terratest
tfsec
terratest | tfsec | |
---|---|---|
46 | 29 | |
7,341 | 6,571 | |
0.4% | 0.9% | |
8.4 | 5.2 | |
3 days ago | 4 days ago | |
Go | Go | |
Apache License 2.0 | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
terratest
-
Top Terraform Tools to Know in 2024
Terratest is a Go library that provides tools and patterns for testing infrastructure, with first-class support for Terraform, Packer, Docker, Kubernetes, and more. It's used to write automated tests for your infrastructure code.
-
Saw a not-so-good thing in my pipeline. How do we fix it?
I think I found it. This is the one right? https://github.com/gruntwork-io/terratest/
-
terracove - open-source to instantly test the health of your terraform/terragrunt repository
What it does in parallel is basically init/plan/show using terratest on every subdirectory on your repository tree or provided paths. The output is either a JSON summary or a custom made Junit XML test file you can ingest into your tests reader. It took it around 8 minutes to map the entirety of our bloated repository.
-
Trunk Based Development: Confused about how to test code before pushing to main? How does the deploy process work for many environments?
You could deploy to a separate account (usually dev first), you can use terratest, you could try something like LocalStack. I dare say there’s other methods.
-
terratest for infrastructure
Was wondering if anyone has tried https://github.com/gruntwork-io/terratest to test their infrastructure. I like it because I can write golang tests! Thats a big plus for me.
- Is there a testing framework for Kubernetes and AWS resources?
-
How long have you guys actually had the title “platform engineer”? What other titles did you have before that, if any?
Once there is a CI pipeline for delivering infra changes you can add static code analysis tools (checkov) and even start testing changes (terratest)
-
Testing Terraform infra - terratest alternatives?
https://github.com/gruntwork-io/terratest/blob/master/test/azure/terraform_azure_example_test.go https://github.com/gruntwork-io/terratest/blob/master/examples/terraform-backend-example/main.tf
-
Appreciation for terraform
Another plus is to add tests into your workflow, just by adding a run step with terratest
-
Breve guia de sobrevivência com Terraform
Terratest: Framework de testes para Terraform, os testes devem ser escritos em Golang.
tfsec
-
Cloud Security and Resilience: DevSecOps Tools and Practices
3. tfsec: https://github.com/aquasecurity/tfsec tfsec uses a suite of security checks to scan your Terraform templates, helping to identify potential security issues before infrastructure is deployed.
-
A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
tfsec Owner/Maintainer: Aqua Security (acquired in 2021) Age: First released on GitHub on March 5th, 2019 License: MIT License tfsec project is no longer actively maintained in favor of the Trivy tool. But because many people still use it and it's quite famous, I added tfsec to this comparison. However, I recommend against using it for new projects.
-
Top Terraform Tools to Know in 2024
Tfsec acts as a Terraform scanning tool. It is a security-focused linter for Terraform that scans code for security flaws, offering an additional layer of security assurance and helping to maintain a strong security posture.
-
DevSecOps with AWS- IaC at scale - Building your own platform - Part 1
... #************************** Terraform ************************************* ARG TERRAFORM_VERSION=1.7.3 RUN set -ex \ && curl -O https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip && unzip terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin/ RUN set -ex \ && mkdir -p $HOME/.terraform.d/plugin-cache && echo 'plugin_cache_dir = "$HOME/.terraform.d/plugin-cache"' > ~/.terraformrc #************************* Terragrunt ************************************* ARG TERRAGRUNT_VERSION=0.55.1 RUN set -ex \ && wget https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64 -q \ && mv terragrunt_linux_amd64 /usr/local/bin/terragrunt \ && chmod +x /usr/local/bin/terragrunt #*********************** Terramate **************************************** ARG TERRAMATE_VERSION=0.4.5 RUN set -ex \ && wget https://github.com/mineiros-io/terramate/releases/download/v${TERRAMATE_VERSION}/terramate_${TERRAMATE_VERSION}_linux_x86_64.tar.gz \ && tar -xzf terramate_${TERRAMATE_VERSION}_linux_x86_64.tar.gz \ && mv terramate /usr/local/bin/terramate \ && chmod +x /usr/local/bin/terramate #*********************** tfsec ******************************************** ARG TFSEC_VERSION=1.28.5 RUN set -ex \ && wget https://github.com/aquasecurity/tfsec/releases/download/v${TFSEC_VERSION}/tfsec-linux-amd64 \ && mv tfsec-linux-amd64 /usr/local/bin/tfsec \ && chmod +x /usr/local/bin/tfsec \ && terragrunt --version #**********************Terraform docs ************************************ ARG TERRRAFORM_DOCS_VERSION=0.17.0 RUN set -ex \ && curl -sSLo ./terraform-docs.tar.gz https://terraform-docs.io/dl/v${TERRRAFORM_DOCS_VERSION}/terraform-docs-v${TERRRAFORM_DOCS_VERSION}-$(uname)-amd64.tar.gz \ && tar -xzf terraform-docs.tar.gz \ && chmod +x terraform-docs \ && mv terraform-docs /usr/local/bin/terraform-docs #********************* ShellCheck ***************************************** ARG SHELLCHECK_VERSION="stable" RUN set -ex \ && wget -qO- "https://github.com/koalaman/shellcheck/releases/download/${SHELLCHECK_VERSION?}/shellcheck-${SHELLCHECK_VERSION?}.linux.x86_64.tar.xz" | tar -xJv \ && cp "shellcheck-${SHELLCHECK_VERSION}/shellcheck" /usr/bin/ \ && shellcheck --version ...
-
IaC comparison
You can give tfsec a try perhaps
-
What is the best `as Code` tool in 2023?
Great toolchain, including Infracost or tfsec.
-
Top 4 Infrastructure as Code Open-Source Tools for 2023
TFSec is an open-source tool for scanning and detecting potential security vulnerabilities in Terraform code in both HCL and JSON.
-
Terraform Security Best Practices
We use https://github.com/aquasecurity/tfsec we found checkov.io to be quite noisy
-
What are the best static analysis security testing tools for Terraform and infrastructure as code?
Beyond Snyk and Checkov - I have also used https://github.com/aquasecurity/tfsec at a few organizations both for use locally and in CI (PR Review Checks)
- Breve guia de sobrevivência com Terraform
What are some alternatives?
inspec - InSpec: Auditing and Testing Framework
trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
checkov - Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
SonarQube - Continuous Inspection
driftctl - Detect, track and alert on infrastructure drift
terragrunt - Terragrunt is a thin wrapper for Terraform that provides extra tools for working with multiple Terraform modules.
terraform-security-scan - Run a security scan on your terraform with the very nice https://github.com/aquasecurity/tfsec
tflint - A Pluggable Terraform Linter
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/accurics/terrascan]
atlantis - Terraform Pull Request Automation
cli - a lightweight, security focused, BDD test framework against terraform.