open-nomad/e2e/terraform/packer/windows-2016-amd64
Tim Gross 9f05d62338
E2E with HCP Consul/Vault (#12267)
Use HCP Consul and HCP Vault for the Consul and Vault clusters used in E2E testing. This has the following benefits:

* Without the need to support mTLS bootstrapping for Consul and Vault, we can simplify the mTLS configuration by leaning on Terraform instead of janky bash shell scripting.
* Vault bootstrapping is no longer required, so we can eliminate even more janky shell scripting
* Our E2E exercises HCP, which is important to us as an organization
* With the reduction in configurability, we can simplify the Terraform configuration and drop the complicated `provision.sh`/`provision.ps1` scripts we were using previously. We can template Nomad configuration files and upload them with the `file` provisioner.
* Packer builds for Linux and Windows become much simpler.

tl;dr way less janky shell scripting!
2022-03-18 09:27:28 -04:00
..
disable-windows-updates.ps1 e2e: use more specific names for OS/distros (#9204) 2020-10-28 12:58:00 -04:00
fix-tls.ps1 e2e: use more specific names for OS/distros (#9204) 2020-10-28 12:58:00 -04:00
install-consul.ps1 E2E with HCP Consul/Vault (#12267) 2022-03-18 09:27:28 -04:00
install-docker.ps1 e2e: Windows provisioning improvements (#9246) 2020-11-09 13:29:40 -05:00
install-nomad.ps1 E2E with HCP Consul/Vault (#12267) 2022-03-18 09:27:28 -04:00
install-nuget.ps1 e2e: Windows provisioning improvements (#9246) 2020-11-09 13:29:40 -05:00
README.md e2e: use more specific names for OS/distros (#9204) 2020-10-28 12:58:00 -04:00
userdata.ps1 E2E with HCP Consul/Vault (#12267) 2022-03-18 09:27:28 -04:00

Windows Packer Build

There are a few boilerplate items in the Powershell scripts, explained below.

The default TLS protocol in the version of .NET that our Powershell cmdlets are built in it 1.0, which means plenty of properly configured HTTP servers will reject requests. The boilerplate snippet below sets this for the current script:

# Force TLS1.2
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

We need to run some of the scripts as an administrator role. The following is a safety check that we're doing so:

$RunningAsAdmin = ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")
if (!$RunningAsAdmin) {
  Write-Error "Must be executed in Administrator level shell."
  exit 1
}