Terraform Test Framework¶
Unified Test Framework to test Terraform codes and Terraform-provisioned infrastructures.
The new version, v0.2.0 (Freedom) is now available.
Source Code: https://github.com/tf2project/tf2project
TF2 is a unified test framework to test Terraform codes and Terraform-provisioned infrastructures. With TF2, you can implement PaC(Policy as Code), Compliance tests, e2e(End to End) tests, and all other tests just in a unified framework.
This idea crossed my mind when I was managing a big DevOps team that was working on various Terraform codes, and they were developing many Terraform codes and modules for several projects together. As a manager and a person who was responsible for accepting merge requests, I had to review their codes, and in some cases, I had to test them. Big team! Big problem! Reviewing more than 500 lines of codes a day and testing them had turned into my nightmare. Some problems that I faced with them are:
- Implementing Policy-as-Code while we have not got TFC/TFE to use Sentinel.
- Implementing e2e tests to test real infrastructures after deploying Terraform codes.
- Implementing standard rules for developing Terraform codes.
The thing is, it doesn't matter how many engineers you have in your team. If you want to implement policies, test your codes, and your infrastructures, and deliver better and more reliable Terraform codes, you should use Terraform Test Framework.
- Implement a unified framework to implement all Terraform test needs.
- Implement a standard path to integrate Terraform tests into CI/CD pipelines.
- Implement a DevOps-friendly framework for all DevOps engineers.
TF2 is under development, and many features will be added soon. Now the following features are implemented and can be used in production:
- Implementing Compliance tests and Policy as Code (Before deployment)
- Implementing End to End tests (After deployment)
TF2 is fully compatible and can be integrated with:
- Terraform Open-source, Terraform Cloud, Terraform Enterprise
- CI/CD systems like Jenkins CI, Gitlab CI, GitHub Actions
TF2 vs. HashiCorp Sentinel¶
Terraform Cloud and Terraform Enterprise come with a Policy-as-Code tool called Sentinel. Sentinel uses its programming language, and you should learn a new language to implement your tests. Of course, just policy as code. Moreover, none of them provides a solution to implement e2e(End to End) tests. With TF2, you can write both with the most DevOps engineers-friendly programming language, Python. TF2 is also available for Terraform open-source users.
TF2 vs. Gruntwork Terratest¶
Terratest is a good tool by Gruntwork which allows you to implement e2e tests, but it doesn't provide any Policy-as-Code solution. To write your tests with Terratest, you should know how to write Go applications. TF2 makes the test world for DevOps engineers really easy. You can write your PaC and e2e tests in Python, DevOps engineers' lovely language.
TF2 vs. Terraform-compliance¶
It's a cool tool to implement Policy as Code in a BDD(Behaviour Driven Development) language. It's really a lovely tool, but it doesn't support e2e tests, and it's not expandable like TF2. TF2 opens your hands to implement everything you need.
The TF2 core doesn't have any external or third-party requirements, and we will keep this approach as the main development policy to reduce the attack surface. This policy is created because you run the TF2 in your critical environments, CI/CD systems, and cloud/on-premises infrastructures, and we want to keep you completely secure.
The TF2 core is just using standard and official Python libraries.
You can also use our official Docker image to run the framework. The image consists of the latest version of Terraform and the TF2 framework itself.
It's a ready-to-go image to integrate the TF2 within CI/CD pipelines.
This project is licensed under the terms of the Apache 2.0 license.