-
Notifications
You must be signed in to change notification settings - Fork 4.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add additional Linux distros and Consul editions to Enos scenarios #25983
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -96,7 +96,13 @@ jobs: | |
ENOS_VAR_vault_build_date: ${{ needs.metadata.outputs.build-date }} | ||
ENOS_VAR_vault_product_version: ${{ needs.metadata.outputs.vault-version }} | ||
ENOS_VAR_vault_revision: ${{ inputs.vault-revision }} | ||
ENOS_VAR_consul_license_path: ./support/consul.hclic | ||
ENOS_VAR_vault_license_path: ./support/vault.hclic | ||
ENOS_VAR_distro_version_amzn2: ${{ matrix.attributes.distro_version_amzn2 }} | ||
ENOS_VAR_distro_version_leap: ${{ matrix.attributes.distro_version_leap }} | ||
ENOS_VAR_distro_version_rhel: ${{ matrix.attributes.distro_version_rhel }} | ||
ENOS_VAR_distro_version_sles: ${{ matrix.attributes.distro_version_sles }} | ||
ENOS_VAR_distro_version_ubuntu: ${{ matrix.attributes.distro_version_ubuntu }} | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Quite excited for additional RHEL and Ubuntu versions in the sample field! Related: Ubuntu 24.04 drops next month. I wonder if there are already AMIs out that we can add into our module so we can get a head start on testing for it? There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. I will opt not to include this in this particular PR, but will create a ticket for it. |
||
ENOS_DEBUG_DATA_ROOT_DIR: /tmp/enos-debug-data | ||
steps: | ||
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 | ||
|
@@ -134,6 +140,11 @@ jobs: | |
- if: contains(inputs.sample-name, 'ent') | ||
name: Configure Vault license | ||
run: echo "${{ secrets.VAULT_LICENSE }}" > ./enos/support/vault.hclic || true | ||
- if: contains(matrix.scenario.id.filter, 'consul_edition:ent') | ||
name: Configure Consul license | ||
run: | | ||
echo "matrix.scenario.id.filter: ${{ matrix.scenario.id.filter }}" | ||
echo "${{ secrets.CONSUL_LICENSE }}" > ./enos/support/consul.hclic || true | ||
- id: launch | ||
name: enos scenario launch ${{ matrix.scenario.id.filter }} | ||
# Continue once and retry to handle occasional blips when creating infrastructure. | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -69,13 +69,13 @@ scenario "dev_pr_replication" { | |
EOF | ||
|
||
// The matrix is where we define all the baseline combinations that enos can utilize to customize | ||
// your scenario. By default enos attempts to perform your command an the entire product! Most | ||
// of the time you'll want to reduce that by passing in a filter. | ||
// your scenario. By default enos attempts to perform your command on the entire product of these | ||
// possible comginations! Most of the time you'll want to reduce that by passing in a filter. | ||
// Run 'enos scenario list --help' to see more about how filtering scenarios works in enos. | ||
matrix { | ||
arch = ["amd64", "arm64"] | ||
artifact = ["local", "deb", "rpm", "zip"] | ||
distro = ["ubuntu", "rhel"] | ||
distro = ["amzn2", "leap", "rhel", "sles", "ubuntu"] | ||
edition = ["ent", "ent.fips1402", "ent.hsm", "ent.hsm.fips1402"] | ||
primary_backend = ["consul", "raft"] | ||
primary_seal = ["awskms", "pkcs11", "shamir"] | ||
|
@@ -117,8 +117,8 @@ scenario "dev_pr_replication" { | |
// Here we declare all of the providers that we might need for our scenario. | ||
providers = [ | ||
provider.aws.default, | ||
provider.enos.ubuntu, | ||
provider.enos.rhel | ||
provider.enos.ec2_user, | ||
provider.enos.ubuntu | ||
] | ||
|
||
// These are variable values that are local to our scenario. They are evaluated after external | ||
|
@@ -127,7 +127,10 @@ scenario "dev_pr_replication" { | |
// The enos provider uses different ssh transport configs for different distros (as | ||
// specified in enos-providers.hcl), and we need to be able to access both of those here. | ||
enos_provider = { | ||
rhel = provider.enos.rhel | ||
amzn2 = provider.enos.ec2_user | ||
leap = provider.enos.ec2_user | ||
rhel = provider.enos.ec2_user | ||
sles = provider.enos.ec2_user | ||
ubuntu = provider.enos.ubuntu | ||
} | ||
// We install vault packages from artifactory. If you wish to use one of these variants you'll | ||
|
@@ -139,7 +142,7 @@ scenario "dev_pr_replication" { | |
// If you are using an ent edition, you will need a Vault license. Common convention | ||
// is to store it at ./support/vault.hclic, but you may change this path according | ||
// to your own preference. | ||
vault_install_dir = matrix.artifact == "zip" ? var.vault_install_dir : global.vault_install_dir_packages[matrix.distro] | ||
vault_install_dir = matrix.artifact == "zip" || matrix.artifact == "local" ? global.vault_install_dir["bundle"] : global.vault_install_dir["package"] | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Based on this, it seems like we have no real use of There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Our global map uses the artifact_type (bundle or package), which we don't have in this scenario, so this is like a re-mapping of our matrix.artifact to those. |
||
} | ||
|
||
// Begin scenario steps. These are the steps we'll perform to get your cluster up and running. | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -16,20 +16,43 @@ globals { | |
"ent.hsm.fips1402" = ["ui", "enterprise", "cgo", "hsm", "fips", "fips_140_2", "ent.hsm.fips1402"] | ||
} | ||
config_modes = ["env", "file"] | ||
consul_editions = ["ce", "ent"] | ||
consul_versions = ["1.14.11", "1.15.7", "1.16.3", "1.17.0"] | ||
distros = ["ubuntu", "rhel"] | ||
distros = ["amzn2", "leap", "rhel", "sles", "ubuntu"] | ||
# Different distros may require different packages, or use different aliases for the same package | ||
distro_packages = { | ||
amzn2 = ["nc"] | ||
leap = ["netcat", "openssl"] | ||
rhel = ["nc"] | ||
# When installing Vault RPM packages on a SLES AMI, the openssl package provided | ||
# isn't named "openssl, which rpm doesn't know how to handle. Therefore we add the | ||
# "correctly" named one in our package installation before installing Vault. | ||
sles = ["netcat-openbsd", "openssl"] | ||
ubuntu = ["netcat"] | ||
} | ||
distro_version = { | ||
"rhel" = var.rhel_distro_version | ||
"ubuntu" = var.ubuntu_distro_version | ||
"amzn2" = var.distro_version_amzn2 | ||
"leap" = var.distro_version_leap | ||
"rhel" = var.distro_version_rhel | ||
"sles" = var.distro_version_sles | ||
"ubuntu" = var.distro_version_ubuntu | ||
} | ||
editions = ["ce", "ent", "ent.fips1402", "ent.hsm", "ent.hsm.fips1402"] | ||
packages = ["jq"] | ||
distro_packages = { | ||
ubuntu = ["netcat"] | ||
rhel = ["nc"] | ||
package_manager = { | ||
"amzn2" = "yum" | ||
"leap" = "zypper" | ||
"rhel" = "yum" | ||
"sles" = "zypper" | ||
"ubuntu" = "apt" | ||
} | ||
packages = ["jq"] | ||
sample_attributes = { | ||
aws_region = ["us-east-1", "us-west-2"] | ||
aws_region = ["us-east-1", "us-west-2"] | ||
distro_version_amzn2 = ["2"] | ||
distro_version_leap = ["15.4", "15.5"] | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Great use of sample attrs. I'm still trying to figure out when it's better to use samples attrs or a matrix variant, but it feels like to me if it doesn't change logic it should be a sample attr going forward. |
||
distro_version_rhel = ["8.9", "9.3"] | ||
distro_version_sles = ["v15_sp5_standard"] | ||
distro_version_ubuntu = ["20.04", "22.04"] | ||
} | ||
seals = ["awskms", "pkcs11", "shamir"] | ||
tags = merge({ | ||
|
@@ -42,9 +65,9 @@ globals { | |
// that use this global might not work as expected with earlier versions. Below 1.8.x is | ||
// not supported in any way. | ||
upgrade_initial_versions = ["1.11.12", "1.12.11", "1.13.11", "1.14.7", "1.15.3"] | ||
vault_install_dir_packages = { | ||
rhel = "/bin" | ||
ubuntu = "/usr/bin" | ||
vault_install_dir = { | ||
rebwill marked this conversation as resolved.
Show resolved
Hide resolved
|
||
bundle = "/opt/vault/bin" | ||
package = "/usr/bin" | ||
ryancragun marked this conversation as resolved.
Show resolved
Hide resolved
|
||
} | ||
vault_license_path = abspath(var.vault_license_path != null ? var.vault_license_path : joinpath(path.root, "./support/vault.hclic")) | ||
vault_tag_key = "Type" // enos_vault_start expects Type as the tag key | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -97,7 +97,7 @@ sample "build_ce_linux_arm64_rpm" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "rhel", "sles"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -107,7 +107,7 @@ sample "build_ce_linux_arm64_rpm" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "rhel", "sles"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -117,7 +117,7 @@ sample "build_ce_linux_arm64_rpm" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "rhel", "sles"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -127,7 +127,7 @@ sample "build_ce_linux_arm64_rpm" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "rhel", "sles"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -141,7 +141,7 @@ sample "build_ce_linux_amd64_rpm" { | |
arch = ["amd64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "leap", "rhel", "sles"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -151,7 +151,7 @@ sample "build_ce_linux_amd64_rpm" { | |
arch = ["amd64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "leap", "rhel", "sles"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -161,7 +161,7 @@ sample "build_ce_linux_amd64_rpm" { | |
arch = ["amd64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "leap", "rhel", "sles"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -171,7 +171,7 @@ sample "build_ce_linux_amd64_rpm" { | |
arch = ["amd64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["package"] | ||
distro = ["rhel"] | ||
distro = ["amzn2", "leap", "rhel", "sles"] | ||
edition = ["ce"] | ||
|
||
exclude { | ||
|
@@ -191,6 +191,7 @@ sample "build_ce_linux_amd64_zip" { | |
arch = ["amd64"] | ||
artifact_type = ["bundle"] | ||
artifact_source = ["crt"] | ||
distro = ["amzn2", "ubuntu"] | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 😍 |
||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -200,6 +201,7 @@ sample "build_ce_linux_amd64_zip" { | |
arch = ["amd64"] | ||
artifact_type = ["bundle"] | ||
artifact_source = ["crt"] | ||
distro = ["amzn2", "ubuntu"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -209,6 +211,7 @@ sample "build_ce_linux_amd64_zip" { | |
arch = ["amd64"] | ||
artifact_type = ["bundle"] | ||
artifact_source = ["crt"] | ||
distro = ["amzn2", "ubuntu"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -218,6 +221,7 @@ sample "build_ce_linux_amd64_zip" { | |
arch = ["amd64"] | ||
artifact_type = ["bundle"] | ||
artifact_source = ["crt"] | ||
distro = ["amzn2", "ubuntu"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -231,6 +235,7 @@ sample "build_ce_linux_arm64_zip" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["bundle"] | ||
distro = ["amzn2", "ubuntu"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -240,6 +245,7 @@ sample "build_ce_linux_arm64_zip" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["bundle"] | ||
distro = ["amzn2", "ubuntu"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -249,6 +255,7 @@ sample "build_ce_linux_arm64_zip" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["bundle"] | ||
distro = ["amzn2", "ubuntu"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
@@ -258,6 +265,7 @@ sample "build_ce_linux_arm64_zip" { | |
arch = ["arm64"] | ||
artifact_source = ["crt"] | ||
artifact_type = ["bundle"] | ||
distro = ["amzn2", "ubuntu"] | ||
edition = ["ce"] | ||
} | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should move the
consul_version
into the sample attributes. Definitely not required in this PR but something we should track and do after this is merged. It'll reduce our matrix size but I think the entire sample field with attributes will become the new source of truth and we should make the enos CLI capable of reporting that.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Will create a ticket for this.