = 2048
+    },
+    {
+      name      = "friends_count"
+      type      = "Number"
+      min_value = 0,
+      max_value = 100
+    },
+    {
+      name = "is_active"
+      type = "Boolean"
+
+    },
+    {
+      name = "last_seen"
+      type = "DateTime"
+    }
+  ]
+
+  default_client_token_validity_units = {
+    refresh_token = "hours"
+    access_token  = "hours"
+    id_token      = "hours"
+  }
+
+  tags = {
+    Team = "Unknown"
+  }
+
+  module_tags = {
+    Environment = "unknown"
+  }
+
+  module_depends_on = ["nothing"]
+}
+
+# outputs generate non-idempotent terraform plans so we disable them for now unless we need them.
+# output "all" {
+#   description = "All outputs of the module."
+#   value       = module.test
+# }
diff --git a/test/unit-disabled/main.tf b/test/unit-disabled/main.tf
@@ -0,0 +1,43 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# EMPTY FEATURES (DISABLED) UNIT TEST
+# This module tests an empty set of features.
+# The purpose is to verify no resources are created when the module is disabled.
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+variable "aws_region" {
+  description = "(Optional) The AWS region in which all resources will be created."
+  type        = string
+  default     = "us-east-1"
+}
+
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = "~> 3.50"
+    }
+  }
+}
+
+provider "aws" {
+  region = var.aws_region
+}
+
+# DO NOT RENAME MODULE NAME
+module "test" {
+  source = "../.."
+
+  name = "example-cognito-user-pool"
+
+  module_enabled = false
+
+  # add all required arguments
+
+  # add all optional arguments that create additional resources
+}
+
+# outputs generate non-idempotent terraform plans so we disable them for now unless we need them.
+# output "all" {
+#   description = "All outputs of the module."
+#   value       = module.test
+# }
diff --git a/test/unit-minimal/main.tf b/test/unit-minimal/main.tf
@@ -0,0 +1,41 @@
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+# MINIMAL FEATURES UNIT TEST
+# This module tests a minimal set of features.
+# The purpose is to test all defaults for optional arguments and just provide the required arguments.
+# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+variable "aws_region" {
+  description = "(Optional) The AWS region in which all resources will be created."
+  type        = string
+  default     = "us-east-1"
+}
+
+terraform {
+  required_providers {
+    aws = {
+      source = "hashicorp/aws"
+      # always test with exact version to catch unsupported blocks/arguments early
+      # this should match the minimal version in versions.tf
+      version = "3.50.0"
+    }
+  }
+}
+
+provider "aws" {
+  region = var.aws_region
+}
+
+# DO NOT RENAME MODULE NAME
+module "test" {
+  source = "../.."
+
+  name = "example-cognito-user-pool"
+
+  # add only required arguments and no optional arguments
+}
+
+# outputs generate non-idempotent terraform plans so we disable them for now unless we need them.
+# output "all" {
+#   description = "All outputs of the module."
+#   value       = module.test
+# }