From 31342e209a18cf6d3c667a0926a8ddbb479ceade Mon Sep 17 00:00:00 2001 From: Annie Hedgpeth <18335499+anniehedgpeth@users.noreply.github.com> Date: Fri, 3 Nov 2023 16:48:24 -0600 Subject: [PATCH] Use reusable workflows (#275) * use rhel 8 in tests * add more to no proxy * use reusable workflows --- .github/workflows/handler-destroy.yml | 631 ++++------- .github/workflows/handler-help.yml | 27 +- .github/workflows/handler-test.yml | 1314 ++++------------------- locals.tf | 8 +- tests/private-active-active/data.tf | 2 +- tests/private-tcp-active-active/data.tf | 2 +- 6 files changed, 433 insertions(+), 1551 deletions(-) diff --git a/.github/workflows/handler-destroy.yml b/.github/workflows/handler-destroy.yml index 14059553..820336e1 100644 --- a/.github/workflows/handler-destroy.yml +++ b/.github/workflows/handler-destroy.yml @@ -13,449 +13,202 @@ env: jobs: public_active_active: - name: Destroy resources from Public Active/Active - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'public-active-active') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/public-active-active - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.PUBLIC_ACTIVE_ACTIVE_TFC_TOKEN }} - terraform_version: 1.1.7 - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Destroy - id: destroy - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFE_HOSTNAME: ${{ secrets.TFE_HOSTNAME }} - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Public Active/Active Destruction Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') }} + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Public Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active' }} + with: + cloud: Google + test_name: Public Active/Active + is_replicated_deployment: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/public-active-active + utility_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PUBLIC_ACTIVE_ACTIVE_TFC_TOKEN private_active_active: - name: Destroy resources from Private Active/Active - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'private-active-active') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/private-active-active - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.PRIVATE_ACTIVE_ACTIVE_TFC_TOKEN }} - terraform_version: 1.1.7 - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - cat < github.auto.tfvars - iact_subnet_list = ["( dig +short @resolver1.opendns.com myip.opendns.com )/32"] - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Destroy - id: destroy - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Private Active/Active Destruction Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') }} + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active' }} + with: + cloud: Google + test_name: Private Active/Active + utility_test: false + is_replicated_deployment: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-active-active + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_ACTIVE_ACTIVE_TFC_TOKEN private_tcp_active_active: - name: Destroy resources from Private TCP Active/Active - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'private-tcp-active-active') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/private-active-active - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.PRIVATE_TCP_ACTIVE_ACTIVE_TFC_TOKEN }} - terraform_version: 1.1.7 - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Destroy - id: destroy - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Private TCP Active/Active Destruction Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - standalone_mounted_disk: - name: Destroy resources from Standalone Mounted Disk - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'standalone-mounted-disk') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/standalone-mounted-disk - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Create Terraform Backend to google-standalone-mounted-disk TFC Workspace - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFC_ORGANIZATION: ${{ secrets.TFC_ORGANIZATION }} - run: | - cat < backend.tf - terraform { - backend "remote" { - organization = "$TFC_ORGANIZATION" - workspaces { - name = "google-standalone-mounted-disk" - } - } - } - EOF - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.STANDALONE_MOUNTED_DISK_TFC_TOKEN }} - terraform_version: 1.1.7 - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Destroy - id: destroy - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Standalone Mounted Disk Destruction Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') }} + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private TCP Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active' }} + with: + cloud: Google + test_name: Private TCP Active/Active + utility_test: false + is_replicated_deployment: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-tcp-active-active + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_TCP_ACTIVE_ACTIVE_TFC_TOKEN standalone_external_rhel8_worker: - name: Destroy resources from Standalone External RHEL8 Worker - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'standalone-external-rhel8-worker') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/standalone-external-rhel8-worker - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Create Terraform Backend to google-standalone-external-rhel8-worker TFC Workspace - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFC_ORGANIZATION: ${{ secrets.TFC_ORGANIZATION }} - run: | - cat < backend.tf - terraform { - backend "remote" { - organization = "$TFC_ORGANIZATION" - workspaces { - name = "google-standalone-external-rhel8-worker" - } - } - } - EOF - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.STANDALONE_EXTERNAL_RHEL8_WORKER_TFC_TOKEN }} - terraform_version: 1.1.7 - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone External Rhel8 Worker + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external-rhel8-worker' }} + with: + cloud: Google + test_name: Standalone External Rhel8 Worker + is_replicated_deployment: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-external-rhel8-worker + utility_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_EXTERNAL_RHEL8_WORKER_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-external-rhel8-worker"\n\ + }\n\ + }\n/' - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Destroy - id: destroy - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Standalone External RHEL8 Worker Destruction Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') }} + standalone_mounted_disk: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone Mounted Disk + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk' }} + with: + cloud: Google + test_name: Standalone Mounted Disk + is_replicated_deployment: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-mounted-disk + utility_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_MOUNTED_DISK_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-mounted-disk"\n\ + }\n\ + }\n/' + + public_active_active_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Public Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active-replicated' }} + with: + cloud: Google + test_name: Public Active/Active + is_replicated_deployment: true + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/public-active-active + utility_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PUBLIC_ACTIVE_ACTIVE_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: s/google-public-active-active/google-public-active-active-replicated/ + + private_active_active_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active-replicated' }} + with: + cloud: Google + test_name: Private Active/Active + utility_test: false + is_replicated_deployment: true + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-active-active + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_ACTIVE_ACTIVE_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: s/google-private-active-active/google-private-active-active-replicated/ + + private_tcp_active_active_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private TCP Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active-replicated' }} + with: + cloud: Google + test_name: Private TCP Active/Active + utility_test: false + is_replicated_deployment: true + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-tcp-active-active + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_TCP_ACTIVE_ACTIVE_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: s/google-private-tcp-active-active/google-private-tcp-active-active-replicated/ + + standalone_external_rhel8_worker_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone External Rhel8 Worker + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external-rhel8-worker-replicated' }} + with: + cloud: Google + test_name: Standalone External Rhel8 Worker + is_replicated_deployment: true + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-external-rhel8-worker + utility_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_EXTERNAL_RHEL8_WORKER_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-external-rhel8-worker-replicated"\n\ + }\n\ + }\n/' + + standalone_mounted_disk_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/destroy.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone Mounted Disk + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk-replicated' }} + with: + cloud: Google + test_name: Standalone Mounted Disk + is_replicated_deployment: true + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-mounted-disk + utility_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_MOUNTED_DISK_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-mounted-disk-replicated"\n\ + }\n\ + }\n/' diff --git a/.github/workflows/handler-help.yml b/.github/workflows/handler-help.yml index 8370318b..7735d83f 100644 --- a/.github/workflows/handler-help.yml +++ b/.github/workflows/handler-help.yml @@ -24,13 +24,20 @@ jobs: > | /test [destroy=false] | Run the Terraform test workflow on the modules in the tests/ directory. Unnamed arguments can be "all" to run all test cases or specific test case names to only run selected cases. The named argument "destroy=false" will disable the destruction of test infrastructure for debugging purposes. | > | /destroy | Destroy any resources that may still be in Terraform state from previous tests. Unnamed arguments can be "all" to destroy all resources from all test cases or specific test case names to only destroy selected test case resources. | > | /help | Shows this help message | - - ## Test Case Names - - * private-active-active - * private-tcp-active-active - * public-active-active - * standalone-mounted-disk - * standalone-external-rhel8-worker - - reaction-type: confused + > | + > | ## Test Case Names + > | + > | ### FDO + > | * private-active-active + > | * private-tcp-active-active + > | * public-active-active + > | * standalone-mounted-disk + > | * standalone-external-rhel8-worker + > | + > | ### Replicated + > | * private-active-active-replicated + > | * private-tcp-active-active-replicated + > | * public-active-active-replicated + > | * standalone-mounted-disk-replicated + > | * standalone-external-rhel8-worker-replicated + reactions: confused diff --git a/.github/workflows/handler-test.yml b/.github/workflows/handler-test.yml index e1114e53..fddb3e7d 100644 --- a/.github/workflows/handler-test.yml +++ b/.github/workflows/handler-test.yml @@ -13,1106 +13,222 @@ env: jobs: public_active_active: - name: Run tf-test on Public Active/Active - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'public-active-active')}} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/public-active-active - K6_WORK_DIR_PATH: ./tests/tfe-load-test - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Checkout TFE Load Test - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - path: ${{ env.K6_WORK_DIR_PATH }} - repository: hashicorp/tfe-load-test - token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }} - persist-credentials: false - - - name: Install required tools - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz - run: | - sudo apt-get install jq - curl -L $K6_URL | tar -xz --strip-components=1 - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.PUBLIC_ACTIVE_ACTIVE_TFC_TOKEN }} - terraform_version: 1.1.7 - terraform_wrapper: true - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Validate - id: validate - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform validate -no-color - - - name: Terraform Apply - id: apply - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform apply -auto-approve -input=false -no-color - - - name: Retrieve Health Check URL - id: retrieve-health-check-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw health_check_url - - - name: Wait For TFE - id: wait-for-tfe - timeout-minutes: 25 - run: | - echo "Curling \`health_check_url\` for a return status of 200..." - while ! curl -sfS --max-time 5 "${{ steps.retrieve-health-check-url.outputs.stdout }}"; do sleep 5; done - - - name: Retrieve TFE URL - id: retrieve-tfe-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw tfe_url - - - name: Retrieve IACT URL - id: retrieve-iact-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw iact_url - - - name: Retrieve IACT - id: retrieve-iact - run: | - token=$(curl --fail --retry 15 --verbose "${{ steps.retrieve-iact-url.outputs.stdout }}") - echo "::set-output name=token::$token" - - - name: Retrieve Initial Admin User URL - id: retrieve-initial-admin-user-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw initial_admin_user_url - - - name: Create Admin in TFE - id: create-admin - env: - TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }} - IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }} - IACT: ${{ steps.retrieve-iact.outputs.token }} - run: | - echo \ - '{"username": "test", "email": "tf-onprem-team@hashicorp.com", "password": "$TFE_PASSWORD"}' \ - > ./payload.json - response=$( \ - curl \ - --fail \ - --retry 15 \ - --verbose \ - --header 'Content-Type: application/json' \ - --data @./payload.json \ - "$IAU_URL"?token="$IACT") - echo "::set-output name=response::$response" - - - name: Retrieve Admin Token - id: retrieve-admin-token - env: - RESPONSE: ${{ steps.create-admin.outputs.response }} - run: | - token=$(echo "$RESPONSE" | jq --raw-output '.token') - echo "::set-output name=token::$token" - - - name: Run k6 Smoke Test - id: run-smoke-test - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_PATHNAME: "./k6" - TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}" - TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}" - TFE_EMAIL: tf-onprem-team@hashicorp.com - run: | - make smoke-test - - - name: Terraform Destroy - id: destroy - if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }} - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFE_HOSTNAME: ${{ secrets.TFE_HOSTNAME }} - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Public Active/Active Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }} + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Public Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active' }} + with: + test_name: Public Active/Active + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/public-active-active + k6_work_dir: ./tests/tfe-load-test + utility_test: false + is_replicated_deployment: false + enable_iact_subnet_list: true + private_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PUBLIC_ACTIVE_ACTIVE_TFC_TOKEN private_active_active: - name: Run tf-test on Private Active/Active - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'private-active-active') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/private-active-active - K6_WORK_DIR_PATH: ./tests/tfe-load-test - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Checkout TFE Load Test - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - path: ${{ env.K6_WORK_DIR_PATH }} - repository: hashicorp/tfe-load-test - token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }} - persist-credentials: false - - - name: Install required tools - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz - run: | - sudo apt-get install jq - curl -L $K6_URL | tar -xz --strip-components=1 - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.PRIVATE_ACTIVE_ACTIVE_TFC_TOKEN }} - terraform_version: 1.1.7 - terraform_wrapper: true - - - name: Authenticate to GCP - id: auth - uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # v1.1.1 - with: - credentials_json: ${{ secrets.GCP_TUNNELING_CREDENTIALS }} - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - cat < github.auto.tfvars - iact_subnet_list = ["( dig +short @resolver1.opendns.com myip.opendns.com )/32"] - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Validate - id: validate - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform validate -no-color - - - name: Terraform Apply - id: apply - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform apply -auto-approve -input=false -no-color - - - name: Retrieve Health Check URL - id: retrieve-health-check-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw health_check_url - - - name: Retrieve Instance Name - id: retrieve-instance-name - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw proxy_instance_name - - - name: Retrieve Instance Zone - id: retrieve-instance-zone - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw proxy_instance_zone - - - name: Increasing the TCP Upload Bandwidth - id: increasing-the-tcp-upload-bandwidth-paa - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - $(gcloud info --format="value(basic.python_location)") -m pip install numpy - export CLOUDSDK_PYTHON_SITEPACKAGES=1 - - - name: Start SOCKS5 Proxy - env: - INSTANCE_NAME: ${{ steps.retrieve-instance-name.outputs.stdout }} - INSTANCE_ZONE: ${{ steps.retrieve-instance-zone.outputs.stdout }} - run: | - gcloud compute ssh \ - --quiet \ - --ssh-key-expire-after="1440m" \ - --tunnel-through-iap \ - --zone="$INSTANCE_ZONE" \ - "$INSTANCE_NAME" \ - -- -f -N -p 22 -D localhost:5000 - - - name: Wait For TFE - id: wait-for-tfe - timeout-minutes: 25 - env: - HEALTH_CHECK_URL: ${{ steps.retrieve-health-check-url.outputs.stdout }} - run: | - echo "Curling \`health_check_url\` for a return status of 200..." - while ! curl \ - -sfS --max-time 5 --proxy socks5://localhost:5000 \ - $HEALTH_CHECK_URL; \ - do sleep 5; done - - - name: Retrieve TFE URL - id: retrieve-tfe-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw tfe_url - - - name: Retrieve IACT URL - id: retrieve-iact-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw iact_url - - - name: Retrieve IACT - id: retrieve-iact - run: | - token=$(curl --fail --retry 15 --verbose --proxy socks5://localhost:5000 "${{ steps.retrieve-iact-url.outputs.stdout }}") - echo "::set-output name=token::$token" - - - name: Retrieve Initial Admin User URL - id: retrieve-initial-admin-user-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw initial_admin_user_url - - - name: Create Admin in TFE - id: create-admin - env: - TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }} - IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }} - IACT_TOKEN: ${{ steps.retrieve-iact.outputs.token }} - run: | - echo \ - '{"username": "test", "email": "tf-onprem-team@hashicorp.com", "password": "$TFE_PASSWORD"}' \ - > ./payload.json - response=$( \ - curl \ - --fail \ - --retry 15 \ - --verbose \ - --header 'Content-Type: application/json' \ - --data @./payload.json \ - --proxy socks5://localhost:5000 \ - "$IAU_URL"?token="$IACT_TOKEN") - echo "::set-output name=response::$response" - - - name: Retrieve Admin Token - id: retrieve-admin-token - env: - RESPONSE: ${{ steps.create-admin.outputs.response }} - run: | - token=$(echo "$RESPONSE" | jq --raw-output '.token') - echo "::set-output name=token::$token" - - - name: Run k6 Smoke Test - id: run-smoke-test - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_PATHNAME: "./k6" - TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}" - TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}" - TFE_EMAIL: tf-onprem-team@hashicorp.com - http_proxy: socks5://localhost:5000/ - https_proxy: socks5://localhost:5000/ - run: | - make smoke-test - - - name: Terraform Destroy - id: destroy - if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }} - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Private Active/Active Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }} + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active' }} + with: + test_name: Private Active/Active + utility_test: false + is_replicated_deployment: false + enable_iact_subnet_list: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-active-active + k6_work_dir: ./tests/tfe-load-test + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_ACTIVE_ACTIVE_TFC_TOKEN + private_test: true private_tcp_active_active: - name: Run tf-test on Private TCP Active/Active - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'private-tcp-active-active') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/private-tcp-active-active - K6_WORK_DIR_PATH: ./tests/tfe-load-test - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Checkout TFE Load Test - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - path: ${{ env.K6_WORK_DIR_PATH }} - repository: hashicorp/tfe-load-test - token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }} - persist-credentials: false - - - name: Install required tools - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz - run: | - sudo apt-get install jq - curl -L $K6_URL | tar -xz --strip-components=1 - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.PRIVATE_TCP_ACTIVE_ACTIVE_TFC_TOKEN }} - terraform_version: 1.1.7 - terraform_wrapper: true - - - name: Authenticate to GCP - id: auth - uses: google-github-actions/auth@35b0e87d162680511bf346c299f71c9c5c379033 # v1.1.1 - with: - credentials_json: ${{ secrets.GCP_TUNNELING_CREDENTIALS }} - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Validate - id: validate - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform validate -no-color - - - name: Terraform Apply - id: apply - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform apply -auto-approve -input=false -no-color - - - name: Retrieve Health Check URL - id: retrieve-health-check-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw health_check_url - - - name: Retrieve Instance Name - id: retrieve-instance-name - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw proxy_instance_name - - - name: Retrieve Instance Zone - id: retrieve-instance-zone - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw proxy_instance_zone - - - - name: Increasing the TCP Upload Bandwidth - id: increasing-the-tcp-upload-bandwidth-ptaa - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - $(gcloud info --format="value(basic.python_location)") -m pip install numpy - export CLOUDSDK_PYTHON_SITEPACKAGES=1 - - - name: Start SOCKS5 Proxy - env: - INSTANCE_NAME: ${{ steps.retrieve-instance-name.outputs.stdout }} - INSTANCE_ZONE: ${{ steps.retrieve-instance-zone.outputs.stdout }} - run: | - gcloud compute ssh \ - --quiet \ - --ssh-key-expire-after="1440m" \ - --tunnel-through-iap \ - --zone="$INSTANCE_ZONE" \ - "$INSTANCE_NAME" \ - -- \ - -o 'ServerAliveInterval 5' \ - -o 'ServerAliveCountMax 3' \ - -f -N -p 22 -D localhost:5000 - - - name: Wait For TFE - id: wait-for-tfe - timeout-minutes: 25 - env: - HEALTH_CHECK_URL: ${{ steps.retrieve-health-check-url.outputs.stdout }} - run: | - echo "Curling \`health_check_url\` for a return status of 200..." - while ! curl \ - -sfS --max-time 5 --proxy socks5://localhost:5000 \ - $HEALTH_CHECK_URL; \ - do sleep 5; done - - - name: Retrieve TFE URL - id: retrieve-tfe-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw tfe_url - - - name: Retrieve IACT URL - id: retrieve-iact-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw iact_url - - - name: Retrieve IACT - id: retrieve-iact - run: | - token=$(curl --fail --retry 15 --verbose --proxy socks5://localhost:5000 "${{ steps.retrieve-iact-url.outputs.stdout }}") - echo "::set-output name=token::$token" - - - name: Retrieve Initial Admin User URL - id: retrieve-initial-admin-user-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw initial_admin_user_url - - - name: Create Admin in TFE - id: create-admin - env: - TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }} - IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }} - IACT_TOKEN: ${{ steps.retrieve-iact.outputs.token }} - run: | - echo \ - '{"username": "test", "email": "tf-onprem-team@hashicorp.com", "password": "$TFE_PASSWORD"}' \ - > ./payload.json - response=$( \ - curl \ - --fail \ - --retry 5 \ - --verbose \ - --header 'Content-Type: application/json' \ - --data @./payload.json \ - --proxy socks5://localhost:5000 \ - "$IAU_URL"?token="$IACT_TOKEN") - echo "::set-output name=response::$response" - - - name: Retrieve Admin Token - id: retrieve-admin-token - env: - RESPONSE: ${{ steps.create-admin.outputs.response }} - run: | - token=$(echo "$RESPONSE" | jq --raw-output '.token') - echo "::set-output name=token::$token" - - - name: Run k6 Smoke Test - id: run-smoke-test - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_PATHNAME: "./k6" - TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}" - TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}" - TFE_EMAIL: tf-onprem-team@hashicorp.com - http_proxy: socks5://localhost:5000/ - https_proxy: socks5://localhost:5000/ - run: | - make smoke-test - - - name: Terraform Destroy - id: destroy - if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }} - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Private TCP Active/Active Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }} - - standalone-mounted-disk: - name: Run tf-test on Standalone Mounted Disk - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'standalone-mounted-disk') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/standalone-mounted-disk - K6_WORK_DIR_PATH: ./tests/tfe-load-test - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Create Terraform Backend to google-standalone-mounted-disk TFC Workspace - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFC_ORGANIZATION: ${{ secrets.TFC_ORGANIZATION }} - run: | - cat < backend.tf - terraform { - backend "remote" { - organization = "$TFC_ORGANIZATION" - workspaces { - name = "google-standalone-mounted-disk" - } - } - } - EOF - - - name: Checkout TFE Load Test - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - path: ${{ env.K6_WORK_DIR_PATH }} - repository: hashicorp/tfe-load-test - token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }} - persist-credentials: false - - - name: Install required tools - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz - run: | - sudo apt-get install jq - curl -L $K6_URL | tar -xz --strip-components=1 - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.STANDALONE_MOUNTED_DISK_TFC_TOKEN }} - terraform_version: 1.1.7 - terraform_wrapper: true - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Validate - id: validate - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform validate -no-color - - - name: Terraform Apply - id: apply - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform apply -auto-approve -input=false -no-color - - - name: Retrieve Health Check URL - id: retrieve-health-check-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw health_check_url - - - name: Wait For TFE - id: wait-for-tfe - timeout-minutes: 25 - run: | - echo "Curling \`health_check_url\` for a return status of 200..." - while ! curl -sfS --max-time 5 "${{ steps.retrieve-health-check-url.outputs.stdout }}"; do sleep 5; done - - - name: Retrieve TFE URL - id: retrieve-tfe-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw tfe_url - - - name: Retrieve IACT URL - id: retrieve-iact-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw iact_url - - - name: Retrieve IACT - id: retrieve-iact - run: | - token=$(curl --fail --retry 15 --verbose "${{ steps.retrieve-iact-url.outputs.stdout }}") - echo "::set-output name=token::$token" - - - name: Retrieve Initial Admin User URL - id: retrieve-initial-admin-user-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw initial_admin_user_url - - - name: Create Admin in TFE - id: create-admin - env: - TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }} - IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }} - IACT: ${{ steps.retrieve-iact.outputs.token }} - run: | - echo \ - '{"username": "test", "email": "tf-onprem-team@hashicorp.com", "password": "$TFE_PASSWORD"}' \ - > ./payload.json - response=$( \ - curl \ - --fail \ - --retry 15 \ - --verbose \ - --header 'Content-Type: application/json' \ - --data @./payload.json \ - "$IAU_URL"?token="$IACT") - echo "::set-output name=response::$response" - - - name: Retrieve Admin Token - id: retrieve-admin-token - env: - RESPONSE: ${{ steps.create-admin.outputs.response }} - run: | - token=$(echo "$RESPONSE" | jq --raw-output '.token') - echo "::set-output name=token::$token" - - - name: Run k6 Smoke Test - id: run-smoke-test - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_PATHNAME: "./k6" - TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}" - TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}" - TFE_EMAIL: tf-onprem-team@hashicorp.com - run: | - make smoke-test - - - name: Terraform Destroy - id: destroy - if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }} - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFE_HOSTNAME: ${{ secrets.TFE_HOSTNAME }} - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Standalone Mounted Disk Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }} - - standalone-external-rhel8-worker: - name: Run tf-test on Standalone External RHEL8 Worker - if: ${{ contains(github.event.client_payload.slash_command.args.unnamed.all, 'all') || contains(github.event.client_payload.slash_command.args.unnamed.all, 'standalone-external-rhel8-worker') }} - runs-on: ubuntu-latest - permissions: - contents: read - pull-requests: write - env: - WORK_DIR_PATH: ./tests/standalone-external-rhel8-worker - K6_WORK_DIR_PATH: ./tests/tfe-load-test - steps: - - name: Create URL to the run output - id: vars - run: echo ::set-output name=run-url::https://github.com/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID - - - name: Checkout Pull Request Branch - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - repository: ${{ github.event.client_payload.pull_request.head.repo.full_name }} - ref: ${{ github.event.client_payload.pull_request.head.sha }} - token: ${{ secrets.GITHUB_TOKEN }} - persist-credentials: false - - - name: Set Terraform Module Source - working-directory: ${{ env.WORK_DIR_PATH }} - env: - LOGIN: ${{ github.event.client_payload.pull_request.head.repo.owner.login }} - NAME: ${{ github.event.client_payload.pull_request.head.repo.name }} - SHA: ${{ github.event.client_payload.pull_request.head.sha }} - run: | - sed --in-place "s/source = \"..\/..\"/source = \"github.com\/$LOGIN\/$NAME?ref=$SHA\"/" main.tf - sed --in-place "s/source = \"..\/..\/fixtures\/test_proxy\"/source = \"github.com\/$LOGIN\/$NAME\/\/fixtures\/test_proxy?ref=$SHA\"/" main.tf - - - name: Create Terraform Backend to google-standalone-external-rhel8-worker TFC Workspace - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFC_ORGANIZATION: ${{ secrets.TFC_ORGANIZATION }} - run: | - cat < backend.tf - terraform { - backend "remote" { - organization = "$TFC_ORGANIZATION" - workspaces { - name = "google-standalone-external-rhel8-worker" - } - } - } - EOF - - - name: Checkout TFE Load Test - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - with: - path: ${{ env.K6_WORK_DIR_PATH }} - repository: hashicorp/tfe-load-test - token: ${{ secrets.GH_TFE_LOAD_TEST_TOKEN }} - persist-credentials: false - - - name: Install required tools - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_URL: https://github.com/loadimpact/k6/releases/download/v0.31.1/k6-v0.31.1-linux64.tar.gz - run: | - sudo apt-get install jq - curl -L $K6_URL | tar -xz --strip-components=1 - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - with: - cli_config_credentials_hostname: 'app.terraform.io' - cli_config_credentials_token: ${{ secrets.STANDALONE_EXTERNAL_RHEL8_WORKER_TFC_TOKEN }} - terraform_version: 1.1.7 - terraform_wrapper: true - - - name: Set up Cloud SDK - uses: google-github-actions/setup-gcloud@e30db14379863a8c79331b04a9969f4c1e225e0b # v1.1.1 - - - name: Terraform Init - id: init - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform init -input=false -no-color - - - name: Write Terraform Variables - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - iact_subnet=$( dig +short @resolver1.opendns.com myip.opendns.com ) - cat < github.auto.tfvars - iact_subnet_list = ["$iact_subnet/32"] - consolidated_services_enabled = true - tfe = { - hostname = "${{ secrets.TFE_HOSTNAME }}" - organization = "${{ secrets.TFE_ORGANIZATION }}" - token = "${{ secrets.TFE_TOKEN }}" - workspace = "${{ secrets.TFE_WORKSPACE }}" - } - EOF - - - name: Terraform Validate - id: validate - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform validate -no-color - - - name: Terraform Apply - id: apply - working-directory: ${{ env.WORK_DIR_PATH }} - run: terraform apply -auto-approve -input=false -no-color - - - name: Retrieve Health Check URL - id: retrieve-health-check-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw health_check_url - - - name: Wait For TFE - id: wait-for-tfe - timeout-minutes: 25 - run: | - echo "Curling \`health_check_url\` for a return status of 200..." - while ! curl -sfS --max-time 5 "${{ steps.retrieve-health-check-url.outputs.stdout }}"; do sleep 5; done - - - name: Retrieve TFE URL - id: retrieve-tfe-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw tfe_url - - - name: Retrieve IACT URL - id: retrieve-iact-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw iact_url - - - name: Retrieve IACT - id: retrieve-iact - run: | - token=$(curl --fail --retry 15 --verbose "${{ steps.retrieve-iact-url.outputs.stdout }}") - echo "::set-output name=token::$token" - - - name: Retrieve Initial Admin User URL - id: retrieve-initial-admin-user-url - working-directory: ${{ env.WORK_DIR_PATH }} - run: | - terraform output -no-color -raw initial_admin_user_url - - - name: Create Admin in TFE - id: create-admin - env: - TFE_PASSWORD: ${{ secrets.TFE_PASSWORD }} - IAU_URL: ${{ steps.retrieve-initial-admin-user-url.outputs.stdout }} - IACT: ${{ steps.retrieve-iact.outputs.token }} - run: | - echo \ - '{"username": "test", "email": "tf-onprem-team@hashicorp.com", "password": "$TFE_PASSWORD"}' \ - > ./payload.json - response=$( \ - curl \ - --fail \ - --retry 15 \ - --verbose \ - --header 'Content-Type: application/json' \ - --data @./payload.json \ - "$IAU_URL"?token="$IACT") - echo "::set-output name=response::$response" - - - name: Retrieve Admin Token - id: retrieve-admin-token - env: - RESPONSE: ${{ steps.create-admin.outputs.response }} - run: | - token=$(echo "$RESPONSE" | jq --raw-output '.token') - echo "::set-output name=token::$token" - - - name: Run k6 Smoke Test - id: run-smoke-test - working-directory: ${{ env.K6_WORK_DIR_PATH }} - env: - K6_PATHNAME: "./k6" - TFE_URL: "${{ steps.retrieve-tfe-url.outputs.stdout }}" - TFE_API_TOKEN: "${{ steps.retrieve-admin-token.outputs.token }}" - TFE_EMAIL: tf-onprem-team@hashicorp.com - run: | - make smoke-test - - - name: Terraform Destroy - id: destroy - if: ${{ always() && github.event.client_payload.slash_command.args.named.destroy != 'false' }} - working-directory: ${{ env.WORK_DIR_PATH }} - env: - TFE_HOSTNAME: ${{ secrets.TFE_HOSTNAME }} - TFE_TOKEN: ${{ secrets.TFE_TOKEN }} - run: terraform destroy -auto-approve -input=false -no-color - - - name: Update comment - if: ${{ always() }} - uses: peter-evans/create-or-update-comment@c6c9a1a66007646a28c153e2a8580a5bad27bcfa # v3.0.2 - with: - token: ${{ secrets.GITHUB_TOKEN }} - repository: ${{ github.event.client_payload.github.payload.repository.full_name }} - comment-id: ${{ github.event.client_payload.github.payload.comment.id }} - body: | - ${{ format('### {0} Terraform Standalone External RHEL8 Worker Test Report', job.status == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format(':link: [Action Summary Page]({0})', steps.vars.outputs.run-url) }} - - ${{ format('- {0} Terraform Init', steps.init.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Validate', steps.validate.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Terraform Apply', steps.apply.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ format('- {0} Run k6 Smoke Test', steps.run-smoke-test.outcome == 'success' && ':white_check_mark:' || ':x:') }} - - ${{ github.event.client_payload.slash_command.args.named.destroy != 'false' && format('- {0} Terraform Destroy', steps.destroy.outcome == 'success' && ':white_check_mark:' || ':x:') || '' }} + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private TCP Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active' }} + with: + test_name: Private TCP Active/Active + utility_test: false + is_replicated_deployment: false + enable_iact_subnet_list: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-tcp-active-active + k6_work_dir: ./tests/tfe-load-test + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_TCP_ACTIVE_ACTIVE_TFC_TOKEN + private_test: true + + standalone_external_rhel8_worker: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone External Rhel8 Worker + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external-rhel8-worker' }} + with: + test_name: Standalone External Rhel8 Worker + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-external-rhel8-worker + k6_work_dir: ./tests/tfe-load-test + private_test: false + utility_test: false + is_replicated_deployment: false + enable_iact_subnet_list: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_EXTERNAL_RHEL8_WORKER_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-external-rhel8-worker"\n\ + }\n\ + }\n/' + + standalone_mounted_disk: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone Mounted Disk + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk' }} + with: + test_name: Standalone Mounted Disk + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-mounted-disk + k6_work_dir: ./tests/tfe-load-test + utility_test: false + is_replicated_deployment: false + private_test: false + enable_iact_subnet_list: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_MOUNTED_DISK_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-mounted-disk"\n\ + }\n\ + }\n/' + + public_active_active_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Public Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'public-active-active-replicated' }} + with: + test_name: Public Active/Active + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/public-active-active + k6_work_dir: ./tests/tfe-load-test + utility_test: false + is_replicated_deployment: true + enable_iact_subnet_list: true + private_test: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PUBLIC_ACTIVE_ACTIVE_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: s/google-public-active-active/google-public-active-active-replicated/ + + private_active_active_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-active-active-replicated'}} + with: + test_name: Private Active/Active + utility_test: false + is_replicated_deployment: true + enable_iact_subnet_list: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-active-active + k6_work_dir: ./tests/tfe-load-test + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_ACTIVE_ACTIVE_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: s/google-private-active-active/google-private-active-active-replicated/ + private_test: true + + private_tcp_active_active_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Private TCP Active/Active + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'private-tcp-active-active-replicated' }} + with: + test_name: Private TCP Active/Active + utility_test: false + is_replicated_deployment: true + enable_iact_subnet_list: false + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/private-tcp-active-active + k6_work_dir: ./tests/tfe-load-test + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: PRIVATE_TCP_ACTIVE_ACTIVE_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: s/google-private-tcp-active-active/google-private-tcp-active-active-replicated/ + private_test: true + + standalone_external_rhel8_worker_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone External Rhel8 Worker + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-external-rhel8-worker-replicated'}} + with: + test_name: Standalone External Rhel8 Worker + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-external-rhel8-worker + k6_work_dir: ./tests/tfe-load-test + private_test: false + utility_test: false + is_replicated_deployment: true + enable_iact_subnet_list: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_EXTERNAL_RHEL8_WORKER_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-external-rhel8-worker-replicated"\n\ + }\n\ + }\n/' + + standalone_mounted_disk_replicated: + uses: hashicorp/terraform-random-tfe-utility/.github/workflows/google-tests.yml@ah/tf-8611-gcp-fdo-3 + secrets: inherit + name: Standalone Mounted Disk + if: ${{ github.event.client_payload.slash_command.args.unnamed.all == 'all' || github.event.client_payload.slash_command.args.unnamed.all == 'standalone-mounted-disk-replicated' }} + with: + test_name: Standalone Mounted Disk + module_repository_id: hashicorp/terraform-google-terraform-enterprise + work_dir: ./tests/standalone-mounted-disk + k6_work_dir: ./tests/tfe-load-test + utility_test: false + is_replicated_deployment: true + private_test: false + enable_iact_subnet_list: false + pull_request_repo_name: ${{ github.event.client_payload.github.payload.repository.full_name }} + pull_request_ref: ${{ github.event.client_payload.pull_request.head.sha }} + pull_request_comment_id: ${{ github.event.client_payload.github.payload.comment.id }} + TFC_token_secret_name: STANDALONE_MOUNTED_DISK_REPLICATED_TFC_TOKEN + TFC_workspace_substitution_pattern: 's/terraform {/terraform {\n\ + backend "remote" {\n\ + organization = "terraform-enterprise-modules-test"\n\ + workspaces {\n\ + name = "google-standalone-mounted-disk-replicated"\n\ + }\n\ + }\n/' diff --git a/locals.tf b/locals.tf index 8267649b..8191a059 100644 --- a/locals.tf +++ b/locals.tf @@ -48,7 +48,13 @@ locals { ".subscription.rhn.redhat.com", ".cdn.redhat.com", ".akamaiedge.net", - ".rhel.updates.googlecloud.com" + ".rhel.updates.googlecloud.com", + "metadata.google.internal", + "metadata.google.internal.", + "rhui.googlecloud.com", + "packages.cloud.google.com", + "download.docker.com", + "centos.org", ] : [] hostname = var.dns_create_record ? local.common_fqdn : local.lb_address diff --git a/tests/private-active-active/data.tf b/tests/private-active-active/data.tf index 76b655cb..0aa89281 100644 --- a/tests/private-active-active/data.tf +++ b/tests/private-active-active/data.tf @@ -11,7 +11,7 @@ data "google_dns_managed_zone" "main" { } data "google_compute_image" "rhel" { - name = "rhel-7-v20220519" + name = "rhel-8-v20231010" project = "rhel-cloud" } diff --git a/tests/private-tcp-active-active/data.tf b/tests/private-tcp-active-active/data.tf index 76b655cb..0aa89281 100644 --- a/tests/private-tcp-active-active/data.tf +++ b/tests/private-tcp-active-active/data.tf @@ -11,7 +11,7 @@ data "google_dns_managed_zone" "main" { } data "google_compute_image" "rhel" { - name = "rhel-7-v20220519" + name = "rhel-8-v20231010" project = "rhel-cloud" }