GitHub Actions Integration Tests

.github/workflows/integration.yml

@@ -0,0 +1,122 @@
+name: Integration Tests
+
+on:
+  workflow_dispatch:
+  pull_request:
+    branches:
+      - master
+      - v8
+      - v7
+    paths-ignore:
+      - 'doc/**'
+      - '.github/**'
+      - '.gitpod.yml'
+      - 'README.md'
+  push:
+    branches:
+      - master
+      - v8
+      - v7
+    paths-ignore:
+      - 'doc/**'
+      - '.github/**'
+      - '.gitpod.yml'
+      - 'README.md'
+
+permissions:
+  contents: read
+
+jobs:
+  shared-values:
+    name: Shared Values
+    runs-on: ubuntu-latest
+    outputs:
+      secrets-environment: ${{ steps.set-secrets-environment.outputs.secrets-environment }}
+      go-version: ${{ steps.set-go-version.outputs.go-version }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - id: set-secrets-environment
+        name: Set environment
+        run: echo "::set-output name=secrets-environment::PROD"
+
+      - id: set-go-version
+        name: Parse Golang Version
+        run: |
+          go_version=($(grep -E '^go 1\.[[:digit:]]{1,2}' go.mod))
+          echo "golang version: ${go_version[1]}"
+          echo "::set-output name=go-version::${go_version[1]}"
+
+  get-linux-env-with-edge-capi:
+    needs: shared-values
+    uses: ./.github/workflows/setup-cf-env.yml
+    with:
+      environment: ${{ needs.shared-values.outputs.secrets-environment }}
+      capi-version: edge
+    secrets: inherit
+
+  run-integration-tests-linux-env-with-edge-capi:
+    needs:
+      - shared-values
+      - get-linux-env-with-edge-capi
+    runs-on: ubuntu-latest
+    environment: ${{ needs.shared-values.outputs.secrets-environment }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+      - name: Set Up Go
+        uses: actions/setup-go@v3
+        with:
+          go-version: ${{ needs.shared-values.outputs.go-version}}
+          check-latest: true
+      - name: Download metadata
+        uses: actions/download-artifact@v3
+        with:
+          name: ${{ needs.get-linux-env-with-edge-capi.outputs.environment-name }}
+      - name: Install Tools
+        run: |
+          wget https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/bbl-v8.4.110_linux_x86-64 -P /tmp
+          mv /tmp/bbl-* /usr/local/bin/bbl
+          chmod +x /usr/local/bin/bbl
+          bbl --version
+
+          wget https://s3.amazonaws.com/bosh-cli-artifacts/bosh-cli-7.0.1-linux-amd64 --output-document="/usr/local/bin/bosh"
+          chmod +x /usr/local/bin/bosh
+          bosh --version
+
+          wget https://github.com/cloudfoundry/credhub-cli/releases/download/2.9.4/credhub-linux-2.9.4.tgz -P ~/
+          tar xzvf ~/credhub-linux-2.9.4.tgz
+          mv credhub /usr/local/bin/credhub
+          chmod +x /usr/local/bin/credhub
+          credhub --version
+          rm ~/credhub-linux-2.9.4.tgz
+      - name: Run Integration Tests
+        run: |
+          ENV=$(cat metadata.json | jq -r '.name')
+          eval "$(bbl print-env --metadata-file ./metadata.json)"
+          export CF_INT_PASSWORD="$(credhub get -n /bosh-$ENV/cf/cf_admin_password | bosh interpolate --path /value -)"
+          export CF_INT_API="https://api.${ENV}.cf-app.com"
+          export CF_DIAL_TIMEOUT=15
+          export CF_USERNAME=admin
+          export FLAKE_ATTEMPTS=2
+          export NODES=16
+          go install github.com/onsi/ginkgo/ginkgo@v1.16.4
+
+          make build
+          export PATH="$(pwd)/out:$PATH"
+          make integration-tests-full-ci
+
+  unclaim-linux-env-with-edge-capi:
+    needs:
+      - shared-values
+      - get-linux-env-with-edge-capi
+      - run-integration-tests-linux-env-with-edge-capi
+    if: always()
+    uses: ./.github/workflows/unclaim-cf-env.yml
+    with:
+      environment: ${{ needs.shared-values.outputs.secrets-environment }}
+      identifier-for-metadata-file: ${{ needs.get-linux-env-with-edge-capi.outputs.environment-name }}
+    secrets: inherit

.github/workflows/setup-cf-env.yml

@@ -0,0 +1,95 @@
+name: Setup CF Environment
+
+on:
+  workflow_call:
+    inputs:
+      environment:
+        required: true
+        type: string
+      capi-version:
+        required: true
+        type: string
+    outputs:
+      environment-name:
+        description: "Name of claimed environment"
+        value: ${{ jobs.setup-cf-env.outputs.environment-name }}
+
+jobs:
+  setup-cf-env:
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    outputs:
+      environment-name: ${{ steps.claim-toolsmiths-env.outputs.environment-name }}
+    steps:
+      - id: claim-toolsmiths-env
+        name: Claim Toolsmiths Environment
+        env:
+          api_token: ${{ secrets.TOOLSMITHS_API_TOKEN }}
+          hostname:  ${{ secrets.TOOLSMITHS_HOSTNAME }}
+          notes:     CF CLI Github Actions Integration Tests
+          pool_name: cf-deployment
+        run: |
+          while true; do
+            curl -s --show-error -D >(tee headers.txt >&2) -H 'Accept: application/json' \
+            -X POST "https://${hostname}/pooled_gcp_engineering_environments/claim" \
+            --data-urlencode "api_token=${api_token}" \
+            --data-urlencode "pool_name=${pool_name}" \
+            --data-urlencode "notes=${notes}" > metadata.json \
+            || echo "Unable to reach server, trying again in 30 seconds..."
+
+            ERR_500="Sorry, the Toolsmiths Environments app is currently encountering issues. Trying again in 30 seconds..."
+            ERR_429="Sorry, Toolsmiths are out of environments in your requested pool. New environments are on their way but you can stop by the Toolsmiths slack channel for more help."
+            ERR_409="Sorry, was not able to claim an environment. Trying again in 30 seconds..."
+
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 401" headers.txt && exit 1
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 404" headers.txt && exit 2
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 500" headers.txt && echo "$ERR_500"
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 200" headers.txt && break
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 429" && echo "$ERR_429"
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 409" && echo "$ERR_409"
+
+            sleep 30
+          done
+
+          ENV=$(cat metadata.json | jq -r '.name')
+          echo "::set-output name=environment-name::${ENV}"
+
+      - name: 'Upload Metadata'
+        uses: actions/upload-artifact@v3
+        with:
+          name: ${{ steps.claim-toolsmiths-env.outputs.environment-name }}
+          path: metadata.json
+
+      - name: Checkout cli-ci
+        uses: actions/checkout@v3
+        with:
+          repository: cloudfoundry/cli-ci
+          path: cli-ci
+
+      - name: Install Tools
+        run: |
+          wget https://github.com/cloudfoundry/bosh-bootloader/releases/download/v8.4.110/bbl-v8.4.110_linux_x86-64 -P /tmp
+          mv /tmp/bbl-* /usr/local/bin/bbl
+          chmod +x /usr/local/bin/bbl
+          bbl --version
+
+          wget https://s3.amazonaws.com/bosh-cli-artifacts/bosh-cli-7.0.1-linux-amd64 --output-document="/usr/local/bin/bosh"
+          chmod +x /usr/local/bin/bosh
+          bosh --version
+
+      - name: Deploy edge CAPI
+        if: ${{ inputs.capi-version == 'edge' }}
+        run: |
+          # find latest capi
+          FILENAME="$(aws s3 ls capi-releases --no-sign-request --recursive --region us-east-1 | sort | tail -n 1 | awk '{print $4}')"
+          aws s3 cp s3://capi-releases/$FILENAME $FILENAME --no-sign-request --region us-east-1
+          eval "$(bbl print-env --metadata-file metadata.json)"
+          bosh upload-release --sha2 "$FILENAME"
+          rm $FILENAME
+
+          # deploy
+          bosh -d cf manifest > /tmp/manifest.json
+          bosh -d cf deploy /tmp/manifest.json -o cli-ci/ci/infrastructure/operations/use-latest-capi.yml -n
+
+          echo "Deployed CAPI version:"
+          bosh -d cf releases | grep capi

.github/workflows/unclaim-cf-env.yml

@@ -0,0 +1,43 @@
+name: Unclaim an environment
+
+on:
+  workflow_call:
+    inputs:
+      environment:
+        required: true
+        type: string
+      identifier-for-metadata-file:
+        required: true
+        type: string
+
+jobs:
+  build-env:
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+
+    steps:
+      - name: Download metadata
+        uses: actions/download-artifact@v3
+        with:
+          name: ${{ inputs.identifier-for-metadata-file }}
+
+      - name: Unclaim environment
+        env:
+          api_token: ${{ secrets.TOOLSMITHS_API_TOKEN }}
+          hostname:  ${{ secrets.TOOLSMITHS_HOSTNAME }}
+        run: |
+          env_name=$(cat metadata.json | jq -r .name)
+
+          while true; do
+            output=$(curl -s --show-error -D >(tee headers.txt >&2) -H 'Accept: application/json' \
+            -X POST "https://${hostname}/pooled_gcp_engineering_environments/unclaim" \
+            --data-urlencode "api_token=${api_token}" \
+            --data-urlencode "name=${env_name}")
+
+            ERR_500="Sorry, the Toolsmiths Environments app is currently encountering issues. Trying again in 30 seconds..."
+
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 500" headers.txt && echo "$ERR_500" && sleep 30 && continue
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 401" headers.txt && echo $(echo "$output" | jq '.messages | join(", ")') && exit 1
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 404" headers.txt && echo $(echo "$output" | jq '.messages | join(", ")') && exit 2
+            grep -q -E "HTTP/[[:digit:]\.]{1,3} 202" headers.txt && break
+          done