From 9d13510e59a780830d4bea9bde6f2af4dfe4032d Mon Sep 17 00:00:00 2001 From: John Murret Date: Fri, 7 Apr 2023 21:13:22 +0000 Subject: [PATCH 01/18] backport of commit bc630a7e57cfeaafccac1ab6cd92844272d8855d --- .github/workflows/test-integrations.yml | 379 ++++++++++++++++++++++++ 1 file changed, 379 insertions(+) create mode 100644 .github/workflows/test-integrations.yml diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml new file mode 100644 index 00000000000..c8657cebadc --- /dev/null +++ b/.github/workflows/test-integrations.yml @@ -0,0 +1,379 @@ +# Copyright (c) HashiCorp, Inc. +# SPDX-License-Identifier: MPL-2.0 + +name: test-integrations + +on: + pull_request: + branches-ignore: + - stable-website + - 'docs/**' + - 'ui/**' + - 'mktg-**' # Digital Team Terraform-generated branch prefix + - 'backport/docs/**' + - 'backport/ui/**' + - 'backport/mktg-**' + +env: + TEST_RESULTS_DIR: /tmp/test-results + TEST_RESULTS_ARTIFACT_NAME: test-results + CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }} + GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }} + +jobs: + setup: + runs-on: ubuntu-latest + name: Setup + outputs: + compute-small: ${{ steps.runners.outputs.compute-small }} + compute-medium: ${{ steps.runners.outputs.compute-medium }} + compute-large: ${{ steps.runners.outputs.compute-large }} + compute-xl: ${{ steps.runners.outputs.compute-xl }} + enterprise: ${{ steps.runners.outputs.enterprise }} + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - id: runners + run: .github/scripts/get_runner_classes.sh + + generate-envoy-job-matrices: + needs: [setup] + runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} + name: Generate Envoy Job Matrices + outputs: + envoy-matrix: ${{ steps.set-matrix.outputs.envoy-matrix }} + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - name: Generate Envoy Job Matrix + id: set-matrix + env: + # this is further going to multiplied in envoy-integration tests by the + # other dimensions in the matrix. Currently TOTAL_RUNNERS would be + # multiplied by 8 based on these values: + # envoy-version: ["1.22.7", "1.23.4", "1.24.2", "1.25.1"] + # xds-target: ["server", "client"] + TOTAL_RUNNERS: 3 + JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' + run: | + { + echo -n "envoy-matrix=" + find ./test/integration/connect/envoy -maxdepth 1 -type d -print0 \ + | xargs -0 -n 1 basename \ + | jq --raw-input --argjson runnercount "$TOTAL_RUNNERS" "$JQ_SLICER" \ + | jq --compact-output 'map(join("|"))' + } >> "$GITHUB_OUTPUT" + cat "$GITHUB_OUTPUT" + + dev-build: + needs: [setup] + uses: ./.github/workflows/reusable-dev-build.yml + with: + runs-on: ${{ needs.setup.outputs.compute-xl }} + repository-name: ${{ github.repository }} + uploaded-binary-name: 'consul-bin' + secrets: + elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} + + nomad-integration-test: + runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} + needs: + - setup + - dev-build + strategy: + matrix: + nomad-version: ['v1.3.3', 'v1.2.10', 'v1.1.16'] + steps: + - name: Setup gotestsum + uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 + with: + gotestsum_version: 1.9.0 + - name: Checkout Nomad + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + with: + repository: hashicorp/nomad + ref: ${{ matrix.nomad-version }} + + - name: Install Go + uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 + with: + go-version-file: 'go.mod' + + - name: Fetch Consul binary + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: 'consul-bin' + path: ./bin + - name: Restore Consul permissions + run: | + chmod +x ./bin/consul + echo "$(pwd)/bin" >> $GITHUB_PATH + + - name: Make Nomad dev build + run: make pkg/linux_amd64/nomad + + - name: Run integration tests + run: | + gotestsum \ + --format=short-verbose \ + --rerun-fails \ + --rerun-fails-report=/tmp/gotestsum-rerun-fails \ + --packages="./command/agent/consul" \ + --junitfile $TEST_RESULTS_DIR/results.xml -- \ + -run TestConsul + + vault-integration-test: + runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} + needs: + - setup + - dev-build + strategy: + matrix: + vault-version: ["1.12.2", "1.11.6", "1.10.9", "1.9.10"] + env: + VAULT_BINARY_VERSION: ${{ matrix.vault-version }} + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + + # NOTE: This step is specifically needed for ENT. It allows us to access the required private HashiCorp repos. + - name: Setup Git + if: ${{ endsWith(github.repository, '-enterprise') }} + run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com" + + - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 + with: + go-version-file: 'go.mod' + + - uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 + with: + gotestsum_version: 1.9.0 + + - name: Install Vault + run: | + wget -q -O /tmp/vault.zip "https://releases.hashicorp.com/vault/${{ env.VAULT_BINARY_VERSION }}/vault_${{ env.VAULT_BINARY_VERSION }}_linux_amd64.zip" + unzip -d /tmp /tmp/vault.zip + echo "/tmp" >> $GITHUB_PATH + + - name: Run Connect CA Provider Tests + run: | + mkdir -p "${{ env.TEST_RESULTS_DIR }}" + make test-connect-ca-providers + + envoy-integration-test: + runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} + permissions: + id-token: write # NOTE: this permission is explicitly required for Vault auth. + contents: read + needs: + - setup + - generate-envoy-job-matrices + - dev-build + strategy: + fail-fast: false + matrix: + envoy-version: ["1.22.7", "1.23.4", "1.24.2", "1.25.1"] + xds-target: ["server", "client"] + test-cases: ${{ fromJSON(needs.generate-envoy-job-matrices.outputs.envoy-matrix) }} + env: + ENVOY_VERSION: ${{ matrix.envoy-version }} + XDS_TARGET: ${{ matrix.xds-target }} + AWS_LAMBDA_REGION: us-west-2 + steps: + # NOTE: ENT specific step as we store secrets in Vault. + - name: Authenticate to Vault + if: ${{ endsWith(github.repository, '-enterprise') }} + id: vault-auth + run: vault-auth + + # NOTE: ENT specific step as we store secrets in Vault. + - name: Fetch Secrets + if: ${{ endsWith(github.repository, '-enterprise') }} + id: secrets + uses: hashicorp/vault-action@v2.5.0 + with: + url: ${{ steps.vault-auth.outputs.addr }} + caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} + token: ${{ steps.vault-auth.outputs.token }} + secrets: | + kv/data/github/${{ github.repository }}/aws arn | AWS_ROLE_ARN ; + + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 + with: + go-version-file: 'go.mod' + - name: Setup gotestsum + uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 + with: + gotestsum_version: 1.9.0 + + - name: fetch binary + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: 'consul-bin' + path: ./bin + - name: restore mode+x + run: chmod +x ./bin/consul + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 # v2.4.1 + + - name: Docker build + run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile ./bin + + - name: Envoy Integration Tests + env: + GOTESTSUM_JUNITFILE: ${{ env.TEST_RESULTS_DIR }}/results.xml + GOTESTSUM_FORMAT: standard-verbose + COMPOSE_INTERACTIVE_NO_CLI: 1 + LAMBDA_TESTS_ENABLED: "true" + # tput complains if this isn't set to something. + TERM: ansi + run: | + # shellcheck disable=SC2001 + echo "Running $(sed 's,|, ,g' <<< "${{ matrix.test-cases }}" |wc -w) subtests" + # shellcheck disable=SC2001 + sed 's,|,\n,g' <<< "${{ matrix.test-cases }}" + gotestsum \ + --debug \ + --rerun-fails \ + --rerun-fails-report=/tmp/gotestsum-rerun-fails \ + --jsonfile /tmp/jsonfile/go-test.log \ + --packages=./test/integration/connect/envoy \ + -- -timeout=30m -tags integration -run="TestEnvoy/(${{ matrix.test-cases }})" + + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + with: + name: container-logs + path: ./test/integration/connect/envoy/workdir/logs + + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + with: + name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} + path: ${{ env.TEST_RESULTS_DIR }} + + compatibility-integration-test: + runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} + needs: + - setup + - dev-build + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 + with: + go-version-file: 'go.mod' + - name: Setup gotestsum + uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 + with: + gotestsum_version: 1.9.0 + + # Build the consul:local image from the already built binary + - name: fetch binary + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: 'consul-bin' + path: . + - name: restore mode+x + run: chmod +x consul + + - name: Build consul:local image + run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile . + - name: Compatibility Integration Tests + run: | + mkdir -p "${{ env.TEST_RESULTS_DIR }}" + cd ./test/integration/consul-container + docker run --rm consul:local consul version + # shellcheck disable=SC2046 + gotestsum \ + --raw-command \ + --format=short-verbose \ + --debug \ + --rerun-fails=3 \ + --packages="./..." \ + -- \ + go test \ + -p=4 \ + -tags "${{ env.GOTAGS }}" \ + -timeout=30m \ + -json \ + $(go list ./... | grep -v upgrade) \ + --target-image consul \ + --target-version local \ + --latest-image consul \ + --latest-version latest + ls -lrt + env: + # this is needed because of incompatibility between RYUK container and circleci + GOTESTSUM_JUNITFILE: ${{ env.TEST_RESULTS_DIR }}/results.xml + GOTESTSUM_FORMAT: standard-verbose + COMPOSE_INTERACTIVE_NO_CLI: 1 + # tput complains if this isn't set to something. + TERM: ansi + + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + with: + name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} + path: ${{ env.TEST_RESULTS_DIR }} + + upgrade-integration-test: + runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} + needs: + - setup + - dev-build + strategy: + matrix: + consul-version: [ "1.14", "1.15"] + env: + CONSUL_VERSION: ${{ matrix.consul-version }} + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 + with: + go-version-file: 'go.mod' + - name: Setup gotestsum + uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 + with: + gotestsum_version: 1.9.0 + + # Get go binary from workspace + - name: fetch binary + uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 + with: + name: 'consul-bin' + path: . + - name: restore mode+x + run: chmod +x consul + - name: Build consul:local image + run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile . + - name: Upgrade Integration Tests + run: | + mkdir -p "${{ env.TEST_RESULTS_DIR }}" + cd ./test/integration/consul-container/test/upgrade + docker run --rm consul:local consul version + PACKAGE_NAMES=$(go list -tags "${{ env.GOTAGS }}" ./...) + gotestsum \ + --raw-command \ + --format=short-verbose \ + --debug \ + --rerun-fails=3 \ + --packages="${PACKAGE_NAMES}" \ + -- \ + go test \ + -p=8 \ + -tags "${{ env.GOTAGS }}" \ + -timeout=30m \ + -json \ + ./... \ + --target-image consul \ + --target-version local \ + --latest-image consul \ + --latest-version "$CONSUL_VERSION" + ls -lrt + env: + # this is needed because of incompatibility between RYUK container and circleci + GOTESTSUM_JUNITFILE: ${{ env.TEST_RESULTS_DIR }}/results.xml + GOTESTSUM_FORMAT: standard-verbose + COMPOSE_INTERACTIVE_NO_CLI: 1 + # tput complains if this isn't set to something. + TERM: ansi + - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 + with: + name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} + path: ${{ env.TEST_RESULTS_DIR }} From 914be45fa3c22665cc5a5d6a0d0d371ed9bb380a Mon Sep 17 00:00:00 2001 From: John Murret Date: Fri, 7 Apr 2023 21:51:11 +0000 Subject: [PATCH 02/18] backport of commit 1c8731c32ed0b13c6fab28774b4b52a45cdc6d73 --- .github/workflows/test-integrations.yml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index c8657cebadc..e64bb9b051e 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -377,3 +377,21 @@ jobs: with: name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} path: ${{ env.TEST_RESULTS_DIR }} + + test-integrations-success: + needs: + - setup + - generate-envoy-job-matrices + - dev-build + - nomad-integration-test + - vault-integration-test + - envoy-integration-test + - compatibility-integration-test + - upgrade-integration-test + runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} + if: | + (always() && ! cancelled()) && + !contains(needs.*.result, 'failure') && + !contains(needs.*.result, 'cancelled') + steps: + - run: echo "test-integrations succeeded" From 9a8d93046514c957f666012f9c210148db636494 Mon Sep 17 00:00:00 2001 From: John Eikenberry Date: Mon, 10 Apr 2023 22:38:44 +0000 Subject: [PATCH 03/18] backport of commit 76b7e2dca0374097ecc821ee60f767b4b6a938c1 --- .github/workflows/test-integrations.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index e64bb9b051e..c6a50a08194 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -127,7 +127,7 @@ jobs: - dev-build strategy: matrix: - vault-version: ["1.12.2", "1.11.6", "1.10.9", "1.9.10"] + vault-version: ["1.13.1", "1.12.5", "1.11.9", "1.10.11"] env: VAULT_BINARY_VERSION: ${{ matrix.vault-version }} steps: From 6b6f8a137d96def8a7734b21c8c5c4dfa7ea76ad Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 02:58:07 +0000 Subject: [PATCH 04/18] backport of commit 21f3d86a82c2a1bfc78b730c1eddbdd5e2206361 --- .github/workflows/test-integrations.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index c6a50a08194..a25c18442d1 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -356,7 +356,7 @@ jobs: --packages="${PACKAGE_NAMES}" \ -- \ go test \ - -p=8 \ + -p=4 \ -tags "${{ env.GOTAGS }}" \ -timeout=30m \ -json \ @@ -364,7 +364,7 @@ jobs: --target-image consul \ --target-version local \ --latest-image consul \ - --latest-version "$CONSUL_VERSION" + --latest-version "${{ env.CONSUL_VERSION }}" ls -lrt env: # this is needed because of incompatibility between RYUK container and circleci From 4c2a0e70985fcb326747f394ca513a3834af870c Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 03:26:35 +0000 Subject: [PATCH 05/18] backport of commit 12e053f93e2c54675bf5981bbb5aafa78f3a8877 --- .github/workflows/test-integrations.yml | 78 +++++++++++++------------ 1 file changed, 40 insertions(+), 38 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index a25c18442d1..8212a900151 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -19,6 +19,8 @@ env: TEST_RESULTS_ARTIFACT_NAME: test-results CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }} GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }} + GOTESTSUM_VERSION: "1.9.0" + CONSUL_BINARY_UPLOAD_NAME: gotestsum_version: consul-bin jobs: setup: @@ -35,41 +37,13 @@ jobs: - id: runners run: .github/scripts/get_runner_classes.sh - generate-envoy-job-matrices: - needs: [setup] - runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} - name: Generate Envoy Job Matrices - outputs: - envoy-matrix: ${{ steps.set-matrix.outputs.envoy-matrix }} - steps: - - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - - name: Generate Envoy Job Matrix - id: set-matrix - env: - # this is further going to multiplied in envoy-integration tests by the - # other dimensions in the matrix. Currently TOTAL_RUNNERS would be - # multiplied by 8 based on these values: - # envoy-version: ["1.22.7", "1.23.4", "1.24.2", "1.25.1"] - # xds-target: ["server", "client"] - TOTAL_RUNNERS: 3 - JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' - run: | - { - echo -n "envoy-matrix=" - find ./test/integration/connect/envoy -maxdepth 1 -type d -print0 \ - | xargs -0 -n 1 basename \ - | jq --raw-input --argjson runnercount "$TOTAL_RUNNERS" "$JQ_SLICER" \ - | jq --compact-output 'map(join("|"))' - } >> "$GITHUB_OUTPUT" - cat "$GITHUB_OUTPUT" - dev-build: needs: [setup] uses: ./.github/workflows/reusable-dev-build.yml with: runs-on: ${{ needs.setup.outputs.compute-xl }} repository-name: ${{ github.repository }} - uploaded-binary-name: 'consul-bin' + uploaded-binary-name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -85,7 +59,7 @@ jobs: - name: Setup gotestsum uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 with: - gotestsum_version: 1.9.0 + gotestsum_version: ${{ env.GOTESTSUM_VERSION }} - name: Checkout Nomad uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: @@ -100,7 +74,7 @@ jobs: - name: Fetch Consul binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'consul-bin' + name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: ./bin - name: Restore Consul permissions run: | @@ -144,7 +118,7 @@ jobs: - uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 with: - gotestsum_version: 1.9.0 + gotestsum_version: ${{ env.GOTESTSUM_VERSION }} - name: Install Vault run: | @@ -157,6 +131,34 @@ jobs: mkdir -p "${{ env.TEST_RESULTS_DIR }}" make test-connect-ca-providers + generate-envoy-job-matrices: + needs: [setup] + runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} + name: Generate Envoy Job Matrices + outputs: + envoy-matrix: ${{ steps.set-matrix.outputs.envoy-matrix }} + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - name: Generate Envoy Job Matrix + id: set-matrix + env: + # this is further going to multiplied in envoy-integration tests by the + # other dimensions in the matrix. Currently TOTAL_RUNNERS would be + # multiplied by 8 based on these values: + # envoy-version: ["1.22.7", "1.23.4", "1.24.2", "1.25.1"] + # xds-target: ["server", "client"] + TOTAL_RUNNERS: 3 + JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' + run: | + { + echo -n "envoy-matrix=" + find ./test/integration/connect/envoy -maxdepth 1 -type d -print0 \ + | xargs -0 -n 1 basename \ + | jq --raw-input --argjson runnercount "$TOTAL_RUNNERS" "$JQ_SLICER" \ + | jq --compact-output 'map(join("|"))' + } >> "$GITHUB_OUTPUT" + cat "$GITHUB_OUTPUT" + envoy-integration-test: runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} permissions: @@ -202,12 +204,12 @@ jobs: - name: Setup gotestsum uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 with: - gotestsum_version: 1.9.0 + gotestsum_version: ${{ env.GOTESTSUM_VERSION }} - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'consul-bin' + name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: ./bin - name: restore mode+x run: chmod +x ./bin/consul @@ -262,13 +264,13 @@ jobs: - name: Setup gotestsum uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 with: - gotestsum_version: 1.9.0 + gotestsum_version: ${{ env.GOTESTSUM_VERSION }} # Build the consul:local image from the already built binary - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'consul-bin' + name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: . - name: restore mode+x run: chmod +x consul @@ -330,13 +332,13 @@ jobs: - name: Setup gotestsum uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 with: - gotestsum_version: 1.9.0 + gotestsum_version: ${{ env.GOTESTSUM_VERSION }} # Get go binary from workspace - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'consul-bin' + name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: . - name: restore mode+x run: chmod +x consul From ae9fa745c802cf9df45c46941366aa8236c9e68a Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 03:49:25 +0000 Subject: [PATCH 06/18] backport of commit 0fc2445691828cf4ae248b64e065ee34c70e9925 --- .github/workflows/test-integrations.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 8212a900151..4b3a199eab7 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -349,24 +349,23 @@ jobs: mkdir -p "${{ env.TEST_RESULTS_DIR }}" cd ./test/integration/consul-container/test/upgrade docker run --rm consul:local consul version - PACKAGE_NAMES=$(go list -tags "${{ env.GOTAGS }}" ./...) gotestsum \ --raw-command \ --format=short-verbose \ --debug \ --rerun-fails=3 \ - --packages="${PACKAGE_NAMES}" \ + --packages="./..." \ -- \ go test \ -p=4 \ -tags "${{ env.GOTAGS }}" \ -timeout=30m \ -json \ - ./... \ + ./.../upgrade/ \ --target-image consul \ --target-version local \ --latest-image consul \ - --latest-version "${{ env.CONSUL_VERSION }}" + --latest-version ${{ env.CONSUL_VERSION }} ls -lrt env: # this is needed because of incompatibility between RYUK container and circleci From 7fe73fdaf09b932a2b1b54dd95323535e90cd2a7 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 03:51:05 +0000 Subject: [PATCH 07/18] backport of commit 025240ca35e52f8c8d5960e1cad0585e3786ec8d --- .github/workflows/test-integrations.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 4b3a199eab7..978e753cc09 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -20,7 +20,7 @@ env: CONSUL_LICENSE: ${{ secrets.CONSUL_LICENSE }} GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }} GOTESTSUM_VERSION: "1.9.0" - CONSUL_BINARY_UPLOAD_NAME: gotestsum_version: consul-bin + CONSUL_BINARY_UPLOAD_NAME: consul-bin jobs: setup: From 5e1db9ac1bfd34dc414b442502cc8584f0e2bb82 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 03:54:02 +0000 Subject: [PATCH 08/18] backport of commit cbece51157a8c43a729ff147b7719854a08ad600 --- .github/workflows/test-integrations.yml | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 978e753cc09..0f50efa80b7 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -280,9 +280,8 @@ jobs: - name: Compatibility Integration Tests run: | mkdir -p "${{ env.TEST_RESULTS_DIR }}" - cd ./test/integration/consul-container + cd ./test/integration/consul-container/test/upgrade docker run --rm consul:local consul version - # shellcheck disable=SC2046 gotestsum \ --raw-command \ --format=short-verbose \ @@ -295,11 +294,11 @@ jobs: -tags "${{ env.GOTAGS }}" \ -timeout=30m \ -json \ - $(go list ./... | grep -v upgrade) \ + ./.../upgrade/ \ --target-image consul \ --target-version local \ --latest-image consul \ - --latest-version latest + --latest-version ${{ env.CONSUL_VERSION ls -lrt env: # this is needed because of incompatibility between RYUK container and circleci @@ -349,23 +348,24 @@ jobs: mkdir -p "${{ env.TEST_RESULTS_DIR }}" cd ./test/integration/consul-container/test/upgrade docker run --rm consul:local consul version + PACKAGE_NAMES=$(go list -tags "${{ env.GOTAGS }}" ./...) gotestsum \ --raw-command \ --format=short-verbose \ --debug \ --rerun-fails=3 \ - --packages="./..." \ + --packages="${PACKAGE_NAMES}" \ -- \ go test \ -p=4 \ -tags "${{ env.GOTAGS }}" \ -timeout=30m \ -json \ - ./.../upgrade/ \ + ./... \ --target-image consul \ --target-version local \ --latest-image consul \ - --latest-version ${{ env.CONSUL_VERSION }} + --latest-version "${{ env.CONSUL_VERSION }}" ls -lrt env: # this is needed because of incompatibility between RYUK container and circleci From 487244c245e8d8a44da4760e1a783f8bdaead99c Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 03:55:23 +0000 Subject: [PATCH 09/18] backport of commit 3d422971e84bada06f835a15de80b82899b8cbf1 --- .github/workflows/test-integrations.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 0f50efa80b7..0279f0cf013 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -43,7 +43,7 @@ jobs: with: runs-on: ${{ needs.setup.outputs.compute-xl }} repository-name: ${{ github.repository }} - uploaded-binary-name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' + uploaded-binary-name: '${{ env.CONSUL_BINARY_UPLOAD_NAME }}' secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -74,7 +74,7 @@ jobs: - name: Fetch Consul binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' + name: '${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: ./bin - name: Restore Consul permissions run: | @@ -209,7 +209,7 @@ jobs: - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' + name: '${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: ./bin - name: restore mode+x run: chmod +x ./bin/consul @@ -270,7 +270,7 @@ jobs: - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' + name: '${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: . - name: restore mode+x run: chmod +x consul @@ -337,7 +337,7 @@ jobs: - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: - name: 'gotestsum_version: ${{ env.CONSUL_BINARY_UPLOAD_NAME }}' + name: '${{ env.CONSUL_BINARY_UPLOAD_NAME }}' path: . - name: restore mode+x run: chmod +x consul From 396bdd951ad83bf22682bad738294b6493dcb6cb Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 03:56:56 +0000 Subject: [PATCH 10/18] backport of commit 2f1af3bb0af22c0c157aa9541d9edca6bfd9dd56 --- .github/workflows/test-integrations.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 0279f0cf013..42713aa5d90 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -43,7 +43,7 @@ jobs: with: runs-on: ${{ needs.setup.outputs.compute-xl }} repository-name: ${{ github.repository }} - uploaded-binary-name: '${{ env.CONSUL_BINARY_UPLOAD_NAME }}' + uploaded-binary-name: ${{ env.CONSUL_BINARY_UPLOAD_NAME }} secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} @@ -298,7 +298,7 @@ jobs: --target-image consul \ --target-version local \ --latest-image consul \ - --latest-version ${{ env.CONSUL_VERSION + --latest-version ${{ env.CONSUL_VERSION }} ls -lrt env: # this is needed because of incompatibility between RYUK container and circleci From 5965cffcf5942cc97f9c65e22b39b41eeb0077e2 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 03:58:32 +0000 Subject: [PATCH 11/18] backport of commit a5c24fb7715031d1b5f97fc8febd724a4c2c0dfe --- .github/workflows/test-integrations.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 42713aa5d90..9863abc7e37 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -43,7 +43,7 @@ jobs: with: runs-on: ${{ needs.setup.outputs.compute-xl }} repository-name: ${{ github.repository }} - uploaded-binary-name: ${{ env.CONSUL_BINARY_UPLOAD_NAME }} + uploaded-binary-name: 'consul-bin' secrets: elevated-github-token: ${{ secrets.ELEVATED_GITHUB_TOKEN }} From 7483603e5b776b21f5c9ef3e663b97fc10973b95 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 11 Apr 2023 04:03:25 +0000 Subject: [PATCH 12/18] backport of commit eb3e524bbb285ade5fa148e0cf8dd2f8a67906f7 --- .github/workflows/test-integrations.yml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 9863abc7e37..006a5bd18eb 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -280,7 +280,7 @@ jobs: - name: Compatibility Integration Tests run: | mkdir -p "${{ env.TEST_RESULTS_DIR }}" - cd ./test/integration/consul-container/test/upgrade + cd ./test/integration/consul-container docker run --rm consul:local consul version gotestsum \ --raw-command \ @@ -291,14 +291,13 @@ jobs: -- \ go test \ -p=4 \ - -tags "${{ env.GOTAGS }}" \ -timeout=30m \ -json \ - ./.../upgrade/ \ + `go list ./... | grep -v upgrade` \ --target-image consul \ --target-version local \ --latest-image consul \ - --latest-version ${{ env.CONSUL_VERSION }} + --latest-version latest ls -lrt env: # this is needed because of incompatibility between RYUK container and circleci From 7cf58e59f924fe26158733bede34799e651626a3 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 18 Apr 2023 20:45:30 -0600 Subject: [PATCH 13/18] ci: add test-integrations (#16915) * add test-integrations workflow * add test-integrations success job * update vault integration testing versions (#16949) * change parallelism to 4 forgotestsum. use env.CONSUL_VERSION so we can see the version. * use env for repeated values * match test to circleci * fix envvar * fix envvar 2 * fix envvar 3 * fix envvar 4 * fix envvar 5 * make upgrade and compatibility tests match circleci * run go env to check environment * debug docker Signed-off-by: Dan Bond * debug docker Signed-off-by: Dan Bond * revert debug docker Signed-off-by: Dan Bond * going back to command that worked 5 days ago for compatibility tests * Update Envoy versions to reflect changes in #16889 * cd to test dir * try running ubuntu latest * update PR with latest changes that work in enterprise * yaml still sucks * test GH fix (localhost resolution) * change for testing * test splitting and ipv6 lookup for compatibility and upgrade tests * fix indention * consul as image name * remove the on push * add gotestsum back in * removing the use of the gotestsum download action * yaml sucks today just like yesterday * fixing nomad tests * worked out the kinks on enterprise --------- Signed-off-by: Dan Bond Co-authored-by: John Eikenberry Co-authored-by: Dan Bond Co-authored-by: Nathan Coleman Co-authored-by: Sarah --- .circleci/config.yml | 1 + .github/workflows/test-integrations.yml | 224 +++++++++++++++++------- 2 files changed, 165 insertions(+), 60 deletions(-) diff --git a/.circleci/config.yml b/.circleci/config.yml index ff62ae2da90..a80dae020e2 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -321,6 +321,7 @@ jobs: sudo tar -C /usr/local -xzvf go${GO_VERSION}.linux-amd64.tar.gz environment: <<: *ENVIRONMENT + - run: go env - run: *install-gotestsum - run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile . - run: diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 006a5bd18eb..6ba47464338 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -21,6 +21,8 @@ env: GOTAGS: ${{ endsWith(github.repository, '-enterprise') && 'consulent' || '' }} GOTESTSUM_VERSION: "1.9.0" CONSUL_BINARY_UPLOAD_NAME: consul-bin + # strip the hashicorp/ off the front of github.repository for consul + CONSUL_LATEST_IMAGE_NAME: ${{ endsWith(github.repository, '-enterprise') && github.repository || 'consul' }} jobs: setup: @@ -56,10 +58,6 @@ jobs: matrix: nomad-version: ['v1.3.3', 'v1.2.10', 'v1.1.16'] steps: - - name: Setup gotestsum - uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 - with: - gotestsum_version: ${{ env.GOTESTSUM_VERSION }} - name: Checkout Nomad uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: @@ -86,13 +84,14 @@ jobs: - name: Run integration tests run: | + go install gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} && \ gotestsum \ - --format=short-verbose \ - --rerun-fails \ - --rerun-fails-report=/tmp/gotestsum-rerun-fails \ - --packages="./command/agent/consul" \ - --junitfile $TEST_RESULTS_DIR/results.xml -- \ - -run TestConsul + --format=short-verbose \ + --rerun-fails \ + --rerun-fails-report=/tmp/gotestsum-rerun-fails \ + --packages="./command/agent/consul" \ + --junitfile $TEST_RESULTS_DIR/results.xml -- \ + -run TestConsul vault-integration-test: runs-on: ${{ fromJSON(needs.setup.outputs.compute-large) }} @@ -116,10 +115,6 @@ jobs: with: go-version-file: 'go.mod' - - uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 - with: - gotestsum_version: ${{ env.GOTESTSUM_VERSION }} - - name: Install Vault run: | wget -q -O /tmp/vault.zip "https://releases.hashicorp.com/vault/${{ env.VAULT_BINARY_VERSION }}/vault_${{ env.VAULT_BINARY_VERSION }}_linux_amd64.zip" @@ -129,7 +124,20 @@ jobs: - name: Run Connect CA Provider Tests run: | mkdir -p "${{ env.TEST_RESULTS_DIR }}" - make test-connect-ca-providers + go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \ + --format=short-verbose \ + --junitfile "${{ env.TEST_RESULTS_DIR }}/gotestsum-report.xml" \ + -- -tags "${{ env.GOTAGS }}" -cover -coverprofile=coverage.txt ./agent/connect/ca + # Run leader tests that require Vault + go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \ + --format=short-verbose \ + --junitfile "${{ env.TEST_RESULTS_DIR }}/gotestsum-report-leader.xml" \ + -- -tags "${{ env.GOTAGS }}" -cover -coverprofile=coverage-leader.txt -run Vault ./agent/consul + # Run agent tests that require Vault + go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \ + --format=short-verbose \ + --junitfile "${{ env.TEST_RESULTS_DIR }}/gotestsum-report-agent.xml" \ + -- -tags "${{ env.GOTAGS }}" -cover -coverprofile=coverage-agent.txt -run Vault ./agent generate-envoy-job-matrices: needs: [setup] @@ -145,7 +153,7 @@ jobs: # this is further going to multiplied in envoy-integration tests by the # other dimensions in the matrix. Currently TOTAL_RUNNERS would be # multiplied by 8 based on these values: - # envoy-version: ["1.22.7", "1.23.4", "1.24.2", "1.25.1"] + # envoy-version: ["1.22.11", "1.23.8", "1.24.6", "1.25.4"] # xds-target: ["server", "client"] TOTAL_RUNNERS: 3 JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' @@ -171,7 +179,7 @@ jobs: strategy: fail-fast: false matrix: - envoy-version: ["1.22.7", "1.23.4", "1.24.2", "1.25.1"] + envoy-version: ["1.22.11", "1.23.8", "1.24.6", "1.25.4"] xds-target: ["server", "client"] test-cases: ${{ fromJSON(needs.generate-envoy-job-matrices.outputs.envoy-matrix) }} env: @@ -201,10 +209,6 @@ jobs: - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: go-version-file: 'go.mod' - - name: Setup gotestsum - uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 - with: - gotestsum_version: ${{ env.GOTESTSUM_VERSION }} - name: fetch binary uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 @@ -233,7 +237,7 @@ jobs: echo "Running $(sed 's,|, ,g' <<< "${{ matrix.test-cases }}" |wc -w) subtests" # shellcheck disable=SC2001 sed 's,|,\n,g' <<< "${{ matrix.test-cases }}" - gotestsum \ + go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \ --debug \ --rerun-fails \ --rerun-fails-report=/tmp/gotestsum-rerun-fails \ @@ -251,20 +255,45 @@ jobs: name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} path: ${{ env.TEST_RESULTS_DIR }} + generate-compatibility-job-matrices: + needs: [setup] + runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} + name: Generate Compatibility Job Matrices + outputs: + compatibility-matrix: ${{ steps.set-matrix.outputs.compatibility-matrix }} + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - name: Generate Compatibility Job Matrix + id: set-matrix + env: + TOTAL_RUNNERS: 5 + JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' + run: | + cd ./test/integration/consul-container + { + echo -n "compatibility-matrix=" + find ./test -maxdepth 2 -type d -print0 | xargs -0 -n 1 \ + | grep -v util | grep -v upgrade \ + | jq --raw-input --argjson runnercount "$TOTAL_RUNNERS" "$JQ_SLICER" \ + | jq --compact-output 'map(join(" "))' + } >> "$GITHUB_OUTPUT" + cat "$GITHUB_OUTPUT" compatibility-integration-test: runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} needs: - setup - dev-build + - generate-compatibility-job-matrices + strategy: + fail-fast: false + matrix: + test-cases: ${{ fromJSON(needs.generate-compatibility-job-matrices.outputs.compatibility-matrix) }} steps: - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: go-version-file: 'go.mod' - - name: Setup gotestsum - uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 - with: - gotestsum_version: ${{ env.GOTESTSUM_VERSION }} + - run: go env # Build the consul:local image from the already built binary - name: fetch binary @@ -276,29 +305,38 @@ jobs: run: chmod +x consul - name: Build consul:local image - run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile . + run: docker build -t ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local -f ./build-support/docker/Consul-Dev.dockerfile . + - name: Configure GH workaround for ipv6 loopback + if: ${{ !endsWith(github.repository, '-enterprise') }} + run: | + cat /etc/hosts && echo "-----------" + sudo sed -i 's/::1 *localhost ip6-localhost ip6-loopback/::1 ip6-localhost ip6-loopback/g' /etc/hosts + cat /etc/hosts - name: Compatibility Integration Tests run: | - mkdir -p "${{ env.TEST_RESULTS_DIR }}" - cd ./test/integration/consul-container - docker run --rm consul:local consul version - gotestsum \ - --raw-command \ - --format=short-verbose \ - --debug \ - --rerun-fails=3 \ - --packages="./..." \ - -- \ - go test \ - -p=4 \ - -timeout=30m \ - -json \ - `go list ./... | grep -v upgrade` \ - --target-image consul \ - --target-version local \ - --latest-image consul \ - --latest-version latest - ls -lrt + mkdir -p "/tmp/test-results" + cd ./test/integration/consul-container + docker run --rm ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local consul version + echo "Running $(sed 's,|, ,g' <<< "${{ matrix.test-cases }}" |wc -w) subtests" + # shellcheck disable=SC2001 + sed 's,|,\n,g' <<< "${{ matrix.test-cases }}" + go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \ + --raw-command \ + --format=short-verbose \ + --debug \ + --rerun-fails=3 \ + -- \ + go test \ + -p=4 \ + -tags "${{ env.GOTAGS }}" \ + -timeout=30m \ + -json \ + "${{ matrix.test-cases }}" \ + --target-image ${{ env.CONSUL_LATEST_IMAGE_NAME }} \ + --target-version local \ + --latest-image ${{ env.CONSUL_LATEST_IMAGE_NAME }} \ + --latest-version latest + ls -lrt env: # this is needed because of incompatibility between RYUK container and circleci GOTESTSUM_JUNITFILE: ${{ env.TEST_RESULTS_DIR }}/results.xml @@ -312,14 +350,46 @@ jobs: name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} path: ${{ env.TEST_RESULTS_DIR }} + generate-upgrade-job-matrices: + needs: [setup] + runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} + name: Generate Upgrade Job Matrices + outputs: + upgrade-matrix: ${{ steps.set-matrix.outputs.upgrade-matrix }} + steps: + - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 + - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 + with: + go-version-file: 'go.mod' + - name: Generate Updgrade Job Matrix + id: set-matrix + env: + TOTAL_RUNNERS: 4 + JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' + run: | + cd ./test/integration/consul-container/test/upgrade + { + echo -n "upgrade-matrix=" + go test ./... -list=. -json | jq -r '.Output | select (. !=null) | select(. | startswith("Test")) | gsub("[\\n\\t]"; "")' \ + | jq --raw-input --argjson runnercount "$TOTAL_RUNNERS" "$JQ_SLICER" \ + | jq --compact-output 'map(join("|"))' + } >> "$GITHUB_OUTPUT" + cat "$GITHUB_OUTPUT" + upgrade-integration-test: runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} + permissions: + id-token: write # NOTE: this permission is explicitly required for Vault auth. + contents: read needs: - setup - dev-build + - generate-upgrade-job-matrices strategy: + fail-fast: false matrix: consul-version: [ "1.14", "1.15"] + test-cases: ${{ fromJSON(needs.generate-upgrade-job-matrices.outputs.upgrade-matrix) }} env: CONSUL_VERSION: ${{ matrix.consul-version }} steps: @@ -327,10 +397,34 @@ jobs: - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 with: go-version-file: 'go.mod' - - name: Setup gotestsum - uses: autero1/action-gotestsum@2e48af62f5248bd3b014f598cd1aa69a01dd36e3 # v1.0.0 + - run: go env + + # NOTE: ENT specific step as we store secrets in Vault. + - name: Authenticate to Vault + if: ${{ endsWith(github.repository, '-enterprise') }} + id: vault-auth + run: vault-auth + + # NOTE: ENT specific step as we store secrets in Vault. + - name: Fetch Secrets + if: ${{ endsWith(github.repository, '-enterprise') }} + id: secrets + uses: hashicorp/vault-action@v2.5.0 with: - gotestsum_version: ${{ env.GOTESTSUM_VERSION }} + url: ${{ steps.vault-auth.outputs.addr }} + caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} + token: ${{ steps.vault-auth.outputs.token }} + secrets: | + kv/data/github/${{ github.repository }}/dockerhub username | DOCKERHUB_USERNAME; + kv/data/github/${{ github.repository }}/dockerhub token | DOCKERHUB_TOKEN; + + # NOTE: conditional specific logic as we store secrets in Vault in ENT and use GHA secrets in OSS. + - name: Login to Docker Hub + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # pin@v2.1.0 + with: + username: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_USERNAME || secrets.DOCKERHUB_USERNAME }} + password: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_TOKEN || secrets.DOCKERHUB_TOKEN }} + # Get go binary from workspace - name: fetch binary @@ -341,29 +435,37 @@ jobs: - name: restore mode+x run: chmod +x consul - name: Build consul:local image - run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile . + run: docker build -t ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local -f ./build-support/docker/Consul-Dev.dockerfile . + - name: Configure GH workaround for ipv6 loopback + if: ${{ !endsWith(github.repository, '-enterprise') }} + run: | + cat /etc/hosts && echo "-----------" + sudo sed -i 's/::1 *localhost ip6-localhost ip6-loopback/::1 ip6-localhost ip6-loopback/g' /etc/hosts + cat /etc/hosts - name: Upgrade Integration Tests run: | mkdir -p "${{ env.TEST_RESULTS_DIR }}" cd ./test/integration/consul-container/test/upgrade - docker run --rm consul:local consul version - PACKAGE_NAMES=$(go list -tags "${{ env.GOTAGS }}" ./...) - gotestsum \ + docker run --rm ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local consul version + echo "Running $(sed 's,|, ,g' <<< "${{ matrix.test-cases }}" |wc -w) subtests" + # shellcheck disable=SC2001 + sed 's,|,\n,g' <<< "${{ matrix.test-cases }}" + go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \ --raw-command \ --format=short-verbose \ --debug \ --rerun-fails=3 \ - --packages="${PACKAGE_NAMES}" \ + --packages="./..." \ -- \ go test \ -p=4 \ -tags "${{ env.GOTAGS }}" \ -timeout=30m \ - -json \ - ./... \ - --target-image consul \ + -json ./... \ + -run "${{ matrix.test-cases }}" \ + --target-image ${{ env.CONSUL_LATEST_IMAGE_NAME }} \ --target-version local \ - --latest-image consul \ + --latest-image ${{ env.CONSUL_LATEST_IMAGE_NAME }} \ --latest-version "${{ env.CONSUL_VERSION }}" ls -lrt env: @@ -381,12 +483,14 @@ jobs: test-integrations-success: needs: - setup - - generate-envoy-job-matrices - dev-build - nomad-integration-test - vault-integration-test + - generate-envoy-job-matrices - envoy-integration-test + - generate-compatibility-job-matrices - compatibility-integration-test + - generate-upgrade-job-matrices - upgrade-integration-test runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} if: | From c9caa5804e61f322f93aa4880c7e277f780da709 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 18 Apr 2023 21:21:29 -0600 Subject: [PATCH 14/18] set vault and envoy versions --- .github/workflows/test-integrations.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 6ba47464338..a78d4f53089 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -100,7 +100,7 @@ jobs: - dev-build strategy: matrix: - vault-version: ["1.13.1", "1.12.5", "1.11.9", "1.10.11"] + vault-version: ["1.12.2","1.11.6","1.10.9","1.9.10"] env: VAULT_BINARY_VERSION: ${{ matrix.vault-version }} steps: @@ -179,7 +179,7 @@ jobs: strategy: fail-fast: false matrix: - envoy-version: ["1.22.11", "1.23.8", "1.24.6", "1.25.4"] + envoy-version: ["1.20.7", "1.21.6","1.22.11","1.23.8"] xds-target: ["server", "client"] test-cases: ${{ fromJSON(needs.generate-envoy-job-matrices.outputs.envoy-matrix) }} env: From a41b8ccc7b5cc7d3fbab7af025562859efa41b26 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 18 Apr 2023 21:23:58 -0600 Subject: [PATCH 15/18] remove upgrade tests --- .github/workflows/test-integrations.yml | 132 ------------------------ 1 file changed, 132 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index a78d4f53089..3c27bebe983 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -350,136 +350,6 @@ jobs: name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} path: ${{ env.TEST_RESULTS_DIR }} - generate-upgrade-job-matrices: - needs: [setup] - runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} - name: Generate Upgrade Job Matrices - outputs: - upgrade-matrix: ${{ steps.set-matrix.outputs.upgrade-matrix }} - steps: - - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 - with: - go-version-file: 'go.mod' - - name: Generate Updgrade Job Matrix - id: set-matrix - env: - TOTAL_RUNNERS: 4 - JQ_SLICER: '[ inputs ] | [_nwise(length / $runnercount | floor)]' - run: | - cd ./test/integration/consul-container/test/upgrade - { - echo -n "upgrade-matrix=" - go test ./... -list=. -json | jq -r '.Output | select (. !=null) | select(. | startswith("Test")) | gsub("[\\n\\t]"; "")' \ - | jq --raw-input --argjson runnercount "$TOTAL_RUNNERS" "$JQ_SLICER" \ - | jq --compact-output 'map(join("|"))' - } >> "$GITHUB_OUTPUT" - cat "$GITHUB_OUTPUT" - - upgrade-integration-test: - runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} - permissions: - id-token: write # NOTE: this permission is explicitly required for Vault auth. - contents: read - needs: - - setup - - dev-build - - generate-upgrade-job-matrices - strategy: - fail-fast: false - matrix: - consul-version: [ "1.14", "1.15"] - test-cases: ${{ fromJSON(needs.generate-upgrade-job-matrices.outputs.upgrade-matrix) }} - env: - CONSUL_VERSION: ${{ matrix.consul-version }} - steps: - - uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 - - uses: actions/setup-go@6edd4406fa81c3da01a34fa6f6343087c207a568 # v3.5.0 - with: - go-version-file: 'go.mod' - - run: go env - - # NOTE: ENT specific step as we store secrets in Vault. - - name: Authenticate to Vault - if: ${{ endsWith(github.repository, '-enterprise') }} - id: vault-auth - run: vault-auth - - # NOTE: ENT specific step as we store secrets in Vault. - - name: Fetch Secrets - if: ${{ endsWith(github.repository, '-enterprise') }} - id: secrets - uses: hashicorp/vault-action@v2.5.0 - with: - url: ${{ steps.vault-auth.outputs.addr }} - caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} - token: ${{ steps.vault-auth.outputs.token }} - secrets: | - kv/data/github/${{ github.repository }}/dockerhub username | DOCKERHUB_USERNAME; - kv/data/github/${{ github.repository }}/dockerhub token | DOCKERHUB_TOKEN; - - # NOTE: conditional specific logic as we store secrets in Vault in ENT and use GHA secrets in OSS. - - name: Login to Docker Hub - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # pin@v2.1.0 - with: - username: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_USERNAME || secrets.DOCKERHUB_USERNAME }} - password: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_TOKEN || secrets.DOCKERHUB_TOKEN }} - - - # Get go binary from workspace - - name: fetch binary - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 - with: - name: '${{ env.CONSUL_BINARY_UPLOAD_NAME }}' - path: . - - name: restore mode+x - run: chmod +x consul - - name: Build consul:local image - run: docker build -t ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local -f ./build-support/docker/Consul-Dev.dockerfile . - - name: Configure GH workaround for ipv6 loopback - if: ${{ !endsWith(github.repository, '-enterprise') }} - run: | - cat /etc/hosts && echo "-----------" - sudo sed -i 's/::1 *localhost ip6-localhost ip6-loopback/::1 ip6-localhost ip6-loopback/g' /etc/hosts - cat /etc/hosts - - name: Upgrade Integration Tests - run: | - mkdir -p "${{ env.TEST_RESULTS_DIR }}" - cd ./test/integration/consul-container/test/upgrade - docker run --rm ${{ env.CONSUL_LATEST_IMAGE_NAME }}:local consul version - echo "Running $(sed 's,|, ,g' <<< "${{ matrix.test-cases }}" |wc -w) subtests" - # shellcheck disable=SC2001 - sed 's,|,\n,g' <<< "${{ matrix.test-cases }}" - go run gotest.tools/gotestsum@v${{env.GOTESTSUM_VERSION}} \ - --raw-command \ - --format=short-verbose \ - --debug \ - --rerun-fails=3 \ - --packages="./..." \ - -- \ - go test \ - -p=4 \ - -tags "${{ env.GOTAGS }}" \ - -timeout=30m \ - -json ./... \ - -run "${{ matrix.test-cases }}" \ - --target-image ${{ env.CONSUL_LATEST_IMAGE_NAME }} \ - --target-version local \ - --latest-image ${{ env.CONSUL_LATEST_IMAGE_NAME }} \ - --latest-version "${{ env.CONSUL_VERSION }}" - ls -lrt - env: - # this is needed because of incompatibility between RYUK container and circleci - GOTESTSUM_JUNITFILE: ${{ env.TEST_RESULTS_DIR }}/results.xml - GOTESTSUM_FORMAT: standard-verbose - COMPOSE_INTERACTIVE_NO_CLI: 1 - # tput complains if this isn't set to something. - TERM: ansi - - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2 - with: - name: ${{ env.TEST_RESULTS_ARTIFACT_NAME }} - path: ${{ env.TEST_RESULTS_DIR }} - test-integrations-success: needs: - setup @@ -490,8 +360,6 @@ jobs: - envoy-integration-test - generate-compatibility-job-matrices - compatibility-integration-test - - generate-upgrade-job-matrices - - upgrade-integration-test runs-on: ${{ fromJSON(needs.setup.outputs.compute-small) }} if: | (always() && ! cancelled()) && From 60aeb2431a271dc33b5f4e19d42459ad8cba4576 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 18 Apr 2023 21:39:11 -0600 Subject: [PATCH 16/18] fix compatibility tests --- .github/workflows/test-integrations.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 3c27bebe983..54edea3204f 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -272,8 +272,8 @@ jobs: cd ./test/integration/consul-container { echo -n "compatibility-matrix=" - find ./test -maxdepth 2 -type d -print0 | xargs -0 -n 1 \ - | grep -v util | grep -v upgrade \ + find . -maxdepth 2 -type d -print0 | xargs -0 -n 1 \ + | grep -v lib \ | jq --raw-input --argjson runnercount "$TOTAL_RUNNERS" "$JQ_SLICER" \ | jq --compact-output 'map(join(" "))' } >> "$GITHUB_OUTPUT" From 20ad8233b29ad1cd636cdb9d54b7c4f55099a395 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 18 Apr 2023 21:54:33 -0600 Subject: [PATCH 17/18] log into dockerhub --- .github/workflows/test-integrations.yml | 29 +++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index 54edea3204f..dc682a62a26 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -278,8 +278,12 @@ jobs: | jq --compact-output 'map(join(" "))' } >> "$GITHUB_OUTPUT" cat "$GITHUB_OUTPUT" + compatibility-integration-test: runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} + permissions: + id-token: write # NOTE: this permission is explicitly required for Vault auth. + contents: read needs: - setup - dev-build @@ -294,6 +298,31 @@ jobs: with: go-version-file: 'go.mod' - run: go env + # NOTE: ENT specific step as we store secrets in Vault. + - name: Authenticate to Vault + if: ${{ endsWith(github.repository, '-enterprise') }} + id: vault-auth + run: vault-auth + + # NOTE: ENT specific step as we store secrets in Vault. + - name: Fetch Secrets + if: ${{ endsWith(github.repository, '-enterprise') }} + id: secrets + uses: hashicorp/vault-action@v2.5.0 + with: + url: ${{ steps.vault-auth.outputs.addr }} + caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} + token: ${{ steps.vault-auth.outputs.token }} + secrets: | + kv/data/github/${{ github.repository }}/dockerhub username | DOCKERHUB_USERNAME; + kv/data/github/${{ github.repository }}/dockerhub token | DOCKERHUB_TOKEN; + + # NOTE: conditional specific logic as we store secrets in Vault in ENT and use GHA secrets in OSS. + - name: Login to Docker Hub + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # pin@v2.1.0 + with: + username: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_USERNAME || secrets.DOCKERHUB_USERNAME }} + password: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_TOKEN || secrets.DOCKERHUB_TOKEN }} # Build the consul:local image from the already built binary - name: fetch binary From 4cdc26bd3bec65d0d8fe26d1e4b8215bbb2ea8d8 Mon Sep 17 00:00:00 2001 From: John Murret Date: Tue, 18 Apr 2023 22:08:15 -0600 Subject: [PATCH 18/18] fix envoy image problem --- .github/workflows/test-integrations.yml | 32 ++----------------------- 1 file changed, 2 insertions(+), 30 deletions(-) diff --git a/.github/workflows/test-integrations.yml b/.github/workflows/test-integrations.yml index dc682a62a26..ce794480312 100644 --- a/.github/workflows/test-integrations.yml +++ b/.github/workflows/test-integrations.yml @@ -222,7 +222,7 @@ jobs: uses: docker/setup-buildx-action@f03ac48505955848960e80bbb68046aa35c7b9e7 # v2.4.1 - name: Docker build - run: docker build -t consul:local -f ./build-support/docker/Consul-Dev.dockerfile ./bin + run: docker build -t consul-dev -f ./build-support/docker/Consul-Dev.dockerfile ./bin - name: Envoy Integration Tests env: @@ -278,12 +278,9 @@ jobs: | jq --compact-output 'map(join(" "))' } >> "$GITHUB_OUTPUT" cat "$GITHUB_OUTPUT" - + compatibility-integration-test: runs-on: ${{ fromJSON(needs.setup.outputs.compute-xl) }} - permissions: - id-token: write # NOTE: this permission is explicitly required for Vault auth. - contents: read needs: - setup - dev-build @@ -298,31 +295,6 @@ jobs: with: go-version-file: 'go.mod' - run: go env - # NOTE: ENT specific step as we store secrets in Vault. - - name: Authenticate to Vault - if: ${{ endsWith(github.repository, '-enterprise') }} - id: vault-auth - run: vault-auth - - # NOTE: ENT specific step as we store secrets in Vault. - - name: Fetch Secrets - if: ${{ endsWith(github.repository, '-enterprise') }} - id: secrets - uses: hashicorp/vault-action@v2.5.0 - with: - url: ${{ steps.vault-auth.outputs.addr }} - caCertificate: ${{ steps.vault-auth.outputs.ca_certificate }} - token: ${{ steps.vault-auth.outputs.token }} - secrets: | - kv/data/github/${{ github.repository }}/dockerhub username | DOCKERHUB_USERNAME; - kv/data/github/${{ github.repository }}/dockerhub token | DOCKERHUB_TOKEN; - - # NOTE: conditional specific logic as we store secrets in Vault in ENT and use GHA secrets in OSS. - - name: Login to Docker Hub - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # pin@v2.1.0 - with: - username: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_USERNAME || secrets.DOCKERHUB_USERNAME }} - password: ${{ endsWith(github.repository, '-enterprise') && steps.secrets.outputs.DOCKERHUB_TOKEN || secrets.DOCKERHUB_TOKEN }} # Build the consul:local image from the already built binary - name: fetch binary