Rename reusable enos-run workflow file (#18757)

* Rename reusable enos-run workflow file

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

* Update Enos README file

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>

Signed-off-by: Jaymala Sinha <jaymala@hashicorp.com>
This commit is contained in:
Jaymala 2023-01-18 18:37:38 -05:00 committed by GitHub
parent da2849217c
commit 9501b56ffa
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 30 additions and 22 deletions

View File

@ -173,7 +173,7 @@ jobs:
needs:
- product-metadata
- build-linux
uses: ./.github/workflows/enos-run.yml
uses: ./.github/workflows/test-run-enos-scenario-matrix.yml
strategy:
fail-fast: false
matrix:

View File

@ -35,7 +35,7 @@ jobs:
name: Test ${{ matrix.build-artifact-name }}
if: ${{ startsWith(github.event.client_payload.payload.branch, 'release/') }}
needs: product-metadata
uses: ./.github/workflows/enos-run.yml
uses: ./.github/workflows/test-run-enos-scenario-matrix.yml
strategy:
fail-fast: false
matrix:

View File

@ -45,9 +45,7 @@ the following cases as examples of when one might opt for an Enos scenario:
Slack.
* An SSH keypair in the AWS region you wish to run the scenario. You can use
Doormat to log in to the AWS console to create or upload an existing keypair.
* A Vault install bundle downloaded from releases.hashicorp.com or Artifactory
when using the `builder:crt` variants. When using the `builder:local` variants
Enos will build a Vault bundle from the current branch for you.
* A Vault artifact is downloaded from the GHA artifacts when using the `artifact_source:crt` variants, from Artifactory when using `artifact_source:artifactory`, and is built locally from the current branch when using `artifact_source:local` variant.
## Scenario Variables
In CI, each scenario is executed via Github Actions and has been configured using
@ -75,24 +73,24 @@ enos scenario list
# Run the smoke or upgrade scenario with an artifact that is built locally. Make sure
# the local machine has been configured as detailed in the requirements
# section. This will execute the scenario and clean up any resources if successful.
enos scenario run smoke builder:local
enos scenario run upgrade builder:local
enos scenario run smoke artifact_source:local
enos scenario run upgrade artifact_source:local
# To run the same scenario variants that are run in CI, refer to the scenarios listed
# in .github/workflows/enos-run.yml under `jobs.enos.strategy.matrix.include`,
# adding `builder:local` to run locally.
enos scenario run smoke backend:consul consul_version:1.12.3 distro:ubuntu seal:awskms builder:local arch:amd64 edition:oss
# in json files under .github/enos-run-matrices directory,
# adding `artifact_source:local` to run locally.
enos scenario run smoke backend:consul consul_version:1.12.3 distro:ubuntu seal:awskms artifact_source:local arch:amd64 edition:oss
# Launch an individual scenario but leave infrastructure up after execution
enos scenario launch smoke builder:local
enos scenario launch smoke artifact_source:local
# Check an individual scenario for validity. This is useful during scenario
# authoring and debugging.
enos scenario validate smoke builder:local
enos scenario validate smoke artifact_source:local
# If you've run the tests and desire to see the outputs, such as the URL or
# credentials, you can run the output command to see them. Please note that
# after "run" or destroy there will be no "outputs" as the infrastructure
# will have been destroyed and state cleared.
enos scenario output smoke builder:local
enos scenario output smoke artifact_source:local
# Explicitly destroy all existing infrastructure
enos scenario destroy smoke builder:local
enos scenario destroy smoke artifact_source:local
```
Refer to the [Enos documentation](https://github.com/hashicorp/Enos-Docs)
@ -100,7 +98,7 @@ for further information regarding installation, execution or composing scenarios
# Scenarios
There are current two scenarios: `smoke` and `upgrade`. Both begin by building Vault
as specified by the selected `builder` variant (see Variants section below for more
as specified by the selected `artifact_source` variant (see Variants section below for more
information).
## Smoke
@ -114,7 +112,7 @@ depending on the backend and seal type.
The [`upgrade` scenario](./enos-scenario-upgrade.hcl) creates a Vault cluster using
the version specified in `vault_upgrade_initial_release`, with the backend specified
by the `backend` variant (`raft` or `consul`). Next, it upgrades the Vault binary
that is determined by the `builder` variant. After the upgrade, it verifies that
that is determined by the `artifact_source` variant. After the upgrade, it verifies that
cluster is at the desired version, along with additional verifications.
@ -142,16 +140,26 @@ Both scenarios support a matrix of variants. In order to achieve broad coverage
keeping test run time reasonable, the variants executed by the `enos-run` Github
Actions are tailored to maximize variant distribution per scenario.
## `builder:crt`
## `artifact_source:crt`
This variant is designed for use in Github Actions. The `enos-run.yml` workflow
downloads the artifact built by the `build.yml` workflow, unzips it, and sets the
`vault_bundle_path` to the zip file and the `vault_local_binary_path` to the binary.
## `builder:local`
## `artifact_source:local`
This variant is for running the Enos scenario locally. It builds the Vault bundle
from the current branch, placing the bundle at the `vault_bundle_path` and the
unzipped Vault binary at the `vault_local_binary_path`.
## `artifact_source:artifactory`
This variant is for running the Enos scenario to test an artifact from Artifactory. It requires following Enos variables to be set:
* `artifactory_username`
* `artifactory_token`
* `aws_ssh_keypair_name`
* `aws_ssh_private_key_path`
* `tfc_api_token`
* `vault_product_version`
* `vault_revision`
# CI Bootstrap
In order to execute any of the scenarios in this repository, it is first necessary to bootstrap the
CI AWS account with the required permissions, service quotas and supporting AWS resources. There are

View File

@ -33,16 +33,16 @@ test -x "$binpath" || fail "unable to locate vault binary at $binpath"
retry 5 "$binpath" status > /dev/null 2>&1
# Create user policy
$binpath policy write reguser -<<EOF
retry 5 $binpath policy write reguser -<<EOF
path "*" {
capabilities = ["read", "list"]
}
EOF
# Enable the userpass auth method
$binpath auth enable userpass > /dev/null 2>&1
retry 5 $binpath auth enable userpass > /dev/null 2>&1
# Create new user and attach reguser policy
$binpath write auth/userpass/users/testuser password="passuser1" policies="reguser"
retry 5 $binpath write auth/userpass/users/testuser password="passuser1" policies="reguser"
$binpath secrets enable -path="secret" kv
retry 5 $binpath secrets enable -path="secret" kv