💡 Learn more about Masterpoint below.
A reusable GitHub Action for testing Terraform and OpenTofu modules.
This action:
- Automates the process of running tests on your infrastructure code
- Supports optional AWS credentials configuration via OIDC
- Aqua-based dependency management
- Caching for faster execution
- Configurable AWS region and role session name
name: TF Test
on:
push:
branches:
- main
pull_request:
jobs:
tf-test:
name: 🧪 ${{ matrix.tf }} test
runs-on: ubuntu-latest
strategy:
matrix:
tf: [tofu, terraform]
steps:
- uses: masterpointio/github-action-tf-test/[email protected]
with:
tf_type: ${{ matrix.tf }}
github_token: ${{ secrets.GITHUB_TOKEN }}The action supports AWS authentication in two ways:
-
Organization-level Environment Variable (Recommended)
- Set
TF_TEST_AWS_ROLE_ARNin your GitHub organization's environment variables - This value will be automatically available to all workflows
- Set
-
Input Parameter
- Pass the AWS role ARN directly in the workflow:
with: aws_role_arn: "arn:aws:iam::123456789012:role/your-role"
| Parameter | Required | Default | Description |
|---|---|---|---|
tf_type |
Yes | - | Type of terraform to use (tofu or terraform) |
aws_role_arn |
No | - | AWS role ARN to assume for testing (takes precedence over TF_TEST_AWS_ROLE_ARN env var) |
aws_region |
No | us-east-1 |
AWS region to use |
github_token |
Yes | - | GitHub token for checkout |
role_session_name |
No | GitHubActions-TF-Test |
AWS role session name for OIDC authentication |
Add these permissions to your workflow:
permissions:
actions: read
checks: write
contents: read
id-token: write
pull-requests: read- Checkout: Clones your repository
- Aqua Setup: Installs and configures Aqua for dependency management
- AWS Configuration: Sets up AWS credentials using OIDC
- Test Execution: Runs
terraform initandterraform test(or equivalent for OpenTofu)
The action uses:
- Aqua for dependency management
- AWS OIDC for AWS authentication
- actions/checkout for repository access
- actions/cache for dependency caching
Powered by the Masterpoint team and driven forward by contributions from the community ❤️
Contributions are welcome and appreciated!
Found an issue or want to request a feature? Open an issue
Want to fix a bug you found or add some functionality? Fork, clone, commit, push, and PR — we'll check it out.
Established in 2016, Masterpoint is a team of experienced software and platform engineers specializing in Infrastructure as Code (IaC). We provide expert guidance to organizations of all sizes, helping them leverage the latest IaC practices to accelerate their engineering teams.
Our mission is to simplify cloud infrastructure so developers can innovate faster, safer, and with greater confidence. By open-sourcing tools and modules that we use internally, we aim to contribute back to the community, promoting consistency, quality, and security.
- 🌟 Open Source: We live and breathe open source, contributing to and maintaining hundreds of projects across multiple organizations.
- 🌎 1% for the Planet: Demonstrating our commitment to environmental sustainability, we are proud members of 1% for the Planet, pledging to donate 1% of our annual sales to environmental nonprofits.
- 🇺🇦 1% Towards Ukraine: With team members and friends affected by the ongoing Russo-Ukrainian war, we donate 1% of our annual revenue to invasion relief efforts, supporting organizations providing aid to those in need. Here's how you can help Ukraine with just a few clicks.
We're active members of the community and are always publishing content, giving talks, and sharing our hard earned expertise. Here are a few ways you can see what we're up to:
... and be sure to connect with our founder, Matt Gowie.
Copyright © 2016-2025 Masterpoint Consulting LLC