diff --git a/.actrc b/.actrc new file mode 100644 index 00000000000..b16e42ec2b3 --- /dev/null +++ b/.actrc @@ -0,0 +1 @@ +--artifact-server-path /tmp/artifacts \ No newline at end of file diff --git a/.devcontainer/cli.code-workspace b/.devcontainer/cli.code-workspace new file mode 100644 index 00000000000..9188cd1f7a6 --- /dev/null +++ b/.devcontainer/cli.code-workspace @@ -0,0 +1,24 @@ +{ + "folders": [ + { "path": ".." }, + { "path": "../../cli-ci" }, + { "path": "../../cli-private" }, + { "path": "../../cli-workstation" } + + ], + "settings": { + "github-actions.workflows.pinned.workflows": [ + "cli/.github/workflows/integration.yml" + ] + }, + "extensions": { + "recommendations": [ + "gitpod.gitpod-remote-ssh", + "ms-vsliveshare.vsliveshare", + "redhat.vscode-yaml", + "golang.go", + "vscodevim.vim", + "ms-vscode.makefile-tools" + ] + } +} \ No newline at end of file diff --git a/.github/win/integrations/integration-tests.ps1 b/.github/win/integrations/integration-tests.ps1 new file mode 100644 index 00000000000..f1f2e4d28dd --- /dev/null +++ b/.github/win/integrations/integration-tests.ps1 @@ -0,0 +1,102 @@ +$ErrorActionPreference = "Stop" +trap { $host.SetShouldExit(1) } + +echo "Work Directory: $pwd" +$Env:ROOT="$pwd" + +$null = New-Item -ItemType Directory -Force -Path $Env:TEMP + +# TODO: consider migrating choco to winget https://github.com/microsoft/winget-cli as preferred MS solution +if ((Get-Command "choco" -ErrorAction SilentlyContinue) -eq $null) { + Set-ExecutionPolicy Bypass -Scope Process -Force + [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072 + $tempvar = (New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1') + iex ($tempvar) +} + +function Refresh-Choco-Env { + Import-Module "C:\ProgramData\chocolatey\helpers\chocolateyProfile.psm1" + refreshenv + cd $Env:ROOT +} + +Refresh-Choco-Env + +$Env:GOPATH="$Env:ROOT\go" + +$Env:PATH="$Env:HOME\go\bin;" + "$Env:PATH" +$Env:PATH="$Env:GOPATH\bin;" + "$Env:PATH" +$Env:PATH="$Env:GOROOT\bin;" + "$Env:PATH" +$Env:PATH="$pwd;" + "$Env:PATH" +$Env:PATH="$pwd\cli\out;" + "$Env:PATH" + +# This is for DEBUG +# function Get-Env-Info { +# echo "Powershell: $((Get-Host).Version)" +# echo "Working Directory: $pwd" +# echo "GOPATH: $Env:GOPATH" +# echo "PATH:" +# $Env:PATH.split(";") + +# echo "-------------" + +# Get-ChildItem Env: | Format-Table -Wrap -AutoSize +# } + +# Get-Env-Info + +$Env:RUN_ID=(openssl rand -hex 16) +$Env:GOFLAGS = "-mod=mod" + +if ((Get-Command "ginkgo" -ErrorAction SilentlyContinue) -eq $null) { + go install -v github.com/onsi/ginkgo/ginkgo@v1.16.4 +} + +$CF_INT_NAME=(Get-Content $pwd\metadata.json -Raw| Out-String | ConvertFrom-Json).name.trim() +$Env:CF_INT_PASSWORD=(Get-Content $pwd\cf-password -Raw).trim() +$Env:CF_INT_OIDC_PASSWORD=(Get-Content $pwd\uaa-oidc-password -Raw).trim() +$Env:CF_INT_OIDC_USERNAME="admin-oidc" +$Env:CF_INT_API="https://api.$CF_INT_NAME.cf-app.com" +$Env:CF_DIAL_TIMEOUT=15 +# Enable SSL vaildation once toolsmiths supports it +# $Env:SKIP_SSL_VALIDATION="false" + +Import-Certificate -Filepath "$pwd\$CF_INT_NAME.router.ca" -CertStoreLocation "cert:\LocalMachine\root" + +New-Item "go/src/code.cloudfoundry.org" -Type Directory +New-Item -ItemType SymbolicLink -Path "$pwd/go/src/code.cloudfoundry.org/cli" -Target "$pwd/cli" + +cd go/src/code.cloudfoundry.org/cli + +go install github.com/akavel/rsrc@v0.10.2 + +make out/cf-cli_winx64.exe +Move-Item -Path ./out/cf-cli_winx64.exe -Destination ./out/cf.exe -Force + +ginkgo.exe -r ` + -nodes=16 ` + -flakeAttempts=2 ` + -slowSpecThreshold=60 ` + -randomizeAllSpecs ` + ./integration/shared/isolated ` + ./integration/v7/isolated ` + ./integration/shared/experimental ` + ./integration/v7/experimental ` + ./integration/v7/push + +if ($LASTEXITCODE -gt 0) +{ + exit 1 +} + +ginkgo.exe -r ` + -flakeAttempts=2 ` + -slowSpecThreshold=60 ` + -randomizeAllSpecs ` + ./integration/shared/global ` + ./integration/v7/global + +if ($LASTEXITCODE -gt 0) +{ + exit 1 +} \ No newline at end of file diff --git a/.github/workflows/cf-env-setup.yml b/.github/workflows/cf-env-setup.yml new file mode 100644 index 00000000000..9308a80f708 --- /dev/null +++ b/.github/workflows/cf-env-setup.yml @@ -0,0 +1,209 @@ +name: Setup CF Environment + +on: + workflow_call: + inputs: + environment: + required: true + type: string + capi-version: + required: true + type: string + outputs: + environment-name: + description: "Name of claimed environment" + value: ${{ jobs.cf-env-setup.outputs.environment-name }} + +jobs: + cf-env-setup: + name: Setting Up CF env + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + outputs: + environment-name: ${{ steps.claim-toolsmiths-env.outputs.environment-name }} + steps: + - id: claim-toolsmiths-env + name: Claim Toolsmiths Environment + env: + api_token: ${{ secrets.TOOLSMITHS_API_TOKEN }} + hostname: ${{ secrets.TOOLSMITHS_HOSTNAME }} + notes: CF CLI Github Actions Integration Tests + pool_name: cf-deployment + run: | + while true; do + curl -s --show-error -D >(tee headers.txt >&2) -H 'Accept: application/json' \ + -X POST "https://${hostname}/pooled_gcp_engineering_environments/claim" \ + --data-urlencode "api_token=${api_token}" \ + --data-urlencode "pool_name=${pool_name}" \ + --data-urlencode "notes=${notes}" > metadata.json \ + || echo "Unable to reach server, trying again in 30 seconds..." + + ERR_500="Sorry, the Toolsmiths Environments app is currently encountering issues. Trying again in 30 seconds..." + ERR_429="Sorry, Toolsmiths are out of environments in your requested pool. New environments are on their way but you can stop by the Toolsmiths slack channel for more help." + ERR_409="Sorry, was not able to claim an environment. Trying again in 30 seconds..." + + grep -q -E "HTTP/[[:digit:]\.]{1,3} 401" headers.txt && exit 1 + grep -q -E "HTTP/[[:digit:]\.]{1,3} 404" headers.txt && exit 2 + grep -q -E "HTTP/[[:digit:]\.]{1,3} 500" headers.txt && echo "$ERR_500" + grep -q -E "HTTP/[[:digit:]\.]{1,3} 200" headers.txt && break + grep -q -E "HTTP/[[:digit:]\.]{1,3} 429" && echo "$ERR_429" + grep -q -E "HTTP/[[:digit:]\.]{1,3} 409" && echo "$ERR_409" + + sleep 30 + done + + ENV=$(cat metadata.json | jq -r '.name') + echo "environment-name=${ENV}" >> $GITHUB_OUTPUT + + - name: 'Upload Metadata' + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.claim-toolsmiths-env.outputs.environment-name }} + path: metadata.json + + - name: Checkout cli-ci + uses: actions/checkout@v3 + with: + repository: cloudfoundry/cli-ci + path: cli-ci + + - name: Checkout cf-deployment Min CAPI + if: ${{ inputs.capi-version != 'edge' }} + uses: actions/checkout@v3 + with: + repository: cloudfoundry/cf-deployment + path: cf-deployment + ref: ${{ inputs.capi-version }} + + - name: Checkout cf-deployment + uses: actions/checkout@v3 + if: ${{ inputs.capi-version == 'edge' }} + with: + repository: cloudfoundry/cf-deployment + path: cf-deployment + + - name: Checkout CF deployment tasks + uses: actions/checkout@v3 + with: + repository: cloudfoundry/cf-deployment-concourse-tasks + path: cf-deployment-concourse-tasks + + - name: Checkout cli + uses: actions/checkout@v3 + with: + repository: cloudfoundry/cli + path: cli + ref: linux-min-capi-int-test + + - name: Install Tools + run: | + wget https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/bbl-v8.4.110_linux_x86-64 -P /tmp + mv /tmp/bbl-* /usr/local/bin/bbl + chmod +x /usr/local/bin/bbl + bbl --version + + wget https://s3.amazonaws.com/bosh-cli-artifacts/bosh-cli-7.0.1-linux-amd64 --output-document="/usr/local/bin/bosh" + chmod +x /usr/local/bin/bosh + bosh --version + + - name: Deploy edge CAPI with Isolation Segment and OIDC Provider + if: ${{ inputs.capi-version == 'edge' }} + env: + CF_INT_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} + run: | + # find latest capi + FILENAME="$(aws s3 ls capi-releases --no-sign-request --recursive --region us-east-1 | sort | tail -n 1 | awk '{print $4}')" + aws s3 cp s3://capi-releases/$FILENAME $FILENAME --no-sign-request --region us-east-1 + eval "$(bbl print-env --metadata-file metadata.json)" + bosh upload-release --sha2 "$FILENAME" + rm $FILENAME + + # deploy + bosh -d cf manifest > /tmp/manifest.yml + bosh interpolate /tmp/manifest.yml \ + -o cf-deployment/operations/test/add-persistent-isolation-segment-diego-cell.yml \ + -o cli-ci/ci/infrastructure/operations/add-oidc-provider.yml \ + -o cli-ci/ci/infrastructure/operations/add-uaa-client-credentials.yml \ + -o cli-ci/ci/infrastructure/operations/use-latest-capi.yml \ + -v client-secret="${CF_INT_CLIENT_SECRET}" \ + > ./director.yml + + bosh -d cf deploy director.yml -n + echo "Deployed CAPI version:" + bosh -d cf releases | grep capi + + - name: Deploy MIN CAPI with Isolation Segment and OIDC Provider + if: ${{ inputs.capi-version != 'edge' }} + run: | + # Creates vars files + mkdir vars-files + echo "cs = ${{ secrets.CLIENT_SECRET }}" + cat << EOF > vars-files/vars.yml + client-secret: ${{ secrets.CLIENT_SECRET }} + EOF + + # Copy Ops files + mkdir ops-files + cp cf-deployment/operations/scale-to-one-az.yml ops-files/ + cp cf-deployment/operations/test/add-persistent-isolation-segment-diego-cell.yml ops-files/ + cp cf-deployment/operations/use-compiled-releases.yml ops-files/ + cp cf-deployment/operations/use-internal-lookup-for-route-services.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/add-dummy-windows-stack.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/add-oidc-provider.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/add-uaa-client-credentials.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/add-uaa-client-cf-custom.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/adjust-user-retry-attempts.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/cli-isolation-cell-overrides.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/default-app-memory.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/diego-cell-instances.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/doppler-instances.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/enable-v3-deployments-endpoint.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/give-cf-admin-clients-read-scope.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/reduce-async-service-polling.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/skip-ssl-override.yml ops-files/ + cp cli-ci/ci/infrastructure/operations/uaa-vm_type-override.yml ops-files/ + # Deletes CF-D + eval "$(bbl print-env --metadata-file metadata.json)" + bosh -d cf delete-deployment -n + + # Deploy CF-D + mkdir toolsmiths-env + cp metadata.json toolsmiths-env/metadata + cat metadata.json | jq -r .name > toolsmiths-env/name + export VARS_FILES="vars.yml" + export MANIFEST_FILE="cf-deployment.yml" + export SYSTEM_DOMAIN="" + export REGENERATE_CREDENTIALS=false + export DEPLOY_WITH_UPTIME_MEASUREMENTS=false + export MEASURE_SYSLOG_AVAILABILITY=false + export TCP_DOMAIN="" + export AVAILABLE_PORT="" + export FAIL_ON_DOWNTIME=false + export APP_PUSHABILITY_THRESHOLD=0 + export HTTP_AVAILABILITY_THRESHOLD=0 + export RECENT_LOGS_THRESHOLD=0 + export STREAMING_LOGS_THRESHOLD=0 + export APP_SYSLOG_AVAILABILITY_THRESHOLD=0 + export USE_SINGLE_APP_INSTANCE=false + export BOSH_DEPLOY_ARGS="" + export BOSH_LITE=false + export BBL_JSON_CONFIG="" + export OPS_FILES="add-persistent-isolation-segment-diego-cell.yml \ + use-compiled-releases.yml \ + cli-isolation-cell-overrides.yml \ + default-app-memory.yml \ + skip-ssl-override.yml \ + scale-to-one-az.yml \ + diego-cell-instances.yml \ + doppler-instances.yml \ + uaa-vm_type-override.yml \ + add-uaa-client-credentials.yml \ + add-dummy-windows-stack.yml \ + reduce-async-service-polling.yml \ + add-oidc-provider.yml \ + adjust-user-retry-attempts.yml \ + enable-v3-deployments-endpoint.yml \ + give-cf-admin-clients-read-scope.yml \ + add-uaa-client-cf-custom.yml \ + use-internal-lookup-for-route-services.yml" + ./cf-deployment-concourse-tasks/bosh-deploy/task diff --git a/.github/workflows/cf-env-unclaim.yml b/.github/workflows/cf-env-unclaim.yml new file mode 100644 index 00000000000..21a4ec15ba9 --- /dev/null +++ b/.github/workflows/cf-env-unclaim.yml @@ -0,0 +1,36 @@ +name: Unclaim an environment + +on: + workflow_call: + inputs: + environment: + required: true + type: string + toolsmith-env-name: + required: true + type: string + +jobs: + cf-env-unclaim: + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + + steps: + - name: Unclaim environment + env: + api_token: ${{ secrets.TOOLSMITHS_API_TOKEN }} + hostname: ${{ secrets.TOOLSMITHS_HOSTNAME }} + run: | + while true; do + output=$(curl -s --show-error -D >(tee headers.txt >&2) -H 'Accept: application/json' \ + -X POST "https://${hostname}/pooled_gcp_engineering_environments/unclaim" \ + --data-urlencode "api_token=${api_token}" \ + --data-urlencode "name=${{ inputs.toolsmith-env-name }}") + + ERR_500="Sorry, the Toolsmiths Environments app is currently encountering issues. Trying again in 30 seconds..." + + grep -q -E "HTTP/[[:digit:]\.]{1,3} 500" headers.txt && echo "$ERR_500" && sleep 30 && continue + grep -q -E "HTTP/[[:digit:]\.]{1,3} 401" headers.txt && echo $(echo "$output" | jq '.messages | join(", ")') && exit 1 + grep -q -E "HTTP/[[:digit:]\.]{1,3} 404" headers.txt && echo $(echo "$output" | jq '.messages | join(", ")') && exit 2 + grep -q -E "HTTP/[[:digit:]\.]{1,3} 202" headers.txt && break + done \ No newline at end of file diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml new file mode 100644 index 00000000000..ce1a4e9841a --- /dev/null +++ b/.github/workflows/integration.yml @@ -0,0 +1,304 @@ +name: Integration Tests + +on: + workflow_dispatch: + pull_request: + branches: + - main + - v8 + - v7 + paths-ignore: + - 'doc/**' + - '.gitpod.yml' + - 'README.md' + push: + branches: + - main + - v8 + - v7 + paths-ignore: + - 'doc/**' + - '.github/**' + - '.gitpod.yml' + - 'README.md' + +permissions: + contents: read + +jobs: + shared-values: + name: Shared Values + runs-on: ubuntu-latest + outputs: + secrets-environment: ${{ steps.set-secrets-environment.outputs.secrets-environment }} + go-version: ${{ steps.set-go-version.outputs.go-version }} + min-capi: ${{ steps.get-min-capi.outputs.min-capi }} + + steps: + - name: Checkout + uses: actions/checkout@v3 + + - id: set-secrets-environment + name: Set environment + run: echo "secrets-environment=PROD" >> $GITHUB_OUTPUT + + - id: set-go-version + name: Parse Golang Version + run: | + go_version=($(grep -E '^go 1\.[[:digit:]]{1,2}' go.mod)) + echo "golang version: ${go_version[1]}" + echo "go-version=${go_version[1]}" >> $GITHUB_OUTPUT + + - id: get-min-capi + name: Get Minimum CAPI Version + run: | + min_capi=($(yq .cf-d-capi-version-min build_data.yml)) + echo "Minimum CAPI version: ${min_capi}" + echo "min-capi=${min_capi}" >> $GITHUB_OUTPUT + +## START edge CAPI + + get-cf-env-with-edge-capi: + name: Setup CF env with EDGE CAPI + needs: shared-values + uses: ./.github/workflows/cf-env-setup.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + capi-version: edge + secrets: inherit + + run-integration-tests-cf-env-with-edge-capi: + name: Integration tests with EDGE CAPI + needs: + - shared-values + - get-cf-env-with-edge-capi + uses: ./.github/workflows/run-integration-tests.yml + with: + go-version: ${{ needs.shared-values.outputs.go-version}} + environment: ${{ needs.shared-values.outputs.secrets-environment }} + environment-name: ${{ needs.get-cf-env-with-edge-capi.outputs.environment-name }} + run-with-client-creds: false + + unclaim-cf-env-with-edge-capi: + name: Unclaim CF env with EDGE CAPI + needs: + - shared-values + - get-cf-env-with-edge-capi + - run-integration-tests-cf-env-with-edge-capi + if: always() + uses: ./.github/workflows/cf-env-unclaim.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + toolsmith-env-name: ${{ needs.get-cf-env-with-edge-capi.outputs.environment-name }} + secrets: inherit + +## END edge CAPI + +## Start edge CAPI Client Creds + get-cf-env-with-edge-capi-client-creds: + name: Setup CF env with EDGE CAPI Client Credentials + needs: shared-values + uses: ./.github/workflows/cf-env-setup.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + capi-version: edge + secrets: inherit + + run-integration-tests-cf-env-with-edge-capi-client-creds: + name: Integration tests with EDGE CAPI Client Credentials + needs: + - shared-values + - get-cf-env-with-edge-capi-client-creds + uses: ./.github/workflows/run-integration-tests.yml + with: + go-version: ${{ needs.shared-values.outputs.go-version}} + environment: ${{ needs.shared-values.outputs.secrets-environment }} + environment-name: ${{ needs.get-cf-env-with-edge-capi-client-creds.outputs.environment-name }} + run-with-client-creds: true + secrets: inherit + + unclaim-cf-env-with-edge-capi-client-creds: + name: Unclaim CF env with EDGE CAPI + needs: + - shared-values + - get-cf-env-with-edge-capi-client-creds + - run-integration-tests-cf-env-with-edge-capi-client-creds + if: always() + uses: ./.github/workflows/cf-env-unclaim.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + toolsmith-env-name: ${{ needs.get-cf-env-with-edge-capi-client-creds.outputs.environment-name }} + secrets: inherit +## END edge CAPI Client Creds + +## START min CAPI + get-cf-env-with-min-capi: + name: Setup CF env with MIN CAPI + needs: shared-values + uses: ./.github/workflows/cf-env-setup.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + capi-version: ${{ needs.shared-values.outputs.min-capi}} + secrets: inherit + + run-integration-tests-cf-env-with-min-capi: + name: Integration tests with MIN CAPI + needs: + - shared-values + - get-cf-env-with-min-capi + uses: ./.github/workflows/run-integration-tests.yml + with: + go-version: ${{ needs.shared-values.outputs.go-version}} + environment: ${{ needs.shared-values.outputs.secrets-environment }} + environment-name: ${{ needs.get-cf-env-with-min-capi.outputs.environment-name }} + run-with-client-creds: false + + unclaim-cf-env-with-min-capi: + name: Unclaim CF env with MIN CAPI + needs: + - shared-values + - get-cf-env-with-min-capi + - run-integration-tests-cf-env-with-min-capi + if: always() + uses: ./.github/workflows/cf-env-unclaim.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + toolsmith-env-name: ${{ needs.get-cf-env-with-min-capi.outputs.environment-name }} + secrets: inherit + +## END min CAPI + +## START windows + get-windows-cf-env-with-edge-capi: + name: Setup CF env with EDGE CAPI for windows + needs: shared-values + uses: ./.github/workflows/cf-env-setup.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + capi-version: edge + secrets: inherit + + setup-windows-integration: + name: Setup Integration Tests Windows + needs: + - shared-values + - get-windows-cf-env-with-edge-capi + uses: ./.github/workflows/windows-integration-setup.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + environment-name: ${{ needs.get-windows-cf-env-with-edge-capi.outputs.environment-name }} + + run-windows-integration-tests: + name: Run Integration tests Windows + needs: + - shared-values + - get-windows-cf-env-with-edge-capi + - setup-windows-integration + runs-on: windows-latest + defaults: + run: + shell: pwsh + environment: ${{ needs.shared-values.outputs.secrets-environment }} + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + path: cli + - name: Set Up Go + uses: actions/setup-go@v3 + with: + go-version: ${{ needs.shared-values.outputs.go-version}} + check-latest: true + - name: Download metadata + uses: actions/download-artifact@v3 + with: + name: ${{ needs.get-windows-cf-env-with-edge-capi.outputs.environment-name }} + + - name: Download CF data + uses: actions/download-artifact@v3 + with: + name: cf-windows-data + - name: Run Integration Tests + run: cli/.github/win/integrations/integration-tests.ps1 + + unclaim-cf-windows-env-with-edge-capi: + name: Unclaim CF windows env with edge CAPI + needs: + - shared-values + - get-windows-cf-env-with-edge-capi + - run-windows-integration-tests + if: always() + uses: ./.github/workflows/cf-env-unclaim.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + toolsmith-env-name: ${{ needs.get-windows-cf-env-with-edge-capi.outputs.environment-name }} + secrets: inherit + +## START windows client credentials + get-windows-cc-cf-env-with-edge-capi: + name: Setup CF env with EDGE CAPI for windows Client Credentials + needs: shared-values + uses: ./.github/workflows/cf-env-setup.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + capi-version: edge + secrets: inherit + + setup-windows-integration-client-credentials: + name: Setup Integration Tests Windows Client Credentials + needs: + - shared-values + - get-windows-cc-cf-env-with-edge-capi + uses: ./.github/workflows/windows-integration-setup.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + environment-name: ${{ needs.get-windows-cc-cf-env-with-edge-capi.outputs.environment-name }} + + run-windows-integration-client-credentials-tests: + name: Run Integration tests Windows with Client Credentials + env: + CF_INT_CLIENT_ID: potato-face + CF_INT_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} + needs: + - shared-values + - get-windows-cc-cf-env-with-edge-capi + - setup-windows-integration-client-credentials + runs-on: windows-latest + defaults: + run: + shell: pwsh + environment: ${{ needs.shared-values.outputs.secrets-environment }} + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + path: cli + - name: Set Up Go + uses: actions/setup-go@v3 + with: + go-version: ${{ needs.shared-values.outputs.go-version}} + check-latest: true + - name: Download metadata + uses: actions/download-artifact@v3 + with: + name: ${{ needs.get-windows-cc-cf-env-with-edge-capi.outputs.environment-name }} + + - name: Download CF data + uses: actions/download-artifact@v3 + with: + name: cf-windows-data + - name: Run Integration Tests + run: cli/.github/win/integrations/integration-tests.ps1 + + unclaim-cf-windows-cc-env-with-edge-capi: + name: Unclaim CF windows with Client Credentials env with edge CAPI + needs: + - shared-values + - get-windows-cc-cf-env-with-edge-capi + - run-windows-integration-client-credentials-tests + if: always() + uses: ./.github/workflows/cf-env-unclaim.yml + with: + environment: ${{ needs.shared-values.outputs.secrets-environment }} + toolsmith-env-name: ${{ needs.get-windows-cc-cf-env-with-edge-capi.outputs.environment-name }} + secrets: inherit diff --git a/.github/workflows/run-integration-tests.yml b/.github/workflows/run-integration-tests.yml new file mode 100644 index 00000000000..8c3aef202a0 --- /dev/null +++ b/.github/workflows/run-integration-tests.yml @@ -0,0 +1,92 @@ +name: Run Integration Tests + +on: + workflow_call: + inputs: + environment: + required: true + type: string + environment-name: + required: true + type: string + go-version: + required: true + type: string + run-with-client-creds: + required: true + type: boolean +jobs: + run-integration-tests: + name: Run Integration Tests + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Checkout + uses: actions/checkout@v3 + - name: Set Up Go + uses: actions/setup-go@v3 + with: + go-version: ${{ inputs.go-version }} + check-latest: true + - name: Download metadata + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.environment-name }} + - name: Install Tools + run: | + wget https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/bbl-v8.4.110_linux_x86-64 -P /tmp + mv /tmp/bbl-* /usr/local/bin/bbl + chmod +x /usr/local/bin/bbl + bbl --version + + wget https://s3.amazonaws.com/bosh-cli-artifacts/bosh-cli-7.0.1-linux-amd64 --output-document="/usr/local/bin/bosh" + chmod +x /usr/local/bin/bosh + bosh --version + + wget https://github.com/cloudfoundry/credhub-cli/releases/download/2.9.4/credhub-linux-2.9.4.tgz -P ~/ + tar xzvf ~/credhub-linux-2.9.4.tgz + mv credhub /usr/local/bin/credhub + chmod +x /usr/local/bin/credhub + credhub --version + rm ~/credhub-linux-2.9.4.tgz + - name: Run Integration Tests + if: ${{ !inputs.run-with-client-creds }} + run: | + ENV=$(cat metadata.json | jq -r '.name') + eval "$(bbl print-env --metadata-file ./metadata.json)" + export CF_INT_PASSWORD="$(credhub get -n /bosh-$ENV/cf/cf_admin_password | bosh interpolate --path /value -)" + export CF_INT_OIDC_USERNAME="admin-oidc" + export CF_INT_OIDC_PASSWORD=$(credhub get -n /bosh-$ENV/cf/uaa_oidc_admin_password | bosh interpolate --path /value -) + export CF_INT_API="https://api.${ENV}.cf-app.com" + export CF_DIAL_TIMEOUT=15 + export CF_USERNAME=admin + export FLAKE_ATTEMPTS=2 + export NODES=16 + go install github.com/onsi/ginkgo/ginkgo@v1.16.4 + + + make build + export PATH="$(pwd)/out:$PATH" + make integration-tests-full-ci + - name: Run Integration Tests with client credentials + if: ${{ inputs.run-with-client-creds }} + env: + CF_INT_CLIENT_ID: 'potato-face' + CF_INT_CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }} + run: | + ENV=$(cat metadata.json | jq -r '.name') + eval "$(bbl print-env --metadata-file ./metadata.json)" + export CF_INT_PASSWORD="$(credhub get -n /bosh-$ENV/cf/cf_admin_password | bosh interpolate --path /value -)" + export CF_INT_OIDC_USERNAME="admin-oidc" + export CF_INT_OIDC_PASSWORD=$(credhub get -n /bosh-$ENV/cf/uaa_oidc_admin_password | bosh interpolate --path /value -) + export CF_INT_API="https://api.${ENV}.cf-app.com" + export CF_DIAL_TIMEOUT=15 + export CF_USERNAME=admin + export FLAKE_ATTEMPTS=2 + export NODES=16 + go install github.com/onsi/ginkgo/ginkgo@v1.16.4 + + + make build + export PATH="$(pwd)/out:$PATH" + make integration-tests-full-ci diff --git a/.github/workflows/windows-integration-setup.yml b/.github/workflows/windows-integration-setup.yml new file mode 100644 index 00000000000..44a8a2f2bbe --- /dev/null +++ b/.github/workflows/windows-integration-setup.yml @@ -0,0 +1,72 @@ +name: Setup Integration Tests Windows + +on: + workflow_call: + inputs: + environment: + required: true + type: string + environment-name: + required: true + type: string +jobs: + setup-integration-windows: + name: Setup Integration Tests Windows + runs-on: ubuntu-latest + environment: ${{ inputs.environment }} + steps: + - name: Download metadata + uses: actions/download-artifact@v3 + with: + name: ${{ inputs.environment-name }} + + - name: Checkout + uses: actions/checkout@v3 + with: + path: cli + + - name: Install Tools + run: | + wget https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/bbl-v8.4.110_linux_x86-64 -P /tmp + mv /tmp/bbl-* /usr/local/bin/bbl + chmod +x /usr/local/bin/bbl + bbl --version + + wget https://s3.amazonaws.com/bosh-cli-artifacts/bosh-cli-7.0.1-linux-amd64 --output-document="/usr/local/bin/bosh" + chmod +x /usr/local/bin/bosh + bosh --version + + wget https://github.com/cloudfoundry/credhub-cli/releases/download/2.9.4/credhub-linux-2.9.4.tgz -P ~/ + tar xzvf ~/credhub-linux-2.9.4.tgz + mv credhub /usr/local/bin/credhub + chmod +x /usr/local/bin/credhub + credhub --version + rm ~/credhub-linux-2.9.4.tgz + + - name: Setup Integration Tests + id: setup-windows-integration-step + run: | + ENV=$(cat metadata.json | jq -r '.name') + DATA_DIR=$PWD/cf-data + mkdir -p $DATA_DIR + eval "$(bbl print-env --metadata-file metadata.json)" + + credhub login + CF_INT_PASSWORD=$(credhub get -n /bosh-$ENV/cf/cf_admin_password | bosh interpolate --path /value -) + CF_INT_OIDC_PASSWORD=$(credhub get -n /bosh-$ENV/cf/uaa_oidc_admin_password | bosh interpolate --path /value -) + + credhub get --name /bosh-$ENV/cf/router_ca | bosh interpolate - --path /value/certificate > $DATA_DIR/$ENV.router.ca + + echo "Deployed CAPI version:" + bosh -d cf releases | grep capi + + # output password into a temp file for consumption by Windows + echo $CF_INT_PASSWORD > $DATA_DIR/cf-password + echo $CF_INT_OIDC_PASSWORD > $DATA_DIR/uaa-oidc-password + + echo "data=$DATA_DIR" >> $GITHUB_OUTPUT + - name: 'Upload CF Data' + uses: actions/upload-artifact@v3 + with: + name: cf-windows-data + path: ${{ steps.setup-windows-integration-step.outputs.data }} diff --git a/.gitpod.yml b/.gitpod.yml new file mode 100644 index 00000000000..614f7d18cc0 --- /dev/null +++ b/.gitpod.yml @@ -0,0 +1,34 @@ +additionalRepositories: + - url: https://github.com/cloudfoundry/cli-ci + - url: https://github.com/cloudfoundry/cli-private + - url: https://github.com/cloudfoundry/cli-workstation + +workspaceLocation: cli/.devcontainer/cli.code-workspace + +tasks: + - name: Setup Workspace + before: > + sudo apt install --yes + icdiff + tldr + fzf + + brew install + asdf + cloudfoundry/tap/credhub-cli + cloudfoundry/tap/bbl + cloudfoundry/tap/bosh-cli + act + tmux + neovim + init: > + tldr --update + + make clean build + command: out/cf version + +vscode: + extensions: + - vscodevim.vim + - eamodio.gitlens + - golang.go diff --git a/build_data.yml b/build_data.yml new file mode 100644 index 00000000000..d5264336456 --- /dev/null +++ b/build_data.yml @@ -0,0 +1,2 @@ +build-version: 8.4.0 +cf-d-capi-version-min: v16.11.0 diff --git a/integration/helpers/commonisolated/common_isolated_setup.go b/integration/helpers/commonisolated/common_isolated_setup.go index 0960c1acf68..77be9adbe40 100644 --- a/integration/helpers/commonisolated/common_isolated_setup.go +++ b/integration/helpers/commonisolated/common_isolated_setup.go @@ -5,6 +5,7 @@ import ( "testing" "time" + "code.cloudfoundry.org/cli/api/cloudcontroller/ccversion" "code.cloudfoundry.org/cli/integration/helpers" . "github.com/onsi/ginkgo" . "github.com/onsi/gomega" @@ -41,6 +42,9 @@ func CommonGinkgoSetup( helpers.SetupSynchronizedSuite(func() { helpers.EnableFeatureFlag("diego_docker") helpers.EnableFeatureFlag("service_instance_sharing") + if helpers.IsVersionMet(ccversion.MinVersionHTTP2RoutingV3) { + helpers.EnableFeatureFlag("route_sharing") + } }) _, _ = GinkgoWriter.Write([]byte("==============================End of Global FIRST Node Synchronized Before Each=============================="))