#HASHITALKS: CANADA Bringing software development practices to your infrastructure @jennapederson
A presentation at HashiTalks: Canada in November 2021 in by Jenna Pederson
#HASHITALKS: CANADA Bringing software development practices to your infrastructure @jennapederson
Fun Fact I once had the phrase “automated test fanatic” on my business card. @jennapederson
The awesomeness of Infrastructure as Code @jennapederson
Infrastructure as Code IS Code @jennapederson
wo on m e s k r my ac n hi (or account or region) @jennapederson
Different Types of Testing Agenda Using the right type at the right time Using Test Driven Development Build what you need and only what you need Testing Your Infrastructure Directly Making sure it was created correctly and hasn’t drifted Using a CI/CD Pipeline Run tests in the real world and isolate issues quicker @jennapederson
Why Test Infrastructure? The cloud makes it easier and quicker to provision infrastructure, but there is complexity with that scale. @jennapederson
Slow + Expensive Manual Tests Failing Fast Balance fast and cheap tests with more expensive tests that are closer to the real infrastructure and production environment. System Tests Integration Tests Contract Tests Unit Tests Fast + Cheap
If you’re TDDing your application code, why not do the same for your infrastructure code? @jennapederson
Benefits of TDD Reduced defect rates Improve the overall design Focused on requirements Focused on small chunks Serves as documentation Confidence @jennapederson
The Flow RED REFACTOR 3. Make it better
What is a unit test? Exercises a small part of your application, one unit, and verifies that it’s correct. Get feedback early on to shorten the feedback loop between changes Serves as documentation Can be run in your CI/CD tool Isolated from other resources and external APIs @jennapederson
Unit Testing Infrastructure Code Code. Not infrastructure. @jennapederson
A unit test checks: If a resource will be created with the correct configuration The correct number of resources will be created Dependencies between resources are correct Interpolated values are correct @jennapederson
Demo S3 + CDK + Jest @jennapederson
How do we go from code to infrastructure?
What is an Integration Test? Tests the interactions across different units or modules, or in the case of infrastructure testing, across cloud resources. Verifies your provisioned cloud resources are created and configured as you expect them to be. Gives you confidence in infrastructure at scale and at velocity. @jennapederson
Chef InSpec Open-source framework to test and audit cloud resources IN the cloud Tests are written with a DSL Can be used across teams Test resources that are managed manually or with code Ensures requirements are met at every stage of the SDLC @jennapederson
Demo EC2 + RDS + CDK + InSpec @jennapederson
Detecting Drift Use InSpec to compare the desired state with the actual state of your cloud resources. Can be used against any resources, regardless of how they are managed. @jennapederson
Without CI/CD Development Test Staging Production @jennapederson
With CI/CD Development Test Staging Production @jennapederson
Wrapping Up Infrastructure code is like any other code, treat it as such. Testing is never done, even once you reach production. It’s cheaper to detect broken code early. @jennapederson
Thank you! @jennapederson /in/jennapederson jennapederson https://jenna.link/hq7
