-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
298 additions
and
7 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,12 +1,65 @@ | ||
module "common_tags" { | ||
source = "github.com/hmcts/terraform-module-common-tags?ref=master" | ||
|
||
builtFrom = "hmcts/terraform-module-virtual-machine-scale-set" | ||
builtFrom = "hmcts/terraform-module-vm-bootstrap" | ||
environment = "ptlsbox" | ||
product = "sds-platform" | ||
} | ||
|
||
# resource "azurerm_resource_group" "test" { | ||
# name = "vm-module-test-rg" | ||
# location = "UK South" | ||
# } | ||
resource "azurerm_resource_group" "test" { | ||
name = "vm-bootstrap-test-rg" | ||
location = "UK South" | ||
} | ||
|
||
resource "azurerm_virtual_network" "test" { | ||
name = "vm-bootstrap-test-vnet" | ||
address_space = ["10.0.0.0/16"] | ||
location = azurerm_resource_group.test.location | ||
resource_group_name = azurerm_resource_group.test.name | ||
tags = module.common_tags.common_tags | ||
} | ||
|
||
resource "azurerm_subnet" "test" { | ||
name = "internal" | ||
resource_group_name = azurerm_resource_group.test.name | ||
virtual_network_name = azurerm_virtual_network.test.name | ||
address_prefixes = ["10.0.2.0/24"] | ||
} | ||
|
||
resource "azurerm_network_interface" "test" { | ||
name = "test-nic" | ||
location = azurerm_resource_group.test.location | ||
resource_group_name = azurerm_resource_group.test.name | ||
tags = module.common_tags.common_tags | ||
|
||
ip_configuration { | ||
name = "internal" | ||
subnet_id = azurerm_subnet.test.id | ||
private_ip_address_allocation = "Dynamic" | ||
} | ||
} | ||
|
||
resource "azurerm_windows_virtual_machine" "test" { | ||
name = "test-machine" | ||
resource_group_name = azurerm_resource_group.test.name | ||
location = azurerm_resource_group.test.location | ||
size = "Standard_D2ds_v5" | ||
admin_username = "adminuser" | ||
admin_password = "example-$uper-$EcUrE-password" | ||
tags = module.common_tags.common_tags | ||
network_interface_ids = [ | ||
azurerm_network_interface.test.id, | ||
] | ||
|
||
os_disk { | ||
caching = "ReadWrite" | ||
storage_account_type = "Standard_LRS" | ||
} | ||
|
||
source_image_reference { | ||
publisher = "MicrosoftWindowsServer" | ||
offer = "WindowsServer" | ||
sku = "2022-Datacenter" | ||
version = "latest" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,3 @@ | ||
#TODO | ||
output "vm_id" { | ||
value = azurerm_windows_virtual_machine.test.id | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,230 @@ | ||
provider "azurerm" { | ||
features {} | ||
} | ||
|
||
provider "azurerm" { | ||
alias = "soc" | ||
features {} | ||
subscription_id = "8ae5b3b6-0b12-4888-b894-4cec33c92292" | ||
skip_provider_registration = true | ||
} | ||
|
||
provider "azurerm" { | ||
alias = "cnp" | ||
features {} | ||
subscription_id = "1c4f0704-a29e-403d-b719-b90c34ef14c9" | ||
skip_provider_registration = true | ||
} | ||
|
||
# Default variables for this test | ||
variables { | ||
env = "nonprod" | ||
os_type = "Windows" | ||
} | ||
|
||
run "setup_vm" { | ||
module { | ||
source = "./tests/modules/setup_vm_windows" | ||
} | ||
} | ||
|
||
# Tests the default settings for extensions for a windows VM | ||
# - Should install azure monitor by default | ||
# - Should install a custom script extension by default (for nessus and splunk) | ||
# - Should install dynatrace by default | ||
# - Should install endpoint protection by default | ||
# - Should not install any scaleset extensions | ||
run "virtual_machine_no_extensions" { | ||
|
||
command = plan | ||
|
||
variables { | ||
virtual_machine_type = "vm" | ||
virtual_machine_id = run.setup_vm.vm_id | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.azure_monitor) == 1 | ||
error_message = "Azure monitor installed by default" | ||
} | ||
|
||
assert { | ||
condition = azurerm_virtual_machine_extension.azure_monitor[0].name == "AMAWindows" | ||
error_message = "Incorrect name for azure monitor extension" | ||
} | ||
|
||
assert { | ||
condition = azurerm_virtual_machine_extension.azure_monitor[0].type == "AzureMonitorWindowsAgent" | ||
error_message = "Incorrect type for azure monitor extension" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.custom_script) == 1 | ||
error_message = "Custom script not installed by default" | ||
} | ||
|
||
assert { | ||
condition = azurerm_virtual_machine_extension.custom_script[0].publisher == "Microsoft.Compute" | ||
error_message = "Wrong publisher for a windows custom script" | ||
} | ||
|
||
assert { | ||
condition = azurerm_virtual_machine_extension.custom_script[0].type == "CustomScriptExtension" | ||
error_message = "Wrong type for a windows custom script" | ||
} | ||
|
||
assert { | ||
condition = azurerm_virtual_machine_extension.custom_script[0].type_handler_version == "1.9" | ||
error_message = "Wrong type handler version for a windows custom script" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.dynatrace_oneagent) == 1 | ||
error_message = "Dynatrace not installed by default" | ||
} | ||
|
||
assert { | ||
condition = azurerm_virtual_machine_extension.dynatrace_oneagent[0].type == "oneAgentWindows" | ||
error_message = "Wrong type for windows dynatrace extension" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.endpoint_protection) == 1 | ||
error_message = "Endpoint protection not installed by default" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.azure_vm_run_command) == 0 | ||
error_message = "Run command installed when not specified" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_scale_set_extension.azure_monitor) == 0 | ||
error_message = "Scale set extension stood up for VM" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_scale_set_extension.custom_script) == 0 | ||
error_message = "Scale set extension stood up for VM" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_scale_set_extension.dynatrace_oneagent) == 0 | ||
error_message = "Scale set extension stood up for VM" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_scale_set_extension.endpoint_protection) == 0 | ||
error_message = "Scale set extension stood up for VM" | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_scale_set_extension.azure_vmss_run_command) == 0 | ||
error_message = "Scale set extension stood up for VM" | ||
} | ||
} | ||
|
||
# Should not stand up an azure monitor extension when disabled | ||
run "virtual_machine_no_azure_monitor_extension" { | ||
|
||
command = plan | ||
|
||
variables { | ||
virtual_machine_type = "vm" | ||
virtual_machine_id = run.setup_vm.vm_id | ||
install_azure_monitor = false | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.azure_monitor) == 0 | ||
error_message = "Azure monitor installed when turned off" | ||
} | ||
} | ||
|
||
# Custom scipt should still install when nessus is disabled but splunk is still enabled | ||
run "virtual_machine_no_nessus" { | ||
|
||
command = plan | ||
|
||
variables { | ||
virtual_machine_type = "vm" | ||
virtual_machine_id = run.setup_vm.vm_id | ||
install_nessus_agent = false | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.custom_script) == 1 | ||
error_message = "Custom script not installed when only nessus is disabled" | ||
} | ||
} | ||
|
||
# Custom scipt should still install when splunk is disabled but nessus is still enabled | ||
run "virtual_machine_no_splunk" { | ||
|
||
command = plan | ||
|
||
variables { | ||
virtual_machine_type = "vm" | ||
virtual_machine_id = run.setup_vm.vm_id | ||
install_splunk_uf = false | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.custom_script) == 1 | ||
error_message = "Custom script not installed when only nessus is disabled" | ||
} | ||
} | ||
|
||
# Custom scipt should not install endpoint protection when disabled | ||
run "virtual_machine_no_endpoint_protection" { | ||
|
||
command = plan | ||
|
||
variables { | ||
virtual_machine_type = "vm" | ||
virtual_machine_id = run.setup_vm.vm_id | ||
install_endpoint_protection = false | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.endpoint_protection) == 0 | ||
error_message = "Endpoint protection installed when disabled" | ||
} | ||
} | ||
|
||
# Custom scipt should not be installed when both nessus and splunk are disabled | ||
# TODO: add a test for additional script as that is installed here as well | ||
# TODO: add tests for run command | ||
run "virtual_machine_no_nessus_or_splunk" { | ||
|
||
command = plan | ||
|
||
variables { | ||
virtual_machine_type = "vm" | ||
virtual_machine_id = run.setup_vm.vm_id | ||
install_splunk_uf = false | ||
install_nessus_agent = false | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.custom_script) == 0 | ||
error_message = "Custom script installed when nessus and splunk are disabled" | ||
} | ||
} | ||
|
||
# Custom scipt should still install when splunk is disabled but nessus is still enabled | ||
run "virtual_machine_no_dynatrace" { | ||
|
||
command = plan | ||
|
||
variables { | ||
virtual_machine_type = "vm" | ||
virtual_machine_id = run.setup_vm.vm_id | ||
install_dynatrace_oneagent = false | ||
} | ||
|
||
assert { | ||
condition = length(azurerm_virtual_machine_extension.dynatrace_oneagent) == 0 | ||
error_message = "Dynatrace installed when disabled" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters