fix unit tests

Author: whoffler

solutions/fully-configurable/README.md

@@ -29,7 +29,7 @@ When `existing_en_instance_crn` is passed, this solution ignores ALL other input
 
 | Name | Source | Version |
 |------|--------|---------|
-| <a name="module_cos"></a> [cos](#module\_cos) | terraform-ibm-modules/cos/ibm | 8.21.8 |
+| <a name="module_cos_buckets"></a> [cos\_buckets](#module\_cos\_buckets) | terraform-ibm-modules/cos/ibm//modules/buckets | 8.19.2 |
 | <a name="module_cos_kms_key_crn_parser"></a> [cos\_kms\_key\_crn\_parser](#module\_cos\_kms\_key\_crn\_parser) | terraform-ibm-modules/common-utilities/ibm//modules/crn-parser | 1.1.0 |
 | <a name="module_event_notifications"></a> [event\_notifications](#module\_event\_notifications) | ../.. | n/a |
 | <a name="module_existing_cos_crn_parser"></a> [existing\_cos\_crn\_parser](#module\_existing\_cos\_crn\_parser) | terraform-ibm-modules/common-utilities/ibm//modules/crn-parser | 1.1.0 |

solutions/fully-configurable/main.tf

@@ -88,7 +88,10 @@ locals {
 }
 
 module "kms" {
-  count                       = var.existing_event_notifications_instance_crn == null && var.kms_encryption_enabled && var.existing_kms_root_key_crn == null ? 1 : 0
+  providers = {
+    ibm = ibm.kms
+  }
+  count                       = var.kms_encryption_enabled && var.existing_kms_root_key_crn == null ? 1 : 0
   source                      = "terraform-ibm-modules/kms-all-inclusive/ibm"
   version                     = "4.19.5"
   create_key_protect_instance = false
@@ -206,30 +209,35 @@ locals {
   create_cos_bucket = !var.enable_collecting_failed_events || var.existing_event_notifications_instance_crn != null ? false : true
   # determine COS details
   cos_bucket_name             = var.existing_event_notifications_instance_crn == null && !var.enable_collecting_failed_events ? null : local.create_cos_bucket ? try("${local.prefix}-${var.cos_bucket_name}", var.cos_bucket_name) : null
-  cos_bucket_name_with_suffix = var.existing_event_notifications_instance_crn == null && var.enable_collecting_failed_events ? module.cos[0].bucket_name : null
+  cos_bucket_name_with_suffix = var.existing_event_notifications_instance_crn == null && var.enable_collecting_failed_events ? module.cos_buckets[0].buckets[local.cos_bucket_name].bucket_name : null
   cos_bucket_region           = var.existing_event_notifications_instance_crn == null && var.cos_bucket_region != null && var.cos_bucket_region != "" ? var.cos_bucket_region : var.region
-  cos_instance_guid           = var.existing_event_notifications_instance_crn == null ? (var.existing_cos_instance_crn == null ? (length(module.cos) > 0 ? module.cos[0].cos_instance_guid : null) : module.existing_cos_crn_parser[0].service_instance) : null
-  cos_bucket_endpoint         = var.existing_event_notifications_instance_crn == null && var.enable_collecting_failed_events ? "https://${module.cos[0].s3_endpoint_direct}" : null
+  cos_instance_guid           = var.existing_event_notifications_instance_crn == null ? (var.existing_cos_instance_crn == null ? (length(module.cos_buckets) > 0 ? module.cos_buckets.bucket_configs.cos_instance_guid : null) : module.existing_cos_crn_parser[0].service_instance) : null
+  cos_bucket_endpoint         = var.existing_event_notifications_instance_crn == null && var.enable_collecting_failed_events ? module.cos_buckets[0].buckets[local.cos_bucket_name].s3_endpoint_direct : null
   cos_account_id              = var.existing_event_notifications_instance_crn == null ? var.existing_cos_instance_crn != null ? split("/", module.existing_cos_crn_parser[0].scope)[1] : null : null
 }
 
-module "cos" {
-  count                               = var.enable_collecting_failed_events && var.existing_event_notifications_instance_crn == null ? 1 : 0
-  source                              = "terraform-ibm-modules/cos/ibm"
-  version                             = "8.21.8"
-  create_cos_instance                 = false
-  create_cos_bucket                   = true
-  kms_encryption_enabled              = var.kms_encryption_enabled_bucket
-  bucket_storage_class                = var.cos_bucket_class
-  existing_cos_instance_id            = var.existing_cos_instance_crn
-  skip_iam_authorization_policy       = local.create_cross_account_en_kms_auth_policy || local.create_cross_account_cos_kms_auth_policy || var.skip_cos_kms_auth_policy
-  add_bucket_name_suffix              = var.add_bucket_name_suffix
-  region                              = local.cos_bucket_region
-  bucket_name                         = local.cos_bucket_name
-  access_tags                         = var.cos_bucket_access_tags
-  management_endpoint_type_for_bucket = var.management_endpoint_type_for_bucket
-  existing_kms_instance_guid          = local.existing_kms_guid
-  kms_key_crn                         = local.cos_kms_key_crn
+locals {
+  bucket_config = [{
+    access_tags                   = var.cos_bucket_access_tags
+    bucket_name                   = local.cos_bucket_name
+    add_bucket_name_suffix        = var.add_bucket_name_suffix
+    kms_encryption_enabled        = var.kms_encryption_enabled_bucket
+    kms_guid                      = local.existing_kms_guid
+    kms_key_crn                   = local.cos_kms_key_crn
+    skip_iam_authorization_policy = var.skip_cos_kms_auth_policy
+    management_endpoint_type      = var.management_endpoint_type_for_bucket
+    storage_class                 = var.cos_bucket_class
+    resource_instance_id          = var.existing_cos_instance_crn
+    region_location               = local.cos_bucket_region
+    force_delete                  = true
+  }]
+}
+
+module "cos_buckets" {
+  count          = var.enable_collecting_failed_events && var.existing_event_notifications_instance_crn == null ? 1 : 0
+  source         = "terraform-ibm-modules/cos/ibm//modules/buckets"
+  version        = "8.19.2"
+  bucket_configs = local.bucket_config
 }
 
 ########################################################################################################################
@@ -282,7 +290,7 @@ module "event_notifications" {
   cos_integration_enabled = var.enable_collecting_failed_events
   cos_bucket_name         = local.cos_bucket_name_with_suffix
   cos_instance_id         = var.existing_cos_instance_crn
-  skip_en_cos_auth_policy = var.skip_event_notifications_cos_auth_policy || local.create_cross_account_cos_kms_auth_policy
+  skip_en_cos_auth_policy = var.skip_event_notifications_cos_auth_policy
   cos_endpoint            = "https://${local.cos_bucket_endpoint}"
   cbr_rules               = var.cbr_rules
 }

solutions/fully-configurable/variables.tf

@@ -119,8 +119,8 @@ variable "kms_encryption_enabled" {
   description = "Set to true to enable KMS encryption on Event Notifications instance and Cloud Object Storage bucket. When set to true 'kms_endpoint_url' and one of 'existing_kms_instance_crn' or 'existing_kms_root_key_crn' must be set."
   default     = true
   validation {
-    condition     = var.kms_encryption_enabled == true ? (var.existing_kms_instance_crn != null && var.existing_kms_root_key_crn == null) || (var.existing_kms_instance_crn == null && var.existing_kms_root_key_crn != null) : true
-    error_message = "You must provide one of 'existing_kms_instance_crn' or 'existing_kms_root_key_crn' if 'kms_encryption_enabled' is set to true."
+    condition     = var.kms_encryption_enabled == true ? (var.existing_kms_instance_crn != null || var.existing_kms_root_key_crn != null) : true
+    error_message = "You must provide at least one of 'existing_kms_instance_crn' or 'existing_kms_root_key_crn' if 'kms_encryption_enabled' is set to true."
   }
 }
 

tests/pr_test.go

@@ -345,13 +345,12 @@ func TestRunExistingResourcesInstances(t *testing.T) {
 
 		options := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
 			Testing: t,
-			Prefix:  "en-ex-res",
+			Prefix:  "enexres",
 			TarIncludePatterns: []string{
 				"*.tf",
 				fullyConfigurableDADir + "/*.tf",
-				secEnforcedDir + "/*.tf",
 			},
-			TemplateFolder:         secEnforcedDir,
+			TemplateFolder:         fullyConfigurableDADir,
 			Tags:                   []string{"test-schematic"},
 			DeleteWorkspaceOnFail:  false,
 			WaitJobCompleteMinutes: 60,
@@ -375,13 +374,12 @@ func TestRunExistingResourcesInstances(t *testing.T) {
 
 		options2 := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
 			Testing: t,
-			Prefix:  "en-ex-res2",
+			Prefix:  "enexres2",
 			TarIncludePatterns: []string{
 				"*.tf",
 				fullyConfigurableDADir + "/*.tf",
-				secEnforcedDir + "/*.tf",
 			},
-			TemplateFolder:         secEnforcedDir,
+			TemplateFolder:         fullyConfigurableDADir,
 			Tags:                   []string{"test-schematic"},
 			DeleteWorkspaceOnFail:  false,
 			WaitJobCompleteMinutes: 60,
@@ -395,11 +393,39 @@ func TestRunExistingResourcesInstances(t *testing.T) {
 			{Name: "existing_kms_root_key_crn", Value: terraform.Output(t, existingTerraformOptions, "key_crn"), DataType: "string"},
 			{Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_private_endpoint"], DataType: "string"},
 			{Name: "existing_cos_instance_crn", Value: terraform.Output(t, existingTerraformOptions, "cos_crn"), DataType: "string"},
+			{Name: "kms_encryption_enabled_bucket", Value: false, DataType: "bool"},
 		}
 		err2 := options2.RunSchematicTest()
 		assert.NoError(t, err2, "TestRunExistingResourcesInstances using existing RG, COS instance, and KMS key Failed")
-	}
 
+		// ------------------------------------------------------------------------------------
+		// Deploy EN DA passing in existing RG, COS instance and KMS instance
+		// ------------------------------------------------------------------------------------
+		options3 := testschematic.TestSchematicOptionsDefault(&testschematic.TestSchematicOptions{
+			Testing: t,
+			Prefix:  "enexsres3",
+			TarIncludePatterns: []string{
+				"*.tf",
+				fullyConfigurableDADir + "/*.tf",
+			},
+			TemplateFolder:         fullyConfigurableDADir,
+			Tags:                   []string{"test-schematic"},
+			DeleteWorkspaceOnFail:  false,
+			WaitJobCompleteMinutes: 60,
+		})
+		options3.TerraformVars = []testschematic.TestSchematicTerraformVar{
+			{Name: "prefix", Value: options3.Prefix, DataType: "string"},
+			{Name: "ibmcloud_api_key", Value: options.RequiredEnvironmentVars["TF_VAR_ibmcloud_api_key"], DataType: "string", Secure: true},
+			{Name: "region", Value: region, DataType: "string"},
+			{Name: "existing_resource_group_name", Value: permanentResources["general_test_storage_cos_instance_resource_group"], DataType: "string"},
+			{Name: "existing_kms_instance_crn", Value: permanentResources["hpcs_south_crn"], DataType: "string"},
+			{Name: "kms_endpoint_url", Value: permanentResources["hpcs_south_private_endpoint"], DataType: "string"},
+			{Name: "existing_cos_instance_crn", Value: terraform.Output(t, existingTerraformOptions, "cos_crn"), DataType: "string"},
+			{Name: "cos_bucket_name", Value: terraform.Output(t, existingTerraformOptions, "bucket_name"), DataType: "string"},
+		}
+		err3 := options3.RunSchematicTest()
+		assert.NoError(t, err3, "TestRunExistingResourcesInstances using existing RG, COS instance and KMS instance Failed")
+	}
 	// Check if "DO_NOT_DESTROY_ON_FAILURE" is set
 	envVal, _ := os.LookupEnv("DO_NOT_DESTROY_ON_FAILURE")
 	// Destroy the temporary existing resources if required