Fix e2e tests #34
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: End to End Tests | |
on: | |
pull_request: | |
branches: | |
- main | |
types: ['opened', 'reopened', 'synchronize', 'labeled'] | |
workflow_dispatch: | |
inputs: | |
powershell_branch: | |
description: 'The branch to use for the powershell module' | |
default: 'main' | |
type: string | |
schedule: | |
- cron: '0 9 * * 1' | |
permissions: | |
id-token: write | |
contents: read | |
env: | |
SOURCE_CODE_FOLDER: source-code | |
ALZ_POWERSHELL_BRANCH: ${{ github.event.inputs.powershell_branch }} | |
jobs: | |
e2e-test: | |
name: "IAC: ${{ matrix.iac }}, OS: ${{ matrix.os }}, VCS: ${{ matrix.vcs }}, A: ${{ matrix.as }}, TF: ${{ matrix.tf }}, AG: ${{ matrix.ag }}" | |
environment: ${{ github.event_name == 'schedule' && 'CSUTFAUTO' || 'CSUTF' }} | |
if: "${{ github.repository == 'Azure/accelerator-bootstrap-modules' && (contains(github.event.pull_request.labels.*.name, 'PR: Safe to test 🧪') || github.event_name == 'workflow_dispatch' || github.event_name == 'schedule') }}" | |
strategy: | |
fail-fast: false | |
matrix: | |
iac: ['terraform', 'bicep'] | |
os: ['ubuntu-latest', 'windows-latest', 'macos-latest'] # Operating System | |
tf: ['latest', '1.5.0'] # Terraform Version | |
vcs: ['github', 'azuredevops', 'local'] # Version Control System | |
as: ['ManagedServiceIdentity', 'WorkloadIdentityFederation'] # Authentication Scheme | |
ag: ['public', 'private', 'none'] # Self Hosted Agents | |
exclude: | |
- iac: bicep | |
tf: 1.5.0 | |
- iac: bicep | |
vcs: local | |
- iac: bicep | |
as: ManagedServiceIdentity | |
- iac: bicep | |
ag: public | |
- iac: bicep | |
ag: private | |
- vcs: github | |
as: ManagedServiceIdentity | |
- vcs: local | |
as: ManagedServiceIdentity | |
- vcs: local | |
ag: public | |
- vcs: local | |
ag: private | |
- vcs: azuredevops | |
tf: 1.5.0 | |
- vcs: github | |
tf: 1.5.0 | |
- as: ManagedServiceIdentity | |
ag: none | |
- os: windows-latest | |
vcs: azuredevops | |
- os: macos-latest | |
vcs: azuredevops | |
- os: windows-latest | |
vcs: github | |
- os: macos-latest | |
vcs: github | |
runs-on: ${{ matrix.os }} | |
steps: | |
- name: Show env | |
run: env | sort | |
- name: Checkout repository | |
uses: actions/checkout@v4 | |
with: | |
path: ${{ env.SOURCE_CODE_FOLDER }} | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_version: ${{ matrix.tf }} | |
terraform_wrapper: false | |
if: ${{ matrix.tf != 'latest' }} | |
- name: Setup ALZ Module Inputs | |
run: | | |
# Get Inputs | |
$infrastructureAsCode = "${{ matrix.iac }}" | |
$versionControlSystem = "${{ matrix.vcs }}" | |
$authScheme = "${{ matrix.as }}" | |
$operatingSystem = "${{ matrix.os }}" | |
$terraformVersion = "${{ matrix.tf }}" | |
$selfHostedAgents = "${{ matrix.ag }}" | |
$enableSelfHostedAgents = "false" | |
if($selfHostedAgents -eq "public" -or $selfHostedAgents -eq "private") { | |
$enableSelfHostedAgents = "true" | |
} | |
$enablePrivateNetworking = "false" | |
if($selfHostedAgents -eq "private") { | |
$enablePrivateNetworking = "true" | |
} | |
# Get Unique ID | |
$infrastructureAsCodeShort = $infrastructureAsCode.Substring(0, 1) | |
$versionControlSystemShort = $versionControlSystem.Substring(0, 1) | |
$authSchemeShort = $authScheme.Substring(0, 1) | |
$operatingSystemShort = $operatingSystem.Substring(0, 1) | |
$terraformVersionShort = if ($terraformVersion -eq "latest") { "l" } else { "m" } | |
$selfhostedAgentsShort = "n" | |
if($selfHostedAgents -eq "public") { | |
$selfhostedAgentsShort = "p" | |
} | |
if($selfHostedAgents -eq "private") { | |
$selfhostedAgentsShort = "r" | |
} | |
$localDeployAzureResources = if($terraformVersion -eq "latest") { "true" } else { "false" } | |
$runNumber = "${{ github.run_number }}" | |
Write-Host "Infrastructure As Code: $infrastructureAsCode ($infrastructureAsCodeShort)" | |
Write-Host "Version Control System: $versionControlSystem ($versionControlSystemShort)" | |
Write-Host "Auth Scheme: $authScheme ($authSchemeShort)" | |
Write-Host "Operating System: $operatingSystem ($operatingSystemShort)" | |
Write-Host "Terraform Version: $terraformVersion ($terraformVersionShort)" | |
Write-Host "Self Hosted Agents: $selfHostedAgents ($selfhostedAgentsShort)" | |
Write-Host "Local Deploy Azure Resources: $localDeployAzureResources" | |
Write-Host "Run Number: $runNumber" | |
$uniqueId = "$infrastructureAsCodeShort$operatingSystemShort$versionControlSystemShort$authSchemeShort$terraformVersionShort$selfhostedAgentsShort$runNumber".ToLower() | |
echo "UNIQUE_ID=$uniqueId" | Out-File -FilePath $Env:GITHUB_ENV -Encoding utf8 -Append | |
Write-Host "Unique ID: $uniqueId" | |
$Inputs = @{} | |
$Inputs["iac"] = $infrastructureAsCode | |
$Inputs["bootstrap"] = "alz_$versionControlSystem" | |
$Inputs["starter"] = ".test" | |
$Inputs["bootstrap_location"] = "uksouth" | |
$Inputs["bootstrap_subscription_id"] = "" | |
$Inputs["service_name"] = "alz" | |
$Inputs["environment_name"] = $uniqueId | |
$Inputs["postfix_number"] = "1" | |
$Inputs["use_private_networking"] = $enablePrivateNetworking | |
$Inputs["allow_storage_access_from_my_ip"] = "true" | |
if($versionControlSystem -eq "github") { | |
$Inputs["github_personal_access_token"] = "${{ secrets.VCS_TOKEN_GITHUB }}" | |
$Inputs["github_runners_personal_access_token"] = "${{ secrets.VCS_TOKEN_GITHUB }}" | |
$Inputs["github_organization_name"] = "${{ vars.VCS_ORGANIZATION }}" | |
$Inputs["use_separate_repository_for_workflow_templates"] = "true" | |
$Inputs["use_self_hosted_runners"] = $enableSelfHostedAgents | |
} | |
if($versionControlSystem -eq "azuredevops") { | |
$Inputs["azure_devops_personal_access_token"] = "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}" | |
$Inputs["azure_devops_organization_name"] = "${{ vars.VCS_ORGANIZATION }}" | |
$Inputs["use_separate_repository_for_pipeline_templates"] = "true" | |
$Inputs["azure_devops_use_organisation_legacy_url"] = "false" | |
$Inputs["azure_devops_create_project"] = "true" | |
$Inputs["azure_devops_project_name"] = "alz-test-$uniqueId" | |
$Inputs["azure_devops_authentication_scheme"] = $authScheme | |
$Inputs["use_self_hosted_agents"] = $enableSelfHostedAgents | |
} | |
if($versionControlSystem -eq "local") { | |
$Inputs["target_directory"] = "" | |
$Inputs["create_bootstrap_resources_in_azure"] = $localDeployAzureResources | |
} | |
$Inputs["apply_approvers"] = "" | |
$Inputs["root_parent_management_group_id"] = "" | |
$Inputs["root_parent_management_group_display_name"] = "Tenant Root Group" | |
$Inputs["subscription_id_connectivity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["subscription_id_identity"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["subscription_id_management"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["parent_management_group_display_name"] = "Tenant Root Group" | |
$Inputs["child_management_group_display_name"] = "E2E Test" | |
$Inputs["resource_group_location"] = "uksouth" | |
if($infrastructureAsCode -eq "bicep") { | |
$Inputs["Prefix"] = "alz" | |
$Inputs["Location"] = "uksouth" | |
$Inputs["Environment"] = "live" | |
$Inputs["IdentitySubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["ConnectivitySubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["ManagementSubscriptionId"] = "${{ vars.ARM_SUBSCRIPTION_ID }}" | |
$Inputs["SecurityContact"] = "[email protected]" | |
} | |
$json = $Inputs | ConvertTo-Json -Depth 100 | Out-File -FilePath inputs.json -Encoding utf8 -Force | |
shell: pwsh | |
- name: Run ALZ PowerShell | |
run: | | |
$myIp = Invoke-RestMethod -Uri http://ipinfo.io/json | Select -ExpandProperty ip | |
Write-Host "Runner IP Address: $myIp" | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.vcs }}" | |
# Install the Module | |
Write-Host "Installing the Accelerator PowerShell Module" | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/Install-AcceleratorModule.ps1 -ModuleBranch "${{ env.ALZ_POWERSHELL_BRANCH }}" | |
Write-Host "Installed Accelerator Module" | |
# Run the Module in a retry loop | |
$retryCount = 0 | |
$maximumRetries = 10 | |
$retryDelay = 10000 | |
$success = $false | |
do { | |
$retryCount++ | |
try { | |
Write-Host "Running the ALZ Module" | |
Deploy-Accelerator -inputs "./inputs.json" -bootstrapModuleOverrideFolderPath "./${{ env.SOURCE_CODE_FOLDER }}" -autoApprove -ErrorAction Stop -Verbose | |
if ($LastExitCode -eq 0) { | |
$success = $true | |
} else { | |
throw "Failed to apply the bootstrap environment." | |
} | |
} catch { | |
Write-Host "Failed to apply the bootstrap environment. Destroy and retry..." | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem | |
} | |
} while ($success -eq $false -and $retryCount -lt $maximumRetries) | |
if ($success -eq $false) { | |
Write-Host "File Structure after Bootstrap..." | |
$files = Get-ChildItem -Recurse -Force | |
$files | ForEach-Object { Write-Host (Resolve-Path $_ -Relative)} | |
throw "Failed to apply the bootstrap environment after $maximumRetries attempts." | |
} | |
shell: pwsh | |
env: | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} | |
ARM_USE_OIDC: true | |
- name: Run Pipelines or Actions | |
run: | | |
$infrastructureAsCode = "${{ matrix.iac }}" | |
if($infrastructureAsCode -eq "bicep") { | |
Write-Host "Skipping Pipelines or Actions for Bicep" | |
exit 0 | |
} | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.vcs }}" | |
$versionControlSystemOrganisationName = "${{ vars.VCS_ORGANIZATION }}" | |
$uniqueId = $ENV:UNIQUE_ID | |
if($versionControlSystem -eq "github") { | |
$repositoryName = "alz-$uniqueId" | |
Write-Host "Running GitHub Actions Test for CI" | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/github-action-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-repositoryName $repositoryName ` | |
-workflowFileName "ci.yaml" ` | |
-skipDestroy ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_GITHUB }}" | |
Write-Host "Running GitHub Actions Test for CD" | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/github-action-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-repositoryName $repositoryName ` | |
-workflowFileName "cd.yaml" ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_GITHUB }}" | |
} | |
if($versionControlSystem -eq "azuredevops") { | |
$projectName = "alz-test-$uniqueId" | |
Write-Host "Running Azure DevOps Pipelines Test for CI" | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/azuredevops-pipeline-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-projectName $projectName ` | |
-pipelineNamePart "Continuous Integration" ` | |
-skipDestroy ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}" | |
Write-Host "Running Azure DevOps Pipelines Test for CD" | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/azuredevops-pipeline-run.ps1 ` | |
-organizationName $versionControlSystemOrganisationName ` | |
-projectName $projectName ` | |
-pipelineNamePart "Continuous Delivery" ` | |
-personalAccessToken "${{ secrets.VCS_TOKEN_AZURE_DEVOPS }}" | |
} | |
shell: pwsh | |
- name: Setup Terraform | |
uses: hashicorp/setup-terraform@v2 | |
with: | |
terraform_version: "latest" | |
terraform_wrapper: false | |
if: always() | |
- name: Run Terraform Destroy to Clean Up | |
if: always() | |
run: | | |
$myIp = Invoke-RestMethod -Uri http://ipinfo.io/json | Select -ExpandProperty ip | |
Write-Host "Runner IP Address: $myIp" | |
# Get Inputs | |
$versionControlSystem = "${{ matrix.vcs }}" | |
Write-Host "Installing the Accelerator PowerShell Module" | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/Install-AcceleratorModule.ps1 -ModuleBranch "${{ env.ALZ_POWERSHELL_BRANCH }}" | |
Write-Host "Installed Accelerator Module" | |
# Run destroy | |
./${{ env.SOURCE_CODE_FOLDER }}/.github/tests/scripts/destroy.ps1 -versionControlSystem $versionControlSystem | |
shell: pwsh | |
env: | |
ARM_TENANT_ID: ${{ vars.ARM_TENANT_ID }} | |
ARM_SUBSCRIPTION_ID: ${{ vars.ARM_SUBSCRIPTION_ID }} | |
ARM_CLIENT_ID: ${{ vars.ARM_CLIENT_ID }} | |
ARM_USE_OIDC: true |