114 lines
4.5 KiB
YAML
114 lines
4.5 KiB
YAML
---
|
|
name: enos-k8s
|
|
|
|
on:
|
|
workflow_call:
|
|
inputs:
|
|
artifact-build-date:
|
|
required: false
|
|
type: string
|
|
artifact-name:
|
|
required: true
|
|
type: string
|
|
artifact-revision:
|
|
required: true
|
|
type: string
|
|
artifact-version:
|
|
required: true
|
|
type: string
|
|
|
|
env:
|
|
ARTIFACT_BUILD_DATE: ${{ inputs.artifact-build-date }}
|
|
ARTIFACT_NAME: ${{ inputs.artifact-name }}
|
|
ARTIFACT_REVISION: ${{ inputs.artifact-revision }}
|
|
ARTIFACT_VERSION: ${{ inputs.artifact-version }}
|
|
|
|
jobs:
|
|
enos:
|
|
name: Integration
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@v3
|
|
- name: Set up Terraform
|
|
uses: hashicorp/setup-terraform@v2
|
|
with:
|
|
# the Terraform wrapper will break Terraform execution in Enos because
|
|
# it changes the output to text when we expect it to be JSON.
|
|
terraform_wrapper: false
|
|
- name: Set up Enos
|
|
uses: hashicorp/action-setup-enos@v1
|
|
with:
|
|
github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }}
|
|
- name: Download Docker Image
|
|
id: download
|
|
uses: actions/download-artifact@v3
|
|
with:
|
|
name: ${{ inputs.artifact-name }}
|
|
path: ./enos/support/downloads
|
|
- name: Prepare for scenario execution
|
|
env:
|
|
IS_ENT: ${{ startsWith(env.ARTIFACT_NAME, 'vault-enterprise' ) }}
|
|
run: |
|
|
mkdir -p ./enos/support/terraform-plugin-cache
|
|
if ${IS_ENT} == true; then
|
|
echo "${{ secrets.VAULT_LICENSE }}" > ./enos/support/vault.hclic || true
|
|
echo "edition=ent" >> $GITHUB_ENV
|
|
echo "edition set to 'ent'"
|
|
echo "image_repo=hashicorp/vault-enterprise" >> $GITHUB_ENV
|
|
echo "image repo set to 'hashicorp/vault-enterprise'"
|
|
else
|
|
echo "edition=oss" >> $GITHUB_ENV
|
|
echo "edition set to 'oss'"
|
|
echo "image_repo=hashicorp/vault" >> $GITHUB_ENV
|
|
echo "image repo set to 'hashicorp/vault'"
|
|
fi
|
|
- name: Run Enos scenario
|
|
id: run
|
|
# Continue once and retry to handle occasional blips when creating
|
|
# infrastructure.
|
|
continue-on-error: true
|
|
env:
|
|
ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }}
|
|
ENOS_VAR_terraform_plugin_cache_dir: ../support/terraform-plugin-cache
|
|
ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }}
|
|
ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }}
|
|
ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }}
|
|
ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}}/${{ env.ARTIFACT_NAME }}
|
|
ENOS_VAR_vault_image_repository: ${{ env.image_repo }}
|
|
run: |
|
|
enos scenario run --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }}
|
|
- name: Retry Enos scenario
|
|
id: run_retry
|
|
if: steps.run.outcome == 'failure'
|
|
env:
|
|
ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }}
|
|
ENOS_VAR_terraform_plugin_cache_dir: ../support/terraform-plugin-cache
|
|
ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }}
|
|
ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }}
|
|
ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }}
|
|
ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}}/${{ env.ARTIFACT_NAME }}
|
|
ENOS_VAR_vault_image_repository: ${{ env.image_repo }}
|
|
run: |
|
|
enos scenario run --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }}
|
|
- name: Destroy Enos scenario
|
|
if: ${{ always() }}
|
|
env:
|
|
ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }}
|
|
ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache
|
|
ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }}
|
|
ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }}
|
|
ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }}
|
|
ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}}
|
|
ENOS_VAR_vault_image_repository: ${{ env.image_repo }}
|
|
run: |
|
|
enos scenario destroy --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }}
|
|
- name: Cleanup Enos runtime directories
|
|
if: ${{ always() }}
|
|
run: |
|
|
rm -rf /tmp/enos*
|
|
rm -rf ./enos/support
|
|
rm -rf ./enos/k8s/.enos
|