-1

I could use an assist on my opentofu tests

Here is a small snippet of my Terraform module

resource "aws_cloudfront_distribution" "main" {
  price_class         = "PriceClass_All"
  aliases             = var.domain_addresses
  comment             = var.cloudfront_comment
  enabled             = true
  wait_for_deployment = true
  is_ipv6_enabled     = true

  default_cache_behavior {
    allowed_methods            = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
    cached_methods             = ["GET", "HEAD"]
    target_origin_id           = var.route_address
    compress                   = true
    viewer_protocol_policy     = "redirect-to-https"
    origin_request_policy_id   = var.origin_request_policy_name != "" ? data.aws_cloudfront_origin_request_policy.origin_policy[0].id : null
    cache_policy_id            = data.aws_cloudfront_cache_policy.cache_policy.id
    response_headers_policy_id = aws_cloudfront_response_headers_policy.policy.id
  }

  origin {
    domain_name = var.route_address
    origin_id   = var.route_address

    custom_origin_config {
      http_port              = 80
      https_port             = 443
      origin_protocol_policy = "https-only"
      origin_ssl_protocols   = ["TLSv1.2"]
    }
  }

  restrictions {
    geo_restriction {
      restriction_type = "none"
      locations        = []
    }
  }

  viewer_certificate {
    cloudfront_default_certificate = var.acm_certificate_arn == ""
    acm_certificate_arn            = var.acm_certificate_arn != "" ? var.acm_certificate_arn : null
    minimum_protocol_version       = var.minimum_protocol_version
    ssl_support_method             = "sni-only"
  }

  tags = merge(local.common_tags, var.extra_tags, {})
}

I am working on an opentofu test which checks for the domain name in the origin

variables {
  proxy_name        = "reverse-proxy"
  domain_addresses  = ["example.com", "www.example.com"]
  route53_zone_name = "example.com"
  route_address     = "cdn.example.com"
}

mock_provider "aws" {}

run "default" {
  assert {
    condition     = aws_cloudfront_distribution.main.origin[0].domain_name == "cdn.example.com"
    error_message = "Expected origin domain name to be 'cdn.example.com'"
  }
}

I am getting 2 errors

│ Error: Unknown variable
│ 
│   on cloudfront.tftest.hcl line 27, in run "default":
│   27:     condition     = aws_cloudfront_distribution.main.origin[0].domain_name == "cdn.example.com"
│ 
│ There is no variable named "aws_cloudfront_distribution".
╵
╷
│ Error: Cannot index a set value
│ 
│   on cloudfront.tftest.hcl line 27, in run "default":
│   27:     condition     = aws_cloudfront_distribution.main.origin[0].domain_name == "cdn.example.com"
│ 
│ Block type "origin" is represented by a set of objects, and set elements do not have addressable keys. To find elements matching specific criteria, use a "for" expression with an
│ "if" clause.

I am struggling trying to troubleshoot the issue, tried using --verbose and --json to try to get more information but not really anything pointing at why this is not working

Is there anything i can do to get more information, I'm sure its because origin is a set rather than an list but i am not sure what the set key would be to access it

Improve this question

1 Answer 1

Reset to default
0

I was able to find the issue.. these both work..

If I know there is only one origin which it is for my scenario

assert {
  condition     = one(aws_cloudfront_distribution.main.origin).domain_name == "cdn.example.com"
  error_message = "Expected the single origin domain_name to be 'cdn.example.com'"
}

But if you have multiple origins, you'll want to do this

assert {
    condition = anytrue([for o in aws_cloudfront_distribution.main.origin : o.domain_name == "cdn.example.com" ])
    error_message = "Expected at least one CloudFront origin with domain_name = 'cdn.example.com'"
  }
}
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.