本文介绍了有没有一种方法可以对AWS Cloudformation模板进行单元测试的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

当我们说云信息是基础架构即代码时,紧接着想到的下一个问题是如何测试该代码。
我们可以对这段代码进行某种基本的单元测试吗?

When we say that cloudformation is 'Infrastructure as Code', the next question that immediately comes to mind is how can this code be tested.Can we do some sort of basic unit test of this code

我不喜欢cloudformation验证,因为这只是一种进行语法验证的方法,并且我可以使用任何其他免费的JSON / YAML验证器来做。

And I am discounting the cloudformation validation because that just is a way of doing syntactic validation, and that I can do with any other free JSON/YAML validator.

我更倾向于某种功能验证,可能需要测试是否定义了所有用作参考。
可能会测试我正在使用的任何属性实际上是该组件支持的属性

I am more inclined towards some sort of functional validation, possibly testing that I have defined all the variables that are used as references.Possibly testing that whatever properties I am using are actually supported ones for that component

不期望它应该测试权限是否正确或我没有用尽了我的极限。但是,除了基本的JSON / YAML语法验证之外,还有其他事情

Not expected that it should test if the permissions are correct or that I have not exhausted my limits. But atleast something beyond the basic JSON/YAML syntax validation

推荐答案

以下是如何将几种测试软件方法应用于CloudFormation模板/堆栈:

Here's a breakdown of how several methods of testing software can be applied to CloudFormation templates/stacks:

用于棉绒(检查CloudFormation模板代码的语法/语法正确性) ,您可以使用 API来检查基本模板结构,和 API来更详细地验证您的资源属性。

For linting (checking CloudFormation-template code for syntax/grammar correctness), you can use the ValidateTemplate API to check basic template structure, and the CreateChangeSet API to verify your Resource properties in more detail.


  • 请注意, ValidateTemplate 比简单的JSON / YAML语法检查器执行更彻底的检查-它验证正确的,,并正确解析所有值。

  • ValidateTemplate 检查基本CloudFormation语法,但不针对特定的属性架构来验证模板的资源。为了对照AWS资源类型检查模板的参数,资源和属性的结构,如果任何参数或资源属性的格式不正确, CreateChangeSet 应该返回错误。

  • Note that ValidateTemplate performs a much more thorough check than a simple JSON/YAML syntax checker- it validates correct Template Anatomy, correct syntax/usage of Intrinsic Functions, and correct resolution of all Ref values.
  • ValidateTemplate checks basic CloudFormation syntax, but doesn't verify your template's Resources against specific property schemas. For checking the structure of your template's Parameters, Resources and Properties against AWS Resource types, CreateChangeSet should return an error if any parameters or resource properties are not well-formed.

执行单元测试首先需要回答一个问题:什么是可以/应该测试的最小的独立的单元?对于CloudFormation,我认为最小的可测试单元是。

Performing unit testing first requires an answer to the question: what is the smallest self-contained unit of functionality that can/should be tested? For CloudFormation, I believe that the smallest testable unit is the Resource.

官方受AWS支持/维护(并且始终是专有实现),因此不需要最终用户开发人员编写的任何其他单元测试。

The official AWS Resource Types are supported/maintained by AWS (and are proprietary implementations anyway) so don't require any additional unit tests written by end-user developers.

但是,您自己的可以并且应该进行单元测试。可以使用实施中自己的语言使用合适的测试框架来完成此操作(例如,对于Lambda支持的Custom Resources,也许像是一个很好的起点)。

However, your own Custom Resources could and should be unit-tested. This can be done using a suitable testing framework in the implementation's own language (e.g., for Lambda-backed Custom Resources, perhaps a library like lambda-tester would be a good starting point).

这是CloudFormation堆栈最重要和最相关的测试类型(主要用于将各种资源捆绑到一个集成的应用程序中),也是可以使用的类型更多完善和最佳实践开发。以下是一些关于如何通过实际创建/更新包含实际AWS资源的完整堆栈来集成测试CloudFormation代码的一些初步思路:

This is the most important and relevant type of testing for CloudFormation stacks (which mostly serve to tie various Resources together into an integrated application), and also the type that could use more refinement and best-practice development. Here are some initial ideas on how to integration-test CloudFormation code by actually creating/updating full stacks containing real AWS resources:


  • 使用脚本语言,请使用该语言的AWS开发工具包执行CloudFormation堆栈创建。设计模板以返回反映行为的堆栈您要测试的。通过脚本语言创建堆栈之后,将堆栈输出与期望值进行比较(然后在清理过程中有选择地随后删除堆栈)。

  • 使用资源表示成功的测试/断言,因此成功创建堆栈表示集成测试运行成功,而失败创建堆栈表示集成测试运行失败。

  • Using a scripting language, perform a CloudFormation stack creation using the language's AWS SDK. Design the template to return Stack Outputs reflecting behavior that you want to test. After the stack is created by the scripting language, compare the stack outputs against expected values (and then optionally delete the stack afterwards in a cleanup process).
  • Use AWS::CloudFormation::WaitCondition resources to represent successful tests/assertions, so that a successful stack creation indicates a successful integration-test run, and a failed stack creation indicates a failed integration-test run.

除了CloudFormation,在测试基础架构即代码方面值得一提的有趣工具是,这是,可让您编写 Terraform 模块。最终可以为CloudFormation建立类似的集成测试工具,但尚不存在。

Beyond CloudFormation, one interesting tool worth mentioning in the space of testing infrastructure-as-code is kitchen-terraform, a set of plugins for Test Kitchen which allow you to write fully-automated integration test suites for Terraform modules. A similar integration-testing harness could eventually be built for CloudFormation, but doesn't exist yet.

这篇关于有没有一种方法可以对AWS Cloudformation模板进行单元测试的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-23 21:37