--- name: Vault UI Tests on: workflow_call: inputs: test_filter: type: string description: "A filter to limit the ui tests to. Will be appended to the ember test command as '-f='" required: false storage_backend: type: string description: "The storage backend to use, either 'raft' or 'consul'" default: raft workflow_dispatch: inputs: test_filter: type: string description: "A filter to limit the ui tests to. Will be appended to the ember test command as '-f='" required: false storage_backend: description: "The storage backend to use, either 'raft' or 'consul'" required: true default: raft type: choice options: - raft - consul jobs: get-metadata: name: Get metadata runs-on: ubuntu-latest outputs: runs-on: ${{ steps.get-metadata.outputs.runs-on }} vault_edition: ${{ steps.get-metadata.outputs.vault_edition }} steps: - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - id: get-metadata env: IS_ENT: ${{ startsWith(github.event.repository.name, 'vault-enterprise' ) }} run: | if [ "$IS_ENT" == true ]; then echo "detected vault_edition=ent" echo "runs-on=['self-hosted', 'ondemand', 'os=linux', 'type=m5d.4xlarge']" >> "$GITHUB_OUTPUT" echo "vault_edition=ent" >> "$GITHUB_OUTPUT" else echo "detected vault_edition=oss" echo "runs-on=\"custom-linux-xl-vault-latest\"" >> "$GITHUB_OUTPUT" echo "vault_edition=oss" >> "$GITHUB_OUTPUT" fi run-ui-tests: name: Run UI Tests needs: get-metadata runs-on: ${{ fromJSON(needs.get-metadata.outputs.runs-on) }} timeout-minutes: 90 env: GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} # Pass in enos variables ENOS_VAR_aws_region: us-east-1 ENOS_VAR_aws_ssh_keypair_name: ${{ github.event.repository.name }}-ci-ssh-key ENOS_VAR_aws_ssh_private_key_path: ./support/private_key.pem ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache ENOS_VAR_vault_license_path: ./support/vault.hclic GOPRIVATE: github.com/hashicorp steps: - name: Checkout uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set Up Go uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1 with: go-version-file: ./.go-version - uses: hashicorp/action-setup-enos@v1 with: github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} - name: Set Up Git run: git config --global url."https://${{ secrets.elevated_github_token }}:@github.com".insteadOf "https://github.com" - name: Set Up Node uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0 with: node-version-file: './ui/package.json' - name: Set Up Terraform uses: hashicorp/setup-terraform@v2 with: cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} terraform_wrapper: false - name: Prepare scenario dependencies run: | mkdir -p ./enos/support/terraform-plugin-cache echo "${{ secrets.SSH_KEY_PRIVATE_CI }}" > ./enos/support/private_key.pem chmod 600 ./enos/support/private_key.pem - name: Set Up Vault Enterprise License if: contains(${{ github.event.repository.name }}, 'ent') run: echo "${{ secrets.VAULT_LICENSE }}" > ./enos/support/vault.hclic || true - name: Check Chrome Installed id: chrome-check run: echo "chrome-version=$(chrome --version 2> /dev/null || google-chrome --version 2> /dev/null || google-chrome-stable --version 2> /dev/null || echo 'not-installed')" >> "$GITHUB_OUTPUT" - name: Install Chrome Dependencies if: steps.chrome-check.outputs.chrome-version == 'not-installed' run: | sudo apt update sudo apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2 - name: Install Chrome if: steps.chrome-check.outputs.chrome-version == 'not-installed' uses: browser-actions/setup-chrome@c485fa3bab6be59dce18dbc18ef6ab7cbc8ff5f1 # v1.2.0 - name: Installed Chrome Version run: | echo "Installed Chrome Version = [$(chrome --version 2> /dev/null || google-chrome --version 2> /dev/null || google-chrome-stable --version 2> /dev/null)]" - name: Configure AWS credentials from Test account uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0 with: aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }} aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }} aws-region: us-east-1 role-to-assume: ${{ secrets.AWS_ROLE_ARN_CI }} role-skip-session-tagging: true role-duration-seconds: 3600 - name: Set Up Cluster id: setup_cluster env: ENOS_VAR_ui_run_tests: false # Continue once and retry to handle occasional blips when creating infrastructure. continue-on-error: true run: enos scenario launch --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} - name: Retry Set Up Cluster id: setup_cluster_retry if: steps.setup_cluster.outcome == 'failure' env: ENOS_VAR_ui_run_tests: false run: enos scenario launch --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} - name: Run UI Tests id: run_ui_tests env: ENOS_VAR_ui_test_filter: "${{ inputs.test_filter }}" run: enos scenario run --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} - name: Ensure scenario has been destroyed if: ${{ always() }} run: enos scenario destroy --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} - name: Clean up Enos runtime directories if: ${{ always() }} run: | rm -rf /tmp/enos* rm -rf ./enos/support rm -rf ./enos/.enos