| --- |
| name: enos-k8s |
| |
| on: |
| workflow_call: |
| inputs: |
| artifact-build-date: |
| required: false |
| type: string |
| artifact-name: |
| required: true |
| type: string |
| artifact-revision: |
| required: true |
| type: string |
| artifact-version: |
| required: true |
| type: string |
| |
| env: |
| ARTIFACT_BUILD_DATE: ${{ inputs.artifact-build-date }} |
| ARTIFACT_NAME: ${{ inputs.artifact-name }} |
| ARTIFACT_REVISION: ${{ inputs.artifact-revision }} |
| ARTIFACT_VERSION: ${{ inputs.artifact-version }} |
| |
| jobs: |
| enos: |
| name: Integration |
| runs-on: ubuntu-latest |
| env: |
| GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} |
| steps: |
| - name: Checkout |
| uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 |
| - name: Set up Terraform |
| uses: hashicorp/setup-terraform@v2 |
| with: |
| # the Terraform wrapper will break Terraform execution in Enos because |
| # it changes the output to text when we expect it to be JSON. |
| terraform_wrapper: false |
| - name: Set up Enos |
| uses: hashicorp/action-setup-enos@v1 |
| with: |
| github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} |
| - name: Download Docker Image |
| id: download |
| uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 |
| with: |
| name: ${{ inputs.artifact-name }} |
| path: ./enos/support/downloads |
| - name: Prepare for scenario execution |
| env: |
| IS_ENT: ${{ startsWith(env.ARTIFACT_NAME, 'vault-enterprise' ) }} |
| run: | |
| mkdir -p ./enos/support/terraform-plugin-cache |
| if [ "$IS_ENT" == true ]; then |
| echo "${{ secrets.VAULT_LICENSE }}" > ./enos/support/vault.hclic || true |
| echo "edition=ent" >> "$GITHUB_ENV" |
| echo "edition set to 'ent'" |
| echo "image_repo=hashicorp/vault-enterprise" >> "$GITHUB_ENV" |
| echo "image repo set to 'hashicorp/vault-enterprise'" |
| else |
| echo "edition=ce" >> "$GITHUB_ENV" |
| echo "edition set to 'ce'" |
| echo "image_repo=hashicorp/vault" >> "$GITHUB_ENV" |
| echo "image repo set to 'hashicorp/vault'" |
| fi |
| - name: Run Enos scenario |
| id: run |
| # Continue once and retry to handle occasional blips when creating |
| # infrastructure. |
| continue-on-error: true |
| env: |
| ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} |
| ENOS_VAR_terraform_plugin_cache_dir: ../support/terraform-plugin-cache |
| ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} |
| ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} |
| ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }} |
| ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}}/${{ env.ARTIFACT_NAME }} |
| ENOS_VAR_vault_image_repository: ${{ env.image_repo }} |
| run: | |
| enos scenario run --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }} |
| - name: Retry Enos scenario |
| id: run_retry |
| if: steps.run.outcome == 'failure' |
| env: |
| ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} |
| ENOS_VAR_terraform_plugin_cache_dir: ../support/terraform-plugin-cache |
| ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} |
| ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} |
| ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }} |
| ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}}/${{ env.ARTIFACT_NAME }} |
| ENOS_VAR_vault_image_repository: ${{ env.image_repo }} |
| run: | |
| enos scenario run --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }} |
| - name: Destroy Enos scenario |
| if: ${{ always() }} |
| env: |
| ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} |
| ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache |
| ENOS_VAR_vault_build_date: ${{ env.ARTIFACT_BUILD_DATE }} |
| ENOS_VAR_vault_product_version: ${{ env.ARTIFACT_VERSION }} |
| ENOS_VAR_vault_product_revision: ${{ env.ARTIFACT_REVISION }} |
| ENOS_VAR_vault_docker_image_archive: ${{steps.download.outputs.download-path}} |
| ENOS_VAR_vault_image_repository: ${{ env.image_repo }} |
| run: | |
| enos scenario destroy --timeout 10m0s --chdir ./enos/k8s edition:${{ env.edition }} |
| - name: Cleanup Enos runtime directories |
| if: ${{ always() }} |
| run: | |
| rm -rf /tmp/enos* |
| rm -rf ./enos/support |
| rm -rf ./enos/k8s/.enos |