|
|
|
|
@ -8,67 +8,82 @@ the results of the `build` workflow, scenarios are executable from a developer
|
|
|
|
|
machine that has the requisite dependencies and configuration.
|
|
|
|
|
|
|
|
|
|
Refer to the [enos documentation](https://github.com/hashicorp/Enos-Docs)
|
|
|
|
|
for further information regarding installation, execution or composing Enos scenarios.
|
|
|
|
|
for further information regarding installation, execution, or composing Enos scenarios.
|
|
|
|
|
|
|
|
|
|
## Requirements
|
|
|
|
|
* AWS access. HashiCorp Boundary developers should use Doormat.
|
|
|
|
|
## Setup
|
|
|
|
|
* Terraform >= 1.0
|
|
|
|
|
* Enos >= v0.0.28 (`brew tap hashicorp/tap && brew update && brew install hashicorp/tap/enos`)
|
|
|
|
|
* Vault >= 1.12.2
|
|
|
|
|
* Enos >= v0.0.28
|
|
|
|
|
* Doormat
|
|
|
|
|
```shell
|
|
|
|
|
brew tap hashicorp/tap
|
|
|
|
|
brew install hashicorp/tap/vault
|
|
|
|
|
brew install hashicorp/tap/terraform
|
|
|
|
|
brew install hashicorp/tap/enos
|
|
|
|
|
brew install coreutils
|
|
|
|
|
|
|
|
|
|
# Install doormat cli
|
|
|
|
|
brew tap hashicorp/security git@github.com:hashicorp/homebrew-security.git
|
|
|
|
|
brew install hashicorp/security/doormat-cli
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
* AWS access. HashiCorp Boundary developers should use Doormat.
|
|
|
|
|
* An SSH keypair in the AWS region you wish to run the scenario. You can use
|
|
|
|
|
doormat to login to the AWS console to create or upload an existing keypair.
|
|
|
|
|
* Boundary installed locally. `make install` will put it in `$GOPATH/bin`, which
|
|
|
|
|
you can use with the `local_boundary_dir` variable, e.g.
|
|
|
|
|
`local_boundary_dir = /Users/<user>/.go/bin`.
|
|
|
|
|
```shell
|
|
|
|
|
# Create a SSH Key Pair
|
|
|
|
|
ssh-keygen -t ed25519 -C "your_email@example.com"
|
|
|
|
|
|
|
|
|
|
# <https://doormat.hashicorp.services/>
|
|
|
|
|
# Go to the console for the corresponding AWS account
|
|
|
|
|
# Select the desired AWS region on the top-right
|
|
|
|
|
# Go to EC2 -> Key Pairs -> Actions -> Import Key Pair -> Import public key file (.pub)
|
|
|
|
|
# Note the name of the key pair
|
|
|
|
|
```
|
|
|
|
|
* Boundary CLI installed locally
|
|
|
|
|
|
|
|
|
|
## Scenarios Variables
|
|
|
|
|
### Enos Variables
|
|
|
|
|
In CI, each scenario is executed via Github Actions and has been configured using
|
|
|
|
|
environment variable inputs that follow the `ENOS_VAR_varname` pattern.
|
|
|
|
|
|
|
|
|
|
For local execution you can specify all the required variables using environment
|
|
|
|
|
variables, or you can update `enos.vars.hcl` with values and uncomment the lines.
|
|
|
|
|
|
|
|
|
|
Variables that are required:
|
|
|
|
|
- `aws_ssh_private_key_path`
|
|
|
|
|
- `aws_ssh_keypair_name`
|
|
|
|
|
- `enos_user`
|
|
|
|
|
- `local_boundary_dir`
|
|
|
|
|
|
|
|
|
|
If you want to use the `builder:crt` variant to simulate execution in CI you'll
|
|
|
|
|
also need to specify `crt_bundle_path` to a local boundary install bundle.
|
|
|
|
|
|
|
|
|
|
If you want to modify which port the ALB listens on to proxy controller API
|
|
|
|
|
requests, you can specify the `alb_listener_api_port`.
|
|
|
|
|
|
|
|
|
|
See [enos.vars.hcl](./enos.vars.hcl) for complete descriptions of each variable.
|
|
|
|
|
|
|
|
|
|
You can either modify `enos.vars.hcl` directly or create your own copy at
|
|
|
|
|
`enos-local.vars.hcl` which gets ignored by git.
|
|
|
|
|
|
|
|
|
|
## Executing Scenarios
|
|
|
|
|
From the `enos` directory:
|
|
|
|
|
|
|
|
|
|
```bash
|
|
|
|
|
# list all available scenarios
|
|
|
|
|
# List all available scenarios. Scenarios can be found in enos/enos-scenario*
|
|
|
|
|
enos scenario list
|
|
|
|
|
# run the cli_ui scenario with an artifact that is built locally. Make sure
|
|
|
|
|
# the local machine has been configured for the cli_ui scenario as detailed in
|
|
|
|
|
# the requirements section. This will execute the scenario and clean up any
|
|
|
|
|
# resources if successful.
|
|
|
|
|
enos scenario run integration builder:local test:cli_ui
|
|
|
|
|
# launch an individual scenario but leave infrastructure up after execution
|
|
|
|
|
enos scenario launch integration builder:local test:cli_ui
|
|
|
|
|
# check an individual scenario for validity. This is useful during scenario
|
|
|
|
|
# authoring and debugging.
|
|
|
|
|
enos scenario validate integration builder:local test:cli_ui
|
|
|
|
|
# if you've run the tests and need to outputs, such as the URL or credentials,
|
|
|
|
|
# you can run the output command to see them. Please note that after "run" or
|
|
|
|
|
# destroy there will be no "outputs" as the infrastructure will have been
|
|
|
|
|
# destroyed.
|
|
|
|
|
enos scenario output integration builder:local test:cli_ui
|
|
|
|
|
# explicitly destroy all existing infrastructure
|
|
|
|
|
enos scenario destroy integration builder:local test:cli_ui
|
|
|
|
|
|
|
|
|
|
# Launch an individual scenario but leave infrastructure up after execution
|
|
|
|
|
enos scenario launch e2e_aws builder:local
|
|
|
|
|
|
|
|
|
|
# Explicitly destroy all existing infrastructure
|
|
|
|
|
enos scenario destroy integration builder:local
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
Refer to the [enos documentation](https://github.com/hashicorp/Enos-Docs)
|
|
|
|
|
for further information regarding installation, execution or composing scenarios.
|
|
|
|
|
|
|
|
|
|
To get information about the environment that was created...
|
|
|
|
|
```shell
|
|
|
|
|
# Scenarios that start with `e2e` can get environment information using a script. It can be helpful to set some aliases in your shell profile
|
|
|
|
|
alias enosenv="source <(. ${BOUNDARY_REPO}/enos/scripts/test_e2e_env.sh); . ${BOUNDARY_REPO}/enos/scripts/test_e2e_env.sh"
|
|
|
|
|
alias enosenvent="source <(. ${BOUNDARY_ENTEPRISE_REPO}/enos/scripts/test_e2e_env.sh); . ${BOUNDARY_ENTEPRISE_REPO}/enos/scripts/test_e2e_env.sh"
|
|
|
|
|
|
|
|
|
|
# Some scenarios don't start with `e2e` can get environment information using an enos command
|
|
|
|
|
enos scenario output hcp_session_recording builder:local
|
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
# Scenarios
|
|
|
|
|
|
|
|
|
|
## Infrastructure Integration
|
|
|
|
|
@ -94,22 +109,6 @@ you could test that version against the cluster by setting `local_boundary_dir`
|
|
|
|
|
The `builder:local` variant will build an install bundle as part of the
|
|
|
|
|
scenario and copy it to each worker and controller node. This allows you
|
|
|
|
|
to execute the scenario using an artifact of the current branch.
|
|
|
|
|
* `test:smoke`
|
|
|
|
|
The `test:smoke` variant runs a basic smoke test. It first provisions one
|
|
|
|
|
or more "target" nodes that don't have access on port 22. It then creates a
|
|
|
|
|
test catalog and host set and adds each of the "target" node(s) as
|
|
|
|
|
hosts/targets. It then SSH's to the target using `boundary` to verify that
|
|
|
|
|
it is able.
|
|
|
|
|
* `test:cli_ui`
|
|
|
|
|
The `test:cli_ui` variant creates implied dependencies for the Bats CLI UI tests
|
|
|
|
|
in the Boundary cluster and then executes the Bats CLI UI tests against it. This
|
|
|
|
|
scenario requires the machine executing `enos` to be configured for the Bats
|
|
|
|
|
tests as described in the Requirements section.
|
|
|
|
|
|
|
|
|
|
## End-to-end tests
|
|
|
|
|
|
|
|
|
|
Scenarios with `e2e_` invoke an end-to-end test suite written in Go. Different tests
|
|
|
|
|
are invoked depending on the scenario.
|
|
|
|
|
|
|
|
|
|
# CI Bootstrap
|
|
|
|
|
In order to execute any of the scenarios in this repository, it is first necessary to bootstrap the
|
|
|
|
|
|
Michael Li
2 years ago
committed by
GitHub