Skip to content

test-command

test-command #266

Workflow file for this run

name: Pull Request Test Handler
on:
repository_dispatch:
types:
- test-command
jobs:
public_active_active:
name: Run tf-test on Public Active/Active
if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'public-active-active') }}
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
env:
WORK_DIR_PATH: ./tests/public-active-active
K6_WORK_DIR_PATH: ./tests/tfe-load-test
steps:
- name: Create URL to the run output
id: vars
run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
# Checkout the branch of the pull request being tested
- name: Checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }}
ref: ${{ github.event.client_payload.pull_request.head.sha }}
token: ${{ secrets.GITHUB_TOKEN }}
persist-credentials: false
# Checkout the hashicorp/tfe-load-test repository
- name: Checkout TFE Load Test
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
path: ${{ env.K6_WORK_DIR_PATH }}
repository: hashicorp/tfe-load-test
token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }}
persist-credentials: false
- name: Install required tools
working-directory: ${{ env.K6_WORK_DIR_PATH }}
env:
K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz
run: |
sudo apt-get install jq
curl -L $K6_URL | tar -xz --strip-components=1
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
cli_config_credentials_hostname: 'app.terraform.io'
cli_config_credentials_token: ${{ secrets.PUBLIC_ACTIVE_ACTIVE_TFC_TOKEN }}
terraform_version: 1.0.9
terraform_wrapper: true
# Run Terraform commands between these comments vvv
- name: Terraform Init
id: init
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform init -input=false -no-color
- name: Terraform Validate
id: validate
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform validate -no-color
- name: Write GitHub Actions runner CIDR to Terraform Variables
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
echo "iact_subnet_list = [\"$( dig +short @resolver1.opendns.com myip.opendns.com )/32\"]" > github.auto.tfvars
- name: Terraform Apply
id: apply
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform apply -auto-approve -input=false -no-color
- name: Retrieve Health Check URL
id: retrieve-health-check-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw health_check_url
- name: Wait For TFE
id: wait-for-tfe
timeout-minutes: 15
env:
HEALTH_CHECK_URL: ${{ steps.retrieve-health-check-url.outputs.stdout }}
run: |
echo "Curling \`health_check_url\` for a return status of 200..."
while ! curl -sfS --max-time 15 "$HEALTH_CHECK_URL"; do sleep 5; done
- name: Retrieve TFE URL
id: retrieve-tfe-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw tfe_url
- name: Retrieve IACT URL
id: retrieve-iact-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw iact_url
- name: Retrieve IACT
id: retrieve-iact
env:
IACT_URL: ${{ steps.retrieve-iact-url.outputs.stdout }}
run: |
token=$(curl --fail --retry 5 --verbose "$IACT_URL")
echo "::set-output name=token::$token"
- name: Retrieve Initial Admin User URL
id: retrieve-initial-admin-user-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw initial_admin_user_url
- name: Create Admin in TFE
id: create-admin
env:
TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }}
IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }}
IACT: ${{ steps.retrieve-iact.outputs.token }}
run: |
echo \
'{"username": "test", "email": "[email protected]", "password": "$TFE_PASSWORD"}' \
> ./payload.json
response=$( \
curl \
--fail \
--retry 5 \
--verbose \
--header 'Content-Type: application/json' \
--data @./payload.json \
"$IAU_URL"?token="$IACT")
echo "::set-output name=response::$response"
- name: Retrieve Admin Token
id: retrieve-admin-token
env:
RESPONSE: ${{ steps.create-admin.outputs.response }}
run: |
token=$(echo "$RESPONSE" | jq --raw-output '.token')
echo "::set-output name=token::$token"
- name: Run k6 Smoke Test
id: run-smoke-test
working-directory: ${{ env.K6_WORK_DIR_PATH }}
env:
K6_PATHNAME: "./k6"
TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}"
TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}"
TFE_EMAIL: [email protected]
run: |
make smoke-test
- name: Terraform Destroy
id: destroy
if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }}
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform destroy -auto-approve -input=false -no-color
# Run Terraform commands between these comments ^^^
- name: Update comment
if: ${{ always() }}
uses: peter-evans/create-or-update-comment@67dcc547d311b736a8e6c5c236542148a47adc3d # v2.1.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
body: |
${{ format('### {0} Terraform Public Active/Active Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }}
${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }}
${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }}
private_active_active:
name: Run tf-test on Private Active/Active
if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'private-active-active') }}
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
env:
WORK_DIR_PATH: ./tests/private-active-active
K6_WORK_DIR_PATH: ./tests/tfe-load-test
steps:
- name: Create URL to the run output
id: vars
run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
# Checkout the branch of the pull request being tested
- name: Checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }}
ref: ${{ github.event.client_payload.pull_request.head.sha }}
token: ${{ secrets.GITHUB_TOKEN }}
persist-credentials: false
# Checkout the hashicorp/tfe-load-test repository
- name: Checkout TFE Load Test
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
path: ${{ env.K6_WORK_DIR_PATH }}
repository: hashicorp/tfe-load-test
token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }}
persist-credentials: false
- name: Install required tools
working-directory: ${{ env.K6_WORK_DIR_PATH }}
env:
K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz
run: |
sudo apt-get install jq
curl -L $K6_URL | tar -xz --strip-components=1
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
cli_config_credentials_hostname: 'app.terraform.io'
cli_config_credentials_token: ${{ secrets.PRIVATE_ACTIVE_ACTIVE_TFC_TOKEN }}
terraform_version: 1.0.9
terraform_wrapper: true
# Run Terraform commands between these comments vvv
- name: Terraform Init
id: init
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform init -input=false -no-color
- name: Terraform Validate
id: validate
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform validate -no-color
- name: Write GitHub Actions runner CIDR to Terraform Variables
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
echo "network_allow_range = \"$( dig +short @resolver1.opendns.com myip.opendns.com )/32\"" > github.auto.tfvars
- name: Terraform Apply
id: apply
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform apply -auto-approve -input=false -no-color
- name: Retrieve Health Check URL
id: retrieve-health-check-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw health_check_url
- name: Retrieve Bastion FQDN
id: retrieve-bastion-fqdn
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw bastion_fqdn
- name: Write Private SSH Key
env:
SSH_KEY_BASE64: ${{ secrets.PRIVATE_ACTIVE_ACTIVE_BASTION_SSH_KEY_BASE64 }}
run: |
echo "$SSH_KEY_BASE64" | base64 --decode > ./ssh-key.pem
chmod 0400 ./ssh-key.pem
- name: Start SOCKS5 Proxy
env:
INSTANCE_FQDN: ${{ steps.retrieve-bastion-fqdn.outputs.stdout }}
run: |
ssh \
-o 'BatchMode yes' \
-o 'StrictHostKeyChecking accept-new' \
-i ./ssh-key.pem \
-f -N -p 22 -D localhost:5000 \
bastionuser@"$INSTANCE_FQDN"
- name: Wait For TFE
id: wait-for-tfe
timeout-minutes: 25
env:
HEALTH_CHECK_URL: ${{ steps.retrieve-health-check-url.outputs.stdout }}
run: |
echo "Curling \`health_check_url\` for a return status of 200..."
while ! curl \
-sfS --max-time 5 --proxy socks5://localhost:5000 \
$HEALTH_CHECK_URL; \
do sleep 5; done
- name: Retrieve TFE URL
id: retrieve-tfe-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw tfe_url
- name: Retrieve IACT URL
id: retrieve-iact-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw iact_url
- name: Retrieve IACT
id: retrieve-iact
env:
IACT_URL: ${{ steps.retrieve-iact-url.outputs.stdout }}
run: |
token=$(curl --fail --retry 5 --verbose --proxy socks5://localhost:5000 "$IACT_URL")
echo "::set-output name=token::$token"
- name: Retrieve Initial Admin User URL
id: retrieve-initial-admin-user-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw initial_admin_user_url
- name: Create Admin in TFE
id: create-admin
env:
TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }}
IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }}
IACT_TOKEN: ${{ steps.retrieve-iact.outputs.token }}
run: |
echo \
'{"username": "test", "email": "[email protected]", "password": "$TFE_PASSWORD"}' \
> ./payload.json
response=$( \
curl \
--fail \
--retry 5 \
--verbose \
--header 'Content-Type: application/json' \
--data @./payload.json \
--proxy socks5://localhost:5000 \
"$IAU_URL"?token="$IACT_TOKEN")
echo "::set-output name=response::$response"
- name: Retrieve Admin Token
id: retrieve-admin-token
env:
RESPONSE: ${{ steps.create-admin.outputs.response }}
run: |
token=$(echo "$RESPONSE" | jq --raw-output '.token')
echo "::set-output name=token::$token"
- name: Run k6 Smoke Test
id: run-smoke-test
working-directory: ${{ env.K6_WORK_DIR_PATH }}
env:
K6_PATHNAME: "./k6"
TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}"
TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}"
TFE_EMAIL: [email protected]
http_proxy: socks5://localhost:5000/
https_proxy: socks5://localhost:5000/
run: |
make smoke-test
- name: Terraform Destroy
id: destroy
if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }}
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform destroy -auto-approve -input=false -no-color
# Run Terraform commands between these comments ^^^
- name: Update comment
if: ${{ always() }}
uses: peter-evans/create-or-update-comment@67dcc547d311b736a8e6c5c236542148a47adc3d # v2.1.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
body: |
${{ format('### {0} Terraform Private Active/Active Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }}
${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }}
${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }}
private_tcp_active_active:
name: Run tf-test on Private TCP Active/Active
if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'private-tcp-active-active') }}
runs-on: ubuntu-latest
permissions:
contents: read
pull-requests: write
env:
WORK_DIR_PATH: ./tests/private-tcp-active-active
K6_WORK_DIR_PATH: ./tests/tfe-load-test
steps:
- name: Create URL to the run output
id: vars
run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID
# Checkout the branch of the pull request being tested
- name: Checkout
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }}
ref: ${{ github.event.client_payload.pull_request.head.sha }}
token: ${{ secrets.GITHUB_TOKEN }}
persist-credentials: false
# Checkout the hashicorp/tfe-load-test repository
- name: Checkout TFE Load Test
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
with:
path: ${{ env.K6_WORK_DIR_PATH }}
repository: hashicorp/tfe-load-test
token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }}
persist-credentials: false
- name: Install required tools
working-directory: ${{ env.K6_WORK_DIR_PATH }}
env:
K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz
run: |
sudo apt-get install jq
curl -L $K6_URL | tar -xz --strip-components=1
- name: Setup Terraform
uses: hashicorp/setup-terraform@v1
with:
cli_config_credentials_hostname: 'app.terraform.io'
cli_config_credentials_token: ${{ secrets.PRIVATE_TCP_ACTIVE_ACTIVE_TFC_TOKEN }}
terraform_version: 1.0.9
terraform_wrapper: true
# Run Terraform commands between these comments vvv
- name: Terraform Init
id: init
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform init -input=false -no-color
- name: Terraform Validate
id: validate
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform validate -no-color
- name: Write GitHub Actions runner CIDR to Terraform Variables
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
echo "network_allow_range = \"$( dig +short @resolver1.opendns.com myip.opendns.com )/32\"" > github.auto.tfvars
- name: Terraform Apply
id: apply
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform apply -auto-approve -input=false -no-color
- name: Retrieve Health Check URL
id: retrieve-health-check-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw health_check_url
- name: Retrieve Bastion FQDN
id: retrieve-bastion-fqdn
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw bastion_fqdn
- name: Write Private SSH Key
env:
SSH_KEY_BASE64: ${{ secrets.PRIVATE_TCP_ACTIVE_ACTIVE_BASTION_SSH_KEY_BASE64 }}
run: |
echo "$SSH_KEY_BASE64" | base64 --decode > ./ssh-key.pem
chmod 0400 ./ssh-key.pem
- name: Start SOCKS5 Proxy
env:
INSTANCE_FQDN: ${{ steps.retrieve-bastion-fqdn.outputs.stdout }}
run: |
ssh \
-o 'BatchMode yes' \
-o 'StrictHostKeyChecking accept-new' \
-i ./ssh-key.pem \
-f -N -p 22 -D localhost:5000 \
bastionuser@"$INSTANCE_FQDN"
- name: Wait For TFE
id: wait-for-tfe
timeout-minutes: 25
env:
HEALTH_CHECK_URL: ${{ steps.retrieve-health-check-url.outputs.stdout }}
run: |
echo "Curling \`health_check_url\` for a return status of 200..."
while ! curl \
-sfS --max-time 5 --proxy socks5://localhost:5000 \
$HEALTH_CHECK_URL; \
do sleep 5; done
- name: Retrieve TFE URL
id: retrieve-tfe-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw tfe_url
- name: Retrieve IACT URL
id: retrieve-iact-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw iact_url
- name: Retrieve IACT
id: retrieve-iact
env:
IACT_URL: ${{ steps.retrieve-iact-url.outputs.stdout }}
run: |
token=$(curl --fail --retry 5 --verbose --proxy socks5://localhost:5000 "$IACT_URL")
echo "::set-output name=token::$token"
- name: Retrieve Initial Admin User URL
id: retrieve-initial-admin-user-url
working-directory: ${{ env.WORK_DIR_PATH }}
run: |
terraform output -no-color -raw initial_admin_user_url
- name: Create Admin in TFE
id: create-admin
env:
TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }}
IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }}
IACT_TOKEN: ${{ steps.retrieve-iact.outputs.token }}
run: |
echo \
'{"username": "test", "email": "[email protected]", "password": "$TFE_PASSWORD"}' \
> ./payload.json
response=$( \
curl \
--fail \
--retry 5 \
--verbose \
--header 'Content-Type: application/json' \
--data @./payload.json \
--proxy socks5://localhost:5000 \
"$IAU_URL"?token="$IACT_TOKEN")
echo "::set-output name=response::$response"
- name: Retrieve Admin Token
id: retrieve-admin-token
env:
RESPONSE: ${{ steps.create-admin.outputs.response }}
run: |
token=$(echo "$RESPONSE" | jq --raw-output '.token')
echo "::set-output name=token::$token"
- name: Run k6 Smoke Test
id: run-smoke-test
working-directory: ${{ env.K6_WORK_DIR_PATH }}
env:
K6_PATHNAME: "./k6"
TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}"
TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}"
TFE_EMAIL: [email protected]
http_proxy: socks5://localhost:5000/
https_proxy: socks5://localhost:5000/
run: |
make smoke-test
- name: Terraform Destroy
id: destroy
if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }}
working-directory: ${{ env.WORK_DIR_PATH }}
run: terraform destroy -auto-approve -input=false -no-color
# Run Terraform commands between these comments ^^^
- name: Update comment
if: ${{ always() }}
uses: peter-evans/create-or-update-comment@67dcc547d311b736a8e6c5c236542148a47adc3d # v2.1.1
with:
token: ${{ secrets.GITHUB_TOKEN }}
repository: ${{ github.event.client_payload.github.payload.repository.full_name }}
comment-id: ${{ github.event.client_payload.github.payload.comment.id }}
body: |
${{ format('### {0} Terraform Private TCP Active/Active Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }}
${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }}
${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }}
${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }}