Using terraform output in kitchen terraform tests

Question

I am using Kitchen terraform to deploy/test a environment on GCP.

I am struggling to get the kitchen/inspec part to use the terraform output values, so i can use them in my tests.

This is what I have

My inspec.yml

name: default
depends:
  - name: inspec-gcp
    url: https://github.com/inspec/inspec-gcp/archive/master.tar.gz
supports:
  - platform: gcp
attributes:
- name: gcloud_project
  required: true
  description: gcp project
  type: string

My Kitchen Yaml

driver:
  name: terraform
  root_module_directory: test/fixtures/tf_module

provisioner:
  name: terraform

verifier:
  name: terraform
  format: documentation
  systems:
    - name: default
      backend: gcp
      controls:
        - instance

platforms:
  - name: terraform

suites:
  - name: kt_suite

My Unit test

gcloud_project = attribute('gcloud_project', 
  { description: "The name of the project where resources are deployed." })

  control "instance" do
    describe google_compute_instance(project: "#{gcloud_project}",  zone: 'us-central1-c', name: 'test') do
        its('status') { should eq 'RUNNING' }
      its('machine_type') { should match 'n1-standard-1' }
    end
  end

my output.tf

output "gcloud_project" {
  description = "The name of the GCP project to deploy against. We need this output to pass the value to tests."
  value       = "${var.project}"
}

The error I am getting is

  ×  instance: /mnt/c/Users/Github/terra-test-project/test/integration/kt_suite/controls/default.rb:4
     ×  Control Source Code Error /mnt/c/Users/Github/terra-test-project/test/integration/kt_suite/controls/default.rb:4
     bad URI(is not URI?): "https://compute.googleapis.com/compute/v1/projects/Input 'gcloud_project' does not have a value. Skipping test./zones/us-central1-c/instances/test"

Everything works if i directly declare the project name in the control loop, however obviously dont want to have to do this.

How can i get kitchen/inspec to use the terraform outputs?

Answer 1

Not sure if this is fixed, but I am using something like below and it works pretty well. I assume that it could be the way you are using google_project attribute.

Unit Test

dataset_name   = input('dataset_name')
account_name = input('account_name')
project_id = input('project_id')

control "gcp" do
  title "Google Cloud configuration"

  describe google_service_account(
    name: account_name,
    project: project_id
  ) do
    it { should exist }
  end
  describe google_bigquery_dataset(
    name: dataset_name,
    project: project_id
  ) do
    it { should exist }
  end
end

inspec.yml

name: big_query
depends:
  - name: inspec-gcp
    git: https://github.com/inspec/inspec-gcp.git
    tag: v1.8.0
supports:
  - platform: gcp
inputs:
  - name: dataset_name
    required: true
    type: string
  - name: account_name
    required: true
    type: string
  - name : project_id
    required: true
    type: string

Answer 2

Looks like this may just be due to a typo. You've listed gcp_project under attributes in your inspec.yml but gcloud_project everywhere else.