--- name: enos-k8s on: workflow_call: inputs: artifact-build-date: required: false type: string artifact-name: required: true type: string artifact-revision: required: true type: string artifact-version: required: true type: string env: ARTIFACT_BUILD_DATE: ${{ inputs.artifact-build-date }} ARTIFACT_NAME: ${{ inputs.artifact-name }} ARTIFACT_REVISION: ${{ inputs.artifact-revision }} ARTIFACT_VERSION: ${{ inputs.artifact-version }} jobs: enos: name: Integration runs-on: ubuntu-latest env: GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} steps: - name: Checkout uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 - name: Set up Terraform uses: hashicorp/setup-terraform@v2 with: # the Terraform wrapper will break Terraform execution in Enos because # it changes the output to text when we expect it to be JSON. terraform_wrapper: false - name: Set up Enos uses: hashicorp/action-setup-enos@v1 with: github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} - name: Download Docker Image id: download uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ inputs.artifact-name }} path: ./enos/support/downloads - name: Prepare for scenario execution env: IS_ENT: ${{ startsWith(env.ARTIFACT_NAME, 'vault-enterprise' ) }} run: | mkdir -p ./enos/support/terraform-plugin-cache if [ "$IS_ENT" == true ]; then echo "${{ secrets.VAULT_LICENSE }}" > ./enos/support/vault.hclic || true echo "edition=ent" >> "$GITHUB_ENV" echo "edition set to 'ent'" echo "image_repo=hashicorp/vault-enterprise" >> "$GITHUB_ENV" echo "image repo set to 'hashicorp/vault-enterprise'" else echo "edition=oss" >> "$GITHUB_ENV" echo "edition set to 'oss'" echo "image_repo=hashicorp/vault" >> "$GITHUB_ENV" echo "image repo set to 'hashicorp/vault'" fi - name: Run Enos scenario id: run # Continue once and retry to handle occasional blips when creating # infrastructure. continue-on-error: true env: ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} ENOS_VAR_terraform_plugin_cache_dir: ../support/terraform-plugin-cache ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }} ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}}/${{ env.ARTIFACT_NAME }} ENOS_VAR_vault_image_repository: ${{ env.image_repo }} run: | enos scenario run --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }} - name: Retry Enos scenario id: run_retry if: steps.run.outcome == 'failure' env: ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} ENOS_VAR_terraform_plugin_cache_dir: ../support/terraform-plugin-cache ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }} ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}}/${{ env.ARTIFACT_NAME }} ENOS_VAR_vault_image_repository: ${{ env.image_repo }} run: | enos scenario run --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }} - name: Destroy Enos scenario if: ${{ always() }} env: ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }} ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}} ENOS_VAR_vault_image_repository: ${{ env.image_repo }} run: | enos scenario destroy --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }} - name: Cleanup Enos runtime directories if: ${{ always() }} run: | rm -rf /tmp/enos* rm -rf ./enos/support rm -rf ./enos/k8s/.enos