Skip to content

Commit

Permalink
backport of commit c287395
Browse files Browse the repository at this point in the history
  • Loading branch information
@rebwill
rebwill committed Jun 11, 2024
1 parent 5971cf5 commit 61473ea
Show file tree
Hide file tree
Showing 38 changed files with 921 additions and 349 deletions.
11 changes: 11 additions & 0 deletions .github/workflows/test-run-enos-scenario-matrix.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,7 +96,13 @@ jobs:
ENOS_VAR_vault_build_date: ${{ needs.metadata.outputs.build-date }}
ENOS_VAR_vault_product_version: ${{ needs.metadata.outputs.vault-version }}
ENOS_VAR_vault_revision: ${{ inputs.vault-revision }}
ENOS_VAR_consul_license_path: ./support/consul.hclic
ENOS_VAR_vault_license_path: ./support/vault.hclic
ENOS_VAR_distro_version_amzn2: ${{ matrix.attributes.distro_version_amzn2 }}
ENOS_VAR_distro_version_leap: ${{ matrix.attributes.distro_version_leap }}
ENOS_VAR_distro_version_rhel: ${{ matrix.attributes.distro_version_rhel }}
ENOS_VAR_distro_version_sles: ${{ matrix.attributes.distro_version_sles }}
ENOS_VAR_distro_version_ubuntu: ${{ matrix.attributes.distro_version_ubuntu }}
ENOS_DEBUG_DATA_ROOT_DIR: /tmp/enos-debug-data
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
Expand Down Expand Up @@ -134,6 +140,11 @@ jobs:
- if: contains(inputs.sample-name, 'ent')
name: Configure Vault license
run: echo "${{ secrets.VAULT_LICENSE }}" > ./enos/support/vault.hclic || true
- if: contains(matrix.scenario.id.filter, 'consul_edition:ent')
name: Configure Consul license
run: |
echo "matrix.scenario.id.filter: ${{ matrix.scenario.id.filter }}"
echo "${{ secrets.CONSUL_LICENSE }}" > ./enos/support/consul.hclic || true
- id: launch
name: enos scenario launch ${{ matrix.scenario.id.filter }}
# Continue once and retry to handle occasional blips when creating infrastructure.
Expand Down
17 changes: 10 additions & 7 deletions enos/enos-dev-scenario-pr-replication.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -69,13 +69,13 @@ scenario "dev_pr_replication" {
EOF

// The matrix is where we define all the baseline combinations that enos can utilize to customize
// your scenario. By default enos attempts to perform your command an the entire product! Most
// of the time you'll want to reduce that by passing in a filter.
// your scenario. By default enos attempts to perform your command on the entire product of these
// possible comginations! Most of the time you'll want to reduce that by passing in a filter.
// Run 'enos scenario list --help' to see more about how filtering scenarios works in enos.
matrix {
arch = ["amd64", "arm64"]
artifact = ["local", "deb", "rpm", "zip"]
distro = ["ubuntu", "rhel"]
distro = ["amzn2", "leap", "rhel", "sles", "ubuntu"]
edition = ["ent", "ent.fips1402", "ent.hsm", "ent.hsm.fips1402"]
primary_backend = ["consul", "raft"]
primary_seal = ["awskms", "pkcs11", "shamir"]
Expand Down Expand Up @@ -117,8 +117,8 @@ scenario "dev_pr_replication" {
// Here we declare all of the providers that we might need for our scenario.
providers = [
provider.aws.default,
provider.enos.ubuntu,
provider.enos.rhel
provider.enos.ec2_user,
provider.enos.ubuntu
]

// These are variable values that are local to our scenario. They are evaluated after external
Expand All @@ -127,7 +127,10 @@ scenario "dev_pr_replication" {
// The enos provider uses different ssh transport configs for different distros (as
// specified in enos-providers.hcl), and we need to be able to access both of those here.
enos_provider = {
rhel = provider.enos.rhel
amzn2 = provider.enos.ec2_user
leap = provider.enos.ec2_user
rhel = provider.enos.ec2_user
sles = provider.enos.ec2_user
ubuntu = provider.enos.ubuntu
}
// We install vault packages from artifactory. If you wish to use one of these variants you'll
Expand All @@ -139,7 +142,7 @@ scenario "dev_pr_replication" {
// If you are using an ent edition, you will need a Vault license. Common convention
// is to store it at ./support/vault.hclic, but you may change this path according
// to your own preference.
vault_install_dir = matrix.artifact == "zip" ? var.vault_install_dir : global.vault_install_dir_packages[matrix.distro]
vault_install_dir = matrix.artifact == "zip" || matrix.artifact == "local" ? global.vault_install_dir["bundle"] : global.vault_install_dir["package"]
}

// Begin scenario steps. These are the steps we'll perform to get your cluster up and running.
Expand Down
19 changes: 12 additions & 7 deletions enos/enos-dev-scenario-single-cluster.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,14 +68,14 @@ scenario "dev_single_cluster" {
EOF

// The matrix is where we define all the baseline combinations that enos can utilize to customize
// your scenario. By default enos attempts to perform your command an the entire product! Most
// of the time you'll want to reduce that by passing in a filter.
// your scenario. By default enos attempts to perform your command on the entire product of these
// possible comginations! Most of the time you'll want to reduce that by passing in a filter.
// Run 'enos scenario list --help' to see more about how filtering scenarios works in enos.
matrix {
arch = ["amd64", "arm64"]
artifact = ["local", "deb", "rpm", "zip"]
backend = ["consul", "raft"]
distro = ["ubuntu", "rhel"]
distro = ["amzn2", "leap", "rhel", "sles", "ubuntu"]
edition = ["ce", "ent", "ent.fips1402", "ent.hsm", "ent.hsm.fips1402"]
seal = ["awskms", "pkcs11", "shamir"]

Expand Down Expand Up @@ -107,10 +107,12 @@ scenario "dev_single_cluster" {
terraform = terraform.default

// Here we declare all of the providers that we might need for our scenario.
// There are two different configurations for the Enos provider, each specifying
// SSH transport configs for different Linux distros.
providers = [
provider.aws.default,
provider.enos.ubuntu,
provider.enos.rhel
provider.enos.ec2_user,
provider.enos.ubuntu
]

// These are variable values that are local to our scenario. They are evaluated after external
Expand All @@ -119,7 +121,10 @@ scenario "dev_single_cluster" {
// The enos provider uses different ssh transport configs for different distros (as
// specified in enos-providers.hcl), and we need to be able to access both of those here.
enos_provider = {
rhel = provider.enos.rhel
amzn2 = provider.enos.ec2_user
leap = provider.enos.ec2_user
rhel = provider.enos.ec2_user
sles = provider.enos.ec2_user
ubuntu = provider.enos.ubuntu
}
// We install vault packages from artifactory. If you wish to use one of these variants you'll
Expand All @@ -131,7 +136,7 @@ scenario "dev_single_cluster" {
// If you are using an ent edition, you will need a Vault license. Common convention
// is to store it at ./support/vault.hclic, but you may change this path according
// to your own preference.
vault_install_dir = matrix.artifact == "zip" ? var.vault_install_dir : global.vault_install_dir_packages[matrix.distro]
vault_install_dir = matrix.artifact == "zip" || matrix.artifact == "local" ? global.vault_install_dir["bundle"] : global.vault_install_dir["package"]
}

// Begin scenario steps. These are the steps we'll perform to get your cluster up and running.
Expand Down
45 changes: 34 additions & 11 deletions enos/enos-globals.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,20 +16,43 @@ globals {
"ent.hsm.fips1402" = ["ui", "enterprise", "cgo", "hsm", "fips", "fips_140_2", "ent.hsm.fips1402"]
}
config_modes = ["env", "file"]
consul_editions = ["ce", "ent"]
consul_versions = ["1.14.11", "1.15.7", "1.16.3", "1.17.0"]
distros = ["ubuntu", "rhel"]
distros = ["amzn2", "leap", "rhel", "sles", "ubuntu"]
# Different distros may require different packages, or use different aliases for the same package
distro_packages = {
amzn2 = ["nc"]
leap = ["netcat", "openssl"]
rhel = ["nc"]
# When installing Vault RPM packages on a SLES AMI, the openssl package provided
# isn't named "openssl, which rpm doesn't know how to handle. Therefore we add the
# "correctly" named one in our package installation before installing Vault.
sles = ["netcat-openbsd", "openssl"]
ubuntu = ["netcat"]
}
distro_version = {
"rhel" = var.rhel_distro_version
"ubuntu" = var.ubuntu_distro_version
"amzn2" = var.distro_version_amzn2
"leap" = var.distro_version_leap
"rhel" = var.distro_version_rhel
"sles" = var.distro_version_sles
"ubuntu" = var.distro_version_ubuntu
}
editions = ["ce", "ent", "ent.fips1402", "ent.hsm", "ent.hsm.fips1402"]
packages = ["jq"]
distro_packages = {
ubuntu = ["netcat"]
rhel = ["nc"]
package_manager = {
"amzn2" = "yum"
"leap" = "zypper"
"rhel" = "yum"
"sles" = "zypper"
"ubuntu" = "apt"
}
packages = ["jq"]
sample_attributes = {
aws_region = ["us-east-1", "us-west-2"]
aws_region = ["us-east-1", "us-west-2"]
distro_version_amzn2 = ["2"]
distro_version_leap = ["15.4", "15.5"]
distro_version_rhel = ["8.9", "9.3"]
distro_version_sles = ["v15_sp5_standard"]
distro_version_ubuntu = ["20.04", "22.04"]
}
seals = ["awskms", "pkcs11", "shamir"]
tags = merge({
Expand All @@ -42,9 +65,9 @@ globals {
// that use this global might not work as expected with earlier versions. Below 1.8.x is
// not supported in any way.
upgrade_initial_versions = ["1.11.12", "1.12.11", "1.13.11", "1.14.7", "1.15.3"]
vault_install_dir_packages = {
rhel = "/bin"
ubuntu = "/usr/bin"
vault_install_dir = {
bundle = "/opt/vault/bin"
package = "/usr/bin"
}
vault_license_path = abspath(var.vault_license_path != null ? var.vault_license_path : joinpath(path.root, "./support/vault.hclic"))
vault_tag_key = "Type" // enos_vault_start expects Type as the tag key
Expand Down
4 changes: 3 additions & 1 deletion enos/enos-providers.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@ provider "aws" "default" {
region = var.aws_region
}

provider "enos" "rhel" {
# This default SSH user is used in RHEL, Amazon Linux, SUSE, and Leap distros
provider "enos" "ec2_user" {
transport = {
ssh = {
user = "ec2-user"
Expand All @@ -14,6 +15,7 @@ provider "enos" "rhel" {
}
}

# This default SSH user is used in the Ubuntu distro
provider "enos" "ubuntu" {
transport = {
ssh = {
Expand Down
24 changes: 16 additions & 8 deletions enos/enos-samples-ce-build.hcl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ sample "build_ce_linux_arm64_rpm" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "rhel", "sles"]
edition = ["ce"]
}
}
Expand All @@ -107,7 +107,7 @@ sample "build_ce_linux_arm64_rpm" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "rhel", "sles"]
edition = ["ce"]
}
}
Expand All @@ -117,7 +117,7 @@ sample "build_ce_linux_arm64_rpm" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "rhel", "sles"]
edition = ["ce"]
}
}
Expand All @@ -127,7 +127,7 @@ sample "build_ce_linux_arm64_rpm" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "rhel", "sles"]
edition = ["ce"]
}
}
Expand All @@ -141,7 +141,7 @@ sample "build_ce_linux_amd64_rpm" {
arch = ["amd64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "leap", "rhel", "sles"]
edition = ["ce"]
}
}
Expand All @@ -151,7 +151,7 @@ sample "build_ce_linux_amd64_rpm" {
arch = ["amd64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "leap", "rhel", "sles"]
edition = ["ce"]
}
}
Expand All @@ -161,7 +161,7 @@ sample "build_ce_linux_amd64_rpm" {
arch = ["amd64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "leap", "rhel", "sles"]
edition = ["ce"]
}
}
Expand All @@ -171,7 +171,7 @@ sample "build_ce_linux_amd64_rpm" {
arch = ["amd64"]
artifact_source = ["crt"]
artifact_type = ["package"]
distro = ["rhel"]
distro = ["amzn2", "leap", "rhel", "sles"]
edition = ["ce"]

exclude {
Expand All @@ -191,6 +191,7 @@ sample "build_ce_linux_amd64_zip" {
arch = ["amd64"]
artifact_type = ["bundle"]
artifact_source = ["crt"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand All @@ -200,6 +201,7 @@ sample "build_ce_linux_amd64_zip" {
arch = ["amd64"]
artifact_type = ["bundle"]
artifact_source = ["crt"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand All @@ -209,6 +211,7 @@ sample "build_ce_linux_amd64_zip" {
arch = ["amd64"]
artifact_type = ["bundle"]
artifact_source = ["crt"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand All @@ -218,6 +221,7 @@ sample "build_ce_linux_amd64_zip" {
arch = ["amd64"]
artifact_type = ["bundle"]
artifact_source = ["crt"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand All @@ -231,6 +235,7 @@ sample "build_ce_linux_arm64_zip" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["bundle"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand All @@ -240,6 +245,7 @@ sample "build_ce_linux_arm64_zip" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["bundle"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand All @@ -249,6 +255,7 @@ sample "build_ce_linux_arm64_zip" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["bundle"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand All @@ -258,6 +265,7 @@ sample "build_ce_linux_arm64_zip" {
arch = ["arm64"]
artifact_source = ["crt"]
artifact_type = ["bundle"]
distro = ["amzn2", "ubuntu"]
edition = ["ce"]
}
}
Expand Down
Loading

0 comments on commit 61473ea

Please sign in to comment.