Added tests

[goruha]

what

• Added tests

Summary by CodeRabbit

• New Features

  • Added comprehensive testing infrastructure for CloudTrail components.
  • Introduced Atmos CLI configuration for infrastructure management.
  • Created new test fixtures and configurations for account mapping and CloudTrail testing.
  • Added a new configuration section for a disabled CloudTrail feature.

• Chores

  • Updated module versions for CloudTrail-related components.
  • Added new Go module dependencies for testing.
  • Updated project configuration files.
  • Removed obsolete script for test execution.

• Tests

  • Implemented Terratest-based test suite for CloudTrail functionality.
  • Added test configurations for basic and organization-level CloudTrail scenarios.

[coderabbitai]

Warning

Rate limit exceeded

@goruha has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 16 minutes and 30 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Reviewing files that changed from the base of the PR and between 1ded3b7 and b686772.

⛔ Files ignored due to path filters (1)

• test/go.sum is excluded by !**/*.sum

📒 Files selected for processing (3)

• test/component_test.go (1 hunks)
• test/fixtures/atmos.yaml (1 hunks)
• test/go.mod (1 hunks)

Walkthrough

The pull request introduces significant enhancements to the testing framework for AWS CloudTrail components. It updates module versions in the remote state configuration, adds new test fixtures, establishes a Go-based test suite for CloudTrail functionality, and introduces Atmos configuration files. The changes aim to create a structured and comprehensive testing environment for CloudTrail and account mapping components, detailing configurations for various testing scenarios.

Changes

File	Change Summary
src/remote-state.tf	Updated module versions for cloudtrail_bucket and account_map from 1.5.0 to 1.8.0
test/.gitignore	Added entries for state/, .cache, test/test-suite.json, and .atmos
test/component_test.go	Added new test suite with functions for testing CloudTrail components
test/fixtures/*	Added multiple YAML configuration files for Atmos, stacks, and vendor management
test/go.mod	Created new Go module with dependencies for testing
test/run.sh	Removed
test/fixtures/stacks/catalog/usecase/disabled.yaml	Added configuration for disabled CloudTrail component
test/fixtures/stacks/catalog/usecase/org-level.yaml	Added configuration for organization-level CloudTrail component
test/fixtures/stacks/catalog/usecase/basic.yaml	Added configuration for basic CloudTrail component
test/fixtures/stacks/catalog/cloudtrail-bucket.yaml	Added configuration for CloudTrail bucket component
test/fixtures/stacks/catalog/account-map.yaml	Added configuration for account mapping component
test/fixtures/stacks/orgs/default/test/_defaults.yaml	Added configuration for Terraform backend settings and account mappings
test/fixtures/stacks/orgs/default/test/tests.yaml	Added imports for various configurations

Sequence Diagram

sequenceDiagram
    participant Test as Test Suite
    participant CloudTrail as CloudTrail Component
    participant AWS as AWS Services
    
    Test->>CloudTrail: Initialize Component
    CloudTrail->>AWS: Create CloudTrail
    AWS-->>CloudTrail: Return CloudTrail Details
    CloudTrail-->>Test: Provide Component Outputs
    Test->>Test: Validate Outputs
    Test->>Test: Run Assertions

Loading

Poem

🐰 A Rabbit's Test of Cloudy Trails

In YAML's realm, where configs prevail,
CloudTrail tests hop with vigor and scale.
Modules update, versions take flight,
Terratest checks everything's just right!

🚀 Hop, hop, hooray! 🎉

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[goruha]

/terratest

[mergify]

Merge Protections

Your pull request matches the following merge protections and will not be merged until they are valid.

🟢 Require terratest

Wonderful, this rule succeeded.

This rule require terratest status

• check-success = test/terratest

[coderabbitai]

Actionable comments posted: 4

🧹 Nitpick comments (9)

test/fixtures/stacks/orgs/default/test/_defaults.yaml (2)

8-9: Consider simplifying the default state path.

The default state path uses multiple parent directory references (../../../../../). Consider using a more direct path or making it configurable through a base path environment variable.

-      path: '{{ getenv "TEST_STATE_DIR" | default "../../../../../state" }}/{{ getenv "TEST_SUITE_NAME" | default "" }}/{{ .component }}/terraform.tfstate'
+      path: '{{ getenv "TEST_BASE_DIR" | default "." }}/state/{{ getenv "TEST_SUITE_NAME" | default "" }}/{{ .component }}/terraform.tfstate'

Also applies to: 13-14

---

70-71: Consider documenting empty terraform role.

The terraform role for default-test is set to an empty string. If this is intentional, consider adding a comment explaining why.

          terraform_roles:
-            default-test: ''
+            default-test: '' # Empty string used for test environment

test/component_test.go (4)

19-19: Consider making the AWS region configurable.

The AWS region is hardcoded to "us-east-2". Consider making it configurable through environment variables to support testing in different regions.

-       awsRegion := "us-east-2"
+       awsRegion := os.Getenv("TEST_AWS_REGION")
+       if awsRegion == "" {
+           awsRegion = "us-east-2" // default region
+       }

---

33-33: Fix incorrect comment reference.

The comment refers to "bastion" component instead of "cloudtrail".

-               // Test phase: Validate the functionality of the bastion component
+               // Test phase: Validate the functionality of the CloudTrail component

---

34-68: Consider adding more validations for CloudTrail configuration.

The test validates basic properties but could benefit from additional checks:

• Trail status (IsLogging)
• S3 bucket configuration
• Event selectors configuration
• KMS key configuration if applicable

Example addition:

+           status, err := client.GetTrailStatus(context.Background(), &cloudtrail.GetTrailStatusInput{
+               Name: &cloudtrailID,
+           })
+           assert.NoError(t, err)
+           assert.True(t, *status.IsLogging)

---

110-123: Add documentation for helper functions.

The helper functions would benefit from godoc comments explaining their purpose and usage.

+ // NewCloudTrailClient creates a new AWS CloudTrail client for the specified region.
+ // It panics if client creation fails.
  func NewCloudTrailClient(t *testing.T, region string) *cloudtrail.Client {

+ // NewCloudTrailClientE creates a new AWS CloudTrail client for the specified region.
+ // It returns an error if client creation fails.
  func NewCloudTrailClientE(t *testing.T, region string) (*cloudtrail.Client, error) {

test/fixtures/vendor.yaml (1)

21-22: Consider adding version constraint checks.

For security and stability, consider adding version constraint checks to ensure minimum required versions are met.

      source: github.com/cloudposse-terraform-components/aws-cloudtrail-bucket.git//src?ref={{.Version}}
      version: v1.535.0
+     constraints:
+       minimum_version: v1.500.0  # Specify minimum version with required features

test/fixtures/stacks/catalog/account-map.yaml (1)

11-22: Consider removing or updating the commented section.

The commented section appears to contain Cloud Posse's internal configuration details. While the values are likely placeholders, it's good practice to either remove unused comments or update them with generic examples.

test/fixtures/atmos.yaml (1)

84-87: Fix trailing whitespace issues.

The command definition contains trailing spaces that should be removed.

-        atmos describe stacks --format json --sections=component,metadata --components=component -s sandbox 
-        | jq '.[] | .components.terraform | to_entries |  
-        map(select(.value.component == "component" and (.value.metadata.type != "abstract" or .value.metadata.type == null)))  
-        | .[].key'  
+        atmos describe stacks --format json --sections=component,metadata --components=component -s sandbox\
+        | jq '.[] | .components.terraform | to_entries |\
+        map(select(.value.component == "component" and (.value.metadata.type != "abstract" or .value.metadata.type == null)))\
+        | .[].key'

🧰 Tools

🪛 YAMLlint (1.35.1)

[error] 85-85: trailing spaces

(trailing-spaces)

---

[error] 86-86: trailing spaces

(trailing-spaces)

---

[error] 87-87: trailing spaces

(trailing-spaces)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 2580402 and e744948.

⛔ Files ignored due to path filters (1)

• test/go.sum is excluded by !**/*.sum

📒 Files selected for processing (13)

• src/remote-state.tf (2 hunks)
• test/.gitignore (1 hunks)
• test/component_test.go (1 hunks)
• test/fixtures/atmos.yaml (1 hunks)
• test/fixtures/stacks/catalog/account-map.yaml (1 hunks)
• test/fixtures/stacks/catalog/cloudtrail-bucket.yaml (1 hunks)
• test/fixtures/stacks/catalog/usecase/basic.yaml (1 hunks)
• test/fixtures/stacks/catalog/usecase/org-level.yaml (1 hunks)
• test/fixtures/stacks/orgs/default/test/_defaults.yaml (1 hunks)
• test/fixtures/stacks/orgs/default/test/tests.yaml (1 hunks)
• test/fixtures/vendor.yaml (1 hunks)
• test/go.mod (1 hunks)
• test/run.sh (0 hunks)

💤 Files with no reviewable changes (1)

• test/run.sh

✅ Files skipped from review due to trivial changes (4)

• test/fixtures/stacks/catalog/cloudtrail-bucket.yaml
• test/.gitignore
• test/fixtures/stacks/orgs/default/test/tests.yaml
• src/remote-state.tf

🧰 Additional context used

🪛 YAMLlint (1.35.1)

test/fixtures/atmos.yaml

[error] 85-85: trailing spaces

(trailing-spaces)

---

[error] 86-86: trailing spaces

(trailing-spaces)

---

[error] 87-87: trailing spaces

(trailing-spaces)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Mergify Merge Protections
• GitHub Check: Mergify Merge Protections
• GitHub Check: Summary

🔇 Additional comments (8)

test/fixtures/stacks/orgs/default/test/_defaults.yaml (3)

48-48: Update email format for production readiness.

The account email format uses a placeholder domain (example.com). Ensure this is updated with the correct domain before deploying to production.

---

54-56: Verify EKS tag consistency.

There's an inconsistency in the EKS configuration:

• eks: true is set in the account properties
• But the tags section has eks: false

Please clarify which setting should take precedence.

---

1-3: Verify the catalog import path exists.

Let's ensure the catalog/account-map import path is valid and accessible.

✅ Verification successful

Import path catalog/account-map is valid and correctly configured

The account-map configuration file exists at the expected relative path: test/fixtures/stacks/catalog/account-map.yaml

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if the catalog/account-map exists in the repository
fd -t f "account-map.ya?ml" -d 3 catalog/

Length of output: 139

---

Script:

#!/bin/bash
# Search for account-map files throughout the repository
fd -t f "account-map.ya?ml"

# Also search for any YAML files containing "account" to catch potential variations
fd -t f "account.*\.ya?ml"

Length of output: 150

test/fixtures/stacks/catalog/usecase/basic.yaml (1)

10-10: Consider increasing log retention period for testing.

A 1-day retention period might be too short to properly validate log delivery and integration testing scenarios. Consider increasing it to at least 7 days for testing purposes.

-       cloudwatch_logs_retention_in_days: 1
+       cloudwatch_logs_retention_in_days: 7

test/fixtures/stacks/catalog/account-map.yaml (1)

23-46: LGTM! Well-structured static backend configuration.

The static backend configuration is properly set up for testing purposes with clear documentation explaining its usage and requirements.

test/fixtures/atmos.yaml (1)

1-18: LGTM! Well-documented configuration loading behavior.

The configuration clearly documents the priority order for loading CLI configurations and the behavior of base paths.

test/go.mod (2)

19-99: LGTM! Comprehensive dependency management.

The dependencies are well-organized with specific versions, including all necessary AWS SDK components for CloudTrail testing.

---

3-3: Verify Go version compatibility.

The specified Go version 1.23.0 appears to be incorrect as it's beyond the latest stable release (1.22.0 as of January 2025).

[goruha]

/terratest

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

test/go.mod (1)

17-127: Indirect Dependencies Management

The indirect dependencies are comprehensively listed. While extensive, consider verifying that each is necessary for your test scenarios. Cleaning up or consolidating these dependencies—if possible—might help streamline the dependency graph.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e744948 and 1ded3b7.

⛔ Files ignored due to path filters (1)

• test/go.sum is excluded by !**/*.sum

📒 Files selected for processing (9)

• test/.gitignore (1 hunks)
• test/component_test.go (1 hunks)
• test/fixtures/stacks/catalog/usecase/basic.yaml (1 hunks)
• test/fixtures/stacks/catalog/usecase/disabled.yaml (1 hunks)
• test/fixtures/stacks/catalog/usecase/org-level.yaml (1 hunks)
• test/fixtures/stacks/orgs/default/test/_defaults.yaml (1 hunks)
• test/fixtures/stacks/orgs/default/test/tests.yaml (1 hunks)
• test/fixtures/vendor.yaml (1 hunks)
• test/go.mod (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (3)

• test/fixtures/stacks/catalog/usecase/basic.yaml
• test/fixtures/vendor.yaml
• test/.gitignore

🧰 Additional context used

🪛 golangci-lint (1.62.2)

test/component_test.go

116-116: const awsRegion is unused

(unused)

⏰ Context from checks skipped due to timeout of 90000ms (3)

• GitHub Check: Mergify Merge Protections
• GitHub Check: Mergify Merge Protections
• GitHub Check: Summary

🔇 Additional comments (16)

test/component_test.go (2)

1-64: Overall test setup looks good.

---

66-111: Refactor to reduce code duplication and provide a more descriptive skip message.

This portion of code heavily resembles the logic in TestBasic. The suggestion below aligns with a previous review:

• Extract common validation logic into a helper function, e.g., validateCloudTrail(...).
• Provide more context in the skip message regarding Service Policy limitations and required roles.

test/fixtures/stacks/orgs/default/test/tests.yaml (1)

1-6: No issues found.
These imports look correct for including the relevant references.

test/fixtures/stacks/catalog/usecase/org-level.yaml (1)

1-11: Configuration looks correct.

Setting cloudwatch_logs_retention_in_days to 1 is valid, ensuring logs are retained for one day.

test/fixtures/stacks/catalog/usecase/disabled.yaml (3)

1-3: Configuration Structure: Looks Well-Defined

The YAML structure correctly nests the cloudtrail/disabled component under terraform, making it clear and easy to manage.

---

4-5: Metadata Block Clarity

The metadata section clearly identifies the component as a target, which can be useful for test harnesses or downstream tools that need to filter components.

---

6-11: Variables Configuration: Accurate and Clear

The variables are properly configured to disable CloudTrail, with clear settings for the bucket environment, stage, and log retention. Verify that the 1-day retention meets your testing or operational requirements.

test/fixtures/stacks/orgs/default/test/_defaults.yaml (6)

1-3: Import Directive

The import section correctly references catalog/account-map, which helps centralize the account mapping configurations. Ensure that the referenced file exists and remains updated.

---

4-10: Terraform Backend Configuration

The Terraform backend settings use templating with environment variables and defaults appropriately. Double-check that the default path ("../../../state") fits within your project's directory structure.

---

11-15: Terraform Variables Definition

The essential Terraform variables—such as namespace, tenant, environment, region, and stage—are clearly defined. This aids in dynamically configuring the test environment.

---

16-22: Label Order Configuration

The label_order array is well specified to enforce a consistent order for processing or naming. Confirm that its order matches the expectations in downstream components.

---

23-34: Descriptor Formats Setup

The descriptor_formats section is defined clearly and allows for flexible account naming based on specified labels. No issues noted.

---

36-67: Component Account-Map Configuration

The detailed components section under terraform for account-map is comprehensive. Notably, the use of environment variables (e.g., in line 45 for TEST_ACCOUNT_ID) is correct; however, ensure that TEST_ACCOUNT_ID is properly documented in your test setup instructions as highlighted in previous reviews.

test/go.mod (3)

1-4: Module Declaration and Go Version

The module is declared as module test with Go version 1.23.0, which clearly indicates the target environment for these tests.

---

5-13: Direct Dependencies Block

The direct dependencies are well-organized and pinned. Dependencies such as github.com/cloudposse/test-helpers and github.com/stretchr/testify ensure that tests run reliably across environments.

---

15-15: Explicit CloudTrail Service Dependency

The explicit dependency on github.com/aws/aws-sdk-go-v2/service/cloudtrail v1.47.4 is a good practice that ensures your CloudTrail-related tests use the intended version.

[goruha]

/terratest

[goruha]

/terratest

[github-actions]

These changes were released in v1.535.1.