test: add a new test for DA using existing resources (#108)

Author: akocbek

tests/existing-resources/Readme.md

@@ -0,0 +1 @@
+# Existing Resources For use in tests

tests/existing-resources/main.tf

@@ -0,0 +1,48 @@
+##############################################################################
+# Resource Group
+##############################################################################
+
+module "resource_group" {
+  source  = "terraform-ibm-modules/resource-group/ibm"
+  version = "1.1.5"
+  # if an existing resource group is not set (null) create a new one using prefix
+  resource_group_name          = var.resource_group == null ? "${var.prefix}-resource-group" : null
+  existing_resource_group_name = var.resource_group
+}
+
+##############################################################################
+# Event Notification
+##############################################################################
+
+module "event_notifications" {
+  source            = "terraform-ibm-modules/event-notifications/ibm"
+  version           = "1.3.1"
+  resource_group_id = module.resource_group.resource_group_id
+  name              = "${var.prefix}-en"
+  tags              = var.resource_tags
+  plan              = "lite"
+  service_endpoints = "public"
+  region            = var.region
+}
+
+##############################################################################
+# Key Protect
+##############################################################################
+
+module "key_protect" {
+  source                    = "terraform-ibm-modules/kms-all-inclusive/ibm"
+  version                   = "4.8.5"
+  key_protect_instance_name = "${var.prefix}-key-protect"
+  resource_group_id         = module.resource_group.resource_group_id
+  region                    = var.region
+  keys = [
+    {
+      key_ring_name = "${var.prefix}-sm"
+      keys = [
+        {
+          key_name = "${var.prefix}-sm-key"
+        }
+      ]
+    }
+  ]
+}

tests/existing-resources/outputs.tf

@@ -0,0 +1,24 @@
+output "resource_group_name" {
+  value       = module.resource_group.resource_group_name
+  description = "Resource group name"
+}
+
+output "resource_group_id" {
+  value       = module.resource_group.resource_group_id
+  description = "Resource group ID"
+}
+
+output "secrets_manager_kms_key_crn" {
+  value       = module.key_protect.keys["${var.prefix}-sm.${var.prefix}-sm-key"].crn
+  description = "CRN of created secret manager KMS key"
+}
+
+output "secrets_manager_kms_instance_crn" {
+  value       = module.key_protect.key_protect_id
+  description = "CRN of created secret manager KMS instance"
+}
+
+output "event_notification_instance_crn" {
+  value       = module.event_notifications.crn
+  description = "CRN of created event notification"
+}

tests/existing-resources/provider.tf

@@ -0,0 +1,4 @@
+provider "ibm" {
+  ibmcloud_api_key = var.ibmcloud_api_key
+  region           = var.region
+}

tests/existing-resources/variables.tf

@@ -0,0 +1,31 @@
+##############################################################################
+# Input variables
+##############################################################################
+
+variable "ibmcloud_api_key" {
+  type        = string
+  description = "The IBM Cloud API Key"
+  sensitive   = true
+}
+
+variable "region" {
+  type        = string
+  description = "Region"
+}
+
+variable "prefix" {
+  type        = string
+  description = "Prefix to append to all resources"
+}
+
+variable "resource_group" {
+  type        = string
+  description = "The name of an existing resource group to provision resources in to. If not set a new resource group will be created using the prefix variable"
+  default     = null
+}
+
+variable "resource_tags" {
+  type        = list(string)
+  description = "Optional list of tags to be added to created resources"
+  default     = []
+}

tests/existing-resources/version.tf

@@ -0,0 +1,9 @@
+terraform {
+  required_version = ">= 1.3.0, <1.7.0"
+  required_providers {
+    ibm = {
+      source  = "ibm-cloud/ibm"
+      version = ">= 1.51.0"
+    }
+  }
+}

tests/pr_test.go

@@ -5,11 +5,17 @@ import (
 	"fmt"
 	"log"
 	"os"
+	"strings"
 	"testing"
 
 	"github.com/IBM/go-sdk-core/v5/core"
 	"github.com/IBM/secrets-manager-go-sdk/v2/secretsmanagerv2"
+	"github.com/gruntwork-io/terratest/modules/files"
+	"github.com/gruntwork-io/terratest/modules/logger"
+	"github.com/gruntwork-io/terratest/modules/random"
+	"github.com/gruntwork-io/terratest/modules/terraform"
 	"github.com/stretchr/testify/assert"
+	"github.com/stretchr/testify/require"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/common"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testhelper"
 	"github.com/terraform-ibm-modules/ibmcloud-terratest-wrapper/testschematic"
@@ -79,8 +85,6 @@ func TestRunUpgradeExample(t *testing.T) {
 func TestFSCloudInSchematics(t *testing.T) {
 	t.Parallel()
 
-	const region = "us-south"
-
 	options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
 		Testing: t,
 		Prefix:  "sm-fscloud",
@@ -89,12 +93,12 @@ func TestFSCloudInSchematics(t *testing.T) {
 			fscloudExampleTerraformDir + "/*.tf",
 			"modules/fscloud/*.tf",
 		},
+		BestRegionYAMLPath: "../common-dev-assets/common-go-assets/cloudinfo-region-secmgr-prefs.yaml",
 		// ResourceGroup:          resourceGroup,
 		TemplateFolder:         fscloudExampleTerraformDir,
 		Tags:                   []string{"test-schematic"},
 		DeleteWorkspaceOnFail:  false,
 		WaitJobCompleteMinutes: 60,
-		Region:                 region,
 	})
 
 	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
@@ -113,7 +117,6 @@ func TestFSCloudInSchematics(t *testing.T) {
 func TestRunDASolutionSchematics(t *testing.T) {
 	t.Parallel()
 
-	const region = "us-south"
 	acme_letsencrypt_private_key := GetSecretsManagerKey( // pragma: allowlist secret
 		permanentResources["acme_letsencrypt_private_key_sm_id"].(string),
 		permanentResources["acme_letsencrypt_private_key_sm_region"].(string),
@@ -130,7 +133,7 @@ func TestRunDASolutionSchematics(t *testing.T) {
 		Tags:                   []string{"test-schematic"},
 		DeleteWorkspaceOnFail:  false,
 		WaitJobCompleteMinutes: 60,
-		Region:                 region,
+		BestRegionYAMLPath:     "../common-dev-assets/common-go-assets/cloudinfo-region-secmgr-prefs.yaml",
 	})
 
 	options.TerraformVars = []testschematic.TestSchematicTerraformVar{
@@ -175,3 +178,80 @@ func GetSecretsManagerKey(sm_id string, sm_region string, sm_key_id string) *str
 	}
 	return secret.(*secretsmanagerv2.ArbitrarySecret).Payload
 }
+
+// A test to pass existing resources to the SM DA
+func TestRunExistingResourcesInstances(t *testing.T) {
+	t.Parallel()
+
+	// Init test options for DA to get the region, which is used for provisioning the existing resources
+	options := testhelper.TestOptionsDefault(&testhelper.TestOptions{
+		Testing:      t,
+		TerraformDir: solutionsTerraformDir,
+		// Do not hard fail the test if the implicit destroy steps fail to allow a full destroy of resource to occur
+		ImplicitRequired:   false,
+		BestRegionYAMLPath: "../common-dev-assets/common-go-assets/cloudinfo-region-secmgr-prefs.yaml",
+	})
+
+	// ------------------------------------------------------------------------------------
+	// Provision Event Notification, KMS key and resource group first
+	// ------------------------------------------------------------------------------------
+
+	prefix := fmt.Sprintf("scc-exist-%s", strings.ToLower(random.UniqueId()))
+	realTerraformDir := "./existing-resources"
+	tempTerraformDir, _ := files.CopyTerraformFolderToTemp(realTerraformDir, fmt.Sprintf(prefix+"-%s", strings.ToLower(random.UniqueId())))
+	tags := common.GetTagsFromTravis()
+	region := "us-south"
+
+	// Verify ibmcloud_api_key variable is set
+	checkVariable := "TF_VAR_ibmcloud_api_key"
+	val, present := os.LookupEnv(checkVariable)
+	require.True(t, present, checkVariable+" environment variable not set")
+	require.NotEqual(t, "", val, checkVariable+" environment variable is empty")
+	logger.Log(t, "Tempdir: ", tempTerraformDir)
+	existingTerraformOptions := terraform.WithDefaultRetryableErrors(t, &terraform.Options{
+		TerraformDir: tempTerraformDir,
+		Vars: map[string]interface{}{
+			"prefix":        prefix,
+			"region":        options.Region,
+			"resource_tags": tags,
+		},
+		// Set Upgrade to true to ensure latest version of providers and modules are used by terratest.
+		// This is the same as setting the -upgrade=true flag with terraform.
+		Upgrade: true,
+	})
+
+	terraform.WorkspaceSelectOrNew(t, existingTerraformOptions, prefix)
+	_, existErr := terraform.InitAndApplyE(t, existingTerraformOptions)
+	if existErr != nil {
+		assert.True(t, existErr == nil, "Init and Apply of temp existing resource failed")
+	} else {
+		// add existing resources to previously created options
+		options.TerraformVars = map[string]interface{}{
+			"ibmcloud_api_key":                         os.Getenv("TF_VAR_ibmcloud_api_key"),
+			"region":                                   region,
+			"resource_group_name":                      terraform.Output(t, existingTerraformOptions, "resource_group_name"),
+			"use_existing_resource_group":              true,
+			"existing_event_notification_instance_crn": terraform.Output(t, existingTerraformOptions, "event_notification_instance_crn"),
+			"existing_secrets_manager_kms_key_crn":     terraform.Output(t, existingTerraformOptions, "secrets_manager_kms_key_crn"),
+			"existing_kms_instance_crn":                terraform.Output(t, existingTerraformOptions, "secrets_manager_kms_instance_crn"),
+			"service_plan":                             "trial",
+		}
+
+		output, err := options.RunTestConsistency()
+		assert.Nil(t, err, "This should not have errored")
+		assert.NotNil(t, output, "Expected some output")
+
+	}
+
+	// Check if "DO_NOT_DESTROY_ON_FAILURE" is set
+	envVal, _ := os.LookupEnv("DO_NOT_DESTROY_ON_FAILURE")
+	// Destroy the temporary existing resources if required
+	if t.Failed() && strings.ToLower(envVal) == "true" {
+		fmt.Println("Terratest failed. Debug the test and delete resources manually.")
+	} else {
+		logger.Log(t, "START: Destroy (existing resources)")
+		terraform.Destroy(t, existingTerraformOptions)
+		terraform.WorkspaceDelete(t, existingTerraformOptions, prefix)
+		logger.Log(t, "END: Destroy (existing resources)")
+	}
+}