You can run the project tests by invoking the correct make command:
make test-> Runs all tests residing inside the config-lint projectmake testtf-> Runs all tests defined within theTestTerraformBuiltInRulestest function.
It is best practice to always come up with at least 2 scenarios for each test (ideally more if applicable). You want a test case that will pass and a test case that will fail. This covers the bare minimum to ensure that a rule and test case are working as expected.
Terraform rules have their own set of tests that you can use to verify that a new rule or configuration is working as expected. As noted above, the make testtf command will run the tests defined within the TestTerraformBuiltInRules test function.
To create a new test to validate a Terraform built in rule you need to do the following:
-
Add test case inside
TestTerraformBuiltInRulesfunction in thecli/builtin_terraform_test.gofile.- Example:
{"aws/security_group/world_ingress.tf", "SG_WORLD_INGRESS", 2, 0},will run theSG_WORLD_INGRESSrule against the contents of thecli/testdata/builtin/terraform/aws/security_group/world_ingress.tffile. It is expecting there to be 2 Warnings and 0 Failures - The test must follow the
structformat forBuiltInTestCase
type BuiltInTestCase struct { Filename string RuleID string WarningCount int FailureCount int }
- This test case must match a valid Rule
idfrom within thecli/assets/terraform.ymlfile.
- Example: