mirror of
https://github.com/hashicorp/vault.git
synced 2026-06-09 08:55:13 -04:00
84935e4416
In order to take advantage of enos' ability to outline scenarios and to inventory what verification they perform we needed to retrofit all of that information to our existing scenarios and steps. This change introduces an initial set of descriptions and verification declarations that we can continue to refine over time. As doing this required that I re-read every scenanario in its entirety I also updated and fixed a few things along the way that I noticed, including adding a few small features to enos that we utilize to make handling initial versions programtic between versions instead of having a delta between our globals in each branch. * Update autopilot and in-place upgrade initial versions * Programatically determine which initial versions to use based on Vault version * Partially normalize steps between scenarios to make comparisons easier * Update the MOTD to explain that VAULT_ADDR and VAULT_TOKEN have been set * Add scenario and step descriptions to scenarios * Add initial scenario quality verification declarations to scenarios * Unpin Terraform in scenarios as >= 1.8.4 should work fine
56 lines
1.8 KiB
YAML
56 lines
1.8 KiB
YAML
name: test-ci-bootstrap
|
|
|
|
# cancel existing runs of the same workflow on the same ref
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- enos/ci/**
|
|
- .github/workflows/test-ci-bootstrap.yml
|
|
push:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- enos/ci/**
|
|
- .github/workflows/test-ci-bootstrap.yml
|
|
|
|
jobs:
|
|
bootstrap-ci:
|
|
runs-on: ubuntu-latest
|
|
env:
|
|
TF_WORKSPACE: "${{ github.event.repository.name }}-ci-enos-bootstrap"
|
|
TF_VAR_repository: ${{ github.event.repository.name }}
|
|
TF_VAR_aws_ssh_public_key: ${{ secrets.SSH_KEY_PUBLIC_CI }}
|
|
TF_TOKEN_app_terraform_io: ${{ secrets.TF_API_TOKEN }}
|
|
steps:
|
|
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
|
|
- name: Set up Terraform
|
|
uses: hashicorp/setup-terraform@v3
|
|
- name: Configure AWS credentials
|
|
uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
|
|
with:
|
|
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CI }}
|
|
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CI }}
|
|
aws-region: us-east-1
|
|
role-to-assume: ${{ secrets.AWS_ROLE_ARN_CI }}
|
|
role-skip-session-tagging: true
|
|
role-duration-seconds: 3600
|
|
- name: Init Terraform
|
|
id: tf_init
|
|
run: |
|
|
terraform -chdir=enos/ci/bootstrap init
|
|
- name: Plan Terraform
|
|
id: tf_plan
|
|
run: |
|
|
terraform -chdir=enos/ci/bootstrap plan
|
|
- name: Apply Terraform
|
|
if: ${{ github.ref == 'refs/heads/main' }}
|
|
id: tf_apply
|
|
run: |
|
|
terraform -chdir=enos/ci/bootstrap apply -auto-approve
|