diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ad96212de..aabcce23a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -7,6 +7,9 @@ on: pull_request: branches: - master + merge_group: + branches: + - master jobs: build-multiarch: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 5bbd4639b..ea3a3d731 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -7,11 +7,9 @@ jobs: lint: name: Lint runs-on: ubuntu-latest - steps: - name: Check out code uses: actions/checkout@v4 - - name: Lint uses: golangci/golangci-lint-action@v8 with: @@ -20,75 +18,158 @@ jobs: test: name: Unit Tests runs-on: ubuntu-latest - steps: - name: Check out code uses: actions/checkout@v4 - - name: Set up Go uses: actions/setup-go@v5 with: go-version-file: go.mod - - name: Test run: make test - test-sysdig-monitor: - name: Sysdig Monitor Acceptance Tests + # ============================================ + # Sysdig Secure - Dynamic Matrix + # ============================================ + list-sysdig-secure-tests: + name: List Secure Tests runs-on: ubuntu-latest needs: test - + outputs: + matrix: ${{ steps.list.outputs.matrix }} steps: - - name: Check out code - uses: actions/checkout@v4 + - uses: actions/checkout@v4 + - id: list + run: | + files=$(grep -l "tf_acc_sysdig_secure" sysdig/*_test.go | xargs -I{} basename {} .go || echo "") + if [ -z "$files" ]; then + echo "matrix=[]" >> $GITHUB_OUTPUT + else + matrix=$(echo "$files" | jq -R -s -c 'split("\n") | map(select(length > 0))') + echo "matrix=$matrix" >> $GITHUB_OUTPUT + fi - - name: Set up Go - uses: actions/setup-go@v5 + test-sysdig-secure: + name: "Secure: ${{ matrix.file }}" + runs-on: ubuntu-latest + needs: list-sysdig-secure-tests + strategy: + fail-fast: true + max-parallel: 20 + matrix: + file: ${{ fromJson(needs.list-sysdig-secure-tests.outputs.matrix) }} + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: go-version-file: go.mod - - - name: Test - run: make testacc + - name: Run tests from ${{ matrix.file }} + run: | + tests=$(grep -oh "func Test[A-Za-z0-9_]*" sysdig/${{ matrix.file }}.go | sed 's/func //' | tr '\n' '|' | sed 's/|$//') + if [ -n "$tests" ]; then + echo "Running tests: $tests" + CGO_ENABLED=1 TF_ACC=1 go test ./sysdig -v -tags=tf_acc_sysdig_secure -timeout 30m -race -run "^($tests)$" + else + echo "No tests found in file" + fi env: - TEST_SUITE: tf_acc_sysdig_monitor SYSDIG_MONITOR_API_TOKEN: ${{ secrets.KUBELAB_MONITOR_API_TOKEN }} SYSDIG_SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }} - test-sysdig-secure: - name: Sysdig Secure Acceptance Tests + sysdig-secure-result: + name: Sysdig Secure Tests Result + runs-on: ubuntu-latest + needs: [list-sysdig-secure-tests, test-sysdig-secure] + if: always() + steps: + - name: Check test results + run: | + if [ "${{ needs.test-sysdig-secure.result }}" == "success" ] || [ "${{ needs.test-sysdig-secure.result }}" == "skipped" ]; then + echo "All Sysdig Secure tests passed" + exit 0 + else + echo "Some Sysdig Secure tests failed" + exit 1 + fi + + # ============================================ + # Sysdig Monitor - Dynamic Matrix + # ============================================ + list-sysdig-monitor-tests: + name: List Monitor Tests runs-on: ubuntu-latest needs: test - + outputs: + matrix: ${{ steps.list.outputs.matrix }} steps: - - name: Check out code - uses: actions/checkout@v4 + - uses: actions/checkout@v4 + - id: list + run: | + files=$(grep -l "tf_acc_sysdig_monitor" sysdig/*_test.go | xargs -I{} basename {} .go || echo "") + if [ -z "$files" ]; then + echo "matrix=[]" >> $GITHUB_OUTPUT + else + matrix=$(echo "$files" | jq -R -s -c 'split("\n") | map(select(length > 0))') + echo "matrix=$matrix" >> $GITHUB_OUTPUT + fi - - name: Set up Go - uses: actions/setup-go@v5 + test-sysdig-monitor: + name: "Monitor: ${{ matrix.file }}" + runs-on: ubuntu-latest + needs: list-sysdig-monitor-tests + strategy: + fail-fast: true + max-parallel: 20 + matrix: + file: ${{ fromJson(needs.list-sysdig-monitor-tests.outputs.matrix) }} + steps: + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: go-version-file: go.mod - - - name: Test - run: make testacc + - name: Run tests from ${{ matrix.file }} + run: | + tests=$(grep -oh "func Test[A-Za-z0-9_]*" sysdig/${{ matrix.file }}.go | sed 's/func //' | tr '\n' '|' | sed 's/|$//') + if [ -n "$tests" ]; then + echo "Running tests: $tests" + CGO_ENABLED=1 TF_ACC=1 go test ./sysdig -v -tags=tf_acc_sysdig_monitor -timeout 30m -race -run "^($tests)$" + else + echo "No tests found in file" + fi env: - TEST_SUITE: tf_acc_sysdig_secure SYSDIG_MONITOR_API_TOKEN: ${{ secrets.KUBELAB_MONITOR_API_TOKEN }} SYSDIG_SECURE_API_TOKEN: ${{ secrets.KUBELAB_SECURE_API_TOKEN }} + sysdig-monitor-result: + name: Sysdig Monitor Tests Result + runs-on: ubuntu-latest + needs: [list-sysdig-monitor-tests, test-sysdig-monitor] + if: always() + steps: + - name: Check test results + run: | + if [ "${{ needs.test-sysdig-monitor.result }}" == "success" ] || [ "${{ needs.test-sysdig-monitor.result }}" == "skipped" ]; then + echo "All Sysdig Monitor tests passed" + exit 0 + else + echo "Some Sysdig Monitor tests failed" + exit 1 + fi + + # ============================================ + # IBM Monitor - Sequential (no parallelization) + # ============================================ test-ibm-monitor: name: IBM Monitor Acceptance Tests runs-on: ubuntu-latest needs: test - steps: - name: Check out code uses: actions/checkout@v4 - - name: Set up Go uses: actions/setup-go@v5 with: go-version-file: go.mod - - name: Test run: make testacc env: @@ -99,20 +180,20 @@ jobs: SYSDIG_MONITOR_URL: "https://eu-gb.monitoring.cloud.ibm.com" IBM_EVENT_NOTIFICATION_INSTANCE_ID: ${{ secrets.IBM_EVENT_NOTIFICATION_INSTANCE_ID }} + # ============================================ + # IBM Secure - Sequential (no parallelization) + # ============================================ test-ibm-secure: name: IBM Secure Acceptance Tests runs-on: ubuntu-latest needs: test - steps: - name: Check out code uses: actions/checkout@v4 - - name: Set up Go uses: actions/setup-go@v5 with: go-version-file: go.mod - - name: Test run: make testacc env: diff --git a/sysdig/data_source_sysdig_secure_rule_stateful_count_test.go b/sysdig/data_source_sysdig_secure_rule_stateful_count_test.go index 51357a5af..65df48a04 100644 --- a/sysdig/data_source_sysdig_secure_rule_stateful_count_test.go +++ b/sysdig/data_source_sysdig_secure_rule_stateful_count_test.go @@ -5,11 +5,13 @@ package sysdig_test import ( "fmt" "os" + "strconv" "strings" "testing" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/v2/terraform" "github.com/draios/terraform-provider-sysdig/sysdig" ) @@ -35,13 +37,31 @@ func TestAccRuleStatefulCountDataSource(t *testing.T) { { Config: ruleStatefulCountDataSource(), Check: resource.ComposeTestCheckFunc( - resource.TestCheckResourceAttr("data.sysdig_secure_rule_stateful_count.data_stateful_rule_append", "rule_count", "2"), + testCheckRuleCountAtLeast("data.sysdig_secure_rule_stateful_count.data_stateful_rule_append", 2), ), }, }, }) } +func testCheckRuleCountAtLeast(resourceName string, minCount int) resource.TestCheckFunc { + return func(s *terraform.State) error { + rs, ok := s.RootModule().Resources[resourceName] + if !ok { + return fmt.Errorf("resource not found: %s", resourceName) + } + countStr := rs.Primary.Attributes["rule_count"] + count, err := strconv.Atoi(countStr) + if err != nil { + return fmt.Errorf("rule_count is not a valid integer: %s", countStr) + } + if count < minCount { + return fmt.Errorf("rule_count expected >= %d, got %d", minCount, count) + } + return nil + } +} + func ruleStatefulCountDataSource() string { return fmt.Sprintf(` %s diff --git a/sysdig/data_source_sysdig_user_test.go b/sysdig/data_source_sysdig_user_test.go index 4e66800f3..7743c5c6b 100644 --- a/sysdig/data_source_sysdig_user_test.go +++ b/sysdig/data_source_sysdig_user_test.go @@ -3,8 +3,10 @@ package sysdig_test import ( + "fmt" "testing" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/acctest" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" @@ -12,6 +14,7 @@ import ( ) func TestAccDataUser(t *testing.T) { + randomSuffix := acctest.RandStringFromCharSet(10, acctest.CharSetAlphaNum) resource.ParallelTest(t, resource.TestCase{ PreCheck: preCheckAnyEnv(t, SysdigMonitorApiTokenEnv, SysdigSecureApiTokenEnv), ProviderFactories: map[string]func() (*schema.Provider, error){ @@ -21,21 +24,21 @@ func TestAccDataUser(t *testing.T) { }, Steps: []resource.TestStep{ { - Config: getUser(), + Config: getUser(randomSuffix), }, }, }) } -func getUser() string { - return ` +func getUser(suffix string) string { + return fmt.Sprintf(` resource "sysdig_user" "sample" { - email = "terraform-test+user@sysdig.com" + email = "terraform-test+user-%s@sysdig.com" } data "sysdig_user" "me" { depends_on = ["sysdig_user.sample"] email = sysdig_user.sample.email } -` +`, suffix) }