Skip to content

Commit 9e53495

Browse files
authored
chore: remove AWS-costing Terraform tests (#151)
* chore(ci): skip terraform_docs in CI workflow - Remove .md files from trigger paths - Remove terraform-docs installation step - Add SKIP: terraform_docs environment variable - Update actions/cache to v4 and setup-python to v5 - Update cache key to bust stale caches - Simplify pre-commit run logic into single step - Update summary to clarify docs handled locally This eliminates environment parity issues between macOS and Linux for terraform-docs and speeds up CI by removing unnecessary tooling. Closes #148 * fix(ci): address security and error handling issues - Replace insecure curl|bash with verified tflint GitHub release download - Add set -euo pipefail for strict error handling - Add explicit error handling for git fetch operations - Use --diff-filter=ACMR to exclude deleted files from pre-commit - Use xargs for safer file argument handling - Update tflint to v0.54.0 Addresses review feedback from bug hunt. * chore: remove AWS-costing Terraform tests Remove Terratest integration tests to eliminate AWS resource costs in CI. Changes: - Delete test/ directory (Go tests, helpers, cleanup utility) - Remove unit-tests, integration-tests, test-results, cleanup jobs from test.yml - Keep free validation, security scanning, and linting jobs - Update CLAUDE.md to remove testing documentation Preserved: - examples/ directory for user documentation - terraform fmt, validate, tfsec, tflint checks
1 parent dc2bddb commit 9e53495

File tree

10 files changed

+7
-3745
lines changed

10 files changed

+7
-3745
lines changed

.github/workflows/test.yml

Lines changed: 1 addition & 242 deletions
Original file line numberDiff line numberDiff line change
@@ -22,8 +22,6 @@ on:
2222

2323
env:
2424
TERRAFORM_VERSION: latest
25-
GO_VERSION: 1.21
26-
ACTIONS_STEP_DEBUG: true
2725

2826
jobs:
2927
# Validation tests - fast feedback
@@ -103,243 +101,4 @@ jobs:
103101
run: tflint --init
104102

105103
- name: Run TFLint
106-
run: tflint --recursive
107-
108-
109-
# Unit tests using Terratest
110-
unit-tests:
111-
name: Unit Tests
112-
runs-on: ubuntu-latest
113-
if: github.event_name == 'pull_request' || github.ref == 'refs/heads/master'
114-
strategy:
115-
fail-fast: false
116-
matrix:
117-
test-suite:
118-
- validation
119-
steps:
120-
- name: Checkout
121-
uses: actions/checkout@v4
122-
123-
- name: Setup Go
124-
uses: actions/setup-go@v5
125-
with:
126-
go-version: ${{ env.GO_VERSION }}
127-
cache: false
128-
129-
- name: Setup Terraform
130-
uses: hashicorp/setup-terraform@v3
131-
with:
132-
terraform_version: ${{ env.TERRAFORM_VERSION }}
133-
terraform_wrapper: false
134-
135-
- name: Configure AWS credentials
136-
uses: aws-actions/configure-aws-credentials@v4
137-
with:
138-
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
139-
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
140-
aws-region: us-east-1
141-
142-
- name: Cache Go modules
143-
uses: actions/cache@v4
144-
with:
145-
path: |
146-
~/.cache/go-build
147-
~/go/pkg/mod
148-
key: ${{ runner.os }}-go-${{ hashFiles('test/go.sum') }}
149-
restore-keys: |
150-
${{ runner.os }}-go-
151-
152-
- name: Install dependencies
153-
working-directory: test
154-
run: go mod download
155-
156-
- name: Run validation tests
157-
if: matrix.test-suite == 'validation'
158-
working-directory: test
159-
run: |
160-
go test -v -timeout 10m -run "TestTerraform.*Validation|TestTerraformFormat|TestTerraformValidate|TestExamplesValidation|TestTerraformPlan|TestVariableValidation" \
161-
-json > validation-test-results.json
162-
env:
163-
AWS_DEFAULT_REGION: us-east-1
164-
165-
- name: Run ephemeral tests
166-
if: matrix.test-suite == 'ephemeral'
167-
working-directory: test
168-
run: |
169-
echo "Starting ephemeral tests..."
170-
echo "AWS Region: $AWS_DEFAULT_REGION"
171-
echo "Go version: $(go version)"
172-
echo "Terraform version: $(terraform version)"
173-
174-
# Run tests sequentially to avoid state conflicts
175-
go test -v -timeout 30m -p=1 -run "TestEphemeral.*" \
176-
-json > ephemeral-test-results.json
177-
178-
exit_code=$?
179-
echo "Tests completed with exit code: $exit_code"
180-
181-
if [ $exit_code -ne 0 ]; then
182-
echo "Test failures detected. Showing recent test output:"
183-
tail -50 ephemeral-test-results.json || echo "No test results file found"
184-
fi
185-
186-
exit $exit_code
187-
env:
188-
AWS_DEFAULT_REGION: us-east-1
189-
190-
- name: Debug test artifacts
191-
if: always()
192-
working-directory: test
193-
run: |
194-
echo "=== Test directory contents ==="
195-
ls -la
196-
echo "=== Test result files ==="
197-
ls -la *-test-results.json 2>/dev/null || echo "No test result files found"
198-
echo "=== Terraform state files ==="
199-
ls -la ../*.tfstate* 2>/dev/null || echo "No state files found"
200-
201-
- name: Upload test results
202-
uses: actions/upload-artifact@v4
203-
if: always()
204-
with:
205-
name: test-results-${{ matrix.test-suite }}
206-
path: test/*-test-results.json
207-
208-
# Integration tests - only on master or when specifically requested
209-
integration-tests:
210-
name: Integration Tests
211-
runs-on: ubuntu-latest
212-
if: github.ref == 'refs/heads/master' || contains(github.event.pull_request.labels.*.name, 'run-integration-tests')
213-
strategy:
214-
fail-fast: false
215-
matrix:
216-
aws-region:
217-
- us-east-1
218-
- us-west-2
219-
steps:
220-
- name: Checkout
221-
uses: actions/checkout@v4
222-
223-
- name: Setup Go
224-
uses: actions/setup-go@v5
225-
with:
226-
go-version: ${{ env.GO_VERSION }}
227-
cache: false
228-
229-
- name: Setup Terraform
230-
uses: hashicorp/setup-terraform@v3
231-
with:
232-
terraform_version: ${{ env.TERRAFORM_VERSION }}
233-
terraform_wrapper: false
234-
235-
- name: Configure AWS credentials
236-
uses: aws-actions/configure-aws-credentials@v4
237-
with:
238-
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
239-
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
240-
aws-region: ${{ matrix.aws-region }}
241-
242-
- name: Cache Go modules
243-
uses: actions/cache@v4
244-
with:
245-
path: |
246-
~/.cache/go-build
247-
~/go/pkg/mod
248-
key: ${{ runner.os }}-go-${{ hashFiles('test/go.sum') }}
249-
restore-keys: |
250-
${{ runner.os }}-go-
251-
252-
- name: Install dependencies
253-
working-directory: test
254-
run: go mod download
255-
256-
- name: Run integration tests
257-
working-directory: test
258-
run: |
259-
go test -v -timeout 45m -run "TestTerraformAwsSecretsManager.*" \
260-
-json > integration-test-results-${{ matrix.aws-region }}.json
261-
env:
262-
AWS_DEFAULT_REGION: ${{ matrix.aws-region }}
263-
264-
- name: Upload integration test results
265-
uses: actions/upload-artifact@v4
266-
if: always()
267-
with:
268-
name: integration-test-results-${{ matrix.aws-region }}
269-
path: test/integration-test-results-${{ matrix.aws-region }}.json
270-
271-
# Test result processing and reporting
272-
test-results:
273-
name: Process Test Results
274-
runs-on: ubuntu-latest
275-
needs: [validate, security, lint, unit-tests]
276-
if: always()
277-
steps:
278-
- name: Download test artifacts
279-
uses: actions/download-artifact@v4
280-
with:
281-
path: test-results
282-
283-
- name: Process test results
284-
run: |
285-
echo "# Test Results Summary" >> $GITHUB_STEP_SUMMARY
286-
echo "" >> $GITHUB_STEP_SUMMARY
287-
288-
# Count test files
289-
VALIDATION_PASSED=$(find test-results -name "*validation*" -type f | wc -l)
290-
EPHEMERAL_PASSED=$(find test-results -name "*ephemeral*" -type f | wc -l)
291-
INTEGRATION_PASSED=$(find test-results -name "*integration*" -type f | wc -l)
292-
293-
echo "| Test Suite | Status |" >> $GITHUB_STEP_SUMMARY
294-
echo "|------------|--------|" >> $GITHUB_STEP_SUMMARY
295-
echo "| Validation | ✅ $VALIDATION_PASSED suites completed |" >> $GITHUB_STEP_SUMMARY
296-
echo "| Ephemeral | ✅ $EPHEMERAL_PASSED suites completed |" >> $GITHUB_STEP_SUMMARY
297-
echo "| Integration | ✅ $INTEGRATION_PASSED suites completed |" >> $GITHUB_STEP_SUMMARY
298-
echo "" >> $GITHUB_STEP_SUMMARY
299-
echo "View detailed results in the artifacts section." >> $GITHUB_STEP_SUMMARY
300-
301-
- name: Check overall test status
302-
run: |
303-
if [ "${{ needs.validate.result }}" != "success" ] || \
304-
[ "${{ needs.security.result }}" != "success" ] || \
305-
[ "${{ needs.lint.result }}" != "success" ] || \
306-
[ "${{ needs.unit-tests.result }}" != "success" ]; then
307-
echo "One or more test suites failed"
308-
exit 1
309-
fi
310-
echo "All test suites passed successfully"
311-
312-
# Cleanup job to remove test resources
313-
cleanup:
314-
name: Cleanup Test Resources
315-
runs-on: ubuntu-latest
316-
if: always() && (needs.unit-tests.result == 'success' || needs.unit-tests.result == 'failure' || needs.integration-tests.result == 'success' || needs.integration-tests.result == 'failure')
317-
needs: [unit-tests, integration-tests]
318-
steps:
319-
- name: Checkout
320-
uses: actions/checkout@v4
321-
322-
- name: Setup Go
323-
uses: actions/setup-go@v5
324-
with:
325-
go-version: ${{ env.GO_VERSION }}
326-
cache: false
327-
328-
- name: Configure AWS credentials
329-
uses: aws-actions/configure-aws-credentials@v4
330-
with:
331-
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
332-
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
333-
aws-region: us-east-1
334-
335-
- name: Install dependencies
336-
working-directory: test
337-
run: go mod download
338-
339-
- name: Cleanup test resources
340-
working-directory: test
341-
run: |
342-
go run -v cleanup/main.go
343-
env:
344-
AWS_DEFAULT_REGION: us-east-1
345-
continue-on-error: true
104+
run: tflint --recursive

0 commit comments

Comments
 (0)