Ensure inline README file match fixture files
This commit is contained in:
parent
7be3288cc7
commit
5cfa1062cc
|
@ -101,8 +101,7 @@ module "folder" {
|
|||
```
|
||||
|
||||
```yaml
|
||||
# cidrs.yaml
|
||||
|
||||
# tftest file configs/firewall-policies/cidrs.yaml
|
||||
rfc1918:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/12
|
||||
|
@ -110,8 +109,7 @@ rfc1918:
|
|||
```
|
||||
|
||||
```yaml
|
||||
# rules.yaml
|
||||
|
||||
# tftest file configs/firewall-policies/rules.yaml
|
||||
allow-admins:
|
||||
description: Access from the admin subnet to all subnets
|
||||
direction: INGRESS
|
||||
|
|
|
@ -147,7 +147,7 @@ module "firewall" {
|
|||
```
|
||||
|
||||
```yaml
|
||||
# ./configs/firewall/rules/load_balancers.yaml
|
||||
# tftest file configs/firewall/rules/load_balancers.yaml
|
||||
allow-healthchecks:
|
||||
description: Allow ingress from healthchecks.
|
||||
ranges:
|
||||
|
@ -161,10 +161,9 @@ allow-healthchecks:
|
|||
```
|
||||
|
||||
```yaml
|
||||
# ./configs/firewall/cidr_template.yaml
|
||||
# tftest file configs/firewall/cidr_template.yaml
|
||||
healthchecks:
|
||||
- 35.191.0.0/16
|
||||
|
||||
- 130.211.0.0/22
|
||||
- 209.85.152.0/22
|
||||
- 209.85.204.0/22
|
||||
|
|
|
@ -143,9 +143,9 @@ module "org" {
|
|||
```
|
||||
|
||||
```yaml
|
||||
# configs/custom-constraints/gke.yaml
|
||||
# tftest file configs/custom-constraints/gke.yaml
|
||||
custom.gkeEnableLogging:
|
||||
resource_types:
|
||||
resource_types:
|
||||
- container.googleapis.com/Cluster
|
||||
method_types:
|
||||
- CREATE
|
||||
|
@ -154,7 +154,7 @@ custom.gkeEnableLogging:
|
|||
action_type: DENY
|
||||
display_name: Do not disable Cloud Logging
|
||||
custom.gkeEnableAutoUpgrade:
|
||||
resource_types:
|
||||
resource_types:
|
||||
- container.googleapis.com/NodePool
|
||||
method_types:
|
||||
- CREATE
|
||||
|
@ -165,9 +165,9 @@ custom.gkeEnableAutoUpgrade:
|
|||
```
|
||||
|
||||
```yaml
|
||||
# configs/custom-constraints/dataproc.yaml
|
||||
# tftest file configs/custom-constraints/dataproc.yaml
|
||||
custom.dataprocNoMoreThan10Workers:
|
||||
resource_types:
|
||||
resource_types:
|
||||
- dataproc.googleapis.com/Cluster
|
||||
method_types:
|
||||
- CREATE
|
||||
|
@ -238,8 +238,7 @@ module "org" {
|
|||
```
|
||||
|
||||
```yaml
|
||||
# cidrs.yaml
|
||||
|
||||
# tftest file configs/firewall-policies/cidrs.yaml
|
||||
rfc1918:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/12
|
||||
|
@ -247,8 +246,7 @@ rfc1918:
|
|||
```
|
||||
|
||||
```yaml
|
||||
# rules.yaml
|
||||
|
||||
# tftest file configs/firewall-policies/rules.yaml
|
||||
allow-admins:
|
||||
description: Access from the admin subnet to all subnets
|
||||
direction: INGRESS
|
||||
|
|
|
@ -230,7 +230,7 @@ module "folder" {
|
|||
```
|
||||
|
||||
```yaml
|
||||
# configs/org-policies/boolean.yaml
|
||||
# tftest file configs/org-policies/boolean.yaml
|
||||
iam.disableServiceAccountKeyCreation:
|
||||
enforce: true
|
||||
|
||||
|
@ -246,7 +246,7 @@ iam.disableServiceAccountKeyUpload:
|
|||
```
|
||||
|
||||
```yaml
|
||||
# configs/org-policies/list.yaml
|
||||
# tftest file configs/org-policies/list.yaml
|
||||
compute.vmExternalIpAccess:
|
||||
deny:
|
||||
all: true
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
custom.dataprocNoMoreThan10Workers:
|
||||
resource_types:
|
||||
- dataproc.googleapis.com/Cluster
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
custom.gkeEnableLogging:
|
||||
resource_types:
|
||||
- container.googleapis.com/Cluster
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
rfc1918:
|
||||
- 10.0.0.0/8
|
||||
- 172.16.0.0/12
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
allow-admins:
|
||||
description: Access from the admin subnet to all subnets
|
||||
direction: INGRESS
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
healthchecks:
|
||||
- 35.191.0.0/16
|
||||
- 130.211.0.0/22
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
allow-healthchecks:
|
||||
description: Allow ingress from healthchecks.
|
||||
ranges:
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
iam.disableServiceAccountKeyCreation:
|
||||
enforce: true
|
||||
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
# skip boilerplate check
|
||||
compute.vmExternalIpAccess:
|
||||
deny:
|
||||
all: true
|
||||
|
|
|
@ -39,17 +39,18 @@ def pytest_generate_tests(metafunc):
|
|||
last_header = None
|
||||
mark = pytest.mark.xdist_group(name=module.name)
|
||||
for child in doc.children:
|
||||
if isinstance(child, marko.block.FencedCode) and child.lang == 'hcl':
|
||||
if isinstance(child, marko.block.FencedCode):
|
||||
index += 1
|
||||
code = child.children[0].children
|
||||
if 'tftest skip' in code:
|
||||
continue
|
||||
examples.append(pytest.param(code, marks=mark))
|
||||
path = module.relative_to(FABRIC_ROOT)
|
||||
name = f'{path}:{last_header}'
|
||||
if index > 1:
|
||||
name += f' {index}'
|
||||
ids.append(name)
|
||||
if child.lang == 'hcl' or 'tftest file' in code:
|
||||
examples.append(pytest.param(code, marks=mark))
|
||||
path = module.relative_to(FABRIC_ROOT)
|
||||
name = f'{path}:{last_header}'
|
||||
if index > 1:
|
||||
name += f' {index}'
|
||||
ids.append(name)
|
||||
elif isinstance(child, marko.block.Heading):
|
||||
last_header = child.children[0].children
|
||||
index = 0
|
||||
|
|
|
@ -16,7 +16,8 @@ import re
|
|||
from pathlib import Path
|
||||
|
||||
BASE_PATH = Path(__file__).parent
|
||||
EXPECTED_RESOURCES_RE = re.compile(r'# tftest modules=(\d+) resources=(\d+)')
|
||||
COUNT_TEST_RE = re.compile(r'# tftest modules=(\d+) resources=(\d+)')
|
||||
FILE_TEST_RE = re.compile(r'# tftest file (.+)')
|
||||
|
||||
|
||||
def test_example(recursive_e2e_plan_runner, tmp_path, example):
|
||||
|
@ -26,13 +27,25 @@ def test_example(recursive_e2e_plan_runner, tmp_path, example):
|
|||
(tmp_path / 'configs').symlink_to(Path(BASE_PATH, 'configs').resolve())
|
||||
(tmp_path / 'main.tf').write_text(example)
|
||||
|
||||
match = EXPECTED_RESOURCES_RE.search(example)
|
||||
expected_modules = int(match.group(1)) if match is not None else 1
|
||||
expected_resources = int(match.group(2)) if match is not None else 1
|
||||
if match := COUNT_TEST_RE.search(example):
|
||||
expected_modules = int(match.group(1)) if match is not None else 1
|
||||
expected_resources = int(match.group(2)) if match is not None else 1
|
||||
|
||||
assert match is not None, "can't find tftest directive"
|
||||
num_modules, num_resources = recursive_e2e_plan_runner(
|
||||
str(tmp_path), tmpdir=False)
|
||||
assert expected_modules == num_modules, 'wrong number of modules'
|
||||
assert expected_resources == num_resources, 'wrong number of resources'
|
||||
|
||||
num_modules, num_resources = recursive_e2e_plan_runner(
|
||||
str(tmp_path), tmpdir=False)
|
||||
assert expected_modules == num_modules, 'wrong number of modules'
|
||||
assert expected_resources == num_resources, 'wrong number of resources'
|
||||
elif match := FILE_TEST_RE.search(example):
|
||||
filename = tmp_path / match.group(1)
|
||||
assert filename.exists(), f'cant read {filename}'
|
||||
|
||||
file_content = filename.read_text()
|
||||
|
||||
# skip first line
|
||||
file_content = file_content.split('\n', 1)[1]
|
||||
example = example.split('\n', 1)[1]
|
||||
assert file_content == example, "README inline file and fixture file don't match"
|
||||
|
||||
else:
|
||||
assert False, "can't find tftest directive"
|
||||
|
|
Loading…
Reference in New Issue