I have a question. Why do they apply the infrastructure in the unit test of the video? Shouldn't the scope of the unit test only be to validate the plan?
success or failure of the infra code that is applied with terraform depends mostly on the cloud provider or whatever underlying tech strings we are pulling by the terraform or ansible modules, so there's only 'as much' we can smoke test and unit test without actually running it in the cloud. also the cloud may have a cloudy day and the real production run will fail even if the mock tests have passed a minute ago. not saying there's no need to test, just that it's not bulletproof, we're dependent on the 'external world' more than self contained code is (like c++/go/etc' code that primarily runs all with itself and tests itself)
an entire terraform deployment consists of multiple modules that reference each other, eg ECS, app, which communicates with RDS, ECS behind API GW, which is behind Route53 how can you test each unit/module in this scenario, where the output of each module is needed for another?
Something that seed to be missing here -- you talked about defining a "unit" for your unit testing in the TF space, but you didn't really talk about units in the Docker world -- you just tested the whole thing. Can you speak a little to how you'd define what a unit is here?
I'm just having the same thoughts! Also, some DevOps Engineers say things like "Do we really need to test the infra? It feels like takes a lot of time and energy... Why test the thing? It's already working" and, with the same face, they create CI workflows for Dev teams with testing tools that block "bad code to go to production". Considering IaC projects are different from a Regular Code project is a double standard. It seems for them like the only benefit IaC brings is "being able to version infrastructure", nothing else.
