Skip to content

Commit

Permalink
backport of commit 0e74357
Browse files Browse the repository at this point in the history
  • Loading branch information
Dan-Heath committed Dec 19, 2024
1 parent dca6243 commit 85c2566
Show file tree
Hide file tree
Showing 208 changed files with 2,110 additions and 6,546 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/actionlint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
actionlint:
runs-on: ${{ fromJSON(vars.RUNNER) }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Check workflow files
uses: docker://docker.mirror.hashicorp.services/rhysd/actionlint@sha256:5acca218639222e4afbc82fc6e9ef56cbe646ade3b07f3f5ec364b638258a244
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/backport.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
runs-on: ${{ fromJSON(vars.RUNNER) }}
container: hashicorpdev/backport-assistant:0.5.1
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 0 # Fetch all branches and tags
- name: Check if any migrations have changed
Expand Down
39 changes: 19 additions & 20 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
base-product-version: $${{ steps.set-product-version.outputs.base-product-version }}
prerelease-product-version: ${{ steps.set-product-version.outputs.prerelease-product-version }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set Product version
id: set-product-version
uses: hashicorp/actions-set-product-version@v2 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed
Expand All @@ -39,7 +39,7 @@ jobs:
product-edition: ${{ steps.get-product-edition.outputs.product-edition }}
go-version: ${{ steps.get-go-version.outputs.go-version }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Determine Go version
id: get-go-version
# We use .go-version as our source of truth for current Go
Expand All @@ -48,7 +48,7 @@ jobs:
echo "Building with Go $(cat .go-version)"
echo "go-version=$(cat .go-version)" >> "$GITHUB_OUTPUT"
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: "${{ steps.get-go-version.outputs.go-version }}"
cache: false
Expand All @@ -58,7 +58,7 @@ jobs:
echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT"
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
- name: Set up Go modules cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
Expand Down Expand Up @@ -86,7 +86,7 @@ jobs:
runs-on: ${{ fromJSON(vars.BUILDER_LINUX) }}
steps:
- name: 'Checkout directory'
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: |
echo "Product Version - ${{ needs.set-product-version.outputs.product-version }}"
echo "Product Prerelease - ${{ needs.set-product-version.outputs.prerelease-product-version }}"
Expand All @@ -100,15 +100,15 @@ jobs:
filepath: ${{ steps.generate-metadata-file.outputs.filepath }}
steps:
- name: 'Checkout directory'
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Generate metadata file
id: generate-metadata-file
uses: hashicorp/actions-generate-metadata@v1 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed
with:
repository: boundary
version: ${{ needs.set-product-version.outputs.product-version }}
product: ${{ env.PKG_NAME }}
- uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: metadata.json
path: ${{ steps.generate-metadata-file.outputs.filepath }}
Expand Down Expand Up @@ -137,9 +137,9 @@ jobs:
GOPRIVATE: "github.com/hashicorp"
GO111MODULE: on
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ matrix.go }}
cache: false
Expand All @@ -149,7 +149,7 @@ jobs:
echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT"
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
- name: Set up Go modules cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
Expand Down Expand Up @@ -205,11 +205,11 @@ jobs:
GO111MODULE: on

steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up Git
run: git config --global url."https://${{ secrets.ELEVATED_GITHUB_TOKEN }}:@github.com".insteadOf "https://github.com"
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ matrix.go }}
cache: false
Expand All @@ -219,7 +219,7 @@ jobs:
echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT"
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
- name: Set up Go modules cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
Expand Down Expand Up @@ -279,12 +279,12 @@ jobs:
echo "RPM_PACKAGE=$(basename out/*.rpm)" >> "$GITHUB_ENV"
echo "DEB_PACKAGE=$(basename out/*.deb)" >> "$GITHUB_ENV"
- name: Upload RPM package
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: ${{ env.RPM_PACKAGE }}
path: out/${{ env.RPM_PACKAGE }}
- name: Upload DEB package
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: ${{ env.DEB_PACKAGE }}
path: out/${{ env.DEB_PACKAGE }}
Expand All @@ -307,9 +307,9 @@ jobs:
GO111MODULE: on

steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ matrix.go }}
cache: false
Expand All @@ -319,7 +319,7 @@ jobs:
echo "go-build=$(go env GOCACHE)" >> "$GITHUB_OUTPUT"
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
- name: Set up Go modules cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
Expand Down Expand Up @@ -371,7 +371,7 @@ jobs:
version: ${{ needs.set-product-version.outputs.product-version }}
minor-version: ${{ needs.product-metadata.outputs.product-minor-version }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Docker Build (Action)
uses: hashicorp/actions-docker-build@v2 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed
with:
Expand All @@ -380,7 +380,6 @@ jobs:
arch: ${{ matrix.arch }}
tags: |
docker.io/hashicorp/${{ env.repo }}:${{ env.version }}
docker.io/hashicorp/${{ env.repo }}:${{ env.version }}_${{ github.sha }}
public.ecr.aws/hashicorp/${{ env.repo }}:${{ env.version }}
# Per-commit dev images follow the naming convention MAJOR.MINOR-dev
# And MAJOR.MINOR-dev-$COMMITSHA
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/enos-fmt.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.SERVICE_USER_GITHUB_TOKEN }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed
with:
terraform_wrapper: false
Expand Down
67 changes: 27 additions & 40 deletions .github/workflows/enos-run.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,11 +34,11 @@ jobs:
go-cache-key: ${{ steps.go-cache-key.outputs.key }}
runs-on: ${{ fromJSON(vars.RUNNER) }}
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: '0'
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ inputs.go-version }}
cache: false
Expand All @@ -53,7 +53,7 @@ jobs:
echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT"
echo "go-bin=$(go env GOPATH)/bin" >> "$GITHUB_OUTPUT"
- name: Set up Go modules cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
${{ steps.go-cache-paths.outputs.go-build }}
Expand All @@ -80,7 +80,6 @@ jobs:
- filter: 'e2e_database'
- filter: 'e2e_docker_base builder:crt'
- filter: 'e2e_docker_base_plus builder:crt'
- filter: 'e2e_docker_base_with_gcp builder:crt'
- filter: 'e2e_docker_base_with_vault builder:crt'
- filter: 'e2e_docker_base_with_worker builder:crt'
- filter: 'e2e_docker_worker_registration_controller_led builder:crt'
Expand All @@ -102,20 +101,16 @@ jobs:
ENOS_VAR_boundary_docker_image_name: ${{ inputs.docker-image-name }}
ENOS_VAR_boundary_docker_image_file: ./support/boundary_docker_image.tar
ENOS_VAR_go_version: ${{ inputs.go-version }}
ENOS_VAR_gcp_project_id: ${{ secrets.GCP_PROJECT_ID_CI }}
ENOS_VAR_gcp_client_email: ${{ secrets.GCP_CLIENT_EMAIL_CI }}
ENOS_VAR_gcp_private_key_id: ${{ secrets.GCP_PRIVATE_KEY_ID_CI }}
ENOS_VAR_gcp_private_key: ${{ secrets.GCP_PRIVATE_KEY_CI }}
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Set up Go
uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0
uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
with:
go-version: ${{ inputs.go-version }}
cache: false
- name: Set up Go modules cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: |
${{ needs.setup.outputs.cache-go-build }}
Expand All @@ -133,7 +128,7 @@ jobs:
terraform_wrapper: false
- name: Import GPG key for Boundary pass keystore
id: import_gpg
uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0
with:
gpg_private_key: ${{ secrets.ENOS_GPG_PRIVATE_KEY }}
passphrase: ${{ secrets.ENOS_GPG_PASSPHRASE }}
Expand All @@ -152,17 +147,6 @@ jobs:
role-to-assume: ${{ secrets.AWS_ROLE_ARN_CI }}
role-skip-session-tagging: true
role-duration-seconds: 3600
- name: Configure GCP credentials
if: contains(matrix.filter, 'gcp')
id: gcp_auth
uses: google-github-actions/auth@55bd3a7c6e2ae7cf1877fd1ccb9d54c0503c457c # v2.1.2
with:
credentials_json: ${{ secrets.GCP_CREDENTIALS }}
access_token_lifetime: '3600s'
project_id: ${{ secrets.GCP_PROJECT_ID_CI }}
- name: 'Set up GCP Cloud SDK'
if: contains(matrix.filter, 'gcp')
uses: google-github-actions/setup-gcloud@98ddc00a17442e89a24bbf282954a3b65ce6d200 # v2.1.0
- name: Set up Enos
uses: hashicorp/action-setup-enos@v1 # TSCCR: loading action configs: failed to query HEAD reference: failed to get advertised references: authorization failed
with:
Expand All @@ -176,7 +160,7 @@ jobs:
echo "debug_data_artifact_name=enos-debug-data_$(echo ${{ matrix.filter }} | sed -e 's/ /_/g' | sed -e 's/:/=/g')" >> "$GITHUB_OUTPUT"
- name: Set up dependency cache
id: dep-cache
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
with:
path: /tmp/test-deps
key: enos-test-deps-password-store-1.7.4-vault-1.12.2
Expand Down Expand Up @@ -234,12 +218,12 @@ jobs:
run: |
mv ${{ steps.download-docker.outputs.download-path }}/*.tar enos/support/boundary_docker_image.tar
- name: Set up Node.js
uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
if: contains(matrix.filter, 'e2e_ui')
with:
node-version: '16.x'
- name: Checkout boundary-ui
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
if: contains(matrix.filter, 'e2e_ui')
with:
repository: hashicorp/boundary-ui
Expand Down Expand Up @@ -282,7 +266,7 @@ jobs:
SCENARIO=$(echo "${{ matrix.filter }}" | cut -d' ' -f1)
echo fragment="${SCENARIO}" >> "$GITHUB_OUTPUT"
- name: Upload e2e tests output
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: test-${{ steps.split.outputs.fragment }}
path: enos/*.log
Expand All @@ -295,7 +279,7 @@ jobs:
docker logs database
- name: Upload e2e UI tests debug info
if: contains(matrix.filter, 'e2e_ui') && steps.run.outcome == 'failure'
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: test-e2e-ui-debug
path: enos/support/src/boundary-ui/ui/admin/tests/e2e/artifacts/test-failures
Expand All @@ -308,7 +292,7 @@ jobs:
enos scenario launch --timeout 60m0s --chdir ./enos ${{ matrix.filter }}
- name: Upload Debug Data
if: ${{ always() && steps.run_retry.outcome == 'failure' }}
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
# The name of the artifact is the same as the matrix scenario name with the spaces replaced with underscores and colons replaced by equals.
name: ${{ steps.prepare_scenario.outputs.debug_data_artifact_name }}
Expand Down Expand Up @@ -343,24 +327,27 @@ jobs:
env
find ./enos -name "scenario.tf" -exec cat {} \;
- name: Send Slack message if Run and Retry fails (or if something else went wrong)
uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0
uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
# steps.run.outcome reports as failure when there is an error in `Run Enos scenario`
# failure() captures errors before `Run Enos scenario`
# failure() does not capture errors in `Run Enos scenario` due to continue-on-error
if: ${{ failure() || (steps.run.outcome == 'failure' && steps.run_retry.outcome == 'failure') }}
with:
method: chat.postMessage
token: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}
channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
payload: |
channel: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
text: ":x: e2e tests failed (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>"
{
"text": ":x: e2e tests failed (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>"
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}
- name: Send Slack message if Run but Retry passes
uses: slackapi/slack-github-action@485a9d42d3a73031f12ec201c457e2162c45d02d # v2.0.0
uses: slackapi/slack-github-action@37ebaef184d7626c5f204ab8d3baff4262dd30f0 # v1.27.0
if: ${{ steps.run.outcome == 'failure' && steps.run_retry.outcome != 'failure' }}
with:
method: chat.postMessage
token: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}
channel-id: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
payload: |
channel: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_CHANNEL_ID }}
text: ":warning: e2e tests passed, but needed retry (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>"
{
"text": ":warning: e2e tests passed, but needed retry (${{ matrix.filter }}): ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}\n*Branch:* ${{ github.event.ref }}\n*SHA:* <${{ github.event.head_commit.url }}|${{ github.event.after }}>"
}
env:
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOUNDARY_TEST_BOT_TOKEN }}
Loading

0 comments on commit 85c2566

Please sign in to comment.