Skip to content

fix(perforce): restructure tests and fix pre-existing module bugs #870

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
hwkiem wants to merge 2 commits into
base: main
Choose a base branch
from
Open

fix(perforce): restructure tests and fix pre-existing module bugs #870

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
9c2bf83
fix(perforce): restructure tests and fix pre-existing module bugs
hwkiem Feb 14, 2026
af771a4
style(perforce): fix terraform fmt on test files
hwkiem Feb 14, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 5 additions & 4 deletions modules/perforce/README.md
View file
Open in desktop

Large diffs are not rendered by default.

6 changes: 3 additions & 3 deletions modules/perforce/lb.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
##########################################
# Send traffic from NLB to ALB
resource "aws_lb_target_group" "perforce" {
count = var.create_shared_network_load_balancer != false ? 1 : 0
count = var.create_shared_network_load_balancer && var.create_shared_application_load_balancer ? 1 : 0
name = "${var.project_prefix}-nlb-to-perforce-web-services"
target_type = "alb"
port = 443
Expand Down Expand Up @@ -40,7 +40,7 @@ resource "aws_lb_target_group" "perforce" {
}

resource "aws_lb_target_group_attachment" "perforce" {
count = var.create_shared_network_load_balancer != false ? 1 : 0
count = var.create_shared_network_load_balancer && var.create_shared_application_load_balancer ? 1 : 0
target_group_arn = aws_lb_target_group.perforce[0].arn
target_id = aws_lb.perforce_web_services[0].arn
port = 443
Expand Down Expand Up @@ -97,7 +97,7 @@ resource "aws_lb" "perforce" {
##########################################
# forward HTTPS traffic from Public NLB to Internal ALB
resource "aws_lb_listener" "perforce" {
count = var.create_shared_network_load_balancer != false ? 1 : 0
count = var.create_shared_network_load_balancer && var.create_shared_application_load_balancer ? 1 : 0
load_balancer_arn = aws_lb.perforce[0].arn
port = 443
protocol = "TCP"
Expand Down
8 changes: 4 additions & 4 deletions modules/perforce/main.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -159,10 +159,10 @@ module "p4_code_review" {
create_default_role = var.p4_code_review_config.create_default_role
custom_role = var.p4_code_review_config.custom_role

super_user_password_secret_arn = module.p4_server[0].super_user_password_secret_arn
super_user_username_secret_arn = module.p4_server[0].super_user_username_secret_arn
p4_code_review_user_password_secret_arn = module.p4_server[0].super_user_password_secret_arn
p4_code_review_user_username_secret_arn = module.p4_server[0].super_user_username_secret_arn
super_user_password_secret_arn = var.p4_code_review_config.super_user_password_secret_arn != null ? var.p4_code_review_config.super_user_password_secret_arn : try(module.p4_server[0].super_user_password_secret_arn, null)
super_user_username_secret_arn = var.p4_code_review_config.super_user_username_secret_arn != null ? var.p4_code_review_config.super_user_username_secret_arn : try(module.p4_server[0].super_user_username_secret_arn, null)
p4_code_review_user_password_secret_arn = var.p4_code_review_config.p4_code_review_user_password_secret_arn != null ? var.p4_code_review_config.p4_code_review_user_password_secret_arn : try(module.p4_server[0].super_user_password_secret_arn, null)
p4_code_review_user_username_secret_arn = var.p4_code_review_config.p4_code_review_user_username_secret_arn != null ? var.p4_code_review_config.p4_code_review_user_username_secret_arn : try(module.p4_server[0].super_user_username_secret_arn, null)

enable_sso = var.p4_code_review_config.enable_sso
config_php_source = var.p4_code_review_config.config_php_source
Expand Down
2 changes: 1 addition & 1 deletion modules/perforce/outputs.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -118,7 +118,7 @@ output "p4_code_review_execution_role_id" {
}

output "p4_server_lambda_link_name" {
value = (var.p4_server_config.storage_type == "FSxN" && var.p4_server_config.protocol == "ISCSI" ?
value = (var.p4_server_config != null && var.p4_server_config.storage_type == "FSxN" && var.p4_server_config.protocol == "ISCSI" ?
module.p4_server[0].lambda_link_name : null)
description = "The name of the Lambda link for the P4 Server instance to use with FSxN."
}
2 changes: 1 addition & 1 deletion modules/perforce/sg.tf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ resource "aws_security_group" "perforce_network_load_balancer" {
# Perforce NLB --> Perforce Web Services ALB
# Allows Perforce NLB to send outbound traffic to Perforce Web Services ALB
resource "aws_vpc_security_group_egress_rule" "perforce_nlb_outbound_to_perforce_web_services_alb" {
count = var.create_default_sgs && var.create_shared_network_load_balancer ? 1 : 0
count = var.create_default_sgs && var.create_shared_network_load_balancer && var.create_shared_application_load_balancer ? 1 : 0
security_group_id = aws_security_group.perforce_network_load_balancer[0].id
description = "Allows Perforce NLB to send outbound traffic to Perforce Web Services ALB."
from_port = 443
Expand Down
69 changes: 37 additions & 32 deletions ...s/unit/01_conditional_creation.tftest.hcl → .../tests/01_conditional_creation.tftest.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,14 +40,7 @@ mock_provider "aws" {

mock_data "aws_iam_policy_document" {
defaults = {
json = jsonencode({
Version = "2012-10-17"
Statement = [{
Effect = "Allow"
Action = "*"
Resource = "*"
}]
})
json = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}]}"
Copy link
Contributor

@gabebatista gabebatista Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I find the old version easier to read. Any reason this approach is better?

}
}

Expand All @@ -71,7 +64,10 @@ run "no_submodules" {
command = plan

variables {
vpc_id = "vpc-12345678"
vpc_id = "vpc-12345678"
create_shared_network_load_balancer = false
create_shared_application_load_balancer = false
create_route53_private_hosted_zone = false
# All submodule configs are null (default)
}

Expand Down Expand Up @@ -101,9 +97,11 @@ run "p4_server_only" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
create_shared_application_load_balancer = false
create_route53_private_hosted_zone = false

p4_server_config = {
fully_qualified_domain_name = "p4.test.internal"
Expand Down Expand Up @@ -141,9 +139,11 @@ run "p4_auth_only" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
create_shared_network_load_balancer = false
create_route53_private_hosted_zone = false

p4_auth_config = {
fully_qualified_domain_name = "auth.test.internal"
Expand Down Expand Up @@ -178,9 +178,11 @@ run "p4_code_review_only" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
create_shared_network_load_balancer = false
create_route53_private_hosted_zone = false

p4_code_review_config = {
fully_qualified_domain_name = "swarm.test.internal"
Expand Down Expand Up @@ -216,10 +218,11 @@ run "server_and_auth" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
create_route53_private_hosted_zone = false

p4_server_config = {
fully_qualified_domain_name = "p4.test.internal"
Expand Down Expand Up @@ -262,10 +265,11 @@ run "server_and_code_review" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
create_route53_private_hosted_zone = false

p4_server_config = {
fully_qualified_domain_name = "p4.test.internal"
Expand Down Expand Up @@ -317,7 +321,7 @@ run "full_stack" {
route53_private_hosted_zone_name = "perforce.internal"

p4_server_config = {
fully_qualified_domain_name = "p4.perforce.internal"
fully_qualified_domain_name = "perforce.internal"
instance_subnet_id = "subnet-111"
p4_server_type = "p4d_commit"
depot_volume_size = 128
Expand Down Expand Up @@ -368,11 +372,12 @@ run "full_stack_existing_ecs_cluster" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
existing_ecs_cluster_name = "my-existing-cluster"
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
shared_alb_subnets = ["subnet-111", "subnet-222", "subnet-333"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test-cert"
existing_ecs_cluster_name = "my-existing-cluster"
create_route53_private_hosted_zone = false

p4_server_config = {
fully_qualified_domain_name = "p4.test.internal"
Expand Down
56 changes: 31 additions & 25 deletions ...tests/unit/02_shared_resources.tftest.hcl → ...orce/tests/02_shared_resources.tftest.hcl
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,10 +29,7 @@ mock_provider "aws" {
}
mock_data "aws_iam_policy_document" {
defaults = {
json = jsonencode({
Version = "2012-10-17"
Statement = [{ Effect = "Allow", Action = "*", Resource = "*" }]
})
json = "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Action\":\"*\",\"Resource\":\"*\"}]}"
Copy link
Contributor

@gabebatista gabebatista Feb 17, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

same as before, I find the old one easier to read.

}
}
mock_data "aws_ami" {
Expand All @@ -51,9 +48,11 @@ run "ecs_cluster_auth_only" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
create_shared_network_load_balancer = false
create_route53_private_hosted_zone = false

p4_auth_config = {
fully_qualified_domain_name = "auth.test.internal"
Expand All @@ -77,9 +76,11 @@ run "ecs_cluster_code_review_only" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
create_shared_network_load_balancer = false
create_route53_private_hosted_zone = false

p4_code_review_config = {
fully_qualified_domain_name = "swarm.test.internal"
Expand All @@ -103,10 +104,12 @@ run "ecs_cluster_shared" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
shared_ecs_cluster_name = "my-shared-cluster"
vpc_id = "vpc-12345678"
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
shared_ecs_cluster_name = "my-shared-cluster"
create_shared_network_load_balancer = false
create_route53_private_hosted_zone = false

p4_auth_config = {
fully_qualified_domain_name = "auth.test.internal"
Expand Down Expand Up @@ -143,7 +146,7 @@ run "route53_private_zone" {
route53_private_hosted_zone_name = "perforce.internal"

p4_server_config = {
fully_qualified_domain_name = "p4.perforce.internal"
fully_qualified_domain_name = "perforce.internal"
instance_subnet_id = "subnet-111"
p4_server_type = "p4d_commit"
}
Expand All @@ -170,11 +173,12 @@ run "load_balancer_access_logs" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222"]
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
enable_shared_lb_access_logs = true
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222"]
shared_alb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
enable_shared_lb_access_logs = true
create_route53_private_hosted_zone = false

p4_server_config = {
fully_qualified_domain_name = "p4.test.internal"
Expand All @@ -189,12 +193,12 @@ run "load_balancer_access_logs" {
}

assert {
condition = length(aws_s3_bucket.lb_access_logs) == 1
condition = length(aws_s3_bucket.shared_lb_access_logs_bucket) == 1
error_message = "S3 bucket should be created when load balancer access logging is enabled"
}

assert {
condition = length(aws_lb.perforce_shared_nlb) > 0 ? aws_lb.perforce_shared_nlb[0].enable_cross_zone_load_balancing == true : true
condition = aws_lb.perforce[0].enable_cross_zone_load_balancing == true
error_message = "NLB should have cross-zone load balancing enabled"
}
}
Expand All @@ -204,9 +208,11 @@ run "no_ecs_cluster_server_only" {
command = plan

variables {
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
vpc_id = "vpc-12345678"
shared_nlb_subnets = ["subnet-111", "subnet-222"]
certificate_arn = "arn:aws:acm:us-east-1:123456789012:certificate/test"
create_shared_application_load_balancer = false
create_route53_private_hosted_zone = false

p4_server_config = {
fully_qualified_domain_name = "p4.test.internal"
Expand Down
Loading
Loading