I am trying to make an assertion about a complex object in terraform test
. I am finding it very difficult because there seems to be no way to construct an object in Terraform.
I am trying to assert that a local is a specific object of type
object(
{
name = string
database = optional(string)
superuser = optional(bool, false)
create_database = optional(bool, false)
create_role = optional(bool, false)
inherit = optional(bool, true)
login = optional(bool, true)
replication = optional(bool, false)
connection_limit = optional(number, -1)
encrypted_password = optional(bool, true)
bypass_row_level_security = optional(bool, false)
valid_until = optional(string, "infinity")
roles = optional(list(string))
search_path = optional(list(string))
schema = optional(string, "public")
with_grant_option = optional(string, false)
database_privileges = optional(list(string), ["CONNECT", "CREATE", "TEMPORARY"])
table_privileges = optional(list(string), ["SELECT", "INSERT", "UPDATE", "DELETE", "TRUNCATE", "REFERENCES", "TRIGGER"])
sequence_privileges = optional(list(string), ["USAGE", "SELECT", "UPDATE"])
revoke_public = optional(bool, false)
password_rotation = optional(bool, false)
}
)
In the end I’ve come up with this:
run "test_locals__roles_set" {
command = plan
variables {
roles = [{
name = "example_role"
database = "example_db"
}]
}
assert {
condition = jsonencode(local.roles_set) == jsonencode({
example_role = {
name = "example_role"
database = "example_db"
superuser = false
create_database = false
create_role = false
inherit = true
login = true
replication = false
connection_limit = -1
encrypted_password = true
bypass_row_level_security = false
valid_until = "infinity"
roles = null
search_path = null
schema = "public"
with_grant_option = "false"
database_privileges = ["CONNECT", "CREATE", "TEMPORARY"]
table_privileges = ["SELECT", "INSERT", "UPDATE", "DELETE", "TRUNCATE", "REFERENCES", "TRIGGER"]
sequence_privileges = ["USAGE", "SELECT", "UPDATE"]
revoke_public = false
password_rotation = false
index = 0
}
})
error_message = "Unexpected local.roles_set."
}
}
Is there any better way to achieve this than what I’ve done here?