| --- |
| name: Vault UI Tests |
| |
| on: |
| workflow_call: |
| inputs: |
| test_filter: |
| type: string |
| description: "A filter to limit the ui tests to. Will be appended to the ember test command as '-f=<filter>'" |
| required: false |
| storage_backend: |
| type: string |
| description: "The storage backend to use, either 'raft' or 'consul'" |
| default: raft |
| workflow_dispatch: |
| inputs: |
| test_filter: |
| type: string |
| description: "A filter to limit the ui tests to. Will be appended to the ember test command as '-f=<filter>'" |
| required: false |
| storage_backend: |
| description: "The storage backend to use, either 'raft' or 'consul'" |
| required: true |
| default: raft |
| type: choice |
| options: |
| - raft |
| - consul |
| |
| jobs: |
| get-metadata: |
| name: Get metadata |
| runs-on: ubuntu-latest |
| outputs: |
| runs-on: ${{ steps.get-metadata.outputs.runs-on }} |
| vault_edition: ${{ steps.get-metadata.outputs.vault_edition }} |
| steps: |
| - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 |
| - id: get-metadata |
| env: |
| IS_ENT: ${{ startsWith(github.event.repository.name, 'vault-enterprise' ) }} |
| run: | |
| if [ "$IS_ENT" == true ]; then |
| echo "detected vault_edition=ent" |
| echo "runs-on=['self-hosted', 'ondemand', 'os=linux', 'type=m5d.4xlarge']" >> "$GITHUB_OUTPUT" |
| echo "vault_edition=ent" >> "$GITHUB_OUTPUT" |
| else |
| echo "detected vault_edition=oss" |
| echo "runs-on=\"custom-linux-xl-vault-latest\"" >> "$GITHUB_OUTPUT" |
| echo "vault_edition=oss" >> "$GITHUB_OUTPUT" |
| fi |
| |
| run-ui-tests: |
| name: Run UI Tests |
| needs: get-metadata |
| runs-on: ${{ fromJSON(needs.get-metadata.outputs.runs-on) }} |
| timeout-minutes: 90 |
| env: |
| GITHUB_TOKEN: ${{ secrets.ELEVATED_GITHUB_TOKEN }} |
| # Pass in enos variables |
| ENOS_VAR_aws_region: us-east-1 |
| ENOS_VAR_aws_ssh_keypair_name: ${{ github.event.repository.name }}-ci-ssh-key |
| ENOS_VAR_aws_ssh_private_key_path: ./support/private_key.pem |
| ENOS_VAR_tfc_api_token: ${{ secrets.TF_API_TOKEN }} |
| ENOS_VAR_terraform_plugin_cache_dir: ./support/terraform-plugin-cache |
| ENOS_VAR_vault_license_path: ./support/vault.hclic |
| GOPRIVATE: github.com/hashicorp |
| steps: |
| - name: Checkout |
| uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 |
| - uses: ./.github/actions/set-up-go |
| with: |
| github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} |
| - uses: hashicorp/action-setup-enos@v1 |
| with: |
| github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} |
| - name: Set Up Git |
| run: git config --global url."https://${{ secrets.elevated_github_token }}:@github.com".insteadOf "https://github.com" |
| - name: Set Up Node |
| uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0 |
| with: |
| node-version-file: './ui/package.json' |
| - name: Set Up Terraform |
| uses: hashicorp/setup-terraform@v2 |
| with: |
| cli_config_credentials_token: ${{ secrets.TF_API_TOKEN }} |
| terraform_wrapper: false |
| - name: Prepare scenario dependencies |
| run: | |
| mkdir -p ./enos/support/terraform-plugin-cache |
| echo "${{ secrets.SSH_KEY_PRIVATE_CI }}" > ./enos/support/private_key.pem |
| chmod 600 ./enos/support/private_key.pem |
| - name: Set Up Vault Enterprise License |
| if: contains(github.event.repository.name, 'ent') |
| run: echo "${{ secrets.VAULT_LICENSE }}" > ./enos/support/vault.hclic || true |
| - name: Check Chrome Installed |
| id: chrome-check |
| run: echo "chrome-version=$(chrome --version 2> /dev/null || google-chrome --version 2> /dev/null || google-chrome-stable --version 2> /dev/null || echo 'not-installed')" >> "$GITHUB_OUTPUT" |
| - name: Install Chrome Dependencies |
| if: steps.chrome-check.outputs.chrome-version == 'not-installed' |
| run: | |
| sudo apt update |
| sudo apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2 |
| - name: Install Chrome |
| if: steps.chrome-check.outputs.chrome-version == 'not-installed' |
| uses: browser-actions/setup-chrome@c485fa3bab6be59dce18dbc18ef6ab7cbc8ff5f1 # v1.2.0 |
| - name: Installed Chrome Version |
| run: | |
| echo "Installed Chrome Version = [$(chrome --version 2> /dev/null || google-chrome --version 2> /dev/null || google-chrome-stable --version 2> /dev/null)]" |
| - name: Configure AWS credentials from Test account |
| uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 # v2.2.0 |
| with: |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }} |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }} |
| aws-region: us-east-1 |
| role-to-assume: ${{ secrets.AWS_ROLE_ARN_CI }} |
| role-skip-session-tagging: true |
| role-duration-seconds: 3600 |
| - name: Set Up Cluster |
| id: setup_cluster |
| env: |
| ENOS_VAR_ui_run_tests: false |
| # Continue once and retry to handle occasional blips when creating infrastructure. |
| continue-on-error: true |
| run: enos scenario launch --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} |
| - name: Retry Set Up Cluster |
| id: setup_cluster_retry |
| if: steps.setup_cluster.outcome == 'failure' |
| env: |
| ENOS_VAR_ui_run_tests: false |
| run: enos scenario launch --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} |
| - name: Run UI Tests |
| id: run_ui_tests |
| env: |
| ENOS_VAR_ui_test_filter: "${{ inputs.test_filter }}" |
| run: enos scenario run --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} |
| - name: Ensure scenario has been destroyed |
| if: ${{ always() }} |
| run: enos scenario destroy --timeout 60m0s --chdir ./enos ui edition:${{ needs.get-metadata.outputs.vault_edition }} backend:${{ inputs.storage_backend }} |
| - name: Clean up Enos runtime directories |
| if: ${{ always() }} |
| run: | |
| rm -rf /tmp/enos* |
| rm -rf ./enos/support |
| rm -rf ./enos/.enos |